Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Browser search links hijacked

07 Jul 2011   #11
trie66

Windows 7 Home Premium x65 w service pack 1
 
 
Combofix.txt

Here you go, thanks

ComboFix 11-07-05.03 - Cathy 07/07/2011 20:31:09.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6104.4402 [GMT -4:00]
Running from: c:\users\Cathy\Desktop\cComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-06-08 to 2011-07-08 )))))))))))))))))))))))))))))))
.
.
2011-07-08 01:00 . 2011-07-08 01:00 -------- d-----w- c:\users\Tim\AppData\Local\temp
2011-07-08 01:00 . 2011-07-08 01:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-08 00:22 . 2011-07-08 00:22 -------- d-----w- c:\users\Cathy\AppData\Local\{9C2D6791-BD13-4EE6-A3F8-73E50855F916}
2011-07-08 00:17 . 2011-07-08 00:18 -------- d-----w- c:\users\Cathy\AppData\Local\{2FCE3EF1-C33B-44F8-ABD6-7BD2C859D123}
2011-07-08 00:17 . 2011-07-08 00:17 -------- d-----w- c:\users\Cathy\AppData\Local\{0EC43B72-FAC5-4BDD-95F4-FAD9B422C51F}
2011-07-06 23:07 . 2011-07-06 23:07 -------- d-----w- c:\users\Tim\AppData\Roaming\Xerox
2011-07-06 23:04 . 2011-07-06 23:04 -------- d-----w- c:\users\Tim\AppData\Local\DataSafeOnline
2011-07-06 22:41 . 2011-07-06 22:41 -------- d-----w- c:\users\Cathy\AppData\Local\{A2EEB8D2-B4FB-402B-A4AD-68A09135CE3E}
2011-07-06 10:40 . 2011-07-06 10:40 -------- d-----w- c:\users\Cathy\AppData\Local\{09B1B58C-F592-41E3-B1DA-D0AF88055620}
2011-07-06 02:38 . 2011-05-29 13:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-06 02:38 . 2011-07-06 02:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-06 00:42 . 2011-07-07 02:04 -------- d-----w- C:\## aswSnx private storage
2011-07-05 17:08 . 2011-06-20 12:57 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CCDDD30-FFD8-472E-B62C-7A201BB20FA2}\mpengine.dll
2011-07-05 17:02 . 2011-07-05 17:03 -------- d-----w- c:\users\Cathy\AppData\Local\{B0998613-16B8-4964-B625-ACCA793D751F}
2011-07-05 02:33 . 2011-07-05 02:34 -------- d-----w- c:\users\Cathy\AppData\Local\{7C4C6A61-2D59-4C51-A9C3-8314B8C886C4}
2011-07-04 18:38 . 2011-07-04 18:38 -------- d-----w- c:\program files (x86)\ESET
2011-07-04 17:22 . 2009-07-01 23:54 864032 -c----w- c:\programdata\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_WinD_3c2ba3fc9a7a702965c7eeb98 1442ae190e690dc_cab_12c16fc2\btwdins.exe
2011-07-04 17:15 . 2010-03-08 10:10 13824 ----a-w- c:\windows\system32\ffnd.exe
2011-07-04 16:53 . 2011-07-04 17:15 -------- d-----w- c:\users\Cathy\AppData\Roaming\FreeFixer
2011-07-04 16:53 . 2011-07-04 16:53 -------- d-----w- c:\users\Cathy\AppData\Local\FreeFixer
2011-07-04 16:53 . 2011-07-07 02:02 -------- d-----w- c:\program files\FreeFixer
2011-07-04 15:20 . 2011-07-04 15:20 -------- d-----w- c:\users\Cathy\AppData\Local\Mozilla
2011-07-04 14:33 . 2011-07-04 14:33 -------- d-----w- c:\users\Cathy\AppData\Local\{4E98D70A-10F1-4BF1-B004-6F0D9612EFE2}
2011-07-04 03:23 . 2011-07-04 15:11 -------- d-----w- C:\MGtools
2011-07-03 23:25 . 2011-07-03 23:25 -------- d-----w- c:\windows\system32\SPReview
2011-07-03 23:24 . 2011-07-03 23:24 -------- d-----w- c:\windows\system32\EventProviders
2011-07-03 23:08 . 2011-07-03 23:11 -------- d-----w- c:\programdata\RegCure
2011-07-03 23:08 . 2011-07-03 23:10 -------- d-----w- c:\program files (x86)\RegCure
2011-07-03 22:05 . 2011-07-03 23:16 -------- d-----w- c:\users\Cathy\AppData\Roaming\FixCleaner
2011-07-03 22:05 . 2011-07-03 23:18 -------- d-----w- c:\program files (x86)\FixCleaner
2011-07-03 18:03 . 2011-07-03 19:07 -------- d-----w- C:\cComboFix
2011-07-03 17:59 . 2011-07-03 18:00 -------- d-----w- c:\users\Cathy\AppData\Local\{DB7B3E9F-A9C2-4D30-B421-2D49B1D0FFDE}
2011-07-03 04:07 . 2011-07-03 04:07 388096 ----a-r- c:\users\Cathy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-03 04:07 . 2011-07-03 04:07 -------- d-----w- c:\program files (x86)\Trend Micro
2011-07-03 03:42 . 2011-07-03 03:43 -------- d-----w- c:\users\Cathy\AppData\Local\{1C1E32E1-B27D-4C30-87D3-D5BE7EE0996A}
2011-07-03 03:37 . 2011-07-03 03:37 -------- d-----w- C:\587fdcd6432f26a1a7
2011-07-03 03:36 . 2011-07-03 03:36 -------- d-----w- c:\users\Cathy\AppData\Local\{6F22307F-1E91-48CA-978A-F94E157AD1FC}
2011-07-03 03:25 . 2011-07-03 03:25 -------- d-----w- c:\users\Cathy\AppData\Local\{7E674969-9B23-4E56-BF88-C6C7D494314F}
2011-07-02 19:39 . 2011-07-04 15:31 -------- d-----w- c:\users\Cathy\AppData\Local\Windows Live Writer
2011-07-02 19:39 . 2011-07-02 19:39 -------- d-----w- c:\users\Cathy\AppData\Roaming\Windows Live Writer
2011-07-02 18:30 . 2011-07-02 18:30 -------- d-----w- c:\users\Cathy\AppData\Roaming\Malwarebytes
2011-07-02 18:30 . 2011-07-02 18:30 -------- d-----w- c:\programdata\Malwarebytes
2011-07-02 11:47 . 2011-07-02 11:48 -------- d-----w- c:\users\Cathy\AppData\Local\{F5BDBC52-89CF-4F86-A914-688D38CA0AF0}
2011-07-02 06:44 . 2010-11-20 13:34 295808 ----a-w- c:\windows\system32\drivers\volsnap.sys
2011-07-02 06:43 . 2010-11-20 13:16 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2011-07-02 06:42 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-07-02 06:42 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-07-02 06:42 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-07-02 06:42 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-07-02 06:42 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-07-02 06:42 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-07-02 06:42 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-07-01 02:00 . 2011-07-01 02:01 -------- d-----w- c:\users\Cathy\AppData\Local\Deployment
2011-07-01 02:00 . 2011-07-01 02:00 -------- d-----w- c:\users\Cathy\AppData\Local\Apps
2011-06-30 22:23 . 2011-06-30 22:23 -------- d-----w- c:\windows\en
2011-06-30 22:22 . 2011-06-30 22:22 -------- d-----w- c:\program files\Windows Live
2011-06-30 22:21 . 2009-09-04 21:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-06-30 22:21 . 2009-09-04 21:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-06-30 22:21 . 2009-09-04 21:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-06-30 22:21 . 2009-09-04 21:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-06-30 22:20 . 2011-06-30 22:20 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ee46193f1cc37730c\InstallManager_WLE_WLE.exe
2011-06-30 22:20 . 2011-06-30 22:20 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ea9bfb351cc37730a\DSETUP.dll
2011-06-30 22:20 . 2011-06-30 22:20 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ea9bfb351cc37730a\DXSETUP.exe
2011-06-30 22:20 . 2011-06-30 22:20 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ea9bfb351cc37730a\dsetup32.dll
2011-06-30 22:20 . 2011-06-30 22:20 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e91ad9391cc377309\DSETUP.dll
2011-06-30 22:20 . 2011-06-30 22:20 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e91ad9391cc377309\DXSETUP.exe
2011-06-30 22:20 . 2011-06-30 22:20 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e91ad9391cc377309\dsetup32.dll
2011-06-30 22:20 . 2011-07-08 00:17 -------- d-----w- c:\users\Cathy\AppData\Local\Windows Live
2011-06-30 01:27 . 2010-10-19 20:51 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-06-29 23:50 . 2011-05-10 12:10 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-06-29 23:50 . 2011-07-08 00:20 -------- d-----w- c:\programdata\AVAST Software
2011-06-29 23:50 . 2011-06-29 23:50 -------- d-----w- c:\program files\AVAST Software
2011-06-29 22:43 . 2011-06-29 23:03 -------- d-----w- C:\48f0b1d1bef8a61d3a
2011-06-16 23:57 . 2011-04-29 04:57 189952 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2011-06-16 02:09 . 2011-06-16 02:09 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-14 02:44 . 2011-06-14 02:44 -------- d--h--w- c:\users\Cathy\AppData\Local\Midnight Synergy
2011-06-14 02:42 . 2011-06-29 23:00 -------- d-----w- c:\programdata\Big Fish Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-04 15:11 . 2011-07-04 14:56 131887 ----a-w- C:\MGlogs.zip
2011-07-03 23:34 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-03 23:34 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-06-30 22:22 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-22 22:15 . 2011-05-25 13:48 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-09 07:02 . 2011-05-11 11:27 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:58 . 2011-05-25 13:48 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:02 . 2011-05-11 11:27 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-11 11:27 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-25 13:48 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-06_01.51.49 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-07-06 00:41 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-07-08 00:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-06 00:41 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-08 00:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-06 00:41 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.d at
+ 2009-07-14 04:54 . 2011-07-08 00:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.d at
+ 2010-07-17 22:40 . 2011-07-08 00:23 45040 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-08 00:23 40262 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-07-24 03:18 . 2011-07-08 00:23 10936 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1004034769-3964568363-3058316472-1000_UserData.bin
+ 2010-07-22 16:01 . 2011-07-07 13:49 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-22 16:01 . 2011-07-05 20:55 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-22 16:01 . 2011-07-05 20:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-07-22 16:01 . 2011-07-07 13:49 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-05 20:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.d at
+ 2009-07-14 04:54 . 2011-07-07 13:49 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.d at
- 2010-07-22 23:40 . 2011-07-06 00:38 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-22 23:40 . 2011-07-08 00:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-06-29 16:30 . 2011-07-06 00:40 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2011-06-29 16:30 . 2011-07-08 00:22 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2011-06-29 16:30 . 2011-07-08 00:22 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
- 2011-06-29 16:30 . 2011-07-06 00:40 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2011-06-29 16:30 . 2011-07-08 00:22 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
- 2011-06-29 16:30 . 2011-07-06 00:40 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
+ 2010-07-22 23:40 . 2011-07-08 00:22 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-22 23:40 . 2011-07-06 00:40 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-22 23:40 . 2011-07-06 00:38 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index. dat
+ 2010-07-22 23:40 . 2011-07-08 00:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index. dat
- 2010-07-22 23:50 . 2011-07-06 01:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-22 23:50 . 2011-07-08 00:22 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-22 23:50 . 2011-07-06 01:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.da t
+ 2010-07-22 23:50 . 2011-07-08 00:22 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.da t
+ 2010-07-17 22:27 . 2011-07-08 00:21 1792 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2010-07-17 22:27 . 2011-07-06 00:38 1792 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2011-07-08 00:21 . 2011-07-08 00:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-06 00:38 . 2011-07-06 00:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-08 00:21 . 2011-07-08 00:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-07-06 00:38 . 2011-07-06 00:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-07-23 12:36 . 2011-07-08 00:01 272864 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2011-07-08 00:27 624178 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-07-06 00:43 624178 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-07-06 00:43 106522 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-07-08 00:27 106522 c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2011-07-06 00:38 352636 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-07-08 00:21 352636 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-07 01:55 . 2011-07-07 01:55 353404 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1004034769-3964568363-3058316472-1003-12288.dat
+ 2011-07-04 17:16 . 2011-07-08 00:21 523568 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1004034769-3964568363-3058316472-1000-12288.dat
- 2010-12-22 22:25 . 2011-07-04 14:53 3431532 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1004034769-3964568363-3058316472-1000-8192.dat
+ 2010-12-22 22:25 . 2011-07-06 22:35 3431532 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1004034769-3964568363-3058316472-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-03-01 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2010-10-02 560128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:1033 /heur:80 /RA:ask /pup /archives /IA:0 /KBD:3 /wow /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 SABKUTIL;SABKUTIL; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\dleas erv.exe [2010-01-07 33448]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-01 136176]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-01 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AE STSr64.exe [2009-03-02 89600]
S2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe [2010-01-07 1052328]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-01 03:12]
.
2011-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-01 03:12]
.
2011-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004034769-3964568363-3058316472-1000Core.job
- c:\users\Cathy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 19:10]
.
2011-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004034769-3964568363-3058316472-1000UA.job
- c:\users\Cathy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 19:10]
.
2011-07-07 c:\windows\Tasks\RegCure Program Check.job
- c:\program files (x86)\RegCure\RegCure.exe [2010-05-19 23:20]
.
2011-07-07 c:\windows\Tasks\RegCure.job
- c:\program files (x86)\RegCure\RegCure.exe [2010-05-19 23:20]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-06 384296]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-02-25 487424]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-21 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-21 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-21 365592]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"dleamon.exe"="c:\program files (x86)\Dell V310-V510 Series\dleamon.exe" [2010-01-18 770728]
"EzPrint"="c:\program files (x86)\Dell V310-V510 Series\ezprint.exe" [2010-01-18 139944]
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: mlxchange.com\wpn
Trusted Zone: msn.com\dell
Trusted Zone: realtytools.com
Trusted Zone: Tabshttp://wpn.mlxchange.com/5.1.01.9506/Tools/ImageLink/ImageEditDlg.asp
Trusted Zone: toolkitcma.com
Trusted Zone: toolkitcma2.com
Trusted Zone: trueforms.com\*
Trusted Zone: trueforms.com\www
Trusted Zone: trueformsonline.com\*
Trusted Zone: trueformsonline.com\www
TCP: DhcpNameServer = 192.168.1.1 71.252.0.12
DPF: {61BB6943-A0FF-4637-AA85-47290BDE178E} - hxxps://www.trueformsonline.com/Downloads/TFLauncher_2/tflauncher.dll
DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} - hxxp://wpn.mlxchange.com/5.1.01.9506/Control/IRCSharc.cab
FF - ProfilePath - c:\users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\wv4gzxua.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{5d79f641-c168-40df-a32f-bacea7509e75} - (no file)
BHO-{cb41fc95-f1b3-4797-8bb6-1012ff62abba} - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-07-07 21:19:14
ComboFix-quarantined-files.txt 2011-07-08 01:19
.
Pre-Run: 254,562,541,568 bytes free
Post-Run: 254,204,764,160 bytes free
.
- - End Of File - - 907867846FE075AAB39352ECB4A7C5A5


My System SpecsSystem Spec
.
07 Jul 2011   #12
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

What was the reason you installed RegCure? Please uninstall this program.
Next, boot into safe mode and delete the folder. Reboot normally.

Give me a bit more time to look this over ... not a whole lot is showing here, and certainly not for a re-direct
My System SpecsSystem Spec
08 Jul 2011   #13
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

I see you are posting here too, and Gringo is helping you.

Please post in only one forum, as we can all get terribly confused when you follow two helpers on two different forums.
IE8 and Google Chrome Redirect
My System SpecsSystem Spec
.

08 Jul 2011   #14
trie66

Windows 7 Home Premium x65 w service pack 1
 
 
I apologize for the Confusion

My apologies, I posted there first and had not heard anything so I went searching for others to help. I gave up checking that forum when this dialog began. I will apologize to Gringo and would like to hear what else you have to say.


I plan to stick with this forum.
My System SpecsSystem Spec
09 Jul 2011   #15
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Download OTS to your Desktop and double-click on it to run it
  • Make sure you close all other programs and don't use the PC while the scan runs.
  • Select All Users
  • Under additional scans select the following
Reg - Disabled MS Config Items
Reg - Drivers32
Reg - NetSvcs
Reg - SafeBoot Minimal
Reg - Shell Spawning
Evnt - EventViewer Logs (Last 10 Errors)
File - Lop Check

  • Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
volsnap.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

  • Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Please attach the log in your next post.
My System SpecsSystem Spec
09 Jul 2011   #16
trie66

Windows 7 Home Premium x65 w service pack 1
 
 
OTS Log

OTS Log is attached, thanks
I was connected to the internet if it matters, will run again, not connected if it makes a difference.


Attached Files
File Type: txt OTS Log 07092011.Txt (486.9 KB, 25 views)
My System SpecsSystem Spec
09 Jul 2011   #17
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Please disconnect from the Internet and also disconnect from your modem.. I'm having a problem reviewing the .txt log
Run the scan again.
My System SpecsSystem Spec
09 Jul 2011   #18
Vgolfmaster

Windows 7 Professional 64-bit
 
 

Here is the .txt log that was posted, it opened fine for me.

-------------------------------------------

Code:
OTS logfile created on: 7/9/2011 9:04:03 PM - Run 1
OTS by OldTimer - Version 3.1.44.0     Folder = C:\Users\Cathy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 72.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 234.43 Gb Free Space | 82.72% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.87 Gb Total Space | 0.78 Gb Free Space | 41.57% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: CATHY-PC
Current User Name: Cathy
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> C:\Users\Cathy\Desktop\OTS.exe -> [2011/07/09 20:57:24 | 000,645,120 | ---- | M] (OldTimer Tools)
avastui.exe -> C:\Program Files\AVAST Software\Avast\AvastUI.exe -> [2011/07/04 07:43:54 | 003,493,720 | ---- | M] (AVAST Software)
avastsvc.exe -> C:\Program Files\AVAST Software\Avast\AvastSvc.exe -> [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software)
dsupd.exe -> C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe -> [2011/01/13 15:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell)
toaster.exe -> C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe -> [2011/01/13 15:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell)
stservice.exe -> C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe -> [2011/01/13 15:39:32 | 000,783,680 | ---- | M] ()
sftservice.exe -> C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -> [2011/01/13 15:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS)
datasafeonline.exe -> C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe -> [2010/02/09 14:34:00 | 001,807,680 | ---- | M] ()
ezprint.exe -> C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe -> [2010/01/18 13:13:32 | 000,139,944 | ---- | M] ()
dleamon.exe -> C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe -> [2010/01/18 13:13:28 | 000,770,728 | ---- | M] ()
pdvddxsrv.exe -> C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe -> [2009/12/29 17:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.)
roxioburnlauncher.exe -> C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe -> [2009/06/18 22:46:24 | 000,494,064 | ---- | M] ()
docklogin.exe -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation)
iaanotif.exe -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> [2009/06/04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation)
iaantmon.exe -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation)
sprtsvc.exe -> C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -> [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.)
sprtcmd.exe -> C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe -> [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.)
 
[Modules - Safe List]
ots.exe -> C:\Users\Cathy\Desktop\OTS.exe -> [2011/07/09 20:57:24 | 000,645,120 | ---- | M] (OldTimer Tools)
snxhk.dll -> C:\Program Files\AVAST Software\Avast\snxhk.dll -> [2011/07/04 07:43:51 | 000,199,792 | ---- | M] (AVAST Software)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll -> [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation)
 
[Win32 Services - Safe List]
64bit-(avast! Antivirus)  [Auto | Running] -> C:\Program Files\AVAST Software\Avast\AvastSvc.exe -> [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software)
64bit-(!SASCORE)  [Auto | Running] -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2011/05/04 13:55:09 | 000,128,384 | ---- | M] (SUPERAntiSpyware.com)
64bit-(STacSV)  [Auto | Running] -> C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe -> [2010/02/25 14:03:00 | 000,244,736 | ---- | M] (IDT, Inc.)
64bit-(dlea_device)  [Auto | Running] -> C:\Windows\SysNative\dleacoms.exe -> [2010/01/07 17:09:38 | 001,052,328 | ---- | M] ( )
64bit-(dleaCATSCustConnectService)  [Auto | Stopped] -> C:\Windows\SysNative\spool\DRIVERS\x64\3\\dleaserv.exe -> [2010/01/07 17:09:33 | 000,033,448 | ---- | M] ()
64bit-(wltrysvc)  [Auto | Running] -> C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -> [2009/07/16 21:06:22 | 000,033,280 | ---- | M] ()
64bit-(WinDefend)  [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
64bit-(btwdins)  [Auto | Running] -> c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -> [2009/07/01 19:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.)
64bit-(DockLoginService)  [Auto | Running] -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation)
64bit-(AESTFilters)  [Auto | Running] -> C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe -> [2009/03/02 14:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation)
(SftService) SoftThinks Agent Service [Auto | Running] -> C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -> [2011/01/13 15:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS)
(GamesAppService) GamesAppService [On_Demand | Stopped] -> C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -> [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.)
(GoToAssist) GoToAssist [On_Demand | Stopped] -> C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -> [2010/07/17 18:16:04 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(dlea_device) dlea_device [Auto | Running] -> C:\Windows\SysWow64\dleacoms.exe -> [2010/01/07 17:09:23 | 000,598,696 | ---- | M] ( )
(RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2009/06/26 12:19:12 | 001,124,848 | ---- | M] (Sonic Solutions)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)
(IAANTMON) Intel(R) Matrix Storage Event Monitor [Auto | Running] -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation)
(sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) [Auto | Running] -> C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -> [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.)
 
[Driver Services - Safe List]
64bit-(aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\aswMonFlt.sys -> [2011/07/04 07:32:24 | 000,064,856 | ---- | M] (AVAST Software)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company)
64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation)
64bit-(ApfiltrService) Alps Touch Pad Filter Driver for Windows x64 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Apfiltr.sys -> [2010/04/15 17:40:10 | 000,301,688 | ---- | M] (Alps Electric Co., Ltd.)
64bit-(STHDA) IDT High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\stwrt64.sys -> [2010/02/25 14:03:00 | 000,505,856 | ---- | M] (IDT, Inc.)
64bit-(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -> [2010/02/17 14:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
64bit-(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\saskutil64.sys -> [2010/02/17 14:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
64bit-(igfx) igfx [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\igdkmd64.sys -> [2009/11/06 11:05:32 | 007,370,304 | ---- | M] (Intel Corporation)
64bit-(btwrchid) btwrchid [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btwrchid.sys -> [2009/08/04 20:28:36 | 000,021,160 | ---- | M] (Broadcom Corporation.)
64bit-(btwavdt) Bluetooth AVDT [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btwavdt.sys -> [2009/08/04 20:28:32 | 000,132,648 | ---- | M] (Broadcom Corporation.)
64bit-(btwaudio) Bluetooth Audio Device Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btwaudio.sys -> [2009/08/04 20:28:32 | 000,098,344 | ---- | M] (Broadcom Corporation.)
64bit-(btwl2cap) Bluetooth L2CAP Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btwl2cap.sys -> [2009/08/04 20:28:32 | 000,035,104 | ---- | M] (Broadcom Corporation.)
64bit-(BCM42RLY) BCM42RLY [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\bcm42rly.sys -> [2009/07/16 21:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation)
64bit-(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\BCMWL664.SYS -> [2009/07/16 21:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(WSDPrintDevice) WSD Print Support via UMB [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\WSDPrint.sys -> [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation)
64bit-(PxHlpa64) PxHlpa64 [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\PxHlpa64.sys -> [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions)
64bit-(CtClsFlt) Creative Camera Class Upper Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CtClsFlt.sys -> [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.)
64bit-(Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\SysNative\wbem\ntfs.mof -> [2009/06/10 16:38:56 | 000,000,308 | ---- | M] ()
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2009/06/04 06:54:36 | 000,408,600 | ---- | M] (Intel Corporation)
64bit-(yukonw7) NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\yk62x64.sys -> [2009/05/19 23:10:00 | 000,393,728 | ---- | M] (Marvell)
64bit-(RSUSBSTOR) RtsUStor.Sys Realtek USB Card Reader [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\RtsUStor.sys -> [2009/05/08 04:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.)
64bit-(WimFltr) WimFltr [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\WimFltr.sys -> [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation)
(RxFilter) RxFilter [File_System | System | Stopped] -> C:\Windows\SysWOW64\drivers\RxFilter.sys -> [2009/06/26 11:27:28 | 000,065,520 | ---- | M] (Sonic Solutions)
 
[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\] > -> -> 
HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\: Main\\"Start Page" -> about:blank -> 
HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\: "ProxyEnable" -> 0 -> 
< FireFox Settings [Prefs.js] > -> C:\Users\Cathy\AppData\Roaming\Mozilla\FireFox\Profiles\wv4gzxua.default\prefs.js -> 
network.proxy.type -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\64ffxtbr@TelevisionFanatic.com -> C:\Program Files (x86)\TelevisionFanatic\bar\1.bin [C:\PROGRAM FILES (X86)\TELEVISIONFANATIC\BAR\1.BIN] -> [2011/07/01 23:55:42 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com -> C:\Program Files\AVAST Software\Avast\WebRep\FF [C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF] -> [2011/07/07 21:41:13 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 5.0\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2011/07/04 11:20:14 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS -> 
< FireFox Extensions [User Folders] > -> 
  -> C:\Users\Cathy\AppData\Roaming\Mozilla\Extensions -> [2011/07/04 11:20:30 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > -> 
  -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2011/07/04 11:20:14 | 000,000,000 | ---D | M]
No name found ->  -> File not found
TelevisionFanatic -> C:\PROGRAM FILES (X86)\TELEVISIONFANATIC\BAR\1.BIN -> [2011/07/01 23:55:42 | 000,000,000 | ---D | M]
< HOSTS File > ([2011/07/06 21:54:59 | 000,000,021 | RHS- | M] - 1 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> 
Reset Hosts
127.0.0.1 localhost
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [avast! WebRep] -> [2011/07/04 07:43:43 | 000,978,496 | ---- | M] (AVAST Software)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll [Google Toolbar Notifier BHO] -> [2011/04/26 19:37:11 | 000,341,048 | ---- | M] (Google Inc.)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{09B71986-2AC5-482d-B6CB-42EA34F4F85B} [HKLM] -> C:\Program Files\Dell Printable Web\toolband.dll [Dell Toolbar] -> [2008/12/10 05:10:06 | 000,253,952 | ---- | M] ()
{5d79f641-c168-40df-a32f-bacea7509e75} [HKLM] -> Reg Error: Key error. [Search Assistant BHO] -> File not found
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2011/07/04 07:43:50 | 000,820,864 | ---- | M] (AVAST Software)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [Google Toolbar Notifier BHO] -> [2011/04/26 19:37:11 | 001,007,160 | ---- | M] (Google Inc.)
{cb41fc95-f1b3-4797-8bb6-1012ff62abba} [HKLM] -> Reg Error: Key error. [Toolbar BHO] -> File not found
< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [avast! WebRep] -> [2011/07/04 07:43:43 | 000,978,496 | ---- | M] (AVAST Software)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{09B71986-2AC5-482d-B6CB-42EA34F4F85B}" [HKLM] -> C:\Program Files\Dell Printable Web\toolband.dll [Dell Toolbar] -> [2008/12/10 05:10:06 | 000,253,952 | ---- | M] ()
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2011/07/04 07:43:50 | 000,820,864 | ---- | M] (AVAST Software)
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Apoint" -> C:\Program Files\DellTPad\Apoint.exe [C:\Program Files\DellTPad\Apoint.exe] -> [2010/04/05 20:46:28 | 000,384,296 | ---- | M] (Alps Electric Co., Ltd.)
"Broadcom Wireless Manager UI" -> C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe] -> [2009/07/16 21:06:22 | 004,968,960 | ---- | M] (Dell Inc.)
"dleamon.exe" -> C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe ["C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe"] -> [2010/01/18 13:13:28 | 000,770,728 | ---- | M] ()
"EzPrint" -> C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe ["C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe"] -> [2010/01/18 13:13:32 | 000,139,944 | ---- | M] ()
"HotKeysCmds" -> C:\Windows\SysNative\hkcmd.exe [C:\Windows\system32\hkcmd.exe] -> [2010/02/21 18:35:20 | 000,387,608 | ---- | M] (Intel Corporation)
"IAAnotif" -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe] -> [2009/06/04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation)
"IgfxTray" -> C:\Windows\SysNative\igfxtray.exe [C:\Windows\system32\igfxtray.exe] -> [2010/02/21 18:35:30 | 000,165,912 | ---- | M] (Intel Corporation)
"Persistence" -> C:\Windows\SysNative\igfxpers.exe [C:\Windows\system32\igfxpers.exe] -> [2010/02/21 18:35:26 | 000,365,592 | ---- | M] (Intel Corporation)
"SysTrayApp" -> C:\Program Files\IDT\WDM\sttray64.exe [C:\Program Files\IDT\WDM\sttray64.exe] -> [2010/02/25 14:03:00 | 000,487,424 | ---- | M] (IDT, Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"avast" -> C:\Program Files\AVAST Software\Avast\avastUI.exe ["C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui] -> [2011/07/04 07:43:54 | 003,493,720 | ---- | M] (AVAST Software)
"Dell DataSafe Online" -> C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ["C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m] -> [2010/02/09 14:34:00 | 001,807,680 | ---- | M] ()
"Dell Webcam Central" -> C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe ["C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2] -> [2009/06/24 17:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd)
"DellSupportCenter" -> C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe ["C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter] -> [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.)
"Desktop Disc Tool" -> c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ["c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"] -> [2009/06/18 22:46:24 | 000,494,064 | ---- | M] ()
"PDVDDXSrv" -> C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe ["C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"] -> [2009/12/29 17:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.)
< RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"" -> C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] -> [2010/10/01 21:15:07 | 000,560,128 | ---- | M] (Dell)
< Run [HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\] > -> HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"SUPERAntiSpyware" -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> [2011/06/30 09:50:13 | 002,988,928 | ---- | M] (SUPERAntiSpyware.com)
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< Software Policy Settings [HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000] > -> HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\Software\Policies\Microsoft\Internet Explorer\Recovery
\Recovery\\"NoReopenLastSession" ->  [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoBandCustomize" ->  [0] -> File not found
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [0] -> File not found
\\"ConsentPromptBehaviorUser" ->  [3] -> File not found
\\"EnableLUA" ->  [0] -> File not found
\\"PromptOnSecureDesktop" ->  [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000] > -> HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoBandCustomize" ->  [0] -> File not found
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000] > -> HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\] > -> HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Send image to &Bluetooth Device... -> c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2008/12/10 12:36:32 | 000,001,430 | -H-- | M] ()
Send page to &Bluetooth Device... -> c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2008/12/10 12:36:32 | 000,003,989 | -H-- | M] ()
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\] > -> HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Send image to &Bluetooth Device... -> c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2008/12/10 12:36:32 | 000,001,430 | -H-- | M] ()
Send page to &Bluetooth Device... -> c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2008/12/10 12:36:32 | 000,003,989 | -H-- | M] ()
< 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{CCA281CA-C863-46ef-9331-5C8D4460577F}:c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015] -> [2008/12/10 12:36:32 | 000,003,989 | -H-- | M] ()
{CCA281CA-C863-46ef-9331-5C8D4460577F}:c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650] -> [2008/12/10 12:36:32 | 000,003,989 | -H-- | M] ()
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{CCA281CA-C863-46ef-9331-5C8D4460577F}:c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: Send To Bluetooth] -> [2008/12/10 12:36:32 | 000,003,989 | -H-- | M] ()
{CCA281CA-C863-46ef-9331-5C8D4460577F}:c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: Send to &Bluetooth Device...] -> [2008/12/10 12:36:32 | 000,003,989 | -H-- | M] ()
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\] > -> HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\Software\Microsoft\Internet Explorer\Extensions\ -> 
64bit-CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] ->  [@c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015;Send To Bluetooth] -> File not found
CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 [Send To Bluetooth;@c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015;Send To Bluetooth] -> File not found
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\] > -> HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 8 domain(s) found. -> 
wpn_mlxchange.com [http] -> Trusted sites -> 
dell_msn.com [http] -> Trusted sites -> 
realtytools.com .[http] -> Trusted sites -> 
Tabshttp://wpn.mlxchange.com/5.1.01.9506/Tools/ImageLink/ImageEditDlg.asp .[about] -> Trusted sites -> 
toolkitcma.com .[http] -> Trusted sites -> 
toolkitcma2.com .[http] -> Trusted sites -> 
*_trueforms.com [http] -> Trusted sites -> 
*_trueforms.com [https] -> Trusted sites -> 
www_trueforms.com [http] -> Trusted sites -> 
www_trueforms.com [https] -> Trusted sites -> 
*_trueformsonline.com [https] -> Trusted sites -> 
www_trueformsonline.com [http] -> Trusted sites -> 
www_trueformsonline.com [https] -> Trusted sites -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\] > -> HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-1004034769-3964568363-3058316472-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< 64bit-Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] -> 
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{61BB6943-A0FF-4637-AA85-47290BDE178E} [HKLM] -> https://www.trueformsonline.com/Downloads/TFLauncher_2/tflauncher.dll [TFLauncherCtrl Class] -> 
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [Reg Error: Key error.] -> 
{83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} [HKLM] -> http://wpn.mlxchange.com/5.1.01.9506/Control/IRCSharc.cab [GeacRevw Control] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab [Java Plug-in 1.6.0_21] -> 
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab [Java Plug-in 1.6.0_21] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab [Java Plug-in 1.6.0_21] -> 
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [get_atlcom Class] -> 
{EDFCB7CB-942C-4822-AF14-F0B687409848} [HKLM] -> http://www.northwood.com/_include/common/Aurigma/ImageUploader4.cab [Image Uploader Control] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 192.168.1.1 71.252.0.12 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{129FBA54-28F2-4AF0-ABFC-66A7F9BF283A}\\DhcpNameServer -> 192.168.1.1 71.252.0.12   (Dell Wireless 1397 WLAN Mini-Card) -> 
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/13 21:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
GoToAssist ->  -> File not found
igfxcui -> C:\Windows\SysNative\igfxdev.dll -> [2009/11/06 09:52:20 | 000,259,584 | ---- | M] (Intel Corporation)
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{007B26D5-2A87-4A4D-8FCC-FE83A1D9FC83} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) | 
{0540014C-464B-4485-9EA5-378C1D90498D} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) | 
{0F3E0E27-6593-408B-BE5A-AF34B5E00A0F} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{0FCFBDFE-AAAC-4FFB-96C5-5E1262CC6979} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | 
{138E4BBE-9353-4CAD-B01C-0FC0D963F55A} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{158E5F18-D0C3-4494-8581-AA6FEE85F17D} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | 
{1E8484A9-C57A-4EA1-B092-DD9E5883CF58} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | 
{378F159B-71CB-4F76-8955-A866371F37B7} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{3E8C2841-1136-4A5A-9795-0CE5AE8FB129} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | 
{445C78FF-D98F-4ACF-A303-D007420809EB} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | 
{449A38C1-9DD8-472A-A868-032217691628} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | 
{4E7F0589-6630-41AF-BC61-9DF5BA033254} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{58764322-1CC1-401B-B05D-7B2494380AD8} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{7083F585-BF9E-455C-A392-8DE1663A4C69} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{89BFF1BA-E551-47BC-B574-079136D13587} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{94B478ED-C060-403B-A53E-F4806882F3EB} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | 
{9E461BC0-3101-4BD0-85ED-F3E98D25CF9C} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{A3A98D5E-5C57-4B9A-BDF7-7085C7D777C0} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | 
{A9A25722-E2E6-4B36-9B78-FE9F4F1FDC85} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv | 
{CBE19E5E-1BA9-43A6-9C29-60A7C59AE721} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | 
{D867CD78-54C4-430C-98A3-CC130FC5FAEF} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{E57F186C-E9F0-40E3-9300-053EEE5F5D78} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system | 
{F0B45D52-807A-460C-BA14-DFA118C84F97} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | 
{F0D30CA0-5712-41BA-82DF-5628837ADE7B} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | 
{FD849492-99FC-48ED-A1EC-D8A200C94B40} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | 
{FF38A0B3-AD20-46B3-927D-B4370AE07281} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | 
{FFC05DB0-0F43-4DC6-966E-4A18F93BFE6E} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{17CF7CA1-550D-42B6-ABC1-14ECE298B8BD} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | 
{1EA6DB91-414D-437A-AB9E-A9DA5286306D} -> dir=in | action=allow | name=windows live communications platform | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
{2139F981-7FB3-4798-BE31-2A5CD215864D} -> dir=in | action=allow | name=lexmark communications system | app=c:\windows\system32\dleacoms.exe | 
{2B825995-B4FF-429B-9BA2-1A96CF449645} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{3F7E7931-AE34-4582-BF7F-E27CF9553C0B} -> profile=public | protocol=17 | dir=in | action=allow | name=mcafee shared service host | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
{57A05AD6-13B2-4E89-8CDE-63547D3A8FF0} -> profile=private | protocol=17 | dir=in | action=allow | name=mcafee shared service host | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
{57C2DB23-199E-41A6-AFF0-1781266D3EE4} -> profile=private | protocol=6 | dir=in | action=allow | name=mcafee shared service host | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
{68BA4534-61D5-4FA8-B836-88F339C6EFD6} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | 
{73591D45-D613-4BE5-AA61-D1D35521223D} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{770E2CC5-42CE-4C3A-A681-A261E4580E86} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | 
{780C92F0-16E5-4B94-8AAE-0F5634A7EAD3} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | 
{7AD264BB-1D39-47DF-9676-0DC0B1EC9B3C} -> dir=in | action=allow | name=lexmark communications system | app=c:\windows\system32\dleacoms.exe | 
{8327935D-39E3-4DE3-A83A-3685CC781462} -> profile=private | protocol=17 | dir=in | action=allow | name=abbyy finereader | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
{8A053324-9424-4AD4-897A-BB0CBCC366C8} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | 
{93210550-B834-4174-86A2-B56B25908DBE} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | 
{963672B6-EDE8-477F-BE8A-AB261E500BA0} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{96E57D93-1764-4506-8081-4ADB8902FA59} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
{98C284A3-E366-4B01-852A-250D72F25FEC} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | 
{9B7675E5-6B0F-4C54-A9FE-0245CDCB732B} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | 
{9D35DD58-AF2A-4D90-AD79-B11FA58382A8} -> dir=in | action=allow | name=cyberlink powerdvd dx resident program | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe | 
{A169F9B9-8C8A-41D3-803E-8C75AABC91AB} -> dir=in | action=allow | name=windows live sync | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
{A18F3259-4FF7-4379-84AC-A3EE7A5103E8} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | 
{AACEB44A-F9A3-4ACF-928F-444043173D62} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{AC15B4CB-65B0-4FF9-B6FD-E5AF5AFB1E2E} -> dir=in | action=allow | name=cyberlink powerdvd dx | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe | 
{B58DEBC2-D683-433B-806F-0B52135BBB16} -> profile=private | protocol=17 | dir=in | action=allow | name=microsoft onenote | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
{B733449C-3EE6-4131-BA81-ED2FF7699698} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{B7A2B0E2-474C-4FEB-B840-2DB00A284874} -> profile=private | protocol=6 | dir=in | action=allow | name=microsoft onenote | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
{BBE40933-9C6B-48CD-AAEF-3AC0715C6C40} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{C1593DCF-164C-49D7-A1D5-606DA9F07F35} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | 
{C26BA90B-667E-48B8-8A61-C2F0B8D6AA06} -> dir=in | action=allow | name=v310-v510 series server | app=c:\windows\system32\dleacoms.exe | 
{C2C148B5-D3FA-405F-BA2C-D235C6A5A686} -> dir=in | action=allow | name=lexmark communications system | app=c:\windows\system32\dleacoms.exe | 
{CB7D5128-0588-47BB-961B-26F55DDB0C75} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | 
{CECAA23B-D819-40B2-A36A-651F47794623} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | 
{E09A0C87-EA0C-41EB-A791-890353ABE151} -> profile=private | protocol=6 | dir=in | action=allow | name=abbyy finereader | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
{E6BAAC6E-08F2-4A27-8936-65C7FA613100} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{E819124A-277D-4E38-9A6E-8530DBE6B435} -> profile=public | protocol=6 | dir=in | action=allow | name=mcafee shared service host | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [\SystemRoot\system32\drivers\cdrom.sys] -> File not found
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
[Registry - Additional Scans - Safe List]
< 64bit-Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> 
"msacm.l3acm" -> C:\Windows\SysNative\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2009/07/13 21:38:53 | 000,081,408 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
< Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> 
"msacm.l3acm" -> C:\Windows\SysWOW64\l3codeca.acm [C:\Windows\SysWOW64\l3codeca.acm] -> [2009/07/13 21:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
"vidc.cvid" -> C:\Windows\SysWow64\iccvid.dll [iccvid.dll] -> [2010/11/20 08:19:17 | 000,082,944 | ---- | M] (Radius Inc.)
< 64bit-SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> 
!SASCORE -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2011/05/04 13:55:09 | 000,128,384 | ---- | M] (SUPERAntiSpyware.com)
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
AppMgmt -> 32bit -> File not found
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
MCODS -> Reg Error: Value error.
NTDS -> 32bit -> File not found
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
Primary disk -> Driver Group
sacsvr -> Service
SCSI Class -> Driver Group
System Bus Extender -> Driver Group
TrustedInstaller -> 32bit -> File not found
vmms -> Service
WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
< SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> 
!SASCORE -> 64bit -> File not found
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
AppInfo -> 64bit -> File not found
AppMgmt -> 64bit -> File not found
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
DcomLaunch -> 64bit -> File not found
EFS -> 64bit -> File not found
EventLog -> 64bit -> File not found
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
KeyIso -> 64bit -> File not found
MCODS -> Reg Error: Value error.
Netlogon -> 64bit -> File not found
NTDS -> 64bit -> File not found
PCI Configuration -> Driver Group
PlugPlay -> 64bit -> File not found
PNP Filter -> Driver Group
Power -> 64bit -> File not found
Primary disk -> Driver Group
ProfSvc -> 64bit -> File not found
RpcEptMapper -> 64bit -> File not found
RpcSs -> 64bit -> File not found
sacsvr -> Service
SCSI Class -> Driver Group
sermouse.sys -> 64bit -> File not found
SWPRV -> 64bit -> File not found
System Bus Extender -> Driver Group
TabletInputService -> 64bit -> File not found
TBS -> 64bit -> File not found
VDS -> 64bit -> File not found
vga.sys -> 64bit -> File not found
vgasave.sys -> 64bit -> File not found
vmms -> Service
volmgr.sys -> 64bit -> File not found
volmgrx.sys -> 64bit -> File not found
Wdf01000.sys -> 64bit -> File not found
WinDefend -> 64bit -> File not found
WinMgmt -> 64bit -> File not found
WudfPf -> 64bit -> File not found
WudfRd -> 64bit -> File not found
WudfSvc -> 64bit -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
64bit-batfile [open] -> "%1" %* -> File not found
64bit-cmdfile [open] -> "%1" %* -> File not found
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
64bit-htmlfile [print] -> rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" -> [2009/07/13 21:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation)
64bit-https [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" -nohome -> [2010/11/20 09:28:25 | 000,695,056 | ---- | M] (Microsoft Corporation)
64bit-inffile [install] -> %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 -> [2009/07/13 21:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation)
64bit-InternetShortcut [open] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l -> [2009/07/13 21:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation)
64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2009/07/13 21:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation)
64bit-piffile [open] -> "%1" %* -> File not found
64bit-scrfile [config] -> "%1" -> File not found
64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> File not found
64bit-scrfile [open] -> "%1" /S -> File not found
64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> File not found
64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2010/11/20 09:24:33 | 000,345,088 | ---- | M] (Microsoft Corporation)
64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
64bit-Folder [open] -> %SystemRoot%\Explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
batfile [open] -> "%1" %* -> 
cmdfile [open] -> "%1" %* -> 
comfile [open] -> "%1" %* -> 
cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2009/07/13 21:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation)
exefile [open] -> "%1" %* -> 
https [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" -nohome -> [2010/11/20 09:28:25 | 000,695,056 | ---- | M] (Microsoft Corporation)
piffile [open] -> "%1" %* -> 
scrfile [config] -> "%1" -> 
scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> 
scrfile [open] -> "%1" /S -> 
Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> 
Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2010/11/20 08:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation)
Directory [find] -> %SystemRoot%\Explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
Folder [open] -> %SystemRoot%\Explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
Drive [find] -> %SystemRoot%\Explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 7/4/2011 11:31:15 AM Computer Name = Cathy-PC | Source = SideBySide | ID = 16842832 -> Description = Activation context generation failed for "C:\Program Files (x86)\Cozi Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component version required by the application conflicts with another component version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.  Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Application [ Error ] 7/4/2011 12:53:31 PM Computer Name = Cathy-PC | Source = SideBySide | ID = 16842832 -> Description = Activation context generation failed for "C:\Program Files (x86)\Cozi Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component version required by the application conflicts with another component version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.  Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Application [ Error ] 7/4/2011 12:53:31 PM Computer Name = Cathy-PC | Source = SideBySide | ID = 16842832 -> Description = Activation context generation failed for "C:\Program Files (x86)\Cozi Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component version required by the application conflicts with another component version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.  Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Application [ Error ] 7/4/2011 1:22:38 PM Computer Name = Cathy-PC | Source = Application Error | ID = 1000 -> Description = Faulting application name: svchost.exe_WinDefend, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1  Faulting module name: mpengine.dll, version: 1.1.7000.0, time stamp: 0x4dee5a06  Exception code: 0xc0000005  Fault offset: 0x00000000000ec36b  Faulting process id: 0x1530  Faulting application start time: 0x01cc3a6e8b34d76c  Faulting application path: C:\Windows\System32\svchost.exe  Faulting module path: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{447285C4-946F-4052-A70F-FB6CBA4EC8C4}\mpengine.dll  Report Id: 36d31f16-a662-11e0-ba95-f04da27a936b
Application [ Error ] 7/4/2011 1:56:01 PM Computer Name = Cathy-PC | Source = DataSafe.exe | ID = 0 -> Description = ReadConfigFile
Application [ Error ] 7/4/2011 1:56:01 PM Computer Name = Cathy-PC | Source = DataSafe.exe | ID = 0 -> Description = Config file content invalid
Application [ Error ] 7/4/2011 1:56:15 PM Computer Name = Cathy-PC | Source = DataSafe.exe | ID = 0 -> Description = ReadConfigFile
Application [ Error ] 7/4/2011 1:56:15 PM Computer Name = Cathy-PC | Source = DataSafe.exe | ID = 0 -> Description = Config file content invalid
Application [ Error ] 7/5/2011 5:54:54 PM Computer Name = Cathy-PC | Source = SideBySide | ID = 16842832 -> Description = Activation context generation failed for "C:\Program Files (x86)\Cozi Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component version required by the application conflicts with another component version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.  Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Application [ Error ] 7/5/2011 5:54:54 PM Computer Name = Cathy-PC | Source = SideBySide | ID = 16842832 -> Description = Activation context generation failed for "C:\Program Files (x86)\Cozi Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component version required by the application conflicts with another component version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.  Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Dell [ Error ] 11/15/2010 10:29:54 PM Computer Name = Cathy-PC | Source = DataSafe | ID = 17 -> Description = The process was interrupted before completion.
Dell [ Error ] 11/15/2010 10:29:54 PM Computer Name = Cathy-PC | Source = DataSafe | ID = 17 -> Description = The process was interrupted before completion.
Dell [ Error ] 3/2/2011 4:09:16 PM Computer Name = Cathy-PC | Source = DataSafe | ID = 17 -> Description = The process was interrupted before completion.
Dell [ Error ] 3/2/2011 4:09:16 PM Computer Name = Cathy-PC | Source = DataSafe | ID = 17 -> Description = The process was interrupted before completion.
Dell [ Error ] 3/25/2011 6:07:16 PM Computer Name = Cathy-PC | Source = DataSafe | ID = 17 -> Description = The process was interrupted before completion.
System [ Error ] 4/27/2011 9:42:29 PM Computer Name = Cathy-PC | Source = BTHUSB | ID = 327697 -> Description = The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
System [ Error ] 4/28/2011 7:42:38 AM Computer Name = Cathy-PC | Source = BTHUSB | ID = 327697 -> Description = The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
System [ Error ] 4/28/2011 8:19:30 AM Computer Name = Cathy-PC | Source = BTHUSB | ID = 327697 -> Description = The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
System [ Error ] 4/28/2011 9:45:46 AM Computer Name = Cathy-PC | Source = BTHUSB | ID = 327697 -> Description = The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
System [ Error ] 4/28/2011 9:54:32 AM Computer Name = Cathy-PC | Source = BTHUSB | ID = 327697 -> Description = The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
System [ Error ] 4/28/2011 11:09:55 AM Computer Name = Cathy-PC | Source = BTHUSB | ID = 327697 -> Description = The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
System [ Error ] 4/28/2011 1:40:04 PM Computer Name = Cathy-PC | Source = BTHUSB | ID = 327697 -> Description = The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
System [ Error ] 4/28/2011 4:56:00 PM Computer Name = Cathy-PC | Source = BTHUSB | ID = 327697 -> Description = The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
System [ Error ] 4/28/2011 5:06:17 PM Computer Name = Cathy-PC | Source = BTHUSB | ID = 327697 -> Description = The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
System [ Error ] 4/28/2011 5:16:25 PM Computer Name = Cathy-PC | Source = BTHUSB | ID = 327697 -> Description = The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
[Files/Folders - Created Within 30 Days]
 OTS.exe -> C:\Users\Cathy\Desktop\OTS.exe -> [2011/07/09 20:58:52 | 000,645,120 | ---- | C] (OldTimer Tools)
 {43D360BE-D5DB-471D-A622-8B3602E6E245} -> C:\Users\Cathy\AppData\Local\{43D360BE-D5DB-471D-A622-8B3602E6E245} -> [2011/07/09 12:28:56 | 000,000,000 | ---D | C]
 {B8E5CD98-E617-41DB-A5FB-805D81D69428} -> C:\Users\Cathy\AppData\Local\{B8E5CD98-E617-41DB-A5FB-805D81D69428} -> [2011/07/08 21:42:43 | 000,000,000 | ---D | C]
 SUPERAntiSpyware.com -> C:\Users\Cathy\AppData\Roaming\SUPERAntiSpyware.com -> [2011/07/07 21:50:43 | 000,000,000 | ---D | C]
 {4FEA2A0F-BE9B-4161-A871-6819C424F0F9} -> C:\Users\Cathy\AppData\Local\{4FEA2A0F-BE9B-4161-A871-6819C424F0F9} -> [2011/07/07 21:38:59 | 000,000,000 | ---D | C]
 aswFsBlk.sys -> C:\Windows\SysNative\drivers\aswFsBlk.sys -> [2011/07/07 21:34:15 | 000,022,360 | ---- | C] (AVAST Software)
 avast! Free Antivirus -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus -> [2011/07/07 21:34:15 | 000,000,000 | ---D | C]
 aswSP.sys -> C:\Windows\SysNative\drivers\aswSP.sys -> [2011/07/07 21:34:13 | 000,288,088 | ---- | C] (AVAST Software)
 aswTdi.sys -> C:\Windows\SysNative\drivers\aswTdi.sys -> [2011/07/07 21:34:06 | 000,045,400 | ---- | C] (AVAST Software)
 aswRdr.sys -> C:\Windows\SysNative\drivers\aswRdr.sys -> [2011/07/07 21:34:06 | 000,031,064 | ---- | C] (AVAST Software)
 aswSnx.sys -> C:\Windows\SysNative\drivers\aswSnx.sys -> [2011/07/07 21:34:05 | 000,600,920 | ---- | C] (AVAST Software)
 aswMonFlt.sys -> C:\Windows\SysNative\drivers\aswMonFlt.sys -> [2011/07/07 21:34:04 | 000,064,856 | ---- | C] (AVAST Software)
 aswBoot.exe -> C:\Windows\SysWow64\aswBoot.exe -> [2011/07/07 21:33:50 | 000,199,304 | ---- | C] (AVAST Software)
 avastSS.scr -> C:\Windows\avastSS.scr -> [2011/07/07 21:33:50 | 000,040,112 | ---- | C] (AVAST Software)
 temp -> C:\Windows\temp -> [2011/07/07 21:19:51 | 000,000,000 | ---D | C]
 $RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2011/07/07 21:18:20 | 000,000,000 | -HSD | C]
 cComboFix4855c -> C:\cComboFix4855c -> [2011/07/07 20:24:53 | 000,000,000 | ---D | C]
 {9C2D6791-BD13-4EE6-A3F8-73E50855F916} -> C:\Users\Cathy\AppData\Local\{9C2D6791-BD13-4EE6-A3F8-73E50855F916} -> [2011/07/07 20:22:41 | 000,000,000 | ---D | C]
 {2FCE3EF1-C33B-44F8-ABD6-7BD2C859D123} -> C:\Users\Cathy\AppData\Local\{2FCE3EF1-C33B-44F8-ABD6-7BD2C859D123} -> [2011/07/07 20:17:30 | 000,000,000 | ---D | C]
 {0EC43B72-FAC5-4BDD-95F4-FAD9B422C51F} -> C:\Users\Cathy\AppData\Local\{0EC43B72-FAC5-4BDD-95F4-FAD9B422C51F} -> [2011/07/07 20:17:29 | 000,000,000 | ---D | C]
 {A2EEB8D2-B4FB-402B-A4AD-68A09135CE3E} -> C:\Users\Cathy\AppData\Local\{A2EEB8D2-B4FB-402B-A4AD-68A09135CE3E} -> [2011/07/06 18:41:06 | 000,000,000 | ---D | C]
 {09B1B58C-F592-41E3-B1DA-D0AF88055620} -> C:\Users\Cathy\AppData\Local\{09B1B58C-F592-41E3-B1DA-D0AF88055620} -> [2011/07/06 06:40:31 | 000,000,000 | ---D | C]
 Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2011/07/05 22:38:05 | 000,000,000 | ---D | C]
 SWREG.exe -> C:\Windows\SWREG.exe -> [2011/07/05 21:11:26 | 000,518,144 | ---- | C] (SteelWerX)
 SWSC.exe -> C:\Windows\SWSC.exe -> [2011/07/05 21:11:26 | 000,406,528 | ---- | C] (SteelWerX)
 NIRCMD.exe -> C:\Windows\NIRCMD.exe -> [2011/07/05 21:11:26 | 000,060,416 | ---- | C] (NirSoft)
 cComboFix2785c -> C:\cComboFix2785c -> [2011/07/05 21:10:17 | 000,000,000 | ---D | C]
 cComboFix16726c -> C:\cComboFix16726c -> [2011/07/05 21:07:23 | 000,000,000 | ---D | C]
 Qoobox -> C:\Qoobox -> [2011/07/05 21:05:03 | 000,000,000 | ---D | C]
 {B0998613-16B8-4964-B625-ACCA793D751F} -> C:\Users\Cathy\AppData\Local\{B0998613-16B8-4964-B625-ACCA793D751F} -> [2011/07/05 13:02:59 | 000,000,000 | ---D | C]
 {7C4C6A61-2D59-4C51-A9C3-8314B8C886C4} -> C:\Users\Cathy\AppData\Local\{7C4C6A61-2D59-4C51-A9C3-8314B8C886C4} -> [2011/07/04 22:33:52 | 000,000,000 | ---D | C]
 ffnd.exe -> C:\Windows\SysNative\ffnd.exe -> [2011/07/04 13:15:03 | 000,013,824 | ---- | C] (Kephyr)
 FreeFixer -> C:\Users\Cathy\AppData\Roaming\FreeFixer -> [2011/07/04 12:53:36 | 000,000,000 | ---D | C]
 FreeFixer -> C:\Users\Cathy\AppData\Local\FreeFixer -> [2011/07/04 12:53:36 | 000,000,000 | ---D | C]
 FreeFixer -> C:\Program Files\FreeFixer -> [2011/07/04 12:53:29 | 000,000,000 | ---D | C]
 My Weblog Posts -> C:\Users\Cathy\Documents\My Weblog Posts -> [2011/07/04 11:31:54 | 000,000,000 | ---D | C]
 Mozilla -> C:\Users\Cathy\AppData\Roaming\Mozilla -> [2011/07/04 11:20:20 | 000,000,000 | ---D | C]
 Mozilla -> C:\Users\Cathy\AppData\Local\Mozilla -> [2011/07/04 11:20:20 | 000,000,000 | ---D | C]
 Mozilla Firefox -> C:\Program Files (x86)\Mozilla Firefox -> [2011/07/04 11:20:12 | 000,000,000 | ---D | C]
 {4E98D70A-10F1-4BF1-B004-6F0D9612EFE2} -> C:\Users\Cathy\AppData\Local\{4E98D70A-10F1-4BF1-B004-6F0D9612EFE2} -> [2011/07/04 10:33:18 | 000,000,000 | ---D | C]
 MGtools -> C:\MGtools -> [2011/07/03 23:23:04 | 000,000,000 | ---D | C]
 SPReview -> C:\Windows\SysNative\SPReview -> [2011/07/03 19:25:15 | 000,000,000 | ---D | C]
 EventProviders -> C:\Windows\SysNative\EventProviders -> [2011/07/03 19:24:29 | 000,000,000 | ---D | C]
 RegCure -> C:\ProgramData\RegCure -> [2011/07/03 19:08:14 | 000,000,000 | ---D | C]
 cComboFix22287c -> C:\cComboFix22287c -> [2011/07/03 18:10:20 | 000,000,000 | ---D | C]
 FixCleaner -> C:\Users\Cathy\AppData\Roaming\FixCleaner -> [2011/07/03 18:05:47 | 000,000,000 | ---D | C]
 FixCleaner -> C:\Program Files (x86)\FixCleaner -> [2011/07/03 18:05:37 | 000,000,000 | ---D | C]
 ERDNT -> C:\Windows\ERDNT -> [2011/07/03 14:03:39 | 000,000,000 | ---D | C]
 cComboFix -> C:\cComboFix -> [2011/07/03 14:03:30 | 000,000,000 | ---D | C]
 {DB7B3E9F-A9C2-4D30-B421-2D49B1D0FFDE} -> C:\Users\Cathy\AppData\Local\{DB7B3E9F-A9C2-4D30-B421-2D49B1D0FFDE} -> [2011/07/03 13:59:57 | 000,000,000 | ---D | C]
 cComboFix.exe -> C:\Users\Cathy\Desktop\cComboFix.exe -> [2011/07/03 13:33:35 | 004,131,692 | R--- | C] (Swearware)
 {1C1E32E1-B27D-4C30-87D3-D5BE7EE0996A} -> C:\Users\Cathy\AppData\Local\{1C1E32E1-B27D-4C30-87D3-D5BE7EE0996A} -> [2011/07/02 23:42:49 | 000,000,000 | ---D | C]
 587fdcd6432f26a1a7 -> C:\587fdcd6432f26a1a7 -> [2011/07/02 23:37:22 | 000,000,000 | ---D | C]
 {6F22307F-1E91-48CA-978A-F94E157AD1FC} -> C:\Users\Cathy\AppData\Local\{6F22307F-1E91-48CA-978A-F94E157AD1FC} -> [2011/07/02 23:36:22 | 000,000,000 | ---D | C]
 {7E674969-9B23-4E56-BF88-C6C7D494314F} -> C:\Users\Cathy\AppData\Local\{7E674969-9B23-4E56-BF88-C6C7D494314F} -> [2011/07/02 23:25:28 | 000,000,000 | ---D | C]
 Windows Live Writer -> C:\Users\Cathy\AppData\Roaming\Windows Live Writer -> [2011/07/02 15:39:58 | 000,000,000 | ---D | C]
 Windows Live Writer -> C:\Users\Cathy\AppData\Local\Windows Live Writer -> [2011/07/02 15:39:58 | 000,000,000 | ---D | C]
 Malwarebytes -> C:\Users\Cathy\AppData\Roaming\Malwarebytes -> [2011/07/02 14:30:43 | 000,000,000 | ---D | C]
 Malwarebytes -> C:\ProgramData\Malwarebytes -> [2011/07/02 14:30:34 | 000,000,000 | ---D | C]
 {F5BDBC52-89CF-4F86-A914-688D38CA0AF0} -> C:\Users\Cathy\AppData\Local\{F5BDBC52-89CF-4F86-A914-688D38CA0AF0} -> [2011/07/02 07:47:52 | 000,000,000 | ---D | C]
 dfshim.dll -> C:\Windows\SysNative\dfshim.dll -> [2011/07/02 02:45:55 | 001,942,856 | ---- | C] (Microsoft Corporation)
 netfxperf.dll -> C:\Windows\SysNative\netfxperf.dll -> [2011/07/02 02:45:55 | 000,048,976 | ---- | C] (Microsoft Corporation)
 dfshim.dll -> C:\Windows\SysWow64\dfshim.dll -> [2011/07/02 02:45:48 | 001,130,824 | ---- | C] (Microsoft Corporation)
 TsUsbFlt.sys -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2011/07/02 02:45:44 | 000,059,392 | ---- | C] (Microsoft Corporation)
 TsUsbRedirectionGroupPolicyExtension.dll -> C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll -> [2011/07/02 02:45:44 | 000,012,288 | ---- | C] (Microsoft Corporation)
 mstscax.dll -> C:\Windows\SysNative\mstscax.dll -> [2011/07/02 02:45:43 | 003,715,584 | ---- | C] (Microsoft Corporation)
 d3d10warp.dll -> C:\Windows\SysNative\d3d10warp.dll -> [2011/07/02 02:45:43 | 001,838,080 | ---- | C] (Microsoft Corporation)
 mstscax.dll -> C:\Windows\SysWow64\mstscax.dll -> [2011/07/02 02:45:41 | 003,215,872 | ---- | C] (Microsoft Corporation)
 d3d10warp.dll -> C:\Windows\SysWow64\d3d10warp.dll -> [2011/07/02 02:45:39 | 001,171,456 | ---- | C] (Microsoft Corporation)
 mfc40.dll -> C:\Windows\SysWow64\mfc40.dll -> [2011/07/02 02:45:38 | 000,954,752 | ---- | C] (Microsoft Corporation)
 mfc40u.dll -> C:\Windows\SysWow64\mfc40u.dll -> [2011/07/02 02:45:38 | 000,954,288 | ---- | C] (Microsoft Corporation)
 wmp.dll -> C:\Windows\SysNative\wmp.dll -> [2011/07/02 02:45:35 | 014,633,472 | ---- | C] (Microsoft Corporation)
 mf.dll -> C:\Windows\SysNative\mf.dll -> [2011/07/02 02:45:33 | 004,120,064 | ---- | C] (Microsoft Corporation)
 mmcndmgr.dll -> C:\Windows\SysNative\mmcndmgr.dll -> [2011/07/02 02:45:33 | 003,205,120 | ---- | C] (Microsoft Corporation)
 ntdll.dll -> C:\Windows\SysNative\ntdll.dll -> [2011/07/02 02:45:33 | 001,731,936 | ---- | C] (Microsoft Corporation)
 secproc_isv.dll -> C:\Windows\SysNative\secproc_isv.dll -> [2011/07/02 02:45:33 | 000,485,888 | ---- | C] (Microsoft Corporation)
 RMActivate_isv.exe -> C:\Windows\SysNative\RMActivate_isv.exe -> [2011/07/02 02:45:32 | 000,362,496 | ---- | C] (Microsoft Corporation)
 xpsservices.dll -> C:\Windows\SysNative\xpsservices.dll -> [2011/07/02 02:45:31 | 003,008,000 | ---- | C] (Microsoft Corporation)
 secproc.dll -> C:\Windows\SysNative\secproc.dll -> [2011/07/02 02:45:31 | 000,488,448 | ---- | C] (Microsoft Corporation)
 secproc_isv.dll -> C:\Windows\SysWow64\secproc_isv.dll -> [2011/07/02 02:45:31 | 000,423,936 | ---- | C] (Microsoft Corporation)
 RMActivate.exe -> C:\Windows\SysNative\RMActivate.exe -> [2011/07/02 02:45:31 | 000,359,424 | ---- | C] (Microsoft Corporation)
 rpcrt4.dll -> C:\Windows\SysNative\rpcrt4.dll -> [2011/07/02 02:45:30 | 001,219,584 | ---- | C] (Microsoft Corporation)
 secproc.dll -> C:\Windows\SysWow64\secproc.dll -> [2011/07/02 02:45:30 | 000,428,032 | ---- | C] (Microsoft Corporation)
 RMActivate_isv.exe -> C:\Windows\SysWow64\RMActivate_isv.exe -> [2011/07/02 02:45:30 | 000,327,168 | ---- | C] (Microsoft Corporation)
 ole32.dll -> C:\Windows\SysNative\ole32.dll -> [2011/07/02 02:45:29 | 002,086,912 | ---- | C] (Microsoft Corporation)
 RMActivate.exe -> C:\Windows\SysWow64\RMActivate.exe -> [2011/07/02 02:45:29 | 000,322,048 | ---- | C] (Microsoft Corporation)
 spwizui.dll -> C:\Windows\SysNative\spwizui.dll -> [2011/07/02 02:45:28 | 000,263,168 | ---- | C] (Microsoft Corporation)
 RacEngn.dll -> C:\Windows\SysNative\RacEngn.dll -> [2011/07/02 02:45:27 | 001,556,992 | ---- | C] (Microsoft Corporation)
 diagperf.dll -> C:\Windows\SysNative\diagperf.dll -> [2011/07/02 02:45:27 | 001,340,416 | ---- | C] (Microsoft Corporation)
 taskschd.dll -> C:\Windows\SysNative\taskschd.dll -> [2011/07/02 02:45:27 | 001,197,056 | ---- | C] (Microsoft Corporation)
 mf.dll -> C:\Windows\SysWow64\mf.dll -> [2011/07/02 02:45:26 | 003,207,680 | ---- | C] (Microsoft Corporation)
 ExplorerFrame.dll -> C:\Windows\SysNative\ExplorerFrame.dll -> [2011/07/02 02:45:26 | 001,866,240 | ---- | C] (Microsoft Corporation)
 vssapi.dll -> C:\Windows\SysNative\vssapi.dll -> [2011/07/02 02:45:26 | 001,753,088 | ---- | C] (Microsoft Corporation)
 UIRibbon.dll -> C:\Windows\SysNative\UIRibbon.dll -> [2011/07/02 02:45:25 | 003,860,992 | ---- | C] (Microsoft Corporation)
 CertEnroll.dll -> C:\Windows\SysWow64\CertEnroll.dll -> [2011/07/02 02:45:25 | 001,334,272 | ---- | C] (Microsoft Corporation)
 NaturalLanguage6.dll -> C:\Windows\SysNative\NaturalLanguage6.dll -> [2011/07/02 02:45:25 | 001,326,080 | ---- | C] (Microsoft Corporation)
 mcupdate_GenuineIntel.dll -> C:\Windows\SysNative\mcupdate_GenuineIntel.dll -> [2011/07/02 02:45:25 | 000,299,392 | ---- | C] (Microsoft Corporation)
 wmp.dll -> C:\Windows\SysWow64\wmp.dll -> [2011/07/02 02:45:24 | 011,410,432 | ---- | C] (Microsoft Corporation)
 WMVCORE.DLL -> C:\Windows\SysNative\WMVCORE.DLL -> [2011/07/02 02:45:23 | 003,027,968 | ---- | C] (Microsoft Corporation)
 PresentationHost.exe -> C:\Windows\SysNative\PresentationHost.exe -> [2011/07/02 02:45:23 | 000,320,352 | ---- | C] (Microsoft Corporation)
 PresentationHost.exe -> C:\Windows\SysWow64\PresentationHost.exe -> [2011/07/02 02:45:23 | 000,295,264 | ---- | C] (Microsoft Corporation)
 PresentationHostProxy.dll -> C:\Windows\SysNative\PresentationHostProxy.dll -> [2011/07/02 02:45:23 | 000,109,928 | ---- | C] (Microsoft Corporation)
 PresentationHostProxy.dll -> C:\Windows\SysWow64\PresentationHostProxy.dll -> [2011/07/02 02:45:23 | 000,099,176 | ---- | C] (Microsoft Corporation)
 CertEnroll.dll -> C:\Windows\SysNative\CertEnroll.dll -> [2011/07/02 02:45:22 | 001,975,296 | ---- | C] (Microsoft Corporation)
 spinstall.exe -> C:\Windows\SysNative\spinstall.exe -> [2011/07/02 02:45:22 | 000,598,016 | ---- | C] (Microsoft Corporation)
 spreview.exe -> C:\Windows\SysNative\spreview.exe -> [2011/07/02 02:45:22 | 000,301,568 | ---- | C] (Microsoft Corporation)
 rdpdd.dll -> C:\Windows\SysNative\rdpdd.dll -> [2011/07/02 02:45:22 | 000,274,944 | ---- | C] (Microsoft Corporation)
 WinSAT.exe -> C:\Windows\SysNative\WinSAT.exe -> [2011/07/02 02:45:21 | 003,957,760 | ---- | C] (Microsoft Corporation)
 d3d9.dll -> C:\Windows\SysNative\d3d9.dll -> [2011/07/02 02:45:21 | 002,067,456 | ---- | C] (Microsoft Corporation)
 WMVDECOD.DLL -> C:\Windows\SysNative\WMVDECOD.DLL -> [2011/07/02 02:45:21 | 001,888,256 | ---- | C] (Microsoft Corporation)
 RacEngn.dll -> C:\Windows\SysWow64\RacEngn.dll -> [2011/07/02 02:45:20 | 001,115,136 | ---- | C] (Microsoft Corporation)
 SearchFolder.dll -> C:\Windows\SysNative\SearchFolder.dll -> [2011/07/02 02:45:20 | 000,867,840 | ---- | C] (Microsoft Corporation)
 AuthFWSnapin.dll -> C:\Windows\SysWow64\AuthFWSnapin.dll -> [2011/07/02 02:45:19 | 005,066,752 | ---- | C] (Microsoft Corporation)
 AuthFWSnapin.dll -> C:\Windows\SysNative\AuthFWSnapin.dll -> [2011/07/02 02:45:19 | 005,066,752 | ---- | C] (Microsoft Corporation)
 dbgeng.dll -> C:\Windows\SysNative\dbgeng.dll -> [2011/07/02 02:45:19 | 003,391,488 | ---- | C] (Microsoft Corporation)
 dwmcore.dll -> C:\Windows\SysNative\dwmcore.dll -> [2011/07/02 02:45:19 | 001,632,256 | ---- | C] (Microsoft Corporation)
 kernel32.dll -> C:\Windows\SysNative\kernel32.dll -> [2011/07/02 02:45:19 | 001,161,216 | ---- | C] (Microsoft Corporation)
 crypt32.dll -> C:\Windows\SysNative\crypt32.dll -> [2011/07/02 02:45:17 | 001,456,128 | ---- | C] (Microsoft Corporation)
 ExplorerFrame.dll -> C:\Windows\SysWow64\ExplorerFrame.dll -> [2011/07/02 02:45:16 | 001,493,504 | ---- | C] (Microsoft Corporation)
 actxprxy.dll -> C:\Windows\SysNative\actxprxy.dll -> [2011/07/02 02:45:16 | 000,958,464 | ---- | C] (Microsoft Corporation)
 lsasrv.dll -> C:\Windows\SysNative\lsasrv.dll -> [2011/07/02 02:45:15 | 001,447,936 | ---- | C] (Microsoft Corporation)
 TSWorkspace.dll -> C:\Windows\SysNative\TSWorkspace.dll -> [2011/07/02 02:45:15 | 000,750,080 | ---- | C] (Microsoft Corporation)
 KernelBase.dll -> C:\Windows\SysNative\KernelBase.dll -> [2011/07/02 02:45:15 | 000,419,840 | ---- | C] (Microsoft Corporation)
 mstsc.exe -> C:\Windows\SysNative\mstsc.exe -> [2011/07/02 02:45:14 | 001,116,672 | ---- | C] (Microsoft Corporation)
 sqmapi.dll -> C:\Windows\SysNative\sqmapi.dll -> [2011/07/02 02:45:14 | 000,244,736 | ---- | C] (Microsoft Corporation)
 d3d9.dll -> C:\Windows\SysWow64\d3d9.dll -> [2011/07/02 02:45:13 | 001,828,352 | ---- | C] (Microsoft Corporation)
 imapi2fs.dll -> C:\Windows\SysNative\imapi2fs.dll -> [2011/07/02 02:45:13 | 001,244,160 | ---- | C] (Microsoft Corporation)
 propsys.dll -> C:\Windows\SysNative\propsys.dll -> [2011/07/02 02:45:13 | 001,212,416 | ---- | C] (Microsoft Corporation)
 d3d11.dll -> C:\Windows\SysNative\d3d11.dll -> [2011/07/02 02:45:13 | 000,787,968 | ---- | C] (Microsoft Corporation)
 netlogon.dll -> C:\Windows\SysNative\netlogon.dll -> [2011/07/02 02:45:13 | 000,695,808 | ---- | C] (Microsoft Corporation)
 setupapi.dll -> C:\Windows\SysNative\setupapi.dll -> [2011/07/02 02:45:12 | 001,900,544 | ---- | C] (Microsoft Corporation)
 taskschd.dll -> C:\Windows\SysWow64\taskschd.dll -> [2011/07/02 02:45:12 | 000,505,856 | ---- | C] (Microsoft Corporation)
 authui.dll -> C:\Windows\SysNative\authui.dll -> [2011/07/02 02:45:11 | 001,927,680 | ---- | C] (Microsoft Corporation)
 werconcpl.dll -> C:\Windows\SysNative\werconcpl.dll -> [2011/07/02 02:45:11 | 001,281,024 | ---- | C] (Microsoft Corporation)
 mstsc.exe -> C:\Windows\SysWow64\mstsc.exe -> [2011/07/02 02:45:11 | 001,049,600 | ---- | C] (Microsoft Corporation)
 user32.dll -> C:\Windows\SysNative\user32.dll -> [2011/07/02 02:45:11 | 001,008,128 | ---- | C] (Microsoft Corporation)
 odbc32.dll -> C:\Windows\SysNative\odbc32.dll -> [2011/07/02 02:45:11 | 000,720,896 | ---- | C] (Microsoft Corporation)
 taskeng.exe -> C:\Windows\SysNative\taskeng.exe -> [2011/07/02 02:45:11 | 000,464,384 | ---- | C] (Microsoft Corporation)
 certmgr.dll -> C:\Windows\SysNative\certmgr.dll -> [2011/07/02 02:45:10 | 001,796,096 | ---- | C] (Microsoft Corporation)
 netio.sys -> C:\Windows\SysNative\drivers\netio.sys -> [2011/07/02 02:45:10 | 000,376,192 | ---- | C] (Microsoft Corporation)
 localspl.dll -> C:\Windows\SysNative\localspl.dll -> [2011/07/02 02:45:09 | 000,955,904 | ---- | C] (Microsoft Corporation)
 PortableDeviceApi.dll -> C:\Windows\SysNative\PortableDeviceApi.dll -> [2011/07/02 02:45:09 | 000,758,272 | ---- | C] (Microsoft Corporation)
 webio.dll -> C:\Windows\SysNative\webio.dll -> [2011/07/02 02:45:09 | 000,395,776 | ---- | C] (Microsoft Corporation)
 wer.dll -> C:\Windows\SysWow64\wer.dll -> [2011/07/02 02:45:09 | 000,381,440 | ---- | C] (Microsoft Corporation)
 certcli.dll -> C:\Windows\SysWow64\certcli.dll -> [2011/07/02 02:45:09 | 000,342,016 | ---- | C] (Microsoft Corporation)
 tsmf.dll -> C:\Windows\SysNative\tsmf.dll -> [2011/07/02 02:45:09 | 000,299,520 | ---- | C] (Microsoft Corporation)
 ncsi.dll -> C:\Windows\SysNative\ncsi.dll -> [2011/07/02 02:45:09 | 000,210,944 | ---- | C] (Microsoft Corporation)
 scavengeui.dll -> C:\Windows\SysNative\scavengeui.dll -> [2011/07/02 02:45:09 | 000,146,944 | ---- | C] (Microsoft Corporation)
 netshell.dll -> C:\Windows\SysNative\netshell.dll -> [2011/07/02 02:45:08 | 002,652,160 | ---- | C] (Microsoft Corporation)
 msdtctm.dll -> C:\Windows\SysNative\msdtctm.dll -> [2011/07/02 02:45:08 | 001,509,888 | ---- | C] (Microsoft Corporation)
 dwmcore.dll -> C:\Windows\SysWow64\dwmcore.dll -> [2011/07/02 02:45:08 | 001,371,136 | ---- | C] (Microsoft Corporation)
 msdrm.dll -> C:\Windows\SysNative\msdrm.dll -> [2011/07/02 02:45:08 | 000,457,216 | ---- | C] (Microsoft Corporation)
 shlwapi.dll -> C:\Windows\SysNative\shlwapi.dll -> [2011/07/02 02:45:08 | 000,448,512 | ---- | C] (Microsoft Corporation)
 framedynos.dll -> C:\Windows\SysNative\framedynos.dll -> [2011/07/02 02:45:08 | 000,295,936 | ---- | C] (Microsoft Corporation)
 quartz.dll -> C:\Windows\SysNative\quartz.dll -> [2011/07/02 02:45:07 | 001,572,352 | ---- | C] (Microsoft Corporation)
 usp10.dll -> C:\Windows\SysNative\usp10.dll -> [2011/07/02 02:45:07 | 000,800,256 | ---- | C] (Microsoft Corporation)
 dxgi.dll -> C:\Windows\SysNative\dxgi.dll -> [2011/07/02 02:45:07 | 000,658,944 | ---- | C] (Microsoft Corporation)
 comdlg32.dll -> C:\Windows\SysNative\comdlg32.dll -> [2011/07/02 02:45:07 | 000,594,432 | ---- | C] (Microsoft Corporation)
 odbc32.dll -> C:\Windows\SysWow64\odbc32.dll -> [2011/07/02 02:45:07 | 000,573,440 | ---- | C] (Microsoft Corporation)
 netcfgx.dll -> C:\Windows\SysNative\netcfgx.dll -> [2011/07/02 02:45:07 | 000,519,680 | ---- | C] (Microsoft Corporation)
 winlogon.exe -> C:\Windows\SysNative\winlogon.exe -> [2011/07/02 02:45:07 | 000,390,656 | ---- | C] (Microsoft Corporation)
 lsm.exe -> C:\Windows\SysNative\lsm.exe -> [2011/07/02 02:45:07 | 000,343,040 | ---- | C] (Microsoft Corporation)
 ws2_32.dll -> C:\Windows\SysNative\ws2_32.dll -> [2011/07/02 02:45:07 | 000,297,984 | ---- | C] (Microsoft Corporation)
 tcpmonui.dll -> C:\Windows\SysWow64\tcpmonui.dll -> [2011/07/02 02:45:07 | 000,061,440 | ---- | C] (Microsoft Corporation)
 Query.dll -> C:\Windows\SysNative\Query.dll -> [2011/07/02 02:45:06 | 002,055,680 | ---- | C] (Microsoft Corporation)
 quartz.dll -> C:\Windows\SysWow64\quartz.dll -> [2011/07/02 02:45:06 | 001,328,128 | ---- | C] (Microsoft Corporation)
 TSWorkspace.dll -> C:\Windows\SysWow64\TSWorkspace.dll -> [2011/07/02 02:45:06 | 000,597,504 | ---- | C] (Microsoft Corporation)
 wmpps.dll -> C:\Windows\SysNative\wmpps.dll -> [2011/07/02 02:45:06 | 000,481,280 | ---- | C] (Microsoft Corporation)
 apphelp.dll -> C:\Windows\SysNative\apphelp.dll -> [2011/07/02 02:45:06 | 000,342,016 | ---- | C] (Microsoft Corporation)
 dot3api.dll -> C:\Windows\SysWow64\dot3api.dll -> [2011/07/02 02:45:06 | 000,091,136 | ---- | C] (Microsoft Corporation)
 wpdshext.dll -> C:\Windows\SysNative\wpdshext.dll -> [2011/07/02 02:45:05 | 002,543,616 | ---- | C] (Microsoft Corporation)
 Vault.dll -> C:\Windows\SysNative\Vault.dll -> [2011/07/02 02:45:05 | 001,098,240 | ---- | C] (Microsoft Corporation)
 azroles.dll -> C:\Windows\SysNative\azroles.dll -> [2011/07/02 02:45:05 | 000,897,536 | ---- | C] (Microsoft Corporation)
 samsrv.dll -> C:\Windows\SysNative\samsrv.dll -> [2011/07/02 02:45:05 | 000,758,784 | ---- | C] (Microsoft Corporation)
 cmd.exe -> C:\Windows\SysNative\cmd.exe -> [2011/07/02 02:45:05 | 000,345,088 | ---- | C] (Microsoft Corporation)
 tsmf.dll -> C:\Windows\SysWow64\tsmf.dll -> [2011/07/02 02:45:05 | 000,270,848 | ---- | C] (Microsoft Corporation)
 QAGENT.DLL -> C:\Windows\SysNative\QAGENT.DLL -> [2011/07/02 02:45:05 | 000,266,240 | ---- | C] (Microsoft Corporation)
 dbgeng.dll -> C:\Windows\SysWow64\dbgeng.dll -> [2011/07/02 02:45:04 | 002,522,624 | ---- | C] (Microsoft Corporation)
 lpksetup.exe -> C:\Windows\SysNative\lpksetup.exe -> [2011/07/02 02:45:04 | 000,653,312 | ---- | C] (Microsoft Corporation)
 DShowRdpFilter.dll -> C:\Windows\SysNative\DShowRdpFilter.dll -> [2011/07/02 02:45:04 | 000,281,600 | ---- | C] (Microsoft)
 win32spl.dll -> C:\Windows\SysNative\win32spl.dll -> [2011/07/02 02:45:03 | 000,751,104 | ---- | C] (Microsoft Corporation)
 d3d11.dll -> C:\Windows\SysWow64\d3d11.dll -> [2011/07/02 02:45:03 | 000,522,752 | ---- | C] (Microsoft Corporation)
 netcfgx.dll -> C:\Windows\SysWow64\netcfgx.dll -> [2011/07/02 02:45:03 | 000,406,528 | ---- | C] (Microsoft Corporation)
 WMVDECOD.DLL -> C:\Windows\SysWow64\WMVDECOD.DLL -> [2011/07/02 02:45:02 | 001,619,456 | ---- | C] (Microsoft Corporation)
 WindowsCodecs.dll -> C:\Windows\SysNative\WindowsCodecs.dll -> [2011/07/02 02:45:02 | 001,190,400 | ---- | C] (Microsoft Corporation)
 webio.dll -> C:\Windows\SysWow64\webio.dll -> [2011/07/02 02:45:02 | 000,314,880 | ---- | C] (Microsoft Corporation)
 mmcndmgr.dll -> C:\Windows\SysWow64\mmcndmgr.dll -> [2011/07/02 02:45:01 | 002,151,936 | ---- | C] (Microsoft Corporation)
 pnidui.dll -> C:\Windows\SysNative\pnidui.dll -> [2011/07/02 02:45:01 | 001,808,384 | ---- | C] (Microsoft Corporation)
 Query.dll -> C:\Windows\SysWow64\Query.dll -> [2011/07/02 02:45:01 | 001,363,456 | ---- | C] (Microsoft Corporation)
 ipsmsnap.dll -> C:\Windows\SysNative\ipsmsnap.dll -> [2011/07/02 02:45:01 | 000,584,192 | ---- | C] (Microsoft Corporation)
 sxs.dll -> C:\Windows\SysNative\sxs.dll -> [2011/07/02 02:45:01 | 000,582,656 | ---- | C] (Microsoft Corporation)
 taskcomp.dll -> C:\Windows\SysNative\taskcomp.dll -> [2011/07/02 02:45:01 | 000,473,600 | ---- | C] (Microsoft Corporation)
 mfds.dll -> C:\Windows\SysNative\mfds.dll -> [2011/07/02 02:45:01 | 000,381,440 | ---- | C] (Microsoft Corporation)
 Wldap32.dll -> C:\Windows\SysNative\Wldap32.dll -> [2011/07/02 02:45:01 | 000,312,832 | ---- | C] (Microsoft Corporation)
 mcbuilder.exe -> C:\Windows\SysNative\mcbuilder.exe -> [2011/07/02 02:45:01 | 000,272,896 | ---- | C] (Microsoft Corporation)
 DShowRdpFilter.dll -> C:\Windows\SysWow64\DShowRdpFilter.dll -> [2011/07/02 02:45:01 | 000,252,928 | ---- | C] (Microsoft)
 hgprint.dll -> C:\Windows\SysNative\hgprint.dll -> [2011/07/02 02:45:01 | 000,235,008 | ---- | C] (Microsoft Corporation)
 upnp.dll -> C:\Windows\SysWow64\upnp.dll -> [2011/07/02 02:45:01 | 000,206,848 | ---- | C] (Microsoft Corporation)
 webservices.dll -> C:\Windows\SysNative\webservices.dll -> [2011/07/02 02:45:00 | 001,158,656 | ---- | C] (Microsoft Corporation)
 imapi2fs.dll -> C:\Windows\SysWow64\imapi2fs.dll -> [2011/07/02 02:45:00 | 000,732,160 | ---- | C] (Microsoft Corporation)
 netfxperf.dll -> C:\Windows\SysWow64\netfxperf.dll -> [2011/07/02 02:45:00 | 000,049,488 | ---- | C] (Microsoft Corporation)
 authui.dll -> C:\Windows\SysWow64\authui.dll -> [2011/07/02 02:44:59 | 001,792,000 | ---- | C] (Microsoft Corporation)
 sqlsrv32.dll -> C:\Windows\SysNative\sqlsrv32.dll -> [2011/07/02 02:44:59 | 000,933,888 | ---- | C] (Microsoft Corporation)
 PortableDeviceApi.dll -> C:\Windows\SysWow64\PortableDeviceApi.dll -> [2011/07/02 02:44:59 | 000,547,840 | ---- | C] (Microsoft Corporation)
 gdi32.dll -> C:\Windows\SysNative\gdi32.dll -> [2011/07/02 02:44:59 | 000,403,968 | ---- | C] (Microsoft Corporation)
 fveapi.dll -> C:\Windows\SysNative\fveapi.dll -> [2011/07/02 02:44:59 | 000,345,600 | ---- | C] (Microsoft Corporation)
 msdrm.dll -> C:\Windows\SysWow64\msdrm.dll -> [2011/07/02 02:44:59 | 000,341,504 | ---- | C] (Microsoft Corporation)
 iepeers.dll -> C:\Windows\SysNative\iepeers.dll -> [2011/07/02 02:44:59 | 000,252,928 | ---- | C] (Microsoft Corporation)
 winsta.dll -> C:\Windows\SysNative\winsta.dll -> [2011/07/02 02:44:59 | 000,235,008 | ---- | C] (Microsoft Corporation)
 dot3api.dll -> C:\Windows\SysNative\dot3api.dll -> [2011/07/02 02:44:59 | 000,084,992 | ---- | C] (Microsoft Corporation)
 certmgr.dll -> C:\Windows\SysWow64\certmgr.dll -> [2011/07/02 02:44:58 | 001,555,456 | ---- | C] (Microsoft Corporation)
 WMNetMgr.dll -> C:\Windows\SysNative\WMNetMgr.dll -> [2011/07/02 02:44:58 | 001,243,136 | ---- | C] (Microsoft Corporation)
 mcmde.dll -> C:\Windows\SysNative\mcmde.dll -> [2011/07/02 02:44:58 | 001,009,152 | ---- | C] (Microsoft Corporation)
 MSNP.ax -> C:\Windows\SysNative\MSNP.ax -> [2011/07/02 02:44:58 | 000,288,256 | ---- | C] (Microsoft Corporation)
 schtasks.exe -> C:\Windows\SysNative\schtasks.exe -> [2011/07/02 02:44:58 | 000,285,696 | ---- | C] (Microsoft Corporation)
 mcbuilder.exe -> C:\Windows\SysWow64\mcbuilder.exe -> [2011/07/02 02:44:58 | 000,220,672 | ---- | C] (Microsoft Corporation)
 prncache.dll -> C:\Windows\SysNative\prncache.dll -> [2011/07/02 02:44:58 | 000,183,808 | ---- | C] (Microsoft Corporation)
 xpsservices.dll -> C:\Windows\SysWow64\xpsservices.dll -> [2011/07/02 02:44:57 | 001,712,640 | ---- | C] (Microsoft Corporation)
 wlanpref.dll -> C:\Windows\SysNative\wlanpref.dll -> [2011/07/02 02:44:57 | 001,441,280 | ---- | C] (Microsoft Corporation)
 wuapi.dll -> C:\Windows\SysNative\wuapi.dll -> [2011/07/02 02:44:57 | 000,695,808 | ---- | C] (Microsoft Corporation)
 evr.dll -> C:\Windows\SysNative\evr.dll -> [2011/07/02 02:44:57 | 000,630,272 | ---- | C] (Microsoft Corporation)
 photowiz.dll -> C:\Windows\SysNative\photowiz.dll -> [2011/07/02 02:44:57 | 000,409,600 | ---- | C] (Microsoft Corporation)
 vpnike.dll -> C:\Windows\SysNative\vpnike.dll -> [2011/07/02 02:44:57 | 000,263,168 | ---- | C] (Microsoft Corporation)
 wintrust.dll -> C:\Windows\SysNative\wintrust.dll -> [2011/07/02 02:44:57 | 000,220,672 | ---- | C] (Microsoft Corporation)
 userenv.dll -> C:\Windows\SysNative\userenv.dll -> [2011/07/02 02:44:57 | 000,109,056 | ---- | C] (Microsoft Corporation)
 SyncCenter.dll -> C:\Windows\SysNative\SyncCenter.dll -> [2011/07/02 02:44:56 | 002,262,528 | ---- | C] (Microsoft Corporation)
 sppobjs.dll -> C:\Windows\SysNative\sppobjs.dll -> [2011/07/02 02:44:56 | 001,082,880 | ---- | C] (Microsoft Corporation)
 wmpmde.dll -> C:\Windows\SysNative\wmpmde.dll -> [2011/07/02 02:44:56 | 001,024,512 | ---- | C] (Microsoft Corporation)
 aepdu.dll -> C:\Windows\SysNative\aepdu.dll -> [2011/07/02 02:44:56 | 000,412,160 | ---- | C] (Microsoft Corporation)
 cmd.exe -> C:\Windows\SysWow64\cmd.exe -> [2011/07/02 02:44:56 | 000,302,592 | ---- | C] (Microsoft Corporation)
 AudioSes.dll -> C:\Windows\SysNative\AudioSes.dll -> [2011/07/02 02:44:56 | 000,296,448 | ---- | C] (Microsoft Corporation)
 framedyn.dll -> C:\Windows\SysNative\framedyn.dll -> [2011/07/02 02:44:56 | 000,279,040 | ---- | C] (Microsoft Corporation)
 WMPEncEn.dll -> C:\Windows\SysNative\WMPEncEn.dll -> [2011/07/02 02:44:55 | 002,072,576 | ---- | C] (Microsoft Corporation)
 wmpeffects.dll -> C:\Windows\SysNative\wmpeffects.dll -> [2011/07/02 02:44:55 | 000,605,696 | ---- | C] (Microsoft Corporation)
 win32spl.dll -> C:\Windows\SysWow64\win32spl.dll -> [2011/07/02 02:44:55 | 000,492,032 | ---- | C] (Microsoft Corporation)
 aeinv.dll -> C:\Windows\SysNative\aeinv.dll -> [2011/07/02 02:44:55 | 000,424,448 | ---- | C] (Microsoft Corporation)
 mfreadwrite.dll -> C:\Windows\SysNative\mfreadwrite.dll -> [2011/07/02 02:44:55 | 000,257,024 | ---- | C] (Microsoft Corporation)
 framedynos.dll -> C:\Windows\SysWow64\framedynos.dll -> [2011/07/02 02:44:55 | 000,206,336 | ---- | C] (Microsoft Corporation)
 fde.dll -> C:\Windows\SysNative\fde.dll -> [2011/07/02 02:44:55 | 000,171,520 | ---- | C] (Microsoft Corporation)
 localsec.dll -> C:\Windows\SysNative\localsec.dll -> [2011/07/02 02:44:54 | 000,551,936 | ---- | C] (Microsoft Corporation)
 imapi2.dll -> C:\Windows\SysNative\imapi2.dll -> [2011/07/02 02:44:54 | 000,503,296 | ---- | C] (Microsoft Corporation)
 WinSATAPI.dll -> C:\Windows\SysNative\WinSATAPI.dll -> [2011/07/02 02:44:54 | 000,501,248 | ---- | C] (Microsoft Corporation)
 netdiagfx.dll -> C:\Windows\SysNative\netdiagfx.dll -> [2011/07/02 02:44:54 | 000,324,096 | ---- | C] (Microsoft Corporation)
 bcryptprimitives.dll -> C:\Windows\SysNative\bcryptprimitives.dll -> [2011/07/02 02:44:54 | 000,298,104 | ---- | C] (Microsoft Corporation)
 mfds.dll -> C:\Windows\SysWow64\mfds.dll -> [2011/07/02 02:44:54 | 000,296,448 | ---- | C] (Microsoft Corporation)
 stobject.dll -> C:\Windows\SysNative\stobject.dll -> [2011/07/02 02:44:54 | 000,257,024 | ---- | C] (Microsoft Corporation)
 credui.dll -> C:\Windows\SysNative\credui.dll -> [2011/07/02 02:44:54 | 000,197,120 | ---- | C] (Microsoft Corporation)
 cdd.dll -> C:\Windows\SysNative\cdd.dll -> [2011/07/02 02:44:54 | 000,144,384 | ---- | C] (Microsoft Corporation)
 gameux.dll -> C:\Windows\SysNative\gameux.dll -> [2011/07/02 02:44:53 | 002,746,880 | ---- | C] (Microsoft Corporation)
 azroles.dll -> C:\Windows\SysWow64\azroles.dll -> [2011/07/02 02:44:53 | 000,762,880 | ---- | C] (Microsoft Corporation)
 biocpl.dll -> C:\Windows\SysNative\biocpl.dll -> [2011/07/02 02:44:53 | 000,504,320 | ---- | C] (Microsoft Corporation)
 msinfo32.exe -> C:\Windows\SysNative\msinfo32.exe -> [2011/07/02 02:44:53 | 000,378,880 | ---- | C] (Microsoft Corporation)
 tcpipcfg.dll -> C:\Windows\SysNative\tcpipcfg.dll -> [2011/07/02 02:44:53 | 000,253,440 | ---- | C] (Microsoft Corporation)
 spp.dll -> C:\Windows\SysNative\spp.dll -> [2011/07/02 02:44:53 | 000,244,224 | ---- | C] (Microsoft Corporation)
 QSHVHOST.DLL -> C:\Windows\SysNative\QSHVHOST.DLL -> [2011/07/02 02:44:53 | 000,223,232 | ---- | C] (Microsoft Corporation)
 inetpp.dll -> C:\Windows\SysNative\inetpp.dll -> [2011/07/02 02:44:53 | 000,166,912 | ---- | C] (Microsoft Corporation)
 netid.dll -> C:\Windows\SysNative\netid.dll -> [2011/07/02 02:44:53 | 000,165,376 | ---- | C] (Microsoft Corporation)
 ncsi.dll -> C:\Windows\SysWow64\ncsi.dll -> [2011/07/02 02:44:53 | 000,152,064 | ---- | C] (Microsoft Corporation)
 davclnt.dll -> C:\Windows\SysNative\davclnt.dll -> [2011/07/02 02:44:53 | 000,100,864 | ---- | C] (Microsoft Corporation)
 themeui.dll -> C:\Windows\SysWow64\themeui.dll -> [2011/07/02 02:44:52 | 002,755,072 | ---- | C] (Microsoft Corporation)
 printui.dll -> C:\Windows\SysNative\printui.dll -> [2011/07/02 02:44:52 | 001,050,624 | ---- | C] (Microsoft Corporation)
 mspbda.dll -> C:\Windows\SysNative\mspbda.dll -> [2011/07/02 02:44:52 | 000,571,904 | ---- | C] (Microsoft Corporation)
 conhost.exe -> C:\Windows\SysNative\conhost.exe -> [2011/07/02 02:44:52 | 000,337,920 | ---- | C] (Microsoft Corporation)
 scansetting.dll -> C:\Windows\SysNative\scansetting.dll -> [2011/07/02 02:44:52 | 000,303,616 | ---- | C] (Microsoft Corporation)
 credui.dll -> C:\Windows\SysWow64\credui.dll -> [2011/07/02 02:44:52 | 000,168,960 | ---- | C] (Microsoft Corporation)
 splwow64.exe -> C:\Windows\splwow64.exe -> [2011/07/02 02:44:52 | 000,067,072 | ---- | C] (Microsoft Corporation)
 dbghelp.dll -> C:\Windows\SysWow64\dbghelp.dll -> [2011/07/02 02:44:51 | 000,854,016 | ---- | C] (Microsoft Corporation)
 mscms.dll -> C:\Windows\SysNative\mscms.dll -> [2011/07/02 02:44:51 | 000,625,664 | ---- | C] (Microsoft Corporation)
 msdri.dll -> C:\Windows\SysNative\msdri.dll -> [2011/07/02 02:44:51 | 000,552,960 | ---- | C] (Microsoft Corporation)
 dxgi.dll -> C:\Windows\SysWow64\dxgi.dll -> [2011/07/02 02:44:51 | 000,508,416 | ---- | C] (Microsoft Corporation)
 PhotoScreensaver.scr -> C:\Windows\SysNative\PhotoScreensaver.scr -> [2011/07/02 02:44:51 | 000,477,696 | ---- | C] (Microsoft Corporation)
 wusa.exe -> C:\Windows\SysNative\wusa.exe -> [2011/07/02 02:44:51 | 000,307,200 | ---- | C] (Microsoft Corporation)
 mfreadwrite.dll -> C:\Windows\SysWow64\mfreadwrite.dll -> [2011/07/02 02:44:51 | 000,196,608 | ---- | C] (Microsoft Corporation)
 rpchttp.dll -> C:\Windows\SysNative\rpchttp.dll -> [2011/07/02 02:44:51 | 000,187,904 | ---- | C] (Microsoft Corporation)
 wintrust.dll -> C:\Windows\SysWow64\wintrust.dll -> [2011/07/02 02:44:51 | 000,172,032 | ---- | C] (Microsoft Corporation)
 IPHLPAPI.DLL -> C:\Windows\SysNative\IPHLPAPI.DLL -> [2011/07/02 02:44:51 | 000,145,920 | ---- | C] (Microsoft Corporation)
 basecsp.dll -> C:\Windows\SysWow64\basecsp.dll -> [2011/07/02 02:44:51 | 000,144,768 | ---- | C] (Microsoft Corporation)
 aitagent.exe -> C:\Windows\SysNative\aitagent.exe -> [2011/07/02 02:44:51 | 000,122,880 | ---- | C] (Microsoft Corporation)
 msi.dll -> C:\Windows\SysNative\msi.dll -> [2011/07/02 02:44:50 | 003,211,776 | ---- | C] (Microsoft Corporation)
 FirewallControlPanel.dll -> C:\Windows\SysNative\FirewallControlPanel.dll -> [2011/07/02 02:44:50 | 000,934,912 | ---- | C] (Microsoft Corporation)
 evr.dll -> C:\Windows\SysWow64\evr.dll -> [2011/07/02 02:44:50 | 000,488,448 | ---- | C] (Microsoft Corporation)
 winspool.drv -> C:\Windows\SysNative\winspool.drv -> [2011/07/02 02:44:50 | 000,442,368 | ---- | C] (Microsoft Corporation)
 wisptis.exe -> C:\Windows\SysNative\wisptis.exe -> [2011/07/02 02:44:50 | 000,405,504 | ---- | C] (Microsoft Corporation)
 taskcomp.dll -> C:\Windows\SysWow64\taskcomp.dll -> [2011/07/02 02:44:50 | 000,305,152 | ---- | C] (Microsoft Corporation)
 XpsRasterService.dll -> C:\Windows\SysNative\XpsRasterService.dll -> [2011/07/02 02:44:50 | 000,229,888 | ---- | C] (Microsoft Corporation)
 ocsetup.exe -> C:\Windows\SysNative\ocsetup.exe -> [2011/07/02 02:44:50 | 000,186,368 | ---- | C] (Microsoft Corporation)
 rdpcore.dll -> C:\Windows\SysNative\rdpcore.dll -> [2011/07/02 02:44:49 | 001,031,680 | ---- | C] (Microsoft Corporation)
 ci.dll -> C:\Windows\SysNative\ci.dll -> [2011/07/02 02:44:49 | 000,780,008 | ---- | C] (Microsoft Corporation)
 sqlsrv32.dll -> C:\Windows\SysWow64\sqlsrv32.dll -> [2011/07/02 02:44:49 | 000,778,240 | ---- | C] (Microsoft Corporation)
 calc.exe -> C:\Windows\SysWow64\calc.exe -> [2011/07/02 02:44:49 | 000,776,192 | ---- | C] (Microsoft Corporation)
 ntshrui.dll -> C:\Windows\SysNative\ntshrui.dll -> [2011/07/02 02:44:49 | 000,509,952 | ---- | C] (Microsoft Corporation)
 DXP.dll -> C:\Windows\SysNative\DXP.dll -> [2011/07/02 02:44:49 | 000,459,776 | ---- | C] (Microsoft Corporation)
 sppwinob.dll -> C:\Windows\SysNative\sppwinob.dll -> [2011/07/02 02:44:49 | 000,418,816 | ---- | C] (Microsoft Corporation)
 eapp3hst.dll -> C:\Windows\SysNative\eapp3hst.dll -> [2011/07/02 02:44:49 | 000,348,160 | ---- | C] (Microsoft Corporation)
 WinSATAPI.dll -> C:\Windows\SysWow64\WinSATAPI.dll -> [2011/07/02 02:44:49 | 000,335,872 | ---- | C] (Microsoft Corporation)
 mprapi.dll -> C:\Windows\SysNative\mprapi.dll -> [2011/07/02 02:44:49 | 000,221,184 | ---- | C] (Microsoft Corporation)
 ocsetapi.dll -> C:\Windows\SysNative\ocsetapi.dll -> [2011/07/02 02:44:49 | 000,161,792 | ---- | C] (Microsoft Corporation)
 eapphost.dll -> C:\Windows\SysNative\eapphost.dll -> [2011/07/02 02:44:48 | 000,303,616 | ---- | C] (Microsoft Corporation)
 upnp.dll -> C:\Windows\SysNative\upnp.dll -> [2011/07/02 02:44:48 | 000,264,192 | ---- | C] (Microsoft Corporation)
 Robocopy.exe -> C:\Windows\SysNative\Robocopy.exe -> [2011/07/02 02:44:48 | 000,128,000 | ---- | C] (Microsoft)
 UIRibbon.dll -> C:\Windows\SysWow64\UIRibbon.dll -> [2011/07/02 02:44:47 | 002,983,424 | ---- | C] (Microsoft Corporation)
 netshell.dll -> C:\Windows\SysWow64\netshell.dll -> [2011/07/02 02:44:47 | 002,494,464 | ---- | C] (Microsoft Corporation)
 DxpTaskSync.dll -> C:\Windows\SysNative\DxpTaskSync.dll -> [2011/07/02 02:44:47 | 001,457,664 | ---- | C] (Microsoft Corporation)
 MSMPEG2ENC.DLL -> C:\Windows\SysNative\MSMPEG2ENC.DLL -> [2011/07/02 02:44:47 | 001,160,192 | ---- | C] (Microsoft Corporation)
 mmsys.cpl -> C:\Windows\SysNative\mmsys.cpl -> [2011/07/02 02:44:47 | 000,850,944 | ---- | C] (Microsoft Corporation)
 PerfCenterCPL.dll -> C:\Windows\SysNative\PerfCenterCPL.dll -> [2011/07/02 02:44:47 | 000,658,432 | ---- | C] (Microsoft Corporation)
 hal.dll -> C:\Windows\SysNative\hal.dll -> [2011/07/02 02:44:47 | 000,263,040 | ---- | C] (Microsoft Corporation)
 scecli.dll -> C:\Windows\SysNative\scecli.dll -> [2011/07/02 02:44:47 | 000,232,960 | ---- | C] (Microsoft Corporation)
 ie4uinit.exe -> C:\Windows\SysWow64\ie4uinit.exe -> [2011/07/02 02:44:47 | 000,176,128 | ---- | C] (Microsoft Corporation)
 t2embed.dll -> C:\Windows\SysNative\t2embed.dll -> [2011/07/02 02:44:47 | 000,148,992 | ---- | C] (Microsoft Corporation)
 dwmredir.dll -> C:\Windows\SysNative\dwmredir.dll -> [2011/07/02 02:44:47 | 000,128,512 | ---- | C] (Microsoft Corporation)
 thumbcache.dll -> C:\Windows\SysNative\thumbcache.dll -> [2011/07/02 02:44:47 | 000,112,640 | ---- | C] (Microsoft Corporation)
 HpSAMD.sys -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2011/07/02 02:44:47 | 000,078,720 | ---- | C] (Hewlett-Packard Company)
 themeui.dll -> C:\Windows\SysNative\themeui.dll -> [2011/07/02 02:44:46 | 002,851,840 | ---- | C] (Microsoft Corporation)
 puiobj.dll -> C:\Windows\SysNative\puiobj.dll -> [2011/07/02 02:44:46 | 000,429,568 | ---- | C] (Microsoft Corporation)
 onex.dll -> C:\Windows\SysNative\onex.dll -> [2011/07/02 02:44:46 | 000,235,520 | ---- | C] (Microsoft Corporation)
 Classpnp.sys -> C:\Windows\SysNative\drivers\Classpnp.sys -> [2011/07/02 02:44:46 | 000,179,072 | ---- | C] (Microsoft Corporation)
 sspicli.dll -> C:\Windows\SysNative\sspicli.dll -> [2011/07/02 02:44:46 | 000,136,192 | ---- | C] (Microsoft Corporation)
 prncache.dll -> C:\Windows\SysWow64\prncache.dll -> [2011/07/02 02:44:46 | 000,116,736 | ---- | C] (Microsoft Corporation)
 msasn1.dll -> C:\Windows\SysNative\msasn1.dll -> [2011/07/02 02:44:46 | 000,046,592 | ---- | C] (Microsoft Corporation)
 msi.dll -> C:\Windows\SysWow64\msi.dll -> [2011/07/02 02:44:45 | 002,341,376 | ---- | C] (Microsoft Corporation)
 wdc.dll -> C:\Windows\SysNative\wdc.dll -> [2011/07/02 02:44:45 | 001,363,968 | ---- | C] (Microsoft Corporation)
 printui.dll -> C:\Windows\SysWow64\printui.dll -> [2011/07/02 02:44:45 | 000,932,352 | ---- | C] (Microsoft Corporation)
 DXPTaskRingtone.dll -> C:\Windows\SysNative\DXPTaskRingtone.dll -> [2011/07/02 02:44:45 | 000,675,328 | ---- | C] (Microsoft Corporation)
 wmpeffects.dll -> C:\Windows\SysWow64\wmpeffects.dll -> [2011/07/02 02:44:45 | 000,352,256 | ---- | C] (Microsoft Corporation)
 wow64.dll -> C:\Windows\SysNative\wow64.dll -> [2011/07/02 02:44:45 | 000,243,200 | ---- | C] (Microsoft Corporation)
 aaclient.dll -> C:\Windows\SysNative\aaclient.dll -> [2011/07/02 02:44:45 | 000,158,720 | ---- | C] (Microsoft Corporation)
 net1.exe -> C:\Windows\SysWow64\net1.exe -> [2011/07/02 02:44:45 | 000,142,336 | ---- | C] (Microsoft Corporation)
 rpchttp.dll -> C:\Windows\SysWow64\rpchttp.dll -> [2011/07/02 02:44:45 | 000,139,264 | ---- | C] (Microsoft Corporation)
 netcenter.dll -> C:\Windows\SysNative\netcenter.dll -> [2011/07/02 02:44:44 | 001,689,600 | ---- | C] (Microsoft Corporation)
 sdengin2.dll -> C:\Windows\SysNative\sdengin2.dll -> [2011/07/02 02:44:44 | 001,120,768 | ---- | C] (Microsoft Corporation)
 msftedit.dll -> C:\Windows\SysNative\msftedit.dll -> [2011/07/02 02:44:44 | 000,799,744 | ---- | C] (Microsoft Corporation)
 VAN.dll -> C:\Windows\SysNative\VAN.dll -> [2011/07/02 02:44:44 | 000,691,200 | ---- | C] (Microsoft Corporation)
 StructuredQuery.dll -> C:\Windows\SysNative\StructuredQuery.dll -> [2011/07/02 02:44:44 | 000,483,840 | ---- | C] (Microsoft Corporation)
 wlangpui.dll -> C:\Windows\SysNative\wlangpui.dll -> [2011/07/02 02:44:44 | 000,475,136 | ---- | C] (Microsoft Corporation)
 wiadefui.dll -> C:\Windows\SysNative\wiadefui.dll -> [2011/07/02 02:44:44 | 000,462,336 | ---- | C] (Microsoft Corporation)
 scesrv.dll -> C:\Windows\SysNative\scesrv.dll -> [2011/07/02 02:44:44 | 000,406,016 | ---- | C] (Microsoft Corporation)
 scansetting.dll -> C:\Windows\SysWow64\scansetting.dll -> [2011/07/02 02:44:44 | 000,246,272 | ---- | C] (Microsoft Corporation)
 dskquoui.dll -> C:\Windows\SysNative\dskquoui.dll -> [2011/07/02 02:44:44 | 000,239,616 | ---- | C] (Microsoft Corporation)
 wucltux.dll -> C:\Windows\SysNative\wucltux.dll -> [2011/07/02 02:44:43 | 002,621,952 | ---- | C] (Microsoft Corporation)
 WMVCORE.DLL -> C:\Windows\SysWow64\WMVCORE.DLL -> [2011/07/02 02:44:43 | 002,504,192 | ---- | C] (Microsoft Corporation)
 wpdshext.dll -> C:\Windows\SysWow64\wpdshext.dll -> [2011/07/02 02:44:43 | 002,311,168 | ---- | C] (Microsoft Corporation)
 pnidui.dll -> C:\Windows\SysWow64\pnidui.dll -> [2011/07/02 02:44:43 | 001,750,528 | ---- | C] (Microsoft Corporation)
 webservices.dll -> C:\Windows\SysWow64\webservices.dll -> [2011/07/02 02:44:43 | 000,782,336 | ---- | C] (Microsoft Corporation)
 timedate.cpl -> C:\Windows\SysNative\timedate.cpl -> [2011/07/02 02:44:43 | 000,515,584 | ---- | C] (Microsoft Corporation)
 wlangpui.dll -> C:\Windows\SysWow64\wlangpui.dll -> [2011/07/02 02:44:43 | 000,411,648 | ---- | C] (Microsoft Corporation)
 srchadmin.dll -> C:\Windows\SysNative\srchadmin.dll -> [2011/07/02 02:44:43 | 000,340,992 | ---- | C] (Microsoft Corporation)
 SndVol.exe -> C:\Windows\SysNative\SndVol.exe -> [2011/07/02 02:44:43 | 000,273,920 | ---- | C] (Microsoft Corporation)
 MMDevAPI.dll -> C:\Windows\SysWow64\MMDevAPI.dll -> [2011/07/02 02:44:43 | 000,213,504 | ---- | C] (Microsoft Corporation)
 QSHVHOST.DLL -> C:\Windows\SysWow64\QSHVHOST.DLL -> [2011/07/02 02:44:43 | 000,167,936 | ---- | C] (Microsoft Corporation)
 aaclient.dll -> C:\Windows\SysWow64\aaclient.dll -> [2011/07/02 02:44:43 | 000,131,584 | ---- | C] (Microsoft Corporation)
 consent.exe -> C:\Windows\SysNative\consent.exe -> [2011/07/02 02:44:43 | 000,112,000 | ---- | C] (Microsoft Corporation)
 t2embed.dll -> C:\Windows\SysWow64\t2embed.dll -> [2011/07/02 02:44:43 | 000,109,056 | ---- | C] (Microsoft Corporation)
 QUTIL.DLL -> C:\Windows\SysNative\QUTIL.DLL -> [2011/07/02 02:44:43 | 000,107,520 | ---- | C] (Microsoft Corporation)
 regapi.dll -> C:\Windows\SysNative\regapi.dll -> [2011/07/02 02:44:43 | 000,095,232 | ---- | C] (Microsoft Corporation)
 davclnt.dll -> C:\Windows\SysWow64\davclnt.dll -> [2011/07/02 02:44:43 | 000,080,384 | ---- | C] (Microsoft Corporation)
 samcli.dll -> C:\Windows\SysNative\samcli.dll -> [2011/07/02 02:44:43 | 000,067,584 | ---- | C] (Microsoft Corporation)
 wscapi.dll -> C:\Windows\SysNative\wscapi.dll -> [2011/07/02 02:44:43 | 000,063,488 | ---- | C] (Microsoft Corporation)
 SyncCenter.dll -> C:\Windows\SysWow64\SyncCenter.dll -> [2011/07/02 02:44:42 | 002,146,304 | ---- | C] (Microsoft Corporation)
 appwiz.cpl -> C:\Windows\SysNative\appwiz.cpl -> [2011/07/02 02:44:42 | 000,726,528 | ---- | C] (Microsoft Corporation)
 TabletPC.cpl -> C:\Windows\SysNative\TabletPC.cpl -> [2011/07/02 02:44:42 | 000,684,032 | ---- | C] (Microsoft Corporation)
 wuapi.dll -> C:\Windows\SysWow64\wuapi.dll -> [2011/07/02 02:44:42 | 000,560,128 | ---- | C] (Microsoft Corporation)
 rastls.dll -> C:\Windows\SysNative\rastls.dll -> [2011/07/02 02:44:42 | 000,424,448 | ---- | C] (Microsoft Corporation)
 wksprt.exe -> C:\Windows\SysNative\wksprt.exe -> [2011/07/02 02:44:42 | 000,248,832 | ---- | C] (Microsoft Corporation)
 netdiagfx.dll -> C:\Windows\SysWow64\netdiagfx.dll -> [2011/07/02 02:44:42 | 000,225,792 | ---- | C] (Microsoft Corporation)
 fde.dll -> C:\Windows\SysWow64\fde.dll -> [2011/07/02 02:44:42 | 000,124,416 | ---- | C] (Microsoft Corporation)
 setupcl.exe -> C:\Windows\SysNative\setupcl.exe -> [2011/07/02 02:44:42 | 000,088,576 | ---- | C] (Microsoft Corporation)
 taskhost.exe -> C:\Windows\SysNative\taskhost.exe -> [2011/07/02 02:44:42 | 000,069,120 | ---- | C] (Microsoft Corporation)
 wscapi.dll -> C:\Windows\SysWow64\wscapi.dll -> [2011/07/02 02:44:42 | 000,051,712 | ---- | C] (Microsoft Corporation)
 MSMPEG2ENC.DLL -> C:\Windows\SysWow64\MSMPEG2ENC.DLL -> [2011/07/02 02:44:41 | 000,830,464 | ---- | C] (Microsoft Corporation)
 rdpcore.dll -> C:\Windows\SysWow64\rdpcore.dll -> [2011/07/02 02:44:41 | 000,826,368 | ---- | C] (Microsoft Corporation)
 AuxiliaryDisplayCpl.dll -> C:\Windows\SysNative\AuxiliaryDisplayCpl.dll -> [2011/07/02 02:44:41 | 000,726,528 | ---- | C] (Microsoft Corporation)
 hgcpl.dll -> C:\Windows\SysNative\hgcpl.dll -> [2011/07/02 02:44:41 | 000,332,288 | ---- | C] (Microsoft Corporation)
 clusapi.dll -> C:\Windows\SysNative\clusapi.dll -> [2011/07/02 02:44:41 | 000,314,368 | ---- | C] (Microsoft Corporation)
 msconfig.exe -> C:\Windows\SysNative\msconfig.exe -> [2011/07/02 02:44:41 | 000,300,032 | ---- | C] (Microsoft Corporation)
 netiohlp.dll -> C:\Windows\SysNative\netiohlp.dll -> [2011/07/02 02:44:41 | 000,215,552 | ---- | C] (Microsoft Corporation)
 basecsp.dll -> C:\Windows\SysNative\basecsp.dll -> [2011/07/02 02:44:41 | 000,166,784 | ---- | C] (Microsoft Corporation)
 winsta.dll -> C:\Windows\SysWow64\winsta.dll -> [2011/07/02 02:44:41 | 000,156,672 | ---- | C] (Microsoft Corporation)
 WinSCard.dll -> C:\Windows\SysWow64\WinSCard.dll -> [2011/07/02 02:44:41 | 000,134,656 | ---- | C] (Microsoft Corporation)
 fdeploy.dll -> C:\Windows\SysNative\fdeploy.dll -> [2011/07/02 02:44:41 | 000,072,192 | ---- | C] (Microsoft Corporation)
 lsmproxy.dll -> C:\Windows\SysNative\lsmproxy.dll -> [2011/07/02 02:44:41 | 000,050,176 | ---- | C] (Microsoft Corporation)
 mimefilt.dll -> C:\Windows\SysNative\mimefilt.dll -> [2011/07/02 02:44:41 | 000,041,472 | ---- | C] (Microsoft Corporation)
 gameux.dll -> C:\Windows\SysWow64\gameux.dll -> [2011/07/02 02:44:40 | 002,576,384 | ---- | C] (Microsoft Corporation)
 inetcpl.cpl -> C:\Windows\SysNative\inetcpl.cpl -> [2011/07/02 02:44:40 | 001,538,560 | ---- | C] (Microsoft Corporation)
 riched20.dll -> C:\Windows\SysNative\riched20.dll -> [2011/07/02 02:44:40 | 000,633,344 | ---- | C] (Microsoft Corporation)
 DXPTaskRingtone.dll -> C:\Windows\SysWow64\DXPTaskRingtone.dll -> [2011/07/02 02:44:40 | 000,630,784 | ---- | C] (Microsoft Corporation)
 imapi2.dll -> C:\Windows\SysWow64\imapi2.dll -> [2011/07/02 02:44:40 | 000,392,192 | ---- | C] (Microsoft Corporation)
 mtxclu.dll -> C:\Windows\SysNative\mtxclu.dll -> [2011/07/02 02:44:40 | 000,372,736 | ---- | C] (Microsoft Corporation)
 iepeers.dll -> C:\Windows\SysWow64\iepeers.dll -> [2011/07/02 02:44:40 | 000,186,368 | ---- | C] (Microsoft Corporation)
 dnscmmc.dll -> C:\Windows\SysNative\dnscmmc.dll -> [2011/07/02 02:44:40 | 000,118,272 | ---- | C] (Microsoft Corporation)
 TsUsbGDCoInstaller.dll -> C:\Windows\SysNative\TsUsbGDCoInstaller.dll -> [2011/07/02 02:44:40 | 000,040,960 | ---- | C] (Microsoft Corporation)
 SensorsCpl.dll -> C:\Windows\SysNative\SensorsCpl.dll -> [2011/07/02 02:44:39 | 002,250,752 | ---- | C] (Microsoft Corporation)
 themecpl.dll -> C:\Windows\SysNative\themecpl.dll -> [2011/07/02 02:44:39 | 002,193,920 | ---- | C] (Microsoft Corporation)
 WMPEncEn.dll -> C:\Windows\SysWow64\WMPEncEn.dll -> [2011/07/02 02:44:39 | 001,624,064 | ---- | C] (Microsoft Corporation)
 Narrator.exe -> C:\Windows\SysNative\Narrator.exe -> [2011/07/02 02:44:39 | 001,077,248 | ---- | C] (Microsoft Corporation)
 autochk.exe -> C:\Windows\SysWow64\autochk.exe -> [2011/07/02 02:44:39 | 000,668,160 | ---- | C] (Microsoft Corporation)
 autofmt.exe -> C:\Windows\SysWow64\autofmt.exe -> [2011/07/02 02:44:39 | 000,658,944 | ---- | C] (Microsoft Corporation)
 powercpl.dll -> C:\Windows\SysNative\powercpl.dll -> [2011/07/02 02:44:39 | 000,486,400 | ---- | C] (Microsoft Corporation)
 eudcedit.exe -> C:\Windows\SysNative\eudcedit.exe -> [2011/07/02 02:44:39 | 000,359,936 | ---- | C] (Microsoft Corporation)
 sharemediacpl.dll -> C:\Windows\SysNative\sharemediacpl.dll -> [2011/07/02 02:44:39 | 000,357,888 | ---- | C] (Microsoft Corporation)
 Faultrep.dll -> C:\Windows\SysNative\Faultrep.dll -> [2011/07/02 02:44:39 | 000,355,328 | ---- | C] (Microsoft Corporation)
 onex.dll -> C:\Windows\SysWow64\onex.dll -> [2011/07/02 02:44:39 | 000,199,168 | ---- | C] (Microsoft Corporation)
 netjoin.dll -> C:\Windows\SysNative\netjoin.dll -> [2011/07/02 02:44:39 | 000,188,928 | ---- | C] (Microsoft Corporation)
 logoncli.dll -> C:\Windows\SysNative\logoncli.dll -> [2011/07/02 02:44:39 | 000,186,880 | ---- | C] (Microsoft Corporation)
 netiohlp.dll -> C:\Windows\SysWow64\netiohlp.dll -> [2011/07/02 02:44:39 | 000,166,400 | ---- | C] (Microsoft Corporation)
 nci.dll -> C:\Windows\SysNative\nci.dll -> [2011/07/02 02:44:39 | 000,090,112 | ---- | C] (Microsoft Corporation)
 hbaapi.dll -> C:\Windows\SysWow64\hbaapi.dll -> [2011/07/02 02:44:39 | 000,066,560 | ---- | C] (Microsoft Corporation)
 RpcRtRemote.dll -> C:\Windows\SysNative\RpcRtRemote.dll -> [2011/07/02 02:44:39 | 000,065,536 | ---- | C] (Microsoft Corporation)
 licmgr10.dll -> C:\Windows\SysNative\licmgr10.dll -> [2011/07/02 02:44:39 | 000,057,856 | ---- | C] (Microsoft Corporation)
 autoconv.exe -> C:\Windows\SysNative\autoconv.exe -> [2011/07/02 02:44:38 | 000,793,088 | ---- | C] (Microsoft Corporation)
 autochk.exe -> C:\Windows\SysNative\autochk.exe -> [2011/07/02 02:44:38 | 000,777,728 | ---- | C] (Microsoft Corporation)
 autofmt.exe -> C:\Windows\SysNative\autofmt.exe -> [2011/07/02 02:44:38 | 000,763,904 | ---- | C] (Microsoft Corporation)
 autoconv.exe -> C:\Windows\SysWow64\autoconv.exe -> [2011/07/02 02:44:38 | 000,679,424 | ---- | C] (Microsoft Corporation)
 comctl32.dll -> C:\Windows\SysNative\comctl32.dll -> [2011/07/02 02:44:38 | 000,633,856 | ---- | C] (Microsoft Corporation)
 ipsmsnap.dll -> C:\Windows\SysWow64\ipsmsnap.dll -> [2011/07/02 02:44:38 | 000,400,896 | ---- | C] (Microsoft Corporation)
 msinfo32.exe -> C:\Windows\SysWow64\msinfo32.exe -> [2011/07/02 02:44:38 | 000,303,104 | ---- | C] (Microsoft Corporation)
 sppcomapi.dll -> C:\Windows\SysNative\sppcomapi.dll -> [2011/07/02 02:44:38 | 000,232,448 | ---- | C] (Microsoft Corporation)
 AudioSes.dll -> C:\Windows\SysWow64\AudioSes.dll -> [2011/07/02 02:44:38 | 000,195,584 | ---- | C] (Microsoft Corporation)
 msutb.dll -> C:\Windows\SysWow64\msutb.dll -> [2011/07/02 02:44:38 | 000,167,936 | ---- | C] (Microsoft Corporation)
 cabview.dll -> C:\Windows\SysNative\cabview.dll -> [2011/07/02 02:44:38 | 000,139,264 | ---- | C] (Microsoft Corporation)
 IPHLPAPI.DLL -> C:\Windows\SysWow64\IPHLPAPI.DLL -> [2011/07/02 02:44:38 | 000,103,936 | ---- | C] (Microsoft Corporation)
 regapi.dll -> C:\Windows\SysWow64\regapi.dll -> [2011/07/02 02:44:38 | 000,072,192 | ---- | C] (Microsoft Corporation)
 mimefilt.dll -> C:\Windows\SysWow64\mimefilt.dll -> [2011/07/02 02:44:38 | 000,042,496 | ---- | C] (Microsoft Corporation)
 vpnikeapi.dll -> C:\Windows\SysNative\vpnikeapi.dll -> [2011/07/02 02:44:38 | 000,038,912 | ---- | C] (Microsoft Corporation)
 proquota.exe -> C:\Windows\SysWow64\proquota.exe -> [2011/07/02 02:44:38 | 000,028,672 | ---- | C] (Microsoft Corporation)
 inetcpl.cpl -> C:\Windows\SysWow64\inetcpl.cpl -> [2011/07/02 02:44:37 | 001,466,368 | ---- | C] (Microsoft Corporation)
 sdclt.exe -> C:\Windows\SysNative\sdclt.exe -> [2011/07/02 02:44:37 | 001,264,640 | ---- | C] (Microsoft Corporation)
 mmsys.cpl -> C:\Windows\SysWow64\mmsys.cpl -> [2011/07/02 02:44:37 | 000,905,216 | ---- | C] (Microsoft Corporation)
 fontext.dll -> C:\Windows\SysNative\fontext.dll -> [2011/07/02 02:44:37 | 000,861,184 | ---- | C] (Microsoft Corporation)
 AuxiliaryDisplayCpl.dll -> C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll -> [2011/07/02 02:44:37 | 000,665,600 | ---- | C] (Microsoft Corporation)
 wpd_ci.dll -> C:\Windows\SysNative\wpd_ci.dll -> [2011/07/02 02:44:37 | 000,611,840 | ---- | C] (Microsoft Corporation)
 timedate.cpl -> C:\Windows\SysWow64\timedate.cpl -> [2011/07/02 02:44:37 | 000,478,720 | ---- | C] (Microsoft Corporation)
 nshipsec.dll -> C:\Windows\SysNative\nshipsec.dll -> [2011/07/02 02:44:37 | 000,455,168 | ---- | C] (Microsoft Corporation)
 powercpl.dll -> C:\Windows\SysWow64\powercpl.dll -> [2011/07/02 02:44:37 | 000,441,856 | ---- | C] (Microsoft Corporation)
 wlanui.dll -> C:\Windows\SysNative\wlanui.dll -> [2011/07/02 02:44:37 | 000,414,208 | ---- | C] (Microsoft Corporation)
 msihnd.dll -> C:\Windows\SysWow64\msihnd.dll -> [2011/07/02 02:44:37 | 000,337,408 | ---- | C] (Microsoft Corporation)
 srchadmin.dll -> C:\Windows\SysWow64\srchadmin.dll -> [2011/07/02 02:44:37 | 000,301,568 | ---- | C] (Microsoft Corporation)
 wwanconn.dll -> C:\Windows\SysNative\wwanconn.dll -> [2011/07/02 02:44:37 | 000,222,720 | ---- | C] (Microsoft Corporation)
 eapphost.dll -> C:\Windows\SysWow64\eapphost.dll -> [2011/07/02 02:44:37 | 000,222,208 | ---- | C] (Microsoft Corporation)
 framedyn.dll -> C:\Windows\SysWow64\framedyn.dll -> [2011/07/02 02:44:37 | 000,202,752 | ---- | C] (Microsoft Corporation)
 tcpipcfg.dll -> C:\Windows\SysWow64\tcpipcfg.dll -> [2011/07/02 02:44:37 | 000,181,760 | ---- | C] (Microsoft Corporation)
 schtasks.exe -> C:\Windows\SysWow64\schtasks.exe -> [2011/07/02 02:44:37 | 000,179,712 | ---- | C] (Microsoft Corporation)
 QAGENT.DLL -> C:\Windows\SysWow64\QAGENT.DLL -> [2011/07/02 02:44:37 | 000,171,520 | ---- | C] (Microsoft Corporation)
 scsiport.sys -> C:\Windows\SysNative\drivers\scsiport.sys -> [2011/07/02 02:44:37 | 000,171,392 | ---- | C] (Microsoft Corporation)
 bcdsrv.dll -> C:\Windows\SysNative\bcdsrv.dll -> [2011/07/02 02:44:37 | 000,168,448 | ---- | C] (Microsoft Corporation)
 prntvpt.dll -> C:\Windows\SysNative\prntvpt.dll -> [2011/07/02 02:44:37 | 000,156,160 | ---- | C] (Microsoft Corporation)
 mscorier.dll -> C:\Windows\SysWow64\mscorier.dll -> [2011/07/02 02:44:37 | 000,155,472 | ---- | C] (Microsoft Corporation)
 mscorier.dll -> C:\Windows\SysNative\mscorier.dll -> [2011/07/02 02:44:37 | 000,154,960 | ---- | C] (Microsoft Corporation)
 shsetup.dll -> C:\Windows\SysNative\shsetup.dll -> [2011/07/02 02:44:37 | 000,130,048 | ---- | C] (Microsoft Corporation)
 audiodg.exe -> C:\Windows\SysNative\audiodg.exe -> [2011/07/02 02:44:37 | 000,126,464 | ---- | C] (Microsoft Corporation)
 fms.dll -> C:\Windows\SysNative\fms.dll -> [2011/07/02 02:44:37 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider)
 wdc.dll -> C:\Windows\SysWow64\wdc.dll -> [2011/07/02 02:44:36 | 001,227,776 | ---- | C] (Microsoft Corporation)
 Display.dll -> C:\Windows\SysNative\Display.dll -> [2011/07/02 02:44:36 | 001,066,496 | ---- | C] (Microsoft Corporation)
 mblctr.exe -> C:\Windows\SysNative\mblctr.exe -> [2011/07/02 02:44:36 | 000,957,440 | ---- | C] (Microsoft Corporation)
 batmeter.dll -> C:\Windows\SysNative\batmeter.dll -> [2011/07/02 02:44:36 | 000,749,568 | ---- | C] (Microsoft Corporation)
 qedit.dll -> C:\Windows\SysNative\qedit.dll -> [2011/07/02 02:44:36 | 000,624,128 | ---- | C] (Microsoft Corporation)
 scesrv.dll -> C:\Windows\SysWow64\scesrv.dll -> [2011/07/02 02:44:36 | 000,307,712 | ---- | C] (Microsoft Corporation)
 wmpsrcwp.dll -> C:\Windows\SysNative\wmpsrcwp.dll -> [2011/07/02 02:44:36 | 000,223,232 | ---- | C] (Microsoft Corporation)
 mprddm.dll -> C:\Windows\SysNative\mprddm.dll -> [2011/07/02 02:44:36 | 000,211,456 | ---- | C] (Microsoft Corporation)
 MSNP.ax -> C:\Windows\SysWow64\MSNP.ax -> [2011/07/02 02:44:36 | 000,204,288 | ---- | C] (Microsoft Corporation)
 netid.dll -> C:\Windows\SysWow64\netid.dll -> [2011/07/02 02:44:36 | 000,117,248 | ---- | C] (Microsoft Corporation)
 hidclass.sys -> C:\Windows\SysNative\drivers\hidclass.sys -> [2011/07/02 02:44:36 | 000,076,800 | ---- | C] (Microsoft Corporation)
 bootres.dll -> C:\Windows\SysNative\bootres.dll -> [2011/07/02 02:44:35 | 002,217,856 | ---- | C] (Microsoft Corporation)
 wlanpref.dll -> C:\Windows\SysWow64\wlanpref.dll -> [2011/07/02 02:44:35 | 001,326,592 | ---- | C] (Microsoft Corporation)
 DiagCpl.dll -> C:\Windows\SysNative\DiagCpl.dll -> [2011/07/02 02:44:35 | 001,202,176 | ---- | C] (Microsoft Corporation)
 WMNetMgr.dll -> C:\Windows\SysWow64\WMNetMgr.dll -> [2011/07/02 02:44:35 | 001,003,008 | ---- | C] (Microsoft Corporation)
 Vault.dll -> C:\Windows\SysWow64\Vault.dll -> [2011/07/02 02:44:35 | 000,933,376 | ---- | C] (Microsoft Corporation)
 usercpl.dll -> C:\Windows\SysNative\usercpl.dll -> [2011/07/02 02:44:35 | 000,625,664 | ---- | C] (Microsoft Corporation)
 MCEWMDRMNDBootstrap.dll -> C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll -> [2011/07/02 02:44:35 | 000,433,512 | ---- | C] (Microsoft Corporation)
 rastls.dll -> C:\Windows\SysWow64\rastls.dll -> [2011/07/02 02:44:35 | 000,372,224 | ---- | C] (Microsoft Corporation)
 untfs.dll -> C:\Windows\SysWow64\untfs.dll -> [2011/07/02 02:44:35 | 000,346,624 | ---- | C] (Microsoft Corporation)
 Robocopy.exe -> C:\Windows\SysWow64\Robocopy.exe -> [2011/07/02 02:44:35 | 000,098,816 | ---- | C] (Microsoft)
 WSTPager.ax -> C:\Windows\SysNative\WSTPager.ax -> [2011/07/02 02:44:35 | 000,098,304 | ---- | C] (Microsoft Corporation)
 nci.dll -> C:\Windows\SysWow64\nci.dll -> [2011/07/02 02:44:35 | 000,078,848 | ---- | C] (Microsoft Corporation)
 rtutils.dll -> C:\Windows\SysNative\rtutils.dll -> [2011/07/02 02:44:35 | 000,052,224 | ---- | C] (Microsoft Corporation)
 licmgr10.dll -> C:\Windows\SysWow64\licmgr10.dll -> [2011/07/02 02:44:35 | 000,044,544 | ---- | C] (Microsoft Corporation)
 wpccpl.dll -> C:\Windows\SysNative\wpccpl.dll -> [2011/07/02 02:44:34 | 000,812,032 | ---- | C] (Microsoft Corporation)
 ksproxy.ax -> C:\Windows\SysNative\ksproxy.ax -> [2011/07/02 02:44:34 | 000,250,880 | ---- | C] (Microsoft Corporation)
 DxpTaskSync.dll -> C:\Windows\SysWow64\DxpTaskSync.dll -> [2011/07/02 02:44:33 | 001,400,320 | ---- | C] (Microsoft Corporation)
 Display.dll -> C:\Windows\SysWow64\Display.dll -> [2011/07/02 02:44:33 | 001,040,384 | ---- | C] (Microsoft Corporation)
 prnfldr.dll -> C:\Windows\SysNative\prnfldr.dll -> [2011/07/02 02:44:33 | 000,416,256 | ---- | C] (Microsoft Corporation)
 puiobj.dll -> C:\Windows\SysWow64\puiobj.dll -> [2011/07/02 02:44:33 | 000,324,608 | ---- | C] (Microsoft Corporation)
 mtxclu.dll -> C:\Windows\SysWow64\mtxclu.dll -> [2011/07/02 02:44:33 | 000,320,512 | ---- | C] (Microsoft Corporation)
 dxdiagn.dll -> C:\Windows\SysNative\dxdiagn.dll -> [2011/07/02 02:44:33 | 000,279,552 | ---- | C] (Microsoft Corporation)
 taskmgr.exe -> C:\Windows\SysNative\taskmgr.exe -> [2011/07/02 02:44:33 | 000,257,024 | ---- | C] (Microsoft Corporation)
 taskmgr.exe -> C:\Windows\SysWow64\taskmgr.exe -> [2011/07/02 02:44:33 | 000,227,328 | ---- | C] (Microsoft Corporation)
 SndVolSSO.dll -> C:\Windows\SysNative\SndVolSSO.dll -> [2011/07/02 02:44:33 | 000,225,280 | ---- | C] (Microsoft Corporation)
 rasppp.dll -> C:\Windows\SysNative\rasppp.dll -> [2011/07/02 02:44:33 | 000,211,456 | ---- | C] (Microsoft Corporation)
 shdocvw.dll -> C:\Windows\SysNative\shdocvw.dll -> [2011/07/02 02:44:33 | 000,196,608 | ---- | C] (Microsoft Corporation)
 XpsRasterService.dll -> C:\Windows\SysWow64\XpsRasterService.dll -> [2011/07/02 02:44:33 | 000,135,168 | ---- | C] (Microsoft Corporation)
 hbaapi.dll -> C:\Windows\SysNative\hbaapi.dll -> [2011/07/02 02:44:33 | 000,078,848 | ---- | C] (Microsoft Corporation)
 dot3cfg.dll -> C:\Windows\SysNative\dot3cfg.dll -> [2011/07/02 02:44:33 | 000,069,120 | ---- | C] (Microsoft Corporation)
 termmgr.dll -> C:\Windows\SysWow64\termmgr.dll -> [2011/07/02 02:44:32 | 000,352,768 | ---- | C] (Microsoft Corporation)
 pdh.dll -> C:\Windows\SysNative\pdh.dll -> [2011/07/02 02:44:32 | 000,300,032 | ---- | C] (Microsoft Corporation)
 eudcedit.exe -> C:\Windows\SysWow64\eudcedit.exe -> [2011/07/02 02:44:32 | 000,288,256 | ---- | C] (Microsoft Corporation)
 MSAC3ENC.DLL -> C:\Windows\SysNative\MSAC3ENC.DLL -> [2011/07/02 02:44:32 | 000,268,288 | ---- | C] (Microsoft Corporation)
 ataport.sys -> C:\Windows\SysNative\drivers\ataport.sys -> [2011/07/02 02:44:32 | 000,155,520 | ---- | C] (Microsoft Corporation)
 WPDShServiceObj.dll -> C:\Windows\SysNative\WPDShServiceObj.dll -> [2011/07/02 02:44:32 | 000,115,200 | ---- | C] (Microsoft Corporation)
 proquota.exe -> C:\Windows\SysNative\proquota.exe -> [2011/07/02 02:44:32 | 000,031,744 | ---- | C] (Microsoft Corporation)
 accessibilitycpl.dll -> C:\Windows\SysNative\accessibilitycpl.dll -> [2011/07/02 02:44:31 | 003,745,792 | ---- | C] (Microsoft Corporation)
 SensorsCpl.dll -> C:\Windows\SysWow64\SensorsCpl.dll -> [2011/07/02 02:44:31 | 002,202,624 | ---- | C] (Microsoft Corporation)
 themecpl.dll -> C:\Windows\SysWow64\themecpl.dll -> [2011/07/02 02:44:31 | 002,157,568 | ---- | C] (Microsoft Corporation)
 FirewallControlPanel.dll -> C:\Windows\SysWow64\FirewallControlPanel.dll -> [2011/07/02 02:44:31 | 000,856,576 | ---- | C] (Microsoft Corporation)
 appwiz.cpl -> C:\Windows\SysWow64\appwiz.cpl -> [2011/07/02 02:44:31 | 000,649,216 | ---- | C] (Microsoft Corporation)
 wiadefui.dll -> C:\Windows\SysWow64\wiadefui.dll -> [2011/07/02 02:44:31 | 000,416,768 | ---- | C] (Microsoft Corporation)
 untfs.dll -> C:\Windows\SysNative\untfs.dll -> [2011/07/02 02:44:31 | 000,403,968 | ---- | C] (Microsoft Corporation)
 zipfldr.dll -> C:\Windows\SysNative\zipfldr.dll -> [2011/07/02 02:44:31 | 000,366,080 | ---- | C] (Microsoft Corporation)
 slui.exe -> C:\Windows\SysNative\slui.exe -> [2011/07/02 02:44:31 | 000,349,696 | ---- | C] (Microsoft Corporation)
 FWPUCLNT.DLL -> C:\Windows\SysWow64\FWPUCLNT.DLL -> [2011/07/02 02:44:31 | 000,216,576 | ---- | C] (Microsoft Corporation)
 sppcomapi.dll -> C:\Windows\SysWow64\sppcomapi.dll -> [2011/07/02 02:44:31 | 000,193,536 | ---- | C] (Microsoft Corporation)
 rasppp.dll -> C:\Windows\SysWow64\rasppp.dll -> [2011/07/02 02:44:31 | 000,176,640 | ---- | C] (Microsoft Corporation)
 rdpcorekmts.dll -> C:\Windows\SysNative\rdpcorekmts.dll -> [2011/07/02 02:44:31 | 000,149,504 | ---- | C] (Microsoft Corporation)
 cabview.dll -> C:\Windows\SysWow64\cabview.dll -> [2011/07/02 02:44:31 | 000,132,608 | ---- | C] (Microsoft Corporation)
 logoncli.dll -> C:\Windows\SysWow64\logoncli.dll -> [2011/07/02 02:44:31 | 000,127,488 | ---- | C] (Microsoft Corporation)
 shsetup.dll -> C:\Windows\SysWow64\shsetup.dll -> [2011/07/02 02:44:31 | 000,111,104 | ---- | C] (Microsoft Corporation)
 dnscmmc.dll -> C:\Windows\SysWow64\dnscmmc.dll -> [2011/07/02 02:44:31 | 000,109,056 | ---- | C] (Microsoft Corporation)
 PhotoScreensaver.scr -> C:\Windows\SysWow64\PhotoScreensaver.scr -> [2011/07/02 02:44:30 | 000,413,696 | ---- | C] (Microsoft Corporation)
 msieftp.dll -> C:\Windows\SysNative\msieftp.dll -> [2011/07/02 02:44:30 | 000,335,360 | ---- | C] (Microsoft Corporation)
 hgcpl.dll -> C:\Windows\SysWow64\hgcpl.dll -> [2011/07/02 02:44:30 | 000,312,832 | ---- | C] (Microsoft Corporation)
 defaultlocationcpl.dll -> C:\Windows\SysNative\defaultlocationcpl.dll -> [2011/07/02 02:44:30 | 000,233,984 | ---- | C] (Microsoft Corporation)
 Mpeg2Data.ax -> C:\Windows\SysNative\Mpeg2Data.ax -> [2011/07/02 02:44:30 | 000,104,960 | ---- | C] (Microsoft Corporation)
 networkmap.dll -> C:\Windows\SysNative\networkmap.dll -> [2011/07/02 02:44:29 | 002,146,816 | ---- | C] (Microsoft Corporation)
 cryptui.dll -> C:\Windows\SysNative\cryptui.dll -> [2011/07/02 02:44:29 | 001,065,984 | ---- | C] (Microsoft Corporation)
 fontext.dll -> C:\Windows\SysWow64\fontext.dll -> [2011/07/02 02:44:29 | 000,828,928 | ---- | C] (Microsoft Corporation)
 ActionCenter.dll -> C:\Windows\SysNative\ActionCenter.dll -> [2011/07/02 02:44:29 | 000,780,800 | ---- | C] (Microsoft Corporation)
 sud.dll -> C:\Windows\SysNative\sud.dll -> [2011/07/02 02:44:29 | 000,769,536 | ---- | C] (Microsoft Corporation)
 PerfCenterCPL.dll -> C:\Windows\SysWow64\PerfCenterCPL.dll -> [2011/07/02 02:44:29 | 000,600,576 | ---- | C] (Microsoft Corporation)
 usercpl.dll -> C:\Windows\SysWow64\usercpl.dll -> [2011/07/02 02:44:29 | 000,600,064 | ---- | C] (Microsoft Corporation)
 DeviceCenter.dll -> C:\Windows\SysNative\DeviceCenter.dll -> [2011/07/02 02:44:29 | 000,508,928 | ---- | C] (Microsoft Corporation)
 srcore.dll -> C:\Windows\SysNative\srcore.dll -> [2011/07/02 02:44:29 | 000,503,296 | ---- | C] (Microsoft Corporation)
 mscms.dll -> C:\Windows\SysWow64\mscms.dll -> [2011/07/02 02:44:29 | 000,481,792 | ---- | C] (Microsoft Corporation)
 localsec.dll -> C:\Windows\SysWow64\localsec.dll -> [2011/07/02 02:44:29 | 000,429,056 | ---- | C] (Microsoft Corporation)
 qdvd.dll -> C:\Windows\SysNative\qdvd.dll -> [2011/07/02 02:44:29 | 000,366,592 | ---- | C] (Microsoft Corporation)
 mprddm.dll -> C:\Windows\SysWow64\mprddm.dll -> [2011/07/02 02:44:29 | 000,268,800 | ---- | C] (Microsoft Corporation)
 taskbarcpl.dll -> C:\Windows\SysNative\taskbarcpl.dll -> [2011/07/02 02:44:29 | 000,243,712 | ---- | C] (Microsoft Corporation)
 OnLineIDCpl.dll -> C:\Windows\SysNative\OnLineIDCpl.dll -> [2011/07/02 02:44:29 | 000,221,696 | ---- | C] (Microsoft Corporation)
 SndVolSSO.dll -> C:\Windows\SysWow64\SndVolSSO.dll -> [2011/07/02 02:44:29 | 000,220,160 | ---- | C] (Microsoft Corporation)
 scecli.dll -> C:\Windows\SysWow64\scecli.dll -> [2011/07/02 02:44:29 | 000,175,616 | ---- | C] (Microsoft Corporation)
 twext.dll -> C:\Windows\SysNative\twext.dll -> [2011/07/02 02:44:29 | 000,172,544 | ---- | C] (Microsoft Corporation)
 psisrndr.ax -> C:\Windows\SysNative\psisrndr.ax -> [2011/07/02 02:44:29 | 000,108,032 | ---- | C] (Microsoft Corporation)
 mscories.dll -> C:\Windows\SysWow64\mscories.dll -> [2011/07/02 02:44:29 | 000,080,720 | ---- | C] (Microsoft Corporation)
 netcenter.dll -> C:\Windows\SysWow64\netcenter.dll -> [2011/07/02 02:44:28 | 001,644,032 | ---- | C] (Microsoft Corporation)
 OobeFldr.dll -> C:\Windows\SysNative\OobeFldr.dll -> [2011/07/02 02:44:28 | 000,898,560 | ---- | C] (Microsoft Corporation)
 batmeter.dll -> C:\Windows\SysWow64\batmeter.dll -> [2011/07/02 02:44:28 | 000,740,864 | ---- | C] (Microsoft Corporation)
 VAN.dll -> C:\Windows\SysWow64\VAN.dll -> [2011/07/02 02:44:28 | 000,638,976 | ---- | C] (Microsoft Corporation)
 qdvd.dll -> C:\Windows\SysWow64\qdvd.dll -> [2011/07/02 02:44:28 | 000,514,560 | ---- | C] (Microsoft Corporation)
 qedit.dll -> C:\Windows\SysWow64\qedit.dll -> [2011/07/02 02:44:28 | 000,509,440 | ---- | C] (Microsoft Corporation)
 wlanui.dll -> C:\Windows\SysWow64\wlanui.dll -> [2011/07/02 02:44:28 | 000,410,112 | ---- | C] (Microsoft Corporation)
 intl.cpl -> C:\Windows\SysNative\intl.cpl -> [2011/07/02 02:44:28 | 000,373,248 | ---- | C] (Microsoft Corporation)
 bcdedit.exe -> C:\Windows\SysNative\bcdedit.exe -> [2011/07/02 02:44:28 | 000,346,112 | ---- | C] (Microsoft Corporation)
 SndVol.exe -> C:\Windows\SysWow64\SndVol.exe -> [2011/07/02 02:44:28 | 000,314,368 | ---- | C] (Microsoft Corporation)
 uxlib.dll -> C:\Windows\SysNative\uxlib.dll -> [2011/07/02 02:44:28 | 000,154,624 | ---- | C] (Microsoft Corporation)
 recovery.dll -> C:\Windows\SysNative\recovery.dll -> [2011/07/02 02:44:28 | 000,146,944 | ---- | C] (Microsoft Corporation)
 prntvpt.dll -> C:\Windows\SysWow64\prntvpt.dll -> [2011/07/02 02:44:28 | 000,120,320 | ---- | C] (Microsoft Corporation)
 rdpwsx.dll -> C:\Windows\SysNative\rdpwsx.dll -> [2011/07/02 02:44:28 | 000,077,312 | ---- | C] (Microsoft Corporation)
 w32tm.exe -> C:\Windows\SysWow64\w32tm.exe -> [2011/07/02 02:44:28 | 000,066,048 | ---- | C] (Microsoft Corporation)
 accessibilitycpl.dll -> C:\Windows\SysWow64\accessibilitycpl.dll -> [2011/07/02 02:44:27 | 003,727,872 | ---- | C] (Microsoft Corporation)
 cryptui.dll -> C:\Windows\SysWow64\cryptui.dll -> [2011/07/02 02:44:27 | 001,003,520 | ---- | C] (Microsoft Corporation)
 sdcpl.dll -> C:\Windows\SysNative\sdcpl.dll -> [2011/07/02 02:44:27 | 000,762,368 | ---- | C] (Microsoft Corporation)
 bthprops.cpl -> C:\Windows\SysNative\bthprops.cpl -> [2011/07/02 02:44:27 | 000,721,408 | ---- | C] (Microsoft Corporation)
 dsuiext.dll -> C:\Windows\SysNative\dsuiext.dll -> [2011/07/02 02:44:27 | 000,701,440 | ---- | C] (Microsoft Corporation)
 main.cpl -> C:\Windows\SysWow64\main.cpl -> [2011/07/02 02:44:27 | 000,516,096 | ---- | C] (Microsoft Corporation)
 azroleui.dll -> C:\Windows\SysNative\azroleui.dll -> [2011/07/02 02:44:27 | 000,472,064 | ---- | C] (Microsoft Corporation)
 shwebsvc.dll -> C:\Windows\SysNative\shwebsvc.dll -> [2011/07/02 02:44:27 | 000,451,072 | ---- | C] (Microsoft Corporation)
 systemcpl.dll -> C:\Windows\SysNative\systemcpl.dll -> [2011/07/02 02:44:27 | 000,419,840 | ---- | C] (Microsoft Corporation)
 spwizeng.dll -> C:\Windows\SysWow64\spwizeng.dll -> [2011/07/02 02:44:27 | 000,352,768 | ---- | C] (Microsoft Corporation)
 MediaMetadataHandler.dll -> C:\Windows\SysNative\MediaMetadataHandler.dll -> [2011/07/02 02:44:27 | 000,345,600 | ---- | C] (Microsoft Corporation)
 zipfldr.dll -> C:\Windows\SysWow64\zipfldr.dll -> [2011/07/02 02:44:27 | 000,327,680 | ---- | C] (Microsoft Corporation)
 azroleui.dll -> C:\Windows\SysWow64\azroleui.dll -> [2011/07/02 02:44:27 | 000,314,368 | ---- | C] (Microsoft Corporation)
 efscore.dll -> C:\Windows\SysNative\efscore.dll -> [2011/07/02 02:44:27 | 000,304,128 | ---- | C] (Microsoft Corporation)
 recdisc.exe -> C:\Windows\SysNative\recdisc.exe -> [2011/07/02 02:44:27 | 000,238,080 | ---- | C] (Microsoft Corporation)
 MSAC3ENC.DLL -> C:\Windows\SysWow64\MSAC3ENC.DLL -> [2011/07/02 02:44:27 | 000,226,304 | ---- | C] (Microsoft Corporation)
 syncui.dll -> C:\Windows\SysNative\syncui.dll -> [2011/07/02 02:44:27 | 000,200,192 | ---- | C] (Microsoft Corporation)
 VBICodec.ax -> C:\Windows\SysNative\VBICodec.ax -> [2011/07/02 02:44:27 | 000,196,096 | ---- | C] (Microsoft Corporation)
 netplwiz.dll -> C:\Windows\SysNative\netplwiz.dll -> [2011/07/02 02:44:27 | 000,193,024 | ---- | C] (Microsoft Corporation)
 autoplay.dll -> C:\Windows\SysNative\autoplay.dll -> [2011/07/02 02:44:27 | 000,155,136 | ---- | C] (Microsoft Corporation)
 cca.dll -> C:\Windows\SysNative\cca.dll -> [2011/07/02 02:44:27 | 000,095,232 | ---- | C] (Microsoft Corporation)
 isoburn.exe -> C:\Windows\SysNative\isoburn.exe -> [2011/07/02 02:44:27 | 000,091,648 | ---- | C] (Microsoft Corporation)
 fdeploy.dll -> C:\Windows\SysWow64\fdeploy.dll -> [2011/07/02 02:44:27 | 000,059,904 | ---- | C] (Microsoft Corporation)
 tzutil.exe -> C:\Windows\SysNative\tzutil.exe -> [2011/07/02 02:44:27 | 000,058,368 | ---- | C] (Microsoft Corporation)
 httpapi.dll -> C:\Windows\SysNative\httpapi.dll -> [2011/07/02 02:44:27 | 000,045,056 | ---- | C] (Microsoft Corporation)
 sisbkup.dll -> C:\Windows\SysNative\sisbkup.dll -> [2011/07/02 02:44:27 | 000,024,064 | ---- | C] (Microsoft Corporation)
 certcli.dll -> C:\Windows\SysNative\certcli.dll -> [2011/07/02 02:44:26 | 000,460,800 | ---- | C] (Microsoft Corporation)
 sysclass.dll -> C:\Windows\SysNative\sysclass.dll -> [2011/07/02 02:44:26 | 000,207,360 | ---- | C] (Microsoft Corporation)
 adsldp.dll -> C:\Windows\SysWow64\adsldp.dll -> [2011/07/02 02:44:26 | 000,186,880 | ---- | C] (Microsoft Corporation)
 netjoin.dll -> C:\Windows\SysWow64\netjoin.dll -> [2011/07/02 02:44:26 | 000,161,792 | ---- | C] (Microsoft Corporation)
 ncryptui.dll -> C:\Windows\SysNative\ncryptui.dll -> [2011/07/02 02:44:26 | 000,066,048 | ---- | C] (Microsoft Corporation)
 sspisrv.dll -> C:\Windows\SysNative\sspisrv.dll -> [2011/07/02 02:44:26 | 000,029,184 | ---- | C] (Microsoft Corporation)
 networkmap.dll -> C:\Windows\SysWow64\networkmap.dll -> [2011/07/02 02:44:25 | 002,130,944 | ---- | C] (Microsoft Corporation)
 sud.dll -> C:\Windows\SysWow64\sud.dll -> [2011/07/02 02:44:25 | 000,755,200 | ---- | C] (Microsoft Corporation)
 ActionCenter.dll -> C:\Windows\SysWow64\ActionCenter.dll -> [2011/07/02 02:44:25 | 000,744,448 | ---- | C] (Microsoft Corporation)
 ActionCenterCPL.dll -> C:\Windows\SysNative\ActionCenterCPL.dll -> [2011/07/02 02:44:25 | 000,549,888 | ---- | C] (Microsoft Corporation)
 sysmon.ocx -> C:\Windows\SysNative\sysmon.ocx -> [2011/07/02 02:44:25 | 000,474,112 | ---- | C] (Microsoft Corporation)
 spwizeng.dll -> C:\Windows\SysNative\spwizeng.dll -> [2011/07/02 02:44:25 | 000,445,952 | ---- | C] (Microsoft Corporation)
 termmgr.dll -> C:\Windows\SysNative\termmgr.dll -> [2011/07/02 02:44:25 | 000,421,888 | ---- | C] (Microsoft Corporation)
 wlanmsm.dll -> C:\Windows\SysNative\wlanmsm.dll -> [2011/07/02 02:44:25 | 000,414,720 | ---- | C] (Microsoft Corporation)
 prnfldr.dll -> C:\Windows\SysWow64\prnfldr.dll -> [2011/07/02 02:44:25 | 000,395,264 | ---- | C] (Microsoft Corporation)
 sysmon.ocx -> C:\Windows\SysWow64\sysmon.ocx -> [2011/07/02 02:44:25 | 000,389,632 | ---- | C] (Microsoft Corporation)
 Faultrep.dll -> C:\Windows\SysWow64\Faultrep.dll -> [2011/07/02 02:44:25 | 000,320,512 | ---- | C] (Microsoft Corporation)
 wusa.exe -> C:\Windows\SysWow64\wusa.exe -> [2011/07/02 02:44:25 | 000,314,880 | ---- | C] (Microsoft Corporation)
 MCEWMDRMNDBootstrap.dll -> C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll -> [2011/07/02 02:44:25 | 000,312,168 | ---- | C] (Microsoft Corporation)
 msieftp.dll -> C:\Windows\SysWow64\msieftp.dll -> [2011/07/02 02:44:25 | 000,301,568 | ---- | C] (Microsoft Corporation)
 photowiz.dll -> C:\Windows\SysWow64\photowiz.dll -> [2011/07/02 02:44:25 | 000,295,424 | ---- | C] (Microsoft Corporation)
 MediaMetadataHandler.dll -> C:\Windows\SysWow64\MediaMetadataHandler.dll -> [2011/07/02 02:44:25 | 000,266,752 | ---- | C] (Microsoft Corporation)
 MFPlay.dll -> C:\Windows\SysNative\MFPlay.dll -> [2011/07/02 02:44:25 | 000,240,640 | ---- | C] (Microsoft Corporation)
 OnLineIDCpl.dll -> C:\Windows\SysWow64\OnLineIDCpl.dll -> [2011/07/02 02:44:25 | 000,218,112 | ---- | C] (Microsoft Corporation)
 vdsutil.dll -> C:\Windows\SysNative\vdsutil.dll -> [2011/07/02 02:44:25 | 000,185,856 | ---- | C] (Microsoft Corporation)
 AuxiliaryDisplayServices.dll -> C:\Windows\SysNative\AuxiliaryDisplayServices.dll -> [2011/07/02 02:44:25 | 000,135,680 | ---- | C] (Microsoft Corporation)
 mshtmled.dll -> C:\Windows\SysNative\mshtmled.dll -> [2011/07/02 02:44:25 | 000,097,280 | ---- | C] (Microsoft Corporation)
 ksxbar.ax -> C:\Windows\SysNative\ksxbar.ax -> [2011/07/02 02:44:25 | 000,066,048 | ---- | C] (Microsoft Corporation)
 bthprops.cpl -> C:\Windows\SysWow64\bthprops.cpl -> [2011/07/02 02:44:24 | 000,692,736 | ---- | C] (Microsoft Corporation)
 msscp.dll -> C:\Windows\SysNative\msscp.dll -> [2011/07/02 02:44:24 | 000,641,024 | ---- | C] (Microsoft Corporation)
 sqlcese30.dll -> C:\Windows\SysNative\sqlcese30.dll -> [2011/07/02 02:44:24 | 000,446,976 | ---- | C] (Microsoft Corporation)
 shwebsvc.dll -> C:\Windows\SysWow64\shwebsvc.dll -> [2011/07/02 02:44:24 | 000,428,544 | ---- | C] (Microsoft Corporation)
 intl.cpl -> C:\Windows\SysWow64\intl.cpl -> [2011/07/02 02:44:24 | 000,345,088 | ---- | C] (Microsoft Corporation)
 ReAgent.dll -> C:\Windows\SysNative\ReAgent.dll -> [2011/07/02 02:44:24 | 000,313,856 | ---- | C] (Microsoft Corporation)
 rstrui.exe -> C:\Windows\SysNative\rstrui.exe -> [2011/07/02 02:44:24 | 000,296,960 | ---- | C] (Microsoft Corporation)
 iprtrmgr.dll -> C:\Windows\SysNative\iprtrmgr.dll -> [2011/07/02 02:44:24 | 000,281,088 | ---- | C] (Microsoft Corporation)
 sethc.exe -> C:\Windows\SysNative\sethc.exe -> [2011/07/02 02:44:24 | 000,279,040 | ---- | C] (Microsoft Corporation)
 iprtrmgr.dll -> C:\Windows\SysWow64\iprtrmgr.dll -> [2011/07/02 02:44:24 | 000,271,360 | ---- | C] (Microsoft Corporation)
 defaultlocationcpl.dll -> C:\Windows\SysWow64\defaultlocationcpl.dll -> [2011/07/02 02:44:24 | 000,220,672 | ---- | C] (Microsoft Corporation)
 efscore.dll -> C:\Windows\SysWow64\efscore.dll -> [2011/07/02 02:44:24 | 000,205,312 | ---- | C] (Microsoft Corporation)
 SmartcardCredentialProvider.dll -> C:\Windows\SysNative\SmartcardCredentialProvider.dll -> [2011/07/02 02:44:24 | 000,189,952 | ---- | C] (Microsoft Corporation)
 odbccp32.dll -> C:\Windows\SysNative\odbccp32.dll -> [2011/07/02 02:44:24 | 000,163,840 | ---- | C] (Microsoft Corporation)
 ifsutil.dll -> C:\Windows\SysWow64\ifsutil.dll -> [2011/07/02 02:44:24 | 000,148,992 | ---- | C] (Microsoft Corporation)
 ieUnatt.exe -> C:\Windows\SysWow64\ieUnatt.exe -> [2011/07/02 02:44:24 | 000,139,264 | ---- | C] (Microsoft Corporation)
 ntlanman.dll -> C:\Windows\SysNative\ntlanman.dll -> [2011/07/02 02:44:24 | 000,129,536 | ---- | C] (Microsoft Corporation)
 dot3cfg.dll -> C:\Windows\SysWow64\dot3cfg.dll -> [2011/07/02 02:44:24 | 000,082,432 | ---- | C] (Microsoft Corporation)
 rdpd3d.dll -> C:\Windows\SysNative\rdpd3d.dll -> [2011/07/02 02:44:24 | 000,068,096 | ---- | C] (Microsoft Corporation)
 wwanprotdim.dll -> C:\Windows\SysNative\wwanprotdim.dll -> [2011/07/02 02:44:24 | 000,048,640 | ---- | C] (Microsoft Corporation)
 tsgqec.dll -> C:\Windows\SysNative\tsgqec.dll -> [2011/07/02 02:44:24 | 000,044,032 | ---- | C] (Microsoft Corporation)
 ftp.exe -> C:\Windows\SysWow64\ftp.exe -> [2011/07/02 02:44:24 | 000,042,496 | ---- | C] (Microsoft Corporation)
 sisbkup.dll -> C:\Windows\SysWow64\sisbkup.dll -> [2011/07/02 02:44:24 | 000,019,456 | ---- | C] (Microsoft Corporation)
 OobeFldr.dll -> C:\Windows\SysWow64\OobeFldr.dll -> [2011/07/02 02:44:23 | 000,859,648 | ---- | C] (Microsoft Corporation)
 wmdrmsdk.dll -> C:\Windows\SysNative\wmdrmsdk.dll -> [2011/07/02 02:44:23 | 000,781,312 | ---- | C] (Microsoft Corporation)
 wmpmde.dll -> C:\Windows\SysWow64\wmpmde.dll -> [2011/07/02 02:44:23 | 000,738,816 | ---- | C] (Microsoft Corporation)
 ActionCenterCPL.dll -> C:\Windows\SysWow64\ActionCenterCPL.dll -> [2011/07/02 02:44:23 | 000,537,600 | ---- | C] (Microsoft Corporation)
 drmmgrtn.dll -> C:\Windows\SysNative\drmmgrtn.dll -> [2011/07/02 02:44:23 | 000,495,104 | ---- | C] (Microsoft Corporation)
 DeviceCenter.dll -> C:\Windows\SysWow64\DeviceCenter.dll -> [2011/07/02 02:44:23 | 000,484,864 | ---- | C] (Microsoft Corporation)
 systemcpl.dll -> C:\Windows\SysWow64\systemcpl.dll -> [2011/07/02 02:44:23 | 000,410,624 | ---- | C] (Microsoft Corporation)
 ntprint.dll -> C:\Windows\SysNative\ntprint.dll -> [2011/07/02 02:44:23 | 000,344,576 | ---- | C] (Microsoft Corporation)
 ssText3d.scr -> C:\Windows\SysNative\ssText3d.scr -> [2011/07/02 02:44:23 | 000,333,824 | ---- | C] (Microsoft Corporation)
 unimdm.tsp -> C:\Windows\SysNative\unimdm.tsp -> [2011/07/02 02:44:23 | 000,321,536 | ---- | C] (Microsoft Corporation)
 odbcjt32.dll -> C:\Windows\SysWow64\odbcjt32.dll -> [2011/07/02 02:44:23 | 000,319,488 | ---- | C] (Microsoft Corporation)
 ntprint.dll -> C:\Windows\SysWow64\ntprint.dll -> [2011/07/02 02:44:23 | 000,297,472 | ---- | C] (Microsoft Corporation)
 iTVData.dll -> C:\Windows\SysNative\iTVData.dll -> [2011/07/02 02:44:23 | 000,282,624 | ---- | C] (Microsoft Corporation)
 wavemsp.dll -> C:\Windows\SysNative\wavemsp.dll -> [2011/07/02 02:44:23 | 000,255,488 | ---- | C] (Microsoft Corporation)
 DevicePairingFolder.dll -> C:\Windows\SysNative\DevicePairingFolder.dll -> [2011/07/02 02:44:23 | 000,225,280 | ---- | C] (Microsoft Corporation)
 odbctrac.dll -> C:\Windows\SysNative\odbctrac.dll -> [2011/07/02 02:44:23 | 000,212,992 | ---- | C] (Microsoft Corporation)
 dskquoui.dll -> C:\Windows\SysWow64\dskquoui.dll -> [2011/07/02 02:44:23 | 000,196,608 | ---- | C] (Microsoft Corporation)
 powercfg.cpl -> C:\Windows\SysNative\powercfg.cpl -> [2011/07/02 02:44:23 | 000,173,568 | ---- | C] (Microsoft Corporation)
 syncui.dll -> C:\Windows\SysWow64\syncui.dll -> [2011/07/02 02:44:23 | 000,159,232 | ---- | C] (Microsoft Corporation)
 SmartcardCredentialProvider.dll -> C:\Windows\SysWow64\SmartcardCredentialProvider.dll -> [2011/07/02 02:44:23 | 000,152,064 | ---- | C] (Microsoft Corporation)
 autoplay.dll -> C:\Windows\SysWow64\autoplay.dll -> [2011/07/02 02:44:23 | 000,146,944 | ---- | C] (Microsoft Corporation)
 NAPHLPR.DLL -> C:\Windows\SysNative\NAPHLPR.DLL -> [2011/07/02 02:44:23 | 000,133,632 | ---- | C] (Microsoft Corporation)
 srvcli.dll -> C:\Windows\SysNative\srvcli.dll -> [2011/07/02 02:44:23 | 000,128,000 | ---- | C] (Microsoft Corporation)
 iesysprep.dll -> C:\Windows\SysWow64\iesysprep.dll -> [2011/07/02 02:44:23 | 000,114,688 | ---- | C] (Microsoft Corporation)
 nslookup.exe -> C:\Windows\SysNative\nslookup.exe -> [2011/07/02 02:44:23 | 000,109,568 | ---- | C] (Microsoft Corporation)
 UserAccountControlSettings.dll -> C:\Windows\SysNative\UserAccountControlSettings.dll -> [2011/07/02 02:44:23 | 000,084,480 | ---- | C] (Microsoft Corporation)
 ntlanman.dll -> C:\Windows\SysWow64\ntlanman.dll -> [2011/07/02 02:44:23 | 000,069,120 | ---- | C] (Microsoft Corporation)
 WSTPager.ax -> C:\Windows\SysWow64\WSTPager.ax -> [2011/07/02 02:44:23 | 000,068,608 | ---- | C] (Microsoft Corporation)
 acppage.dll -> C:\Windows\SysNative\acppage.dll -> [2011/07/02 02:44:23 | 000,053,248 | ---- | C] (Microsoft Corporation)
 rtutils.dll -> C:\Windows\SysWow64\rtutils.dll -> [2011/07/02 02:44:23 | 000,037,376 | ---- | C] (Microsoft Corporation)
 secur32.dll -> C:\Windows\SysNative\secur32.dll -> [2011/07/02 02:44:23 | 000,028,160 | ---- | C] (Microsoft Corporation)
 slwga.dll -> C:\Windows\SysNative\slwga.dll -> [2011/07/02 02:44:23 | 000,015,360 | ---- | C] (Microsoft Corporation)
 networkexplorer.dll -> C:\Windows\SysNative\networkexplorer.dll -> [2011/07/02 02:44:22 | 001,672,704 | ---- | C] (Microsoft Corporation)
 blackbox.dll -> C:\Windows\SysWow64\blackbox.dll -> [2011/07/02 02:44:22 | 000,743,424 | ---- | C] (Microsoft Corporation)
 nshwfp.dll -> C:\Windows\SysWow64\nshwfp.dll -> [2011/07/02 02:44:22 | 000,656,384 | ---- | C] (Microsoft Corporation)
 riched20.dll -> C:\Windows\SysWow64\riched20.dll -> [2011/07/02 02:44:22 | 000,473,600 | ---- | C] (Microsoft Corporation)
 srrstr.dll -> C:\Windows\SysNative\srrstr.dll -> [2011/07/02 02:44:22 | 000,270,848 | ---- | C] (Microsoft Corporation)
 sethc.exe -> C:\Windows\SysWow64\sethc.exe -> [2011/07/02 02:44:22 | 000,270,336 | ---- | C] (Microsoft Corporation)
 fsquirt.exe -> C:\Windows\SysNative\fsquirt.exe -> [2011/07/02 02:44:22 | 000,229,376 | ---- | C] (Microsoft Corporation)
 activeds.dll -> C:\Windows\SysWow64\activeds.dll -> [2011/07/02 02:44:22 | 000,202,752 | ---- | C] (Microsoft Corporation)
 ksproxy.ax -> C:\Windows\SysWow64\ksproxy.ax -> [2011/07/02 02:44:22 | 000,193,536 | ---- | C] (Microsoft Corporation)
 wmpsrcwp.dll -> C:\Windows\SysWow64\wmpsrcwp.dll -> [2011/07/02 02:44:22 | 000,182,272 | ---- | C] (Microsoft Corporation)
 netplwiz.dll -> C:\Windows\SysWow64\netplwiz.dll -> [2011/07/02 02:44:22 | 000,175,616 | ---- | C] (Microsoft Corporation)
 bcdboot.exe -> C:\Windows\SysNative\bcdboot.exe -> [2011/07/02 02:44:22 | 000,175,616 | ---- | C] (Microsoft Corporation)
 NAPHLPR.DLL -> C:\Windows\SysWow64\NAPHLPR.DLL -> [2011/07/02 02:44:22 | 000,107,008 | ---- | C] (Microsoft Corporation)
 sppnp.dll -> C:\Windows\SysNative\sppnp.dll -> [2011/07/02 02:44:22 | 000,102,400 | ---- | C] (Microsoft Corporation)
 migisol.dll -> C:\Windows\SysWow64\migisol.dll -> [2011/07/02 02:44:22 | 000,101,888 | ---- | C] (Microsoft Corporation)
 cabinet.dll -> C:\Windows\SysNative\cabinet.dll -> [2011/07/02 02:44:22 | 000,094,720 | ---- | C] (Microsoft Corporation)
 fms.dll -> C:\Windows\SysWow64\fms.dll -> [2011/07/02 02:44:22 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider)
 cdosys.dll -> C:\Windows\SysNative\cdosys.dll -> [2011/07/02 02:44:21 | 001,133,568 | ---- | C] (Microsoft Corporation)
 blackbox.dll -> C:\Windows\SysNative\blackbox.dll -> [2011/07/02 02:44:21 | 000,840,192 | ---- | C] (Microsoft Corporation)
 cdosys.dll -> C:\Windows\SysWow64\cdosys.dll -> [2011/07/02 02:44:21 | 000,805,376 | ---- | C] (Microsoft Corporation)
 dsuiext.dll -> C:\Windows\SysWow64\dsuiext.dll -> [2011/07/02 02:44:21 | 000,685,056 | ---- | C] (Microsoft Corporation)
 dfrgui.exe -> C:\Windows\SysNative\dfrgui.exe -> [2011/07/02 02:44:21 | 000,606,208 | ---- | C] (Microsoft Corporation)
 wvc.dll -> C:\Windows\SysNative\wvc.dll -> [2011/07/02 02:44:21 | 000,594,432 | ---- | C] (Microsoft Corporation)
 msftedit.dll -> C:\Windows\SysWow64\msftedit.dll -> [2011/07/02 02:44:21 | 000,592,384 | ---- | C] (Microsoft Corporation)
 dfrgui.exe -> C:\Windows\SysWow64\dfrgui.exe -> [2011/07/02 02:44:21 | 000,586,752 | ---- | C] (Microsoft Corporation)
 wlanmsm.dll -> C:\Windows\SysWow64\wlanmsm.dll -> [2011/07/02 02:44:21 | 000,428,032 | ---- | C] (Microsoft Corporation)
 wmpdxm.dll -> C:\Windows\SysNative\wmpdxm.dll -> [2011/07/02 02:44:21 | 000,358,400 | ---- | C] (Microsoft Corporation)
 nshipsec.dll -> C:\Windows\SysWow64\nshipsec.dll -> [2011/07/02 02:44:21 | 000,346,112 | ---- | C] (Microsoft Corporation)
 dot3ui.dll -> C:\Windows\SysWow64\dot3ui.dll -> [2011/07/02 02:44:21 | 000,333,824 | ---- | C] (Microsoft Corporation)
 wsqmcons.exe -> C:\Windows\SysNative\wsqmcons.exe -> [2011/07/02 02:44:21 | 000,293,888 | ---- | C] (Microsoft Corporation)
 ReAgent.dll -> C:\Windows\SysWow64\ReAgent.dll -> [2011/07/02 02:44:21 | 000,247,808 | ---- | C] (Microsoft Corporation)
 wavemsp.dll -> C:\Windows\SysWow64\wavemsp.dll -> [2011/07/02 02:44:21 | 000,222,208 | ---- | C] (Microsoft Corporation)
 WinSCard.dll -> C:\Windows\SysNative\WinSCard.dll -> [2011/07/02 02:44:21 | 000,217,600 | ---- | C] (Microsoft Corporation)
 wuwebv.dll -> C:\Windows\SysNative\wuwebv.dll -> [2011/07/02 02:44:21 | 000,178,688 | ---- | C] (Microsoft Corporation)
 wuwebv.dll -> C:\Windows\SysWow64\wuwebv.dll -> [2011/07/02 02:44:21 | 000,164,352 | ---- | C] (Microsoft Corporation)
 remotepg.dll -> C:\Windows\SysNative\remotepg.dll -> [2011/07/02 02:44:21 | 000,153,088 | ---- | C] (Microsoft Corporation)
 net1.exe -> C:\Windows\SysNative\net1.exe -> [2011/07/02 02:44:21 | 000,152,064 | ---- | C] (Microsoft Corporation)
 kstvtune.ax -> C:\Windows\SysNative\kstvtune.ax -> [2011/07/02 02:44:21 | 000,102,912 | ---- | C] (Microsoft Corporation)
 isoburn.exe -> C:\Windows\SysWow64\isoburn.exe -> [2011/07/02 02:44:21 | 000,086,528 | ---- | C] (Microsoft Corporation)
 wkscli.dll -> C:\Windows\SysNative\wkscli.dll -> [2011/07/02 02:44:21 | 000,071,680 | ---- | C] (Microsoft Corporation)
 wsnmp32.dll -> C:\Windows\SysNative\wsnmp32.dll -> [2011/07/02 02:44:21 | 000,067,072 | ---- | C] (Microsoft Corporation)
 ftp.exe -> C:\Windows\SysNative\ftp.exe -> [2011/07/02 02:44:21 | 000,048,128 | ---- | C] (Microsoft Corporation)
 tzutil.exe -> C:\Windows\SysWow64\tzutil.exe -> [2011/07/02 02:44:21 | 000,047,616 | ---- | C] (Microsoft Corporation)
 httpapi.dll -> C:\Windows\SysWow64\httpapi.dll -> [2011/07/02 02:44:21 | 000,034,816 | ---- | C] (Microsoft Corporation)
 wmdrmdev.dll -> C:\Windows\SysNative\wmdrmdev.dll -> [2011/07/02 02:44:20 | 000,636,416 | ---- | C] (Microsoft Corporation)
 wvc.dll -> C:\Windows\SysWow64\wvc.dll -> [2011/07/02 02:44:20 | 000,444,928 | ---- | C] (Microsoft Corporation)
 wimgapi.dll -> C:\Windows\SysWow64\wimgapi.dll -> [2011/07/02 02:44:20 | 000,406,528 | ---- | C] (Microsoft Corporation)
 mfps.dll -> C:\Windows\SysNative\mfps.dll -> [2011/07/02 02:44:20 | 000,206,848 | ---- | C] (Microsoft Corporation)
 ocsetup.exe -> C:\Windows\SysWow64\ocsetup.exe -> [2011/07/02 02:44:20 | 000,197,632 | ---- | C] (Microsoft Corporation)
 wtsapi32.dll -> C:\Windows\SysWow64\wtsapi32.dll -> [2011/07/02 02:44:20 | 000,040,448 | ---- | C] (Microsoft Corporation)
 WerFaultSecure.exe -> C:\Windows\SysNative\WerFaultSecure.exe -> [2011/07/02 02:44:20 | 000,026,112 | ---- | C] (Microsoft Corporation)
 OpcServices.dll -> C:\Windows\SysNative\OpcServices.dll -> [2011/07/02 02:44:19 | 001,911,808 | ---- | C] (Microsoft Corporation)
 Bubbles.scr -> C:\Windows\SysNative\Bubbles.scr -> [2011/07/02 02:44:19 | 000,899,584 | ---- | C] (Microsoft Corporation)
 main.cpl -> C:\Windows\SysNative\main.cpl -> [2011/07/02 02:44:19 | 000,497,664 | ---- | C] (Microsoft Corporation)
 diskraid.exe -> C:\Windows\SysNative\diskraid.exe -> [2011/07/02 02:44:19 | 000,363,520 | ---- | C] (Microsoft Corporation)
 ssText3d.scr -> C:\Windows\SysWow64\ssText3d.scr -> [2011/07/02 02:44:19 | 000,293,888 | ---- | C] (Microsoft Corporation)
 unimdm.tsp -> C:\Windows\SysWow64\unimdm.tsp -> [2011/07/02 02:44:19 | 000,281,088 | ---- | C] (Microsoft Corporation)
 dxgmms1.sys -> C:\Windows\SysNative\drivers\dxgmms1.sys -> [2011/07/02 02:44:19 | 000,258,048 | ---- | C] (Microsoft Corporation)
 Mystify.scr -> C:\Windows\SysNative\Mystify.scr -> [2011/07/02 02:44:19 | 000,242,688 | ---- | C] (Microsoft Corporation)
 Ribbons.scr -> C:\Windows\SysNative\Ribbons.scr -> [2011/07/02 02:44:19 | 000,241,664 | ---- | C] (Microsoft Corporation)
 mstask.dll -> C:\Windows\SysWow64\mstask.dll -> [2011/07/02 02:44:19 | 000,209,920 | ---- | C] (Microsoft Corporation)
 qasf.dll -> C:\Windows\SysWow64\qasf.dll -> [2011/07/02 02:44:19 | 000,206,848 | ---- | C] (Microsoft Corporation)
 msrating.dll -> C:\Windows\SysWow64\msrating.dll -> [2011/07/02 02:44:19 | 000,195,072 | ---- | C] (Microsoft Corporation)
 qcap.dll -> C:\Windows\SysWow64\qcap.dll -> [2011/07/02 02:44:19 | 000,190,976 | ---- | C] (Microsoft Corporation)
 WUDFPlatform.dll -> C:\Windows\SysNative\WUDFPlatform.dll -> [2011/07/02 02:44:19 | 000,182,784 | ---- | C] (Microsoft Corporation)
 ifsutil.dll -> C:\Windows\SysNative\ifsutil.dll -> [2011/07/02 02:44:19 | 000,180,736 | ---- | C] (Microsoft Corporation)
 occache.dll -> C:\Windows\SysWow64\occache.dll -> [2011/07/02 02:44:19 | 000,153,088 | ---- | C] (Microsoft Corporation)
 twext.dll -> C:\Windows\SysWow64\twext.dll -> [2011/07/02 02:44:19 | 000,146,432 | ---- | C] (Microsoft Corporation)
 msvfw32.dll -> C:\Windows\SysWow64\msvfw32.dll -> [2011/07/02 02:44:19 | 000,120,320 | ---- | C] (Microsoft Corporation)
 uxlib.dll -> C:\Windows\SysWow64\uxlib.dll -> [2011/07/02 02:44:19 | 000,118,784 | ---- | C] (Microsoft Corporation)
 setupugc.exe -> C:\Windows\SysWow64\setupugc.exe -> [2011/07/02 02:44:19 | 000,113,152 | ---- | C] (Microsoft Corporation)
 mapistub.dll -> C:\Windows\SysNative\mapistub.dll -> [2011/07/02 02:44:19 | 000,091,648 | ---- | C] (Microsoft Corporation)
 mapi32.dll -> C:\Windows\SysNative\mapi32.dll -> [2011/07/02 02:44:19 | 000,091,648 | ---- | C] (Microsoft Corporation)
 unimdmat.dll -> C:\Windows\SysNative\unimdmat.dll -> [2011/07/02 02:44:19 | 000,073,216 | ---- | C] (Microsoft Corporation)
 twain_32.dll -> C:\Windows\twain_32.dll -> [2011/07/02 02:44:19 | 000,051,200 | ---- | C] (Twain Working Group)
 iscsium.dll -> C:\Windows\SysNative\iscsium.dll -> [2011/07/02 02:44:19 | 000,037,376 | ---- | C] (Microsoft Corporation)
 slwga.dll -> C:\Windows\SysWow64\slwga.dll -> [2011/07/02 02:44:19 | 000,014,336 | ---- | C] (Microsoft Corporation)
 TsUsbRedirectionGroupPolicyControl.exe -> C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe -> [2011/07/02 02:44:19 | 000,008,192 | ---- | C] (Microsoft Corporation)
 wmdrmsdk.dll -> C:\Windows\SysWow64\wmdrmsdk.dll -> [2011/07/02 02:44:18 | 000,616,960 | ---- | C] (Microsoft Corporation)
 d3d10level9.dll -> C:\Windows\SysNative\d3d10level9.dll -> [2011/07/02 02:44:18 | 000,573,952 | ---- | C] (Microsoft Corporation)
 msscp.dll -> C:\Windows\SysWow64\msscp.dll -> [2011/07/02 02:44:18 | 000,504,320 | ---- | C] (Microsoft Corporation)
 WindowsAnytimeUpgradeResults.exe -> C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe -> [2011/07/02 02:44:18 | 000,294,912 | ---- | C] (Microsoft Corporation)
 audiodev.dll -> C:\Windows\SysWow64\audiodev.dll -> [2011/07/02 02:44:18 | 000,243,712 | ---- | C] (Microsoft Corporation)
 clusapi.dll -> C:\Windows\SysWow64\clusapi.dll -> [2011/07/02 02:44:18 | 000,230,912 | ---- | C] (Microsoft Corporation)
 rdpencom.dll -> C:\Windows\SysNative\rdpencom.dll -> [2011/07/02 02:44:18 | 000,222,208 | ---- | C] (Microsoft Corporation)
 DevicePairingFolder.dll -> C:\Windows\SysWow64\DevicePairingFolder.dll -> [2011/07/02 02:44:18 | 000,211,456 | ---- | C] (Microsoft Corporation)
 perfmon.exe -> C:\Windows\SysNative\perfmon.exe -> [2011/07/02 02:44:18 | 000,172,544 | ---- | C] (Microsoft Corporation)
 wmpshell.dll -> C:\Windows\SysNative\wmpshell.dll -> [2011/07/02 02:44:18 | 000,132,608 | ---- | C] (Microsoft Corporation)
 nslookup.exe -> C:\Windows\SysWow64\nslookup.exe -> [2011/07/02 02:44:18 | 000,098,304 | ---- | C] (Microsoft Corporation)
 mciavi32.dll -> C:\Windows\SysWow64\mciavi32.dll -> [2011/07/02 02:44:18 | 000,084,480 | ---- | C] (Microsoft Corporation)
 imgutil.dll -> C:\Windows\SysWow64\imgutil.dll -> [2011/07/02 02:44:18 | 000,034,304 | ---- | C] (Microsoft Corporation)
 AzSqlExt.dll -> C:\Windows\SysNative\AzSqlExt.dll -> [2011/07/02 02:44:18 | 000,031,744 | ---- | C] (Microsoft Corporation)
 muifontsetup.dll -> C:\Windows\SysNative\muifontsetup.dll -> [2011/07/02 02:44:18 | 000,016,896 | ---- | C] (Microsoft Corporation)
 WMADMOD.DLL -> C:\Windows\SysNative\WMADMOD.DLL -> [2011/07/02 02:44:17 | 001,232,896 | ---- | C] (Microsoft Corporation)
 dbghelp.dll -> C:\Windows\SysNative\dbghelp.dll -> [2011/07/02 02:44:17 | 001,087,488 | ---- | C] (Microsoft Corporation)
 FXSAPI.dll -> C:\Windows\SysNative\FXSAPI.dll -> [2011/07/02 02:44:17 | 000,623,104 | ---- | C] (Microsoft Corporation)
 drmmgrtn.dll -> C:\Windows\SysWow64\drmmgrtn.dll -> [2011/07/02 02:44:17 | 000,402,944 | ---- | C] (Microsoft Corporation)
 raschap.dll -> C:\Windows\SysNative\raschap.dll -> [2011/07/02 02:44:17 | 000,337,920 | ---- | C] (Microsoft Corporation)
 wimserv.exe -> C:\Windows\SysWow64\wimserv.exe -> [2011/07/02 02:44:17 | 000,327,680 | ---- | C] (Microsoft Corporation)
 raschap.dll -> C:\Windows\SysWow64\raschap.dll -> [2011/07/02 02:44:17 | 000,318,976 | ---- | C] (Microsoft Corporation)
 diskraid.exe -> C:\Windows\SysWow64\diskraid.exe -> [2011/07/02 02:44:17 | 000,276,480 | ---- | C] (Microsoft Corporation)
 qasf.dll -> C:\Windows\SysNative\qasf.dll -> [2011/07/02 02:44:17 | 000,254,464 | ---- | C] (Microsoft Corporation)
 wpdwcn.dll -> C:\Windows\SysNative\wpdwcn.dll -> [2011/07/02 02:44:17 | 000,215,040 | ---- | C] (Microsoft Corporation)
 ActionQueue.dll -> C:\Windows\SysNative\ActionQueue.dll -> [2011/07/02 02:44:17 | 000,213,504 | ---- | C] (Microsoft Corporation)
 input.dll -> C:\Windows\SysWow64\input.dll -> [2011/07/02 02:44:17 | 000,202,240 | ---- | C] (Microsoft Corporation)
 rdpencom.dll -> C:\Windows\SysWow64\rdpencom.dll -> [2011/07/02 02:44:17 | 000,186,368 | ---- | C] (Microsoft Corporation)
 ocsetapi.dll -> C:\Windows\SysWow64\ocsetapi.dll -> [2011/07/02 02:44:17 | 000,174,592 | ---- | C] (Microsoft Corporation)
 perfmon.exe -> C:\Windows\SysWow64\perfmon.exe -> [2011/07/02 02:44:17 | 000,157,184 | ---- | C] (Microsoft Corporation)
 remotepg.dll -> C:\Windows\SysWow64\remotepg.dll -> [2011/07/02 02:44:17 | 000,146,944 | ---- | C] (Microsoft Corporation)
 MdSched.exe -> C:\Windows\SysNative\MdSched.exe -> [2011/07/02 02:44:17 | 000,146,944 | ---- | C] (Microsoft Corporation)
 inseng.dll -> C:\Windows\SysNative\inseng.dll -> [2011/07/02 02:44:17 | 000,125,440 | ---- | C] (Microsoft Corporation)
 wiavideo.dll -> C:\Windows\SysNative\wiavideo.dll -> [2011/07/02 02:44:17 | 000,124,928 | ---- | C] (Microsoft Corporation)
 odbccp32.dll -> C:\Windows\SysWow64\odbccp32.dll -> [2011/07/02 02:44:17 | 000,122,880 | ---- | C] (Microsoft Corporation)
 QUTIL.DLL -> C:\Windows\SysWow64\QUTIL.DLL -> [2011/07/02 02:44:17 | 000,080,896 | ---- | C] (Microsoft Corporation)
 UserAccountControlSettings.dll -> C:\Windows\SysWow64\UserAccountControlSettings.dll -> [2011/07/02 02:44:17 | 000,078,848 | ---- | C] (Microsoft Corporation)
 tlscsp.dll -> C:\Windows\SysNative\tlscsp.dll -> [2011/07/02 02:44:17 | 000,073,728 | ---- | C] (Microsoft Corporation)
 bfsvc.exe -> C:\Windows\bfsvc.exe -> [2011/07/02 02:44:17 | 000,071,168 | ---- | C] (Microsoft Corporation)
 umb.dll -> C:\Windows\SysNative\umb.dll -> [2011/07/02 02:44:17 | 000,059,904 | ---- | C] (Microsoft Corporation)
 runonce.exe -> C:\Windows\SysNative\runonce.exe -> [2011/07/02 02:44:17 | 000,056,832 | ---- | C] (Microsoft Corporation)
 NAPCRYPT.DLL -> C:\Windows\SysNative\NAPCRYPT.DLL -> [2011/07/02 02:44:17 | 000,050,176 | ---- | C] (Microsoft Corporation)
 NAPCRYPT.DLL -> C:\Windows\SysWow64\NAPCRYPT.DLL -> [2011/07/02 02:44:17 | 000,046,080 | ---- | C] (Microsoft Corporation)
 acppage.dll -> C:\Windows\SysWow64\acppage.dll -> [2011/07/02 02:44:17 | 000,045,568 | ---- | C] (Microsoft Corporation)
 netutils.dll -> C:\Windows\SysNative\netutils.dll -> [2011/07/02 02:44:17 | 000,029,184 | ---- | C] (Microsoft Corporation)
 syssetup.dll -> C:\Windows\SysNative\syssetup.dll -> [2011/07/02 02:44:17 | 000,017,408 | ---- | C] (Microsoft Corporation)
 onexui.dll -> C:\Windows\SysWow64\onexui.dll -> [2011/07/02 02:44:16 | 001,111,552 | ---- | C] (Microsoft Corporation)
 WMVSDECD.DLL -> C:\Windows\SysNative\WMVSDECD.DLL -> [2011/07/02 02:44:16 | 000,666,112 | ---- | C] (Microsoft Corporation)
 nltest.exe -> C:\Windows\SysNative\nltest.exe -> [2011/07/02 02:44:16 | 000,395,776 | ---- | C] (Microsoft Corporation)
 wmpdxm.dll -> C:\Windows\SysWow64\wmpdxm.dll -> [2011/07/02 02:44:16 | 000,299,520 | ---- | C] (Microsoft Corporation)
 mstask.dll -> C:\Windows\SysNative\mstask.dll -> [2011/07/02 02:44:16 | 000,238,080 | ---- | C] (Microsoft Corporation)
 bitsadmin.exe -> C:\Windows\SysNative\bitsadmin.exe -> [2011/07/02 02:44:16 | 000,232,448 | ---- | C] (Microsoft Corporation)
 iTVData.dll -> C:\Windows\SysWow64\iTVData.dll -> [2011/07/02 02:44:16 | 000,219,648 | ---- | C] (Microsoft Corporation)
 dxdiagn.dll -> C:\Windows\SysWow64\dxdiagn.dll -> [2011/07/02 02:44:16 | 000,210,432 | ---- | C] (Microsoft Corporation)
 wpdwcn.dll -> C:\Windows\SysWow64\wpdwcn.dll -> [2011/07/02 02:44:16 | 000,198,144 | ---- | C] (Microsoft Corporation)
 vdsbas.dll -> C:\Windows\SysNative\vdsbas.dll -> [2011/07/02 02:44:16 | 000,190,976 | ---- | C] (Microsoft Corporation)
 vdsbas.dll -> C:\Windows\SysWow64\vdsbas.dll -> [2011/07/02 02:44:16 | 000,160,256 | ---- | C] (Microsoft Corporation)
 rmcast.sys -> C:\Windows\SysNative\drivers\rmcast.sys -> [2011/07/02 02:44:16 | 000,146,432 | ---- | C] (Microsoft Corporation)
 Kswdmcap.ax -> C:\Windows\SysNative\Kswdmcap.ax -> [2011/07/02 02:44:16 | 000,133,120 | ---- | C] (Microsoft Corporation)
 inseng.dll -> C:\Windows\SysWow64\inseng.dll -> [2011/07/02 02:44:16 | 000,096,256 | ---- | C] (Microsoft Corporation)
 logagent.exe -> C:\Windows\SysWow64\logagent.exe -> [2011/07/02 02:44:16 | 000,095,232 | ---- | C] (Microsoft Corporation)
 RegisterIEPKEYs.exe -> C:\Windows\SysWow64\RegisterIEPKEYs.exe -> [2011/07/02 02:44:16 | 000,083,968 | ---- | C] (Microsoft Corporation)
 runonce.exe -> C:\Windows\SysWow64\runonce.exe -> [2011/07/02 02:44:16 | 000,050,688 | ---- | C] (Microsoft Corporation)
 PrintIsolationProxy.dll -> C:\Windows\SysNative\PrintIsolationProxy.dll -> [2011/07/02 02:44:16 | 000,048,128 | ---- | C] (Microsoft Corporation)
 vpnikeapi.dll -> C:\Windows\SysWow64\vpnikeapi.dll -> [2011/07/02 02:44:16 | 000,025,600 | ---- | C] (Microsoft Corporation)
 WMSPDMOD.DLL -> C:\Windows\SysNative\WMSPDMOD.DLL -> [2011/07/02 02:44:15 | 000,978,944 | ---- | C] (Microsoft Corporation)
 Bubbles.scr -> C:\Windows\SysWow64\Bubbles.scr -> [2011/07/02 02:44:15 | 000,878,592 | ---- | C] (Microsoft Corporation)
 wmdrmnet.dll -> C:\Windows\SysNative\wmdrmnet.dll -> [2011/07/02 02:44:15 | 000,527,872 | ---- | C] (Microsoft Corporation)
 wmdrmdev.dll -> C:\Windows\SysWow64\wmdrmdev.dll -> [2011/07/02 02:44:15 | 000,507,392 | ---- | C] (Microsoft Corporation)
 d3d10level9.dll -> C:\Windows\SysWow64\d3d10level9.dll -> [2011/07/02 02:44:15 | 000,489,984 | ---- | C] (Microsoft Corporation)
 WPDSp.dll -> C:\Windows\SysNative\WPDSp.dll -> [2011/07/02 02:44:15 | 000,431,104 | ---- | C] (Microsoft Corporation)
 msnetobj.dll -> C:\Windows\SysNative\msnetobj.dll -> [2011/07/02 02:44:15 | 000,325,632 | ---- | C] (Microsoft Corporation)
 sqlcese30.dll -> C:\Windows\SysWow64\sqlcese30.dll -> [2011/07/02 02:44:15 | 000,309,760 | ---- | C] (Microsoft Corporation)
 qdv.dll -> C:\Windows\SysNative\qdv.dll -> [2011/07/02 02:44:15 | 000,250,880 | ---- | C] (Microsoft Corporation)
 eapp3hst.dll -> C:\Windows\SysWow64\eapp3hst.dll -> [2011/07/02 02:44:15 | 000,242,176 | ---- | C] (Microsoft Corporation)
 PortableDeviceSyncProvider.dll -> C:\Windows\SysNative\PortableDeviceSyncProvider.dll -> [2011/07/02 02:44:15 | 000,224,256 | ---- | C] (Microsoft Corporation)
 bitsadmin.exe -> C:\Windows\SysWow64\bitsadmin.exe -> [2011/07/02 02:44:15 | 000,186,368 | ---- | C] (Microsoft Corporation)
 qcap.dll -> C:\Windows\SysNative\qcap.dll -> [2011/07/02 02:44:15 | 000,181,248 | ---- | C] (Microsoft Corporation)
 MFPlay.dll -> C:\Windows\SysWow64\MFPlay.dll -> [2011/07/02 02:44:15 | 000,176,128 | ---- | C] (Microsoft Corporation)
 mprapi.dll -> C:\Windows\SysWow64\mprapi.dll -> [2011/07/02 02:44:15 | 000,158,720 | ---- | C] (Microsoft Corporation)
 shacct.dll -> C:\Windows\SysNative\shacct.dll -> [2011/07/02 02:44:15 | 000,135,168 | ---- | C] (Microsoft Corporation)
 QSVRMGMT.DLL -> C:\Windows\SysNative\QSVRMGMT.DLL -> [2011/07/02 02:44:15 | 000,124,416 | ---- | C] (Microsoft Corporation)
 secproc_ssp_isv.dll -> C:\Windows\SysNative\secproc_ssp_isv.dll -> [2011/07/02 02:44:15 | 000,121,856 | ---- | C] (Microsoft Corporation)
 secproc_ssp.dll -> C:\Windows\SysNative\secproc_ssp.dll -> [2011/07/02 02:44:15 | 000,121,856 | ---- | C] (Microsoft Corporation)
 shacct.dll -> C:\Windows\SysWow64\shacct.dll -> [2011/07/02 02:44:15 | 000,108,032 | ---- | C] (Microsoft Corporation)
 wmpshell.dll -> C:\Windows\SysWow64\wmpshell.dll -> [2011/07/02 02:44:15 | 000,105,472 | ---- | C] (Microsoft Corporation)
 logman.exe -> C:\Windows\SysNative\logman.exe -> [2011/07/02 02:44:15 | 000,104,448 | ---- | C] (Microsoft Corporation)
 wudriver.dll -> C:\Windows\SysNative\wudriver.dll -> [2011/07/02 02:44:15 | 000,098,304 | ---- | C] (Microsoft Corporation)
 wudriver.dll -> C:\Windows\SysWow64\wudriver.dll -> [2011/07/02 02:44:15 | 000,087,552 | ---- | C] (Microsoft Corporation)
 tabcal.exe -> C:\Windows\SysNative\tabcal.exe -> [2011/07/02 02:44:15 | 000,078,848 | ---- | C] (Microsoft Corporation)
 vss_ps.dll -> C:\Windows\SysNative\vss_ps.dll -> [2011/07/02 02:44:15 | 000,061,952 | ---- | C] (Microsoft Corporation)
 unimdmat.dll -> C:\Windows\SysWow64\unimdmat.dll -> [2011/07/02 02:44:15 | 000,059,392 | ---- | C] (Microsoft Corporation)
 rdpd3d.dll -> C:\Windows\SysWow64\rdpd3d.dll -> [2011/07/02 02:44:15 | 000,052,224 | ---- | C] (Microsoft Corporation)
 cscapi.dll -> C:\Windows\SysNative\cscapi.dll -> [2011/07/02 02:44:15 | 000,046,080 | ---- | C] (Microsoft Corporation)
 iscsium.dll -> C:\Windows\SysWow64\iscsium.dll -> [2011/07/02 02:44:15 | 000,028,672 | ---- | C] (Microsoft Corporation)
 lsmproxy.dll -> C:\Windows\SysWow64\lsmproxy.dll -> [2011/07/02 02:44:15 | 000,021,504 | ---- | C] (Microsoft Corporation)
 OpcServices.dll -> C:\Windows\SysWow64\OpcServices.dll -> [2011/07/02 02:44:14 | 001,160,192 | ---- | C] (Microsoft Corporation)
 pdh.dll -> C:\Windows\SysWow64\pdh.dll -> [2011/07/02 02:44:14 | 000,236,544 | ---- | C] (Microsoft Corporation)
 PortableDeviceSyncProvider.dll -> C:\Windows\SysWow64\PortableDeviceSyncProvider.dll -> [2011/07/02 02:44:14 | 000,183,296 | ---- | C] (Microsoft Corporation)
 RegisterIEPKEYs.exe -> C:\Windows\SysNative\RegisterIEPKEYs.exe -> [2011/07/02 02:44:14 | 000,098,816 | ---- | C] (Microsoft Corporation)
 kstvtune.ax -> C:\Windows\SysWow64\kstvtune.ax -> [2011/07/02 02:44:14 | 000,084,480 | ---- | C] (Microsoft Corporation)
 logman.exe -> C:\Windows\SysWow64\logman.exe -> [2011/07/02 02:44:14 | 000,082,944 | ---- | C] (Microsoft Corporation)
 spbcd.dll -> C:\Windows\SysNative\spbcd.dll -> [2011/07/02 02:44:14 | 000,078,848 | ---- | C] (Microsoft Corporation)
 IMJP10.IME -> C:\Windows\SysNative\IMJP10.IME -> [2011/07/02 02:44:13 | 001,148,416 | ---- | C] (Microsoft Corporation)
 WMADMOD.DLL -> C:\Windows\SysWow64\WMADMOD.DLL -> [2011/07/02 02:44:13 | 000,902,656 | ---- | C] (Microsoft Corporation)
 WMVSDECD.DLL -> C:\Windows\SysWow64\WMVSDECD.DLL -> [2011/07/02 02:44:13 | 000,541,184 | ---- | C] (Microsoft Corporation)
 PortableDeviceStatus.dll -> C:\Windows\SysNative\PortableDeviceStatus.dll -> [2011/07/02 02:44:13 | 000,435,712 | ---- | C] (Microsoft Corporation)
 PortableDeviceStatus.dll -> C:\Windows\SysWow64\PortableDeviceStatus.dll -> [2011/07/02 02:44:13 | 000,427,520 | ---- | C] (Microsoft Corporation)
 WMPhoto.dll -> C:\Windows\SysNative\WMPhoto.dll -> [2011/07/02 02:44:13 | 000,392,192 | ---- | C] (Microsoft Corporation)
 WPDSp.dll -> C:\Windows\SysWow64\WPDSp.dll -> [2011/07/02 02:44:13 | 000,350,720 | ---- | C] (Microsoft Corporation)
 WMPhoto.dll -> C:\Windows\SysWow64\WMPhoto.dll -> [2011/07/02 02:44:13 | 000,318,464 | ---- | C] (Microsoft Corporation)
 dot3ui.dll -> C:\Windows\SysNative\dot3ui.dll -> [2011/07/02 02:44:13 | 000,313,344 | ---- | C] (Microsoft Corporation)
 Mystify.scr -> C:\Windows\SysWow64\Mystify.scr -> [2011/07/02 02:44:13 | 000,221,184 | ---- | C] (Microsoft Corporation)
 Ribbons.scr -> C:\Windows\SysWow64\Ribbons.scr -> [2011/07/02 02:44:13 | 000,220,672 | ---- | C] (Microsoft Corporation)
 sqmapi.dll -> C:\Windows\SysWow64\sqmapi.dll -> [2011/07/02 02:44:13 | 000,189,952 | ---- | C] (Microsoft Corporation)
 odbctrac.dll -> C:\Windows\SysWow64\odbctrac.dll -> [2011/07/02 02:44:13 | 000,163,840 | ---- | C] (Microsoft Corporation)
 VBICodec.ax -> C:\Windows\SysWow64\VBICodec.ax -> [2011/07/02 02:44:13 | 000,153,600 | ---- | C] (Microsoft Corporation)
 EhStorAPI.dll -> C:\Windows\SysNative\EhStorAPI.dll -> [2011/07/02 02:44:13 | 000,144,896 | ---- | C] (Microsoft Corporation)
 powercfg.cpl -> C:\Windows\SysWow64\powercfg.cpl -> [2011/07/02 02:44:13 | 000,142,336 | ---- | C] (Microsoft Corporation)
 desk.cpl -> C:\Windows\SysNative\desk.cpl -> [2011/07/02 02:44:13 | 000,130,048 | ---- | C] (Microsoft Corporation)
 fphc.dll -> C:\Windows\SysNative\fphc.dll -> [2011/07/02 02:44:13 | 000,121,344 | ---- | C] (Microsoft Corporation)
 dot3msm.dll -> C:\Windows\SysWow64\dot3msm.dll -> [2011/07/02 02:44:13 | 000,115,200 | ---- | C] (Microsoft Corporation)
 wiavideo.dll -> C:\Windows\SysWow64\wiavideo.dll -> [2011/07/02 02:44:13 | 000,109,568 | ---- | C] (Microsoft Corporation)
 Kswdmcap.ax -> C:\Windows\SysWow64\Kswdmcap.ax -> [2011/07/02 02:44:13 | 000,107,008 | ---- | C] (Microsoft Corporation)
 QSVRMGMT.DLL -> C:\Windows\SysWow64\QSVRMGMT.DLL -> [2011/07/02 02:44:13 | 000,099,328 | ---- | C] (Microsoft Corporation)
 fphc.dll -> C:\Windows\SysWow64\fphc.dll -> [2011/07/02 02:44:13 | 000,098,304 | ---- | C] (Microsoft Corporation)
 avifil32.dll -> C:\Windows\SysWow64\avifil32.dll -> [2011/07/02 02:44:13 | 000,091,648 | ---- | C] (Microsoft Corporation)
 amstream.dll -> C:\Windows\SysNative\amstream.dll -> [2011/07/02 02:44:13 | 000,089,088 | ---- | C] (Microsoft Corporation)
 olethk32.dll -> C:\Windows\SysWow64\olethk32.dll -> [2011/07/02 02:44:13 | 000,077,824 | ---- | C] (Microsoft Corporation)
 mapistub.dll -> C:\Windows\SysWow64\mapistub.dll -> [2011/07/02 02:44:13 | 000,076,800 | ---- | C] (Microsoft Corporation)
 mapi32.dll -> C:\Windows\SysWow64\mapi32.dll -> [2011/07/02 02:44:13 | 000,076,800 | ---- | C] (Microsoft Corporation)
 Mpeg2Data.ax -> C:\Windows\SysWow64\Mpeg2Data.ax -> [2011/07/02 02:44:13 | 000,072,704 | ---- | C] (Microsoft Corporation)
 mshtmled.dll -> C:\Windows\SysWow64\mshtmled.dll -> [2011/07/02 02:44:13 | 000,067,072 | ---- | C] (Microsoft Corporation)
 takeown.exe -> C:\Windows\SysNative\takeown.exe -> [2011/07/02 02:44:13 | 000,063,488 | ---- | C] (Microsoft Corporation)
 PnPUnattend.exe -> C:\Windows\SysNative\PnPUnattend.exe -> [2011/07/02 02:44:13 | 000,062,976 | ---- | C] (Microsoft Corporation)
 ncryptui.dll -> C:\Windows\SysWow64\ncryptui.dll -> [2011/07/02 02:44:13 | 000,060,928 | ---- | C] (Microsoft Corporation)
 takeown.exe -> C:\Windows\SysWow64\takeown.exe -> [2011/07/02 02:44:13 | 000,051,200 | ---- | C] (Microsoft Corporation)
 tsgqec.dll -> C:\Windows\SysWow64\tsgqec.dll -> [2011/07/02 02:44:13 | 000,036,864 | ---- | C] (Microsoft Corporation)
 utildll.dll -> C:\Windows\SysWow64\utildll.dll -> [2011/07/02 02:44:13 | 000,031,744 | ---- | C] (Microsoft Corporation)
 WMSPDMOD.DLL -> C:\Windows\SysWow64\WMSPDMOD.DLL -> [2011/07/02 02:44:12 | 000,739,328 | ---- | C] (Microsoft Corporation)
 WUDFx.dll -> C:\Windows\SysNative\WUDFx.dll -> [2011/07/02 02:44:12 | 000,681,472 | ---- | C] (Microsoft Corporation)
 wmdrmnet.dll -> C:\Windows\SysWow64\wmdrmnet.dll -> [2011/07/02 02:44:12 | 000,436,736 | ---- | C] (Microsoft Corporation)
 qdv.dll -> C:\Windows\SysWow64\qdv.dll -> [2011/07/02 02:44:12 | 000,283,136 | ---- | C] (Microsoft Corporation)
 msnetobj.dll -> C:\Windows\SysWow64\msnetobj.dll -> [2011/07/02 02:44:12 | 000,265,216 | ---- | C] (Microsoft Corporation)
 WUDFHost.exe -> C:\Windows\SysNative\WUDFHost.exe -> [2011/07/02 02:44:12 | 000,226,816 | ---- | C] (Microsoft Corporation)
 imagehlp.dll -> C:\Windows\SysWow64\imagehlp.dll -> [2011/07/02 02:44:12 | 000,155,136 | ---- | C] (Microsoft Corporation)
 EhStorAPI.dll -> C:\Windows\SysWow64\EhStorAPI.dll -> [2011/07/02 02:44:12 | 000,128,512 | ---- | C] (Microsoft Corporation)
 sppinst.dll -> C:\Windows\SysWow64\sppinst.dll -> [2011/07/02 02:44:12 | 000,100,864 | ---- | C] (Microsoft Corporation)
 cmstp.exe -> C:\Windows\SysNative\cmstp.exe -> [2011/07/02 02:44:12 | 000,092,160 | ---- | C] (Microsoft Corporation)
 cmstp.exe -> C:\Windows\SysWow64\cmstp.exe -> [2011/07/02 02:44:12 | 000,084,992 | ---- | C] (Microsoft Corporation)
 QCLIPROV.DLL -> C:\Windows\SysNative\QCLIPROV.DLL -> [2011/07/02 02:44:12 | 000,079,872 | ---- | C] (Microsoft Corporation)
 psisrndr.ax -> C:\Windows\SysWow64\psisrndr.ax -> [2011/07/02 02:44:12 | 000,075,776 | ---- | C] (Microsoft Corporation)
 MSDvbNP.ax -> C:\Windows\SysNative\MSDvbNP.ax -> [2011/07/02 02:44:12 | 000,075,776 | ---- | C] (Microsoft Corporation)
 fdProxy.dll -> C:\Windows\SysNative\fdProxy.dll -> [2011/07/02 02:44:12 | 000,074,240 | ---- | C] (Microsoft Corporation)
 netapi32.dll -> C:\Windows\SysNative\netapi32.dll -> [2011/07/02 02:44:12 | 000,072,704 | ---- | C] (Microsoft Corporation)
 QCLIPROV.DLL -> C:\Windows\SysWow64\QCLIPROV.DLL -> [2011/07/02 02:44:12 | 000,071,680 | ---- | C] (Microsoft Corporation)
 CertPolEng.dll -> C:\Windows\SysNative\CertPolEng.dll -> [2011/07/02 02:44:12 | 000,071,680 | ---- | C] (Microsoft Corporation)
 MuiUnattend.exe -> C:\Windows\SysWow64\MuiUnattend.exe -> [2011/07/02 02:44:12 | 000,070,656 | ---- | C] (Microsoft Corporation)
 cca.dll -> C:\Windows\SysWow64\cca.dll -> [2011/07/02 02:44:12 | 000,066,560 | ---- | C] (Microsoft Corporation)
 WavDest.dll -> C:\Windows\SysNative\WavDest.dll -> [2011/07/02 02:44:12 | 000,061,952 | ---- | C] (Microsoft Corporation)
 djoin.exe -> C:\Windows\SysNative\djoin.exe -> [2011/07/02 02:44:12 | 000,061,440 | ---- | C] (Microsoft Corporation)
 vfwwdm32.dll -> C:\Windows\SysWow64\vfwwdm32.dll -> [2011/07/02 02:44:12 | 000,056,832 | ---- | C] (Microsoft Corporation)
 wsnmp32.dll -> C:\Windows\SysWow64\wsnmp32.dll -> [2011/07/02 02:44:12 | 000,051,712 | ---- | C] (Microsoft Corporation)
 MultiDigiMon.exe -> C:\Windows\SysNative\MultiDigiMon.exe -> [2011/07/02 02:44:12 | 000,051,712 | ---- | C] (Microsoft Corporation)
 pdhui.dll -> C:\Windows\SysWow64\pdhui.dll -> [2011/07/02 02:44:12 | 000,046,592 | ---- | C] (Microsoft Corporation)
 shimgvw.dll -> C:\Windows\SysNative\shimgvw.dll -> [2011/07/02 02:44:12 | 000,037,376 | ---- | C] (Microsoft Corporation)
 HotStartUserAgent.dll -> C:\Windows\SysNative\HotStartUserAgent.dll -> [2011/07/02 02:44:12 | 000,027,136 | ---- | C] (Microsoft Corporation)
 nrpsrv.dll -> C:\Windows\SysNative\nrpsrv.dll -> [2011/07/02 02:44:12 | 000,015,360 | ---- | C] (Microsoft Corporation)
 IMJP10.IME -> C:\Windows\SysWow64\IMJP10.IME -> [2011/07/02 02:44:11 | 001,027,584 | ---- | C] (Microsoft Corporation)
 FXSTIFF.dll -> C:\Windows\SysNative\FXSTIFF.dll -> [2011/07/02 02:44:11 | 000,434,688 | ---- | C] (Microsoft Corporation)
 RMActivate_ssp.exe -> C:\Windows\SysNative\RMActivate_ssp.exe -> [2011/07/02 02:44:11 | 000,306,688 | ---- | C] (Microsoft Corporation)
 RMActivate_ssp_isv.exe -> C:\Windows\SysNative\RMActivate_ssp_isv.exe -> [2011/07/02 02:44:11 | 000,305,152 | ---- | C] (Microsoft Corporation)
 itircl.dll -> C:\Windows\SysNative\itircl.dll -> [2011/07/02 02:44:11 | 000,194,048 | ---- | C] (Microsoft Corporation)
 msorcl32.dll -> C:\Windows\SysWow64\msorcl32.dll -> [2011/07/02 02:44:11 | 000,176,128 | ---- | C] (Microsoft Corporation)
 diskpart.exe -> C:\Windows\SysNative\diskpart.exe -> [2011/07/02 02:44:11 | 000,166,400 | ---- | C] (Microsoft Corporation)
 itircl.dll -> C:\Windows\SysWow64\itircl.dll -> [2011/07/02 02:44:11 | 000,158,720 | ---- | C] (Microsoft Corporation)
 iscsicli.exe -> C:\Windows\SysNative\iscsicli.exe -> [2011/07/02 02:44:11 | 000,152,064 | ---- | C] (Microsoft Corporation)
 iscsicli.exe -> C:\Windows\SysWow64\iscsicli.exe -> [2011/07/02 02:44:11 | 000,144,896 | ---- | C] (Microsoft Corporation)
 wmpps.dll -> C:\Windows\SysWow64\wmpps.dll -> [2011/07/02 02:44:11 | 000,144,384 | ---- | C] (Microsoft Corporation)
 mydocs.dll -> C:\Windows\SysNative\mydocs.dll -> [2011/07/02 02:44:11 | 000,143,360 | ---- | C] (Microsoft Corporation)
 mydocs.dll -> C:\Windows\SysWow64\mydocs.dll -> [2011/07/02 02:44:11 | 000,136,192 | ---- | C] (Microsoft Corporation)
 diskpart.exe -> C:\Windows\SysWow64\diskpart.exe -> [2011/07/02 02:44:11 | 000,133,632 | ---- | C] (Microsoft Corporation)
 desk.cpl -> C:\Windows\SysWow64\desk.cpl -> [2011/07/02 02:44:11 | 000,128,000 | ---- | C] (Microsoft Corporation)
 setupcln.dll -> C:\Windows\SysWow64\setupcln.dll -> [2011/07/02 02:44:11 | 000,115,712 | ---- | C] (Microsoft Corporation)
 eappgnui.dll -> C:\Windows\SysNative\eappgnui.dll -> [2011/07/02 02:44:11 | 000,103,936 | ---- | C] (Microsoft Corporation)
 dot3msm.dll -> C:\Windows\SysNative\dot3msm.dll -> [2011/07/02 02:44:11 | 000,103,936 | ---- | C] (Microsoft Corporation)
 mobsync.exe -> C:\Windows\SysNative\mobsync.exe -> [2011/07/02 02:44:11 | 000,102,400 | ---- | C] (Microsoft Corporation)
 secproc_ssp_isv.dll -> C:\Windows\SysWow64\secproc_ssp_isv.dll -> [2011/07/02 02:44:11 | 000,085,504 | ---- | C] (Microsoft Corporation)
 secproc_ssp.dll -> C:\Windows\SysWow64\secproc_ssp.dll -> [2011/07/02 02:44:11 | 000,085,504 | ---- | C] (Microsoft Corporation)
 resutils.dll -> C:\Windows\SysWow64\resutils.dll -> [2011/07/02 02:44:11 | 000,071,168 | ---- | C] (Microsoft Corporation)
 amstream.dll -> C:\Windows\SysWow64\amstream.dll -> [2011/07/02 02:44:11 | 000,070,656 | ---- | C] (Microsoft Corporation)
 rastapi.dll -> C:\Windows\SysWow64\rastapi.dll -> [2011/07/02 02:44:11 | 000,069,632 | ---- | C] (Microsoft Corporation)
 CertPolEng.dll -> C:\Windows\SysWow64\CertPolEng.dll -> [2011/07/02 02:44:11 | 000,065,024 | ---- | C] (Microsoft Corporation)
 spbcd.dll -> C:\Windows\SysWow64\spbcd.dll -> [2011/07/02 02:44:11 | 000,061,952 | ---- | C] (Microsoft Corporation)
 browcli.dll -> C:\Windows\SysNative\browcli.dll -> [2011/07/02 02:44:11 | 000,058,880 | ---- | C] (Microsoft Corporation)
 g711codc.ax -> C:\Windows\SysNative\g711codc.ax -> [2011/07/02 02:44:11 | 000,057,856 | ---- | C] (Microsoft Corporation)
 wuauclt.exe -> C:\Windows\SysNative\wuauclt.exe -> [2011/07/02 02:44:11 | 000,051,200 | ---- | C] (Microsoft Corporation)
 ksxbar.ax -> C:\Windows\SysWow64\ksxbar.ax -> [2011/07/02 02:44:11 | 000,048,640 | ---- | C] (Microsoft Corporation)
 wkscli.dll -> C:\Windows\SysWow64\wkscli.dll -> [2011/07/02 02:44:11 | 000,047,104 | ---- | C] (Microsoft Corporation)
 vbisurf.ax -> C:\Windows\SysNative\vbisurf.ax -> [2011/07/02 02:44:11 | 000,043,520 | ---- | C] (Microsoft Corporation)
 relog.exe -> C:\Windows\SysNative\relog.exe -> [2011/07/02 02:44:11 | 000,043,008 | ---- | C] (Microsoft Corporation)
 mciqtz32.dll -> C:\Windows\SysNative\mciqtz32.dll -> [2011/07/02 02:44:11 | 000,041,472 | ---- | C] (Microsoft Corporation)
 relog.exe -> C:\Windows\SysWow64\relog.exe -> [2011/07/02 02:44:11 | 000,037,888 | ---- | C] (Microsoft Corporation)
 wuapp.exe -> C:\Windows\SysNative\wuapp.exe -> [2011/07/02 02:44:11 | 000,036,864 | ---- | C] (Microsoft Corporation)
 choice.exe -> C:\Windows\SysNative\choice.exe -> [2011/07/02 02:44:11 | 000,036,864 | ---- | C] (Microsoft Corporation)
 msdmo.dll -> C:\Windows\SysNative\msdmo.dll -> [2011/07/02 02:44:11 | 000,035,840 | ---- | C] (Microsoft Corporation)
 AzSqlExt.dll -> C:\Windows\SysWow64\AzSqlExt.dll -> [2011/07/02 02:44:11 | 000,028,160 | ---- | C] (Microsoft Corporation)
 netiougc.exe -> C:\Windows\SysWow64\netiougc.exe -> [2011/07/02 02:44:11 | 000,025,600 | ---- | C] (Microsoft Corporation)
 netbtugc.exe -> C:\Windows\SysWow64\netbtugc.exe -> [2011/07/02 02:44:11 | 000,024,064 | ---- | C] (Microsoft Corporation)
 syssetup.dll -> C:\Windows\SysWow64\syssetup.dll -> [2011/07/02 02:44:11 | 000,014,848 | ---- | C] (Microsoft Corporation)
 BWUnpairElevated.dll -> C:\Windows\SysNative\BWUnpairElevated.dll -> [2011/07/02 02:44:11 | 000,014,848 | ---- | C] (Microsoft Corporation)
 sscore.dll -> C:\Windows\SysNative\sscore.dll -> [2011/07/02 02:44:11 | 000,013,312 | ---- | C] (Microsoft Corporation)
 onexui.dll -> C:\Windows\SysNative\onexui.dll -> [2011/07/02 02:44:10 | 001,080,320 | ---- | C] (Microsoft Corporation)
 RMActivate_ssp.exe -> C:\Windows\SysWow64\RMActivate_ssp.exe -> [2011/07/02 02:44:10 | 000,280,064 | ---- | C] (Microsoft Corporation)
 RMActivate_ssp_isv.exe -> C:\Windows\SysWow64\RMActivate_ssp_isv.exe -> [2011/07/02 02:44:10 | 000,278,016 | ---- | C] (Microsoft Corporation)
 sppc.dll -> C:\Windows\SysNative\sppc.dll -> [2011/07/02 02:44:10 | 000,145,920 | ---- | C] (Microsoft Corporation)
 sppc.dll -> C:\Windows\SysWow64\sppc.dll -> [2011/07/02 02:44:10 | 000,121,344 | ---- | C] (Microsoft Corporation)
 mobsync.exe -> C:\Windows\SysWow64\mobsync.exe -> [2011/07/02 02:44:10 | 000,101,376 | ---- | C] (Microsoft Corporation)
 eappgnui.dll -> C:\Windows\SysWow64\eappgnui.dll -> [2011/07/02 02:44:10 | 000,094,208 | ---- | C] (Microsoft Corporation)
 iccvid.dll -> C:\Windows\SysWow64\iccvid.dll -> [2011/07/02 02:44:10 | 000,082,944 | ---- | C] (Radius Inc.)
 manage-bde.exe -> C:\Windows\SysNative\manage-bde.exe -> [2011/07/02 02:44:10 | 000,079,872 | ---- | C] (Microsoft Corporation)
 imagehlp.dll -> C:\Windows\SysNative\imagehlp.dll -> [2011/07/02 02:44:10 | 000,076,800 | ---- | C] (Microsoft Corporation)
 cabinet.dll -> C:\Windows\SysWow64\cabinet.dll -> [2011/07/02 02:44:10 | 000,073,216 | ---- | C] (Microsoft Corporation)
 findstr.exe -> C:\Windows\SysNative\findstr.exe -> [2011/07/02 02:44:10 | 000,071,168 | ---- | C] (Microsoft Corporation)
 tlscsp.dll -> C:\Windows\SysWow64\tlscsp.dll -> [2011/07/02 02:44:10 | 000,069,632 | ---- | C] (Microsoft Corporation)
 inetmib1.dll -> C:\Windows\SysNative\inetmib1.dll -> [2011/07/02 02:44:10 | 000,065,536 | ---- | C] (Microsoft Corporation)
 findstr.exe -> C:\Windows\SysWow64\findstr.exe -> [2011/07/02 02:44:10 | 000,062,976 | ---- | C] (Microsoft Corporation)
 MSDvbNP.ax -> C:\Windows\SysWow64\MSDvbNP.ax -> [2011/07/02 02:44:10 | 000,059,904 | ---- | C] (Microsoft Corporation)
 repair-bde.exe -> C:\Windows\SysNative\repair-bde.exe -> [2011/07/02 02:44:10 | 000,051,712 | ---- | C] (Microsoft Corporation)
 luainstall.dll -> C:\Windows\SysNative\luainstall.dll -> [2011/07/02 02:44:10 | 000,048,640 | ---- | C] (Microsoft Corporation)
 wdiasqmmodule.dll -> C:\Windows\SysNative\wdiasqmmodule.dll -> [2011/07/02 02:44:10 | 000,036,352 | ---- | C] (Microsoft Corporation)
 mciqtz32.dll -> C:\Windows\SysWow64\mciqtz32.dll -> [2011/07/02 02:44:10 | 000,036,352 | ---- | C] (Microsoft Corporation)
 wuapp.exe -> C:\Windows\SysWow64\wuapp.exe -> [2011/07/02 02:44:10 | 000,033,792 | ---- | C] (Microsoft Corporation)
 WerFaultSecure.exe -> C:\Windows\SysWow64\WerFaultSecure.exe -> [2011/07/02 02:44:10 | 000,028,672 | ---- | C] (Microsoft Corporation)
 schedcli.dll -> C:\Windows\SysNative\schedcli.dll -> [2011/07/02 02:44:10 | 000,024,064 | ---- | C] (Microsoft Corporation)
 ReAgentc.exe -> C:\Windows\SysWow64\ReAgentc.exe -> [2011/07/02 02:44:10 | 000,022,016 | ---- | C] (Microsoft Corporation)
 muifontsetup.dll -> C:\Windows\SysWow64\muifontsetup.dll -> [2011/07/02 02:44:10 | 000,013,312 | ---- | C] (Microsoft Corporation)
 UIRibbonRes.dll -> C:\Windows\SysWow64\UIRibbonRes.dll -> [2011/07/02 02:44:09 | 001,164,800 | ---- | C] (Microsoft Corporation)
 UIRibbonRes.dll -> C:\Windows\SysNative\UIRibbonRes.dll -> [2011/07/02 02:44:09 | 001,164,800 | ---- | C] (Microsoft Corporation)
 RDPENCDD.dll -> C:\Windows\SysNative\RDPENCDD.dll -> [2011/07/02 02:44:09 | 000,147,456 | ---- | C] (Microsoft Corporation)
 odbcconf.dll -> C:\Windows\SysNative\odbcconf.dll -> [2011/07/02 02:44:09 | 000,053,248 | ---- | C] (Microsoft Corporation)
 inetmib1.dll -> C:\Windows\SysWow64\inetmib1.dll -> [2011/07/02 02:44:09 | 000,052,736 | ---- | C] (Microsoft Corporation)
 g711codc.ax -> C:\Windows\SysWow64\g711codc.ax -> [2011/07/02 02:44:09 | 000,045,568 | ---- | C] (Microsoft Corporation)
 WUDFCoinstaller.dll -> C:\Windows\SysNative\WUDFCoinstaller.dll -> [2011/07/02 02:44:09 | 000,044,544 | ---- | C] (Microsoft Corporation)
 luainstall.dll -> C:\Windows\SysWow64\luainstall.dll -> [2011/07/02 02:44:09 | 000,041,984 | ---- | C] (Microsoft Corporation)
 FXSMON.dll -> C:\Windows\SysNative\FXSMON.dll -> [2011/07/02 02:44:09 | 000,041,984 | ---- | C] (Microsoft Corporation)
 browcli.dll -> C:\Windows\SysWow64\browcli.dll -> [2011/07/02 02:44:09 | 000,041,984 | ---- | C] (Microsoft Corporation)
 odbcconf.dll -> C:\Windows\SysWow64\odbcconf.dll -> [2011/07/02 02:44:09 | 000,040,960 | ---- | C] (Microsoft Corporation)
 shimgvw.dll -> C:\Windows\SysWow64\shimgvw.dll -> [2011/07/02 02:44:09 | 000,035,840 | ---- | C] (Microsoft Corporation)
 unlodctr.exe -> C:\Windows\SysWow64\unlodctr.exe -> [2011/07/02 02:44:09 | 000,034,304 | ---- | C] (Microsoft Corporation)
 vbisurf.ax -> C:\Windows\SysWow64\vbisurf.ax -> [2011/07/02 02:44:09 | 000,033,792 | ---- | C] (Microsoft Corporation)
 profprov.dll -> C:\Windows\SysNative\profprov.dll -> [2011/07/02 02:44:09 | 000,033,792 | ---- | C] (Microsoft Corporation)
 msdmo.dll -> C:\Windows\SysWow64\msdmo.dll -> [2011/07/02 02:44:09 | 000,030,720 | ---- | C] (Microsoft Corporation)
 wups.dll -> C:\Windows\SysWow64\wups.dll -> [2011/07/02 02:44:09 | 000,027,648 | ---- | C] (Microsoft Corporation)
 tdi.sys -> C:\Windows\SysNative\drivers\tdi.sys -> [2011/07/02 02:44:09 | 000,026,624 | ---- | C] (Microsoft Corporation)
 elsTrans.dll -> C:\Windows\SysNative\elsTrans.dll -> [2011/07/02 02:44:09 | 000,025,600 | ---- | C] (Microsoft Corporation)
 TRAPI.dll -> C:\Windows\SysNative\TRAPI.dll -> [2011/07/02 02:44:09 | 000,021,504 | ---- | C] (Microsoft Corporation)
 rdprefdrvapi.dll -> C:\Windows\SysWow64\rdprefdrvapi.dll -> [2011/07/02 02:44:09 | 000,021,504 | ---- | C] (Microsoft Corporation)
 spopk.dll -> C:\Windows\SysWow64\spopk.dll -> [2011/07/02 02:44:09 | 000,019,968 | ---- | C] (Microsoft Corporation)
 spopk.dll -> C:\Windows\SysNative\spopk.dll -> [2011/07/02 02:44:09 | 000,018,944 | ---- | C] (Microsoft Corporation)
 fixmapi.exe -> C:\Windows\SysNative\fixmapi.exe -> [2011/07/02 02:44:09 | 000,017,920 | ---- | C] (Microsoft Corporation)
 perfts.dll -> C:\Windows\SysWow64\perfts.dll -> [2011/07/02 02:44:09 | 000,017,408 | ---- | C] (Microsoft Corporation)
 msfeedssync.exe -> C:\Windows\SysNative\msfeedssync.exe -> [2011/07/02 02:44:09 | 000,012,288 | ---- | C] (Microsoft Corporation)
 napdsnap.dll -> C:\Windows\SysNative\napdsnap.dll -> [2011/07/02 02:44:08 | 000,072,192 | ---- | C] (Microsoft Corporation)
 dsauth.dll -> C:\Windows\SysNative\dsauth.dll -> [2011/07/02 02:44:08 | 000,036,864 | ---- | C] (Microsoft Corporation)
 LogonUI.exe -> C:\Windows\SysNative\LogonUI.exe -> [2011/07/02 02:44:08 | 000,027,648 | ---- | C] (Microsoft Corporation)
 cscdll.dll -> C:\Windows\SysNative\cscdll.dll -> [2011/07/02 02:44:07 | 000,030,208 | ---- | C] (Microsoft Corporation)
 rdprefdrvapi.dll -> C:\Windows\SysNative\rdprefdrvapi.dll -> [2011/07/02 02:44:07 | 000,023,040 | ---- | C] (Microsoft Corporation)
 elsTrans.dll -> C:\Windows\SysWow64\elsTrans.dll -> [2011/07/02 02:44:07 | 000,022,528 | ---- | C] (Microsoft Corporation)
 TRAPI.dll -> C:\Windows\SysWow64\TRAPI.dll -> [2011/07/02 02:44:07 | 000,021,504 | ---- | C] (Microsoft Corporation)
 FXSUNATD.exe -> C:\Windows\SysNative\FXSUNATD.exe -> [2011/07/02 02:44:07 | 000,018,432 | ---- | C] (Microsoft Corporation)
 msfeedssync.exe -> C:\Windows\SysWow64\msfeedssync.exe -> [2011/07/02 02:44:07 | 000,012,800 | ---- | C] (Microsoft Corporation)
 bitsperf.dll -> C:\Windows\SysNative\bitsperf.dll -> [2011/07/02 02:44:06 | 000,024,576 | ---- | C] (Microsoft Corporation)
 bitsperf.dll -> C:\Windows\SysWow64\bitsperf.dll -> [2011/07/02 02:44:06 | 000,019,456 | ---- | C] (Microsoft Corporation)
 imkr80.ime -> C:\Windows\SysNative\imkr80.ime -> [2011/07/02 02:44:05 | 000,457,216 | ---- | C] (Microsoft Corporation)
 napdsnap.dll -> C:\Windows\SysWow64\napdsnap.dll -> [2011/07/02 02:44:05 | 000,068,096 | ---- | C] (Microsoft Corporation)
 wups2.dll -> C:\Windows\SysNative\wups2.dll -> [2011/07/02 02:44:05 | 000,037,376 | ---- | C] (Microsoft Corporation)
 usbrpm.sys -> C:\Windows\SysNative\drivers\usbrpm.sys -> [2011/07/02 02:44:05 | 000,031,744 | ---- | C] (Microsoft Corporation)
 dsauth.dll -> C:\Windows\SysWow64\dsauth.dll -> [2011/07/02 02:44:05 | 000,030,208 | ---- | C] (Microsoft Corporation)
 schedcli.dll -> C:\Windows\SysWow64\schedcli.dll -> [2011/07/02 02:44:05 | 000,017,408 | ---- | C] (Microsoft Corporation)
 html.iec -> C:\Windows\SysNative\html.iec -> [2011/07/02 02:44:03 | 000,482,816 | ---- | C] (Microsoft Corporation)
 imkr80.ime -> C:\Windows\SysWow64\imkr80.ime -> [2011/07/02 02:44:03 | 000,430,080 | ---- | C] (Microsoft Corporation)
 wups.dll -> C:\Windows\SysNative\wups.dll -> [2011/07/02 02:44:03 | 000,033,280 | ---- | C] (Microsoft Corporation)
 shgina.dll -> C:\Windows\SysNative\shgina.dll -> [2011/07/02 02:44:03 | 000,028,160 | ---- | C] (Microsoft Corporation)
 wsdchngr.dll -> C:\Windows\SysNative\wsdchngr.dll -> [2011/07/02 02:44:03 | 000,026,112 | ---- | C] (Microsoft Corporation)
 wsdchngr.dll -> C:\Windows\SysWow64\wsdchngr.dll -> [2011/07/02 02:44:03 | 000,021,504 | ---- | C] (Microsoft Corporation)
 shgina.dll -> C:\Windows\SysWow64\shgina.dll -> [2011/07/02 02:44:03 | 000,020,992 | ---- | C] (Microsoft Corporation)
 sscore.dll -> C:\Windows\SysWow64\sscore.dll -> [2011/07/02 02:44:03 | 000,009,728 | ---- | C] (Microsoft Corporation)
 riched32.dll -> C:\Windows\SysWow64\riched32.dll -> [2011/07/02 02:44:03 | 000,008,704 | ---- | C] (Microsoft Corporation)
 wow64win.dll -> C:\Windows\SysNative\wow64win.dll -> [2011/07/02 02:44:02 | 000,361,984 | ---- | C] (Microsoft Corporation)
 USBCAMD2.sys -> C:\Windows\SysNative\drivers\USBCAMD2.sys -> [2011/07/02 02:44:02 | 000,032,896 | ---- | C] (Microsoft Corporation)
 wshirda.dll -> C:\Windows\SysNative\wshirda.dll -> [2011/07/02 02:44:02 | 000,013,824 | ---- | C] (Microsoft Corporation)
 wow64cpu.dll -> C:\Windows\SysNative\wow64cpu.dll -> [2011/07/02 02:44:02 | 000,013,312 | ---- | C] (Microsoft Corporation)
 html.iec -> C:\Windows\SysWow64\html.iec -> [2011/07/02 02:44:01 | 000,386,048 | ---- | C] (Microsoft Corporation)
 C_ISCII.DLL -> C:\Windows\SysNative\C_ISCII.DLL -> [2011/07/02 02:44:01 | 000,013,312 | ---- | C] (Microsoft Corporation)
 wshirda.dll -> C:\Windows\SysWow64\wshirda.dll -> [2011/07/02 02:44:01 | 000,011,264 | ---- | C] (Microsoft Corporation)
 riched32.dll -> C:\Windows\SysNative\riched32.dll -> [2011/07/02 02:44:01 | 000,010,752 | ---- | C] (Microsoft Corporation)
 rdpcfgex.dll -> C:\Windows\SysNative\rdpcfgex.dll -> [2011/07/02 02:44:01 | 000,010,240 | ---- | C] (Microsoft Corporation)
 spwmp.dll -> C:\Windows\SysNative\spwmp.dll -> [2011/07/02 02:44:01 | 000,009,728 | ---- | C] (Microsoft Corporation)
 spwmp.dll -> C:\Windows\SysWow64\spwmp.dll -> [2011/07/02 02:44:01 | 000,008,192 | ---- | C] (Microsoft Corporation)
 shunimpl.dll -> C:\Windows\SysNative\shunimpl.dll -> [2011/07/02 02:44:00 | 000,011,264 | ---- | C] (Microsoft Corporation)
 C_ISCII.DLL -> C:\Windows\SysWow64\C_ISCII.DLL -> [2011/07/02 02:44:00 | 000,011,264 | ---- | C] (Microsoft Corporation)
 shunimpl.dll -> C:\Windows\SysWow64\shunimpl.dll -> [2011/07/02 02:44:00 | 000,010,752 | ---- | C] (Microsoft Corporation)
 msdxm.ocx -> C:\Windows\SysNative\msdxm.ocx -> [2011/07/02 02:44:00 | 000,005,120 | ---- | C] (Microsoft Corporation)
 dxmasf.dll -> C:\Windows\SysNative\dxmasf.dll -> [2011/07/02 02:44:00 | 000,005,120 | ---- | C] (Microsoft Corporation)
 msdxm.ocx -> C:\Windows\SysWow64\msdxm.ocx -> [2011/07/02 02:44:00 | 000,004,096 | ---- | C] (Microsoft Corporation)
 dxmasf.dll -> C:\Windows\SysWow64\dxmasf.dll -> [2011/07/02 02:44:00 | 000,004,096 | ---- | C] (Microsoft Corporation)
 api-ms-win-core-ums-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll -> [2011/07/02 02:44:00 | 000,003,072 | -H-- | C] (Microsoft Corporation)
 wmploc.DLL -> C:\Windows\SysNative\wmploc.DLL -> [2011/07/02 02:43:59 | 012,625,920 | ---- | C] (Microsoft Corporation)
 wmploc.DLL -> C:\Windows\SysWow64\wmploc.DLL -> [2011/07/02 02:43:59 | 012,625,408 | ---- | C] (Microsoft Corporation)
 KBDTUQ.DLL -> C:\Windows\SysNative\KBDTUQ.DLL -> [2011/07/02 02:43:59 | 000,008,192 | ---- | C] (Microsoft Corporation)
 KBDTUF.DLL -> C:\Windows\SysNative\KBDTUF.DLL -> [2011/07/02 02:43:59 | 000,008,192 | ---- | C] (Microsoft Corporation)
 KBDSG.DLL -> C:\Windows\SysNative\KBDSG.DLL -> [2011/07/02 02:43:59 | 000,008,192 | ---- | C] (Microsoft Corporation)
 kbdlk41a.dll -> C:\Windows\SysNative\kbdlk41a.dll -> [2011/07/02 02:43:59 | 000,008,192 | ---- | C] (Microsoft Corporation)
 KBDGKL.DLL -> C:\Windows\SysNative\KBDGKL.DLL -> [2011/07/02 02:43:59 | 000,008,192 | ---- | C] (Microsoft Corporation)
 KBDCZ1.DLL -> C:\Windows\SysNative\KBDCZ1.DLL -> [2011/07/02 02:43:59 | 000,008,192 | ---- | C] (Microsoft Corporation)
 KBDTUQ.DLL -> C:\Windows\SysWow64\KBDTUQ.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDTUF.DLL -> C:\Windows\SysWow64\KBDTUF.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDSG.DLL -> C:\Windows\SysWow64\KBDSG.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDSF.DLL -> C:\Windows\SysNative\KBDSF.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDPO.DLL -> C:\Windows\SysNative\KBDPO.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDNEPR.DLL -> C:\Windows\SysNative\KBDNEPR.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 kbdlk41a.dll -> C:\Windows\SysWow64\kbdlk41a.dll -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDINTAM.DLL -> C:\Windows\SysNative\KBDINTAM.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDINBEN.DLL -> C:\Windows\SysNative\KBDINBEN.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDGR1.DLL -> C:\Windows\SysWow64\KBDGR1.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDGR1.DLL -> C:\Windows\SysNative\KBDGR1.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDGKL.DLL -> C:\Windows\SysWow64\KBDGKL.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDCZ1.DLL -> C:\Windows\SysWow64\KBDCZ1.DLL -> [2011/07/02 02:43:59 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDINHIN.DLL -> C:\Windows\SysWow64\KBDINHIN.DLL -> [2011/07/02 02:43:59 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDUS.DLL -> C:\Windows\SysWow64\KBDUS.DLL -> [2011/07/02 02:43:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDTURME.DLL -> C:\Windows\SysWow64\KBDTURME.DLL -> [2011/07/02 02:43:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDTAJIK.DLL -> C:\Windows\SysWow64\KBDTAJIK.DLL -> [2011/07/02 02:43:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDMON.DLL -> C:\Windows\SysWow64\KBDMON.DLL -> [2011/07/02 02:43:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDINTEL.DLL -> C:\Windows\SysWow64\KBDINTEL.DLL -> [2011/07/02 02:43:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDGEO.DLL -> C:\Windows\SysWow64\KBDGEO.DLL -> [2011/07/02 02:43:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDGEO.DLL -> C:\Windows\SysNative\KBDGEO.DLL -> [2011/07/02 02:43:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDBLR.DLL -> C:\Windows\SysWow64\KBDBLR.DLL -> [2011/07/02 02:43:59 | 000,006,656 | ---- | C] (Microsoft Corporation)
 nlsbres.dll -> C:\Windows\SysWow64\nlsbres.dll -> [2011/07/02 02:43:58 | 000,069,120 | ---- | C] (Microsoft Corporation)
 nlsbres.dll -> C:\Windows\SysNative\nlsbres.dll -> [2011/07/02 02:43:58 | 000,069,120 | ---- | C] (Microsoft Corporation)
 BlbEvents.dll -> C:\Windows\SysNative\BlbEvents.dll -> [2011/07/02 02:43:58 | 000,052,736 | ---- | C] (Microsoft Corporation)
 pifmgr.dll -> C:\Windows\SysWow64\pifmgr.dll -> [2011/07/02 02:43:58 | 000,035,328 | ---- | C] (Microsoft Corporation)
 pifmgr.dll -> C:\Windows\SysNative\pifmgr.dll -> [2011/07/02 02:43:58 | 000,035,328 | ---- | C] (Microsoft Corporation)
 spwizres.dll -> C:\Windows\SysWow64\spwizres.dll -> [2011/07/02 02:43:58 | 000,007,680 | ---- | C] (Microsoft Corporation)
 spwizres.dll -> C:\Windows\SysNative\spwizres.dll -> [2011/07/02 02:43:58 | 000,007,680 | ---- | C] (Microsoft Corporation)
 KBDUS.DLL -> C:\Windows\SysNative\KBDUS.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDUGHR1.DLL -> C:\Windows\SysNative\KBDUGHR1.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDTURME.DLL -> C:\Windows\SysNative\KBDTURME.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDTAJIK.DLL -> C:\Windows\SysNative\KBDTAJIK.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDSF.DLL -> C:\Windows\SysWow64\KBDSF.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDPO.DLL -> C:\Windows\SysWow64\KBDPO.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDNEPR.DLL -> C:\Windows\SysWow64\KBDNEPR.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDMON.DLL -> C:\Windows\SysNative\KBDMON.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDMAORI.DLL -> C:\Windows\SysNative\KBDMAORI.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDLT1.DLL -> C:\Windows\SysNative\KBDLT1.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDINTEL.DLL -> C:\Windows\SysNative\KBDINTEL.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDINTAM.DLL -> C:\Windows\SysWow64\KBDINTAM.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDINORI.DLL -> C:\Windows\SysWow64\KBDINORI.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDINORI.DLL -> C:\Windows\SysNative\KBDINORI.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDINMAR.DLL -> C:\Windows\SysWow64\KBDINMAR.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDINMAR.DLL -> C:\Windows\SysNative\KBDINMAR.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDINKAN.DLL -> C:\Windows\SysWow64\KBDINKAN.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDINKAN.DLL -> C:\Windows\SysNative\KBDINKAN.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDINHIN.DLL -> C:\Windows\SysNative\KBDINHIN.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDINBEN.DLL -> C:\Windows\SysWow64\KBDINBEN.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDBULG.DLL -> C:\Windows\SysNative\KBDBULG.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDBLR.DLL -> C:\Windows\SysNative\KBDBLR.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDBASH.DLL -> C:\Windows\SysNative\KBDBASH.DLL -> [2011/07/02 02:43:58 | 000,007,168 | ---- | C] (Microsoft Corporation)
 KBDUGHR1.DLL -> C:\Windows\SysWow64\KBDUGHR1.DLL -> [2011/07/02 02:43:58 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDMAORI.DLL -> C:\Windows\SysWow64\KBDMAORI.DLL -> [2011/07/02 02:43:58 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDLT1.DLL -> C:\Windows\SysWow64\KBDLT1.DLL -> [2011/07/02 02:43:58 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDBULG.DLL -> C:\Windows\SysWow64\KBDBULG.DLL -> [2011/07/02 02:43:58 | 000,006,656 | ---- | C] (Microsoft Corporation)
 KBDBASH.DLL -> C:\Windows\SysWow64\KBDBASH.DLL -> [2011/07/02 02:43:58 | 000,006,656 | ---- | C] (Microsoft Corporation)
 dpnaddr.dll -> C:\Windows\SysNative\dpnaddr.dll -> [2011/07/02 02:43:58 | 000,003,072 | ---- | C] (Microsoft Corporation)
 dpnaddr.dll -> C:\Windows\SysWow64\dpnaddr.dll -> [2011/07/02 02:43:58 | 000,002,560 | ---- | C] (Microsoft Corporation)
 PkgMgr.exe -> C:\Windows\SysWow64\PkgMgr.exe -> [2011/07/02 02:43:49 | 000,209,920 | ---- | C] (Microsoft Corporation)
 wdscore.dll -> C:\Windows\SysWow64\wdscore.dll -> [2011/07/02 02:43:49 | 000,189,952 | ---- | C] (Microsoft Corporation)
 drvstore.dll -> C:\Windows\SysWow64\drvstore.dll -> [2011/07/02 02:43:43 | 000,323,072 | ---- | C] (Microsoft Corporation)
 dpx.dll -> C:\Windows\SysWow64\dpx.dll -> [2011/07/02 02:43:43 | 000,257,024 | ---- | C] (Microsoft Corporation)
 wbemcomn.dll -> C:\Windows\SysNative\wbemcomn.dll -> [2011/07/02 02:42:54 | 000,529,408 | ---- | C] (Microsoft Corporation)
 wmicmiplugin.dll -> C:\Windows\SysNative\wmicmiplugin.dll -> [2011/07/02 02:42:54 | 000,524,288 | ---- | C] (Microsoft Corporation)
 SmiEngine.dll -> C:\Windows\SysNative\SmiEngine.dll -> [2011/07/02 02:42:49 | 000,933,376 | ---- | C] (Microsoft Corporation)
 PkgMgr.exe -> C:\Windows\SysNative\PkgMgr.exe -> [2011/07/02 02:42:46 | 000,199,168 | ---- | C] (Microsoft Corporation)
 drvstore.dll -> C:\Windows\SysNative\drvstore.dll -> [2011/07/02 02:42:33 | 000,422,912 | ---- | C] (Microsoft Corporation)
 dpx.dll -> C:\Windows\SysNative\dpx.dll -> [2011/07/02 02:42:33 | 000,399,872 | ---- | C] (Microsoft Corporation)
 Google Chrome -> C:\Users\Cathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome -> [2011/07/01 23:19:26 | 000,000,000 | ---D | C]
 Deployment -> C:\Users\Cathy\AppData\Local\Deployment -> [2011/06/30 22:00:53 | 000,000,000 | ---D | C]
 Apps -> C:\Users\Cathy\AppData\Local\Apps -> [2011/06/30 22:00:53 | 000,000,000 | ---D | C]
 en -> C:\Windows\en -> [2011/06/30 18:23:52 | 000,000,000 | ---D | C]
 Windows Live -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live -> [2011/06/30 18:23:42 | 000,000,000 | R--D | C]
 Windows Live -> C:\Program Files\Windows Live -> [2011/06/30 18:22:26 | 000,000,000 | ---D | C]
 XAudio2_5.dll -> C:\Windows\SysWow64\XAudio2_5.dll -> [2011/06/30 18:21:11 | 000,515,416 | ---- | C] (Microsoft Corporation)
 XAPOFX1_3.dll -> C:\Windows\SysWow64\XAPOFX1_3.dll -> [2011/06/30 18:21:11 | 000,069,464 | ---- | C] (Microsoft Corporation)
 d3dx10_42.dll -> C:\Windows\SysNative\d3dx10_42.dll -> [2011/06/30 18:21:09 | 000,523,088 | ---- | C] (Microsoft Corporation)
 d3dx10_42.dll -> C:\Windows\SysWow64\d3dx10_42.dll -> [2011/06/30 18:21:09 | 000,453,456 | ---- | C] (Microsoft Corporation)
 Windows Live -> C:\Users\Cathy\AppData\Local\Windows Live -> [2011/06/30 18:20:06 | 000,000,000 | ---D | C]
 aswBoot.exe -> C:\Windows\SysNative\aswBoot.exe -> [2011/06/29 19:50:59 | 000,253,888 | ---- | C] (AVAST Software)
 AVAST Software -> C:\ProgramData\AVAST Software -> [2011/06/29 19:50:34 | 000,000,000 | ---D | C]
 AVAST Software -> C:\Program Files\AVAST Software -> [2011/06/29 19:50:34 | 000,000,000 | ---D | C]
 drvinst.exe -> C:\Windows\SysWow64\drvinst.exe -> [2011/06/29 19:14:35 | 000,252,928 | ---- | C] (Microsoft Corporation)
 cfgmgr32.dll -> C:\Windows\SysNative\cfgmgr32.dll -> [2011/06/29 19:14:35 | 000,207,872 | ---- | C] (Microsoft Corporation)
 devrtl.dll -> C:\Windows\SysWow64\devrtl.dll -> [2011/06/29 19:14:35 | 000,044,544 | ---- | C] (Microsoft Corporation)
 tquery.dll -> C:\Windows\SysNative\tquery.dll -> [2011/06/29 19:14:29 | 002,315,776 | ---- | C] (Microsoft Corporation)
 mssrch.dll -> C:\Windows\SysNative\mssrch.dll -> [2011/06/29 19:14:29 | 002,223,616 | ---- | C] (Microsoft Corporation)
 tquery.dll -> C:\Windows\SysWow64\tquery.dll -> [2011/06/29 19:14:29 | 001,549,312 | ---- | C] (Microsoft Corporation)
 mssrch.dll -> C:\Windows\SysWow64\mssrch.dll -> [2011/06/29 19:14:29 | 001,401,344 | ---- | C] (Microsoft Corporation)
 mssvp.dll -> C:\Windows\SysNative\mssvp.dll -> [2011/06/29 19:14:28 | 000,778,752 | ---- | C] (Microsoft Corporation)
 mssvp.dll -> C:\Windows\SysWow64\mssvp.dll -> [2011/06/29 19:14:28 | 000,666,624 | ---- | C] (Microsoft Corporation)
 mssph.dll -> C:\Windows\SysNative\mssph.dll -> [2011/06/29 19:14:28 | 000,491,520 | ---- | C] (Microsoft Corporation)
 mssph.dll -> C:\Windows\SysWow64\mssph.dll -> [2011/06/29 19:14:28 | 000,337,408 | ---- | C] (Microsoft Corporation)
 mssphtb.dll -> C:\Windows\SysNative\mssphtb.dll -> [2011/06/29 19:14:28 | 000,288,256 | ---- | C] (Microsoft Corporation)
 SearchProtocolHost.exe -> C:\Windows\SysNative\SearchProtocolHost.exe -> [2011/06/29 19:14:28 | 000,249,856 | ---- | C] (Microsoft Corporation)
 mssphtb.dll -> C:\Windows\SysWow64\mssphtb.dll -> [2011/06/29 19:14:28 | 000,197,120 | ---- | C] (Microsoft Corporation)
 SearchFilterHost.exe -> C:\Windows\SysNative\SearchFilterHost.exe -> [2011/06/29 19:14:28 | 000,113,664 | ---- | C] (Microsoft Corporation)
 msscntrs.dll -> C:\Windows\SysNative\msscntrs.dll -> [2011/06/29 19:14:28 | 000,075,264 | ---- | C] (Microsoft Corporation)
 msscntrs.dll -> C:\Windows\SysWow64\msscntrs.dll -> [2011/06/29 19:14:27 | 000,059,392 | ---- | C] (Microsoft Corporation)
 48f0b1d1bef8a61d3a -> C:\48f0b1d1bef8a61d3a -> [2011/06/29 18:43:01 | 000,000,000 | ---D | C]
 FWPKCLNT.SYS -> C:\Windows\SysNative\drivers\FWPKCLNT.SYS -> [2011/06/16 19:58:26 | 000,288,640 | ---- | C] (Microsoft Corporation)
 msfeeds.dll -> C:\Windows\SysNative\msfeeds.dll -> [2011/06/16 19:58:02 | 000,702,464 | ---- | C] (Microsoft Corporation)
 msfeeds.dll -> C:\Windows\SysWow64\msfeeds.dll -> [2011/06/16 19:58:02 | 000,599,552 | ---- | C] (Microsoft Corporation)
 ieui.dll -> C:\Windows\SysNative\ieui.dll -> [2011/06/16 19:57:59 | 000,247,808 | ---- | C] (Microsoft Corporation)
 ieui.dll -> C:\Windows\SysWow64\ieui.dll -> [2011/06/16 19:57:59 | 000,176,640 | ---- | C] (Microsoft Corporation)
 d3d10_1core.dll -> C:\Windows\SysNative\d3d10_1core.dll -> [2011/06/16 19:57:19 | 000,321,024 | ---- | C] (Microsoft Corporation)
 d3d10_1core.dll -> C:\Windows\SysWow64\d3d10_1core.dll -> [2011/06/16 19:57:19 | 000,219,136 | ---- | C] (Microsoft Corporation)
 d3d10_1.dll -> C:\Windows\SysNative\d3d10_1.dll -> [2011/06/16 19:57:19 | 000,197,120 | ---- | C] (Microsoft Corporation)
 d3d10_1.dll -> C:\Windows\SysWow64\d3d10_1.dll -> [2011/06/16 19:57:19 | 000,161,792 | ---- | C] (Microsoft Corporation)
 oleaut32.dll -> C:\Windows\SysNative\oleaut32.dll -> [2011/06/16 19:57:10 | 000,861,696 | ---- | C] (Microsoft Corporation)
 FlashPlayerCPLApp.cpl -> C:\Windows\SysWow64\FlashPlayerCPLApp.cpl -> [2011/06/15 22:09:34 | 000,404,640 | ---- | C] (Adobe Systems Incorporated)
 Midnight Synergy -> C:\Users\Cathy\AppData\Local\Midnight Synergy -> [2011/06/13 22:44:33 | 000,000,000 | -H-D | C]
 Big Fish Games -> C:\ProgramData\Big Fish Games -> [2011/06/13 22:42:57 | 000,000,000 | ---D | C]
 dleainpa.dll -> C:\Windows\SysWow64\dleainpa.dll -> [2010/07/25 16:51:56 | 000,364,544 | ---- | C] ( )
 dleaiesc.dll -> C:\Windows\SysWow64\dleaiesc.dll -> [2010/07/25 16:51:56 | 000,344,064 | ---- | C] ( )
 dleapmui.dll -> C:\Windows\SysWow64\dleapmui.dll -> [2010/07/25 16:51:55 | 000,643,072 | ---- | C] ( )
 dleausb1.dll -> C:\Windows\SysWow64\dleausb1.dll -> [2010/07/25 16:51:54 | 000,847,872 | ---- | C] ( )
 dleaserv.dll -> C:\Windows\SysWow64\dleaserv.dll -> [2010/07/25 16:51:53 | 001,048,576 | ---- | C] ( )
 dlealmpm.dll -> C:\Windows\SysWow64\dlealmpm.dll -> [2010/07/25 16:51:52 | 000,577,536 | ---- | C] ( )
 dleaih.exe -> C:\Windows\SysWow64\dleaih.exe -> [2010/07/25 16:51:52 | 000,324,264 | ---- | C] ( )
 dleahbn3.dll -> C:\Windows\SysWow64\dleahbn3.dll -> [2010/07/25 16:51:51 | 000,688,128 | ---- | C] ( )
 dleacoms.exe -> C:\Windows\SysWow64\dleacoms.exe -> [2010/07/25 16:51:51 | 000,598,696 | ---- | C] ( )
 dleacomc.dll -> C:\Windows\SysWow64\dleacomc.dll -> [2010/07/25 16:51:50 | 000,802,816 | ---- | C] ( )
 dleacfg.exe -> C:\Windows\SysWow64\dleacfg.exe -> [2010/07/25 16:51:50 | 000,373,416 | ---- | C] ( )
 dleacomm.dll -> C:\Windows\SysWow64\dleacomm.dll -> [2010/07/25 16:51:50 | 000,372,736 | ---- | C] ( )
 4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> 
 4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> 
 
[Files/Folders - Modified Within 30 Days]
 OTS.exe -> C:\Users\Cathy\Desktop\OTS.exe -> [2011/07/09 20:57:24 | 000,645,120 | ---- | M] (OldTimer Tools)
 GoogleUpdateTaskUserS-1-5-21-1004034769-3964568363-3058316472-1000UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1004034769-3964568363-3058316472-1000UA.job -> [2011/07/09 20:23:01 | 000,000,908 | ---- | M] ()
 GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2011/07/09 20:16:15 | 000,000,896 | ---- | M] ()
 GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2011/07/09 15:16:01 | 000,000,892 | ---- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/07/09 14:33:52 | 000,014,240 | -H-- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/07/09 14:33:52 | 000,014,240 | -H-- | M] ()
 PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2011/07/09 14:29:16 | 000,726,316 | ---- | M] ()
 perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2011/07/09 14:29:16 | 000,624,178 | ---- | M] ()
 perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2011/07/09 14:29:16 | 000,106,522 | ---- | M] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2011/07/09 14:24:40 | 000,067,584 | --S- | M] ()
 hiberfil.sys -> C:\hiberfil.sys -> [2011/07/09 14:24:31 | 505,696,255 | -HS- | M] ()
 GoogleUpdateTaskUserS-1-5-21-1004034769-3964568363-3058316472-1000Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1004034769-3964568363-3058316472-1000Core.job -> [2011/07/08 23:23:01 | 000,000,856 | ---- | M] ()
 SUPERAntiSpyware Free Edition.lnk -> C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2011/07/07 21:50:35 | 000,001,810 | ---- | M] ()
 config.nt -> C:\Windows\SysWow64\config.nt -> [2011/07/07 21:41:13 | 000,000,000 | ---- | M] ()
 hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2011/07/06 21:54:59 | 000,000,021 | RHS- | M] ()
 cComboFix.exe -> C:\Users\Cathy\Desktop\cComboFix.exe -> [2011/07/05 21:08:21 | 004,131,692 | R--- | M] (Swearware)
 MEMORY.DMP -> C:\Windows\MEMORY.DMP -> [2011/07/05 20:35:06 | 1398,852,491 | ---- | M] ()
 nsreg.dat -> C:\Windows\nsreg.dat -> [2011/07/04 11:20:21 | 000,000,000 | ---- | M] ()
 Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2011/07/04 11:20:17 | 000,001,100 | ---- | M] ()
 MGlogs.zip -> C:\MGlogs.zip -> [2011/07/04 11:11:17 | 000,131,887 | ---- | M] ()
 avastSS.scr -> C:\Windows\avastSS.scr -> [2011/07/04 07:43:53 | 000,040,112 | ---- | M] (AVAST Software)
 aswBoot.exe -> C:\Windows\SysWow64\aswBoot.exe -> [2011/07/04 07:43:51 | 000,199,304 | ---- | M] (AVAST Software)
 aswBoot.exe -> C:\Windows\SysNative\aswBoot.exe -> [2011/07/04 07:43:42 | 000,253,888 | ---- | M] (AVAST Software)
 aswSnx.sys -> C:\Windows\SysNative\drivers\aswSnx.sys -> [2011/07/04 07:36:56 | 000,600,920 | ---- | M] (AVAST Software)
 aswSP.sys -> C:\Windows\SysNative\drivers\aswSP.sys -> [2011/07/04 07:36:54 | 000,288,088 | ---- | M] (AVAST Software)
 aswTdi.sys -> C:\Windows\SysNative\drivers\aswTdi.sys -> [2011/07/04 07:35:28 | 000,045,400 | ---- | M] (AVAST Software)
 aswRdr.sys -> C:\Windows\SysNative\drivers\aswRdr.sys -> [2011/07/04 07:32:35 | 000,031,064 | ---- | M] (AVAST Software)
 aswMonFlt.sys -> C:\Windows\SysNative\drivers\aswMonFlt.sys -> [2011/07/04 07:32:24 | 000,064,856 | ---- | M] (AVAST Software)
 aswFsBlk.sys -> C:\Windows\SysNative\drivers\aswFsBlk.sys -> [2011/07/04 07:32:14 | 000,022,360 | ---- | M] (AVAST Software)
 FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2011/07/04 03:03:24 | 000,389,096 | ---- | M] ()
 resmon.resmoncfg -> C:\Users\Cathy\AppData\Local\resmon.resmoncfg -> [2011/07/03 22:48:38 | 000,000,017 | ---- | M] ()
 msclmd.dll -> C:\Windows\SysNative\msclmd.dll -> [2011/07/03 19:34:37 | 000,175,616 | ---- | M] (Microsoft Corporation)
 msclmd.dll -> C:\Windows\SysWow64\msclmd.dll -> [2011/07/03 19:34:37 | 000,152,576 | ---- | M] (Microsoft Corporation)
 hosts.trb -> C:\Windows\SysNative\drivers\etc\hosts.trb -> [2011/07/03 18:47:32 | 000,000,027 | ---- | M] ()
 epplauncher.mif -> C:\Windows\epplauncher.mif -> [2011/07/03 12:50:45 | 000,001,945 | ---- | M] ()
 PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2011/07/02 23:32:51 | 000,743,534 | ---- | M] ()
 Google Chrome.lnk -> C:\Users\Cathy\Desktop\Google Chrome.lnk -> [2011/07/01 23:19:30 | 000,002,318 | ---- | M] ()
 Launch Internet Explorer Browser.lnk -> C:\Users\Cathy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2011/06/30 18:33:34 | 000,001,403 | ---- | M] ()
 ~39575288 -> C:\ProgramData\~39575288 -> [2011/06/29 12:30:49 | 000,000,040 | -H-- | M] ()
 PEV.exe -> C:\Windows\PEV.exe -> [2011/06/26 02:45:56 | 000,256,000 | ---- | M] ()
 FlashPlayerCPLApp.cpl -> C:\Windows\SysWow64\FlashPlayerCPLApp.cpl -> [2011/06/15 22:09:34 | 000,404,640 | ---- | M] (Adobe Systems Incorporated)
 More Great Games.lnk -> C:\Users\Public\Desktop\More Great Games.lnk -> [2011/06/13 22:44:17 | 000,001,326 | ---- | M] ()
 Game Manager.lnk -> C:\Users\Cathy\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk -> [2011/06/13 22:42:52 | 000,001,724 | ---- | M] ()
 Game Manager.lnk -> C:\Users\Public\Desktop\Game Manager.lnk -> [2011/06/13 22:42:52 | 000,001,700 | ---- | M] ()
 4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> 
 4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> 
 
[Files - No Company Name]
 SUPERAntiSpyware Free Edition.lnk -> C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2011/07/07 21:50:35 | 000,001,810 | ---- | C] ()
 PEV.exe -> C:\Windows\PEV.exe -> [2011/07/05 21:11:26 | 000,256,000 | ---- | C] ()
 MBR.exe -> C:\Windows\MBR.exe -> [2011/07/05 21:11:26 | 000,208,896 | ---- | C] ()
 sed.exe -> C:\Windows\sed.exe -> [2011/07/05 21:11:26 | 000,098,816 | ---- | C] ()
 grep.exe -> C:\Windows\grep.exe -> [2011/07/05 21:11:26 | 000,080,412 | ---- | C] ()
 zip.exe -> C:\Windows\zip.exe -> [2011/07/05 21:11:26 | 000,068,096 | ---- | C] ()
 nsreg.dat -> C:\Windows\nsreg.dat -> [2011/07/04 11:20:21 | 000,000,000 | ---- | C] ()
 Mozilla Firefox.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> [2011/07/04 11:20:17 | 000,001,112 | ---- | C] ()
 Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2011/07/04 11:20:17 | 000,001,100 | ---- | C] ()
 MGlogs.zip -> C:\MGlogs.zip -> [2011/07/04 10:56:07 | 000,131,887 | ---- | C] ()
 resmon.resmoncfg -> C:\Users\Cathy\AppData\Local\resmon.resmoncfg -> [2011/07/03 22:48:38 | 000,000,017 | ---- | C] ()
 epplauncher.mif -> C:\Windows\epplauncher.mif -> [2011/07/02 23:33:05 | 000,001,945 | ---- | C] ()
 PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2011/07/02 23:32:51 | 000,743,534 | ---- | C] ()
 systemsf.ebd -> C:\Windows\SysNative\systemsf.ebd -> [2011/07/02 02:45:23 | 000,347,904 | ---- | C] ()
 ScavengeSpace.xml -> C:\Windows\SysNative\ScavengeSpace.xml -> [2011/07/02 02:44:10 | 000,010,429 | ---- | C] ()
 RacRules.xml -> C:\Windows\SysWow64\RacRules.xml -> [2011/07/02 02:43:57 | 000,105,559 | ---- | C] ()
 RacRules.xml -> C:\Windows\SysNative\RacRules.xml -> [2011/07/02 02:43:57 | 000,105,559 | ---- | C] ()
 tcpbidi.xml -> C:\Windows\SysWow64\tcpbidi.xml -> [2011/07/02 02:43:48 | 000,001,041 | ---- | C] ()
 Google Chrome.lnk -> C:\Users\Cathy\Desktop\Google Chrome.lnk -> [2011/07/01 23:19:30 | 000,002,318 | ---- | C] ()
 GoogleUpdateTaskUserS-1-5-21-1004034769-3964568363-3058316472-1000UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1004034769-3964568363-3058316472-1000UA.job -> [2011/07/01 23:18:57 | 000,000,908 | ---- | C] ()
 GoogleUpdateTaskUserS-1-5-21-1004034769-3964568363-3058316472-1000Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1004034769-3964568363-3058316472-1000Core.job -> [2011/07/01 23:18:57 | 000,000,856 | ---- | C] ()
 Windows Live Movie Maker.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> [2011/06/30 18:23:40 | 000,001,267 | ---- | C] ()
 Windows Live Photo Gallery.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> [2011/06/30 18:23:27 | 000,001,336 | ---- | C] ()
 Windows Live Mail.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> [2011/06/30 18:23:13 | 000,001,420 | ---- | C] ()
 Windows Live Messenger.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> [2011/06/30 18:22:59 | 000,002,448 | ---- | C] ()
 config.nt -> C:\Windows\SysWow64\config.nt -> [2011/06/29 19:50:59 | 000,000,000 | ---- | C] ()
 ~39575288 -> C:\ProgramData\~39575288 -> [2011/06/29 12:30:48 | 000,000,040 | -H-- | C] ()
 More Great Games.lnk -> C:\Users\Public\Desktop\More Great Games.lnk -> [2011/06/13 22:44:17 | 000,001,326 | ---- | C] ()
 Game Manager.lnk -> C:\Users\Public\Desktop\Game Manager.lnk -> [2011/06/13 22:42:52 | 000,001,700 | ---- | C] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Cathy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/12/15 04:45:30 | 000,004,608 | ---- | C] ()
 popcinfo.dat -> C:\Windows\popcinfo.dat -> [2010/08/13 16:40:52 | 000,000,016 | ---- | C] ()
 ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2010/08/01 15:09:08 | 000,000,048 | -H-- | C] ()
 dleacomx.dll -> C:\Windows\SysWow64\dleacomx.dll -> [2010/07/25 16:51:57 | 000,344,064 | ---- | C] ()
 DLEAinst.dll -> C:\Windows\SysWow64\DLEAinst.dll -> [2010/07/25 16:51:57 | 000,331,776 | ---- | C] ()
 dleainsr.dll -> C:\Windows\SysWow64\dleainsr.dll -> [2010/07/25 16:51:56 | 000,106,496 | ---- | C] ()
 dleajswr.dll -> C:\Windows\SysWow64\dleajswr.dll -> [2010/07/25 16:51:56 | 000,057,344 | ---- | C] ()
 dleainsb.dll -> C:\Windows\SysWow64\dleainsb.dll -> [2010/07/25 16:51:55 | 000,262,144 | ---- | C] ()
 dleacur.dll -> C:\Windows\SysWow64\dleacur.dll -> [2010/07/25 16:51:55 | 000,036,864 | ---- | C] ()
 dleains.dll -> C:\Windows\SysWow64\dleains.dll -> [2010/07/25 16:51:54 | 000,323,584 | ---- | C] ()
 dleacu.dll -> C:\Windows\SysWow64\dleacu.dll -> [2010/07/25 16:51:54 | 000,253,952 | ---- | C] ()
 dleacub.dll -> C:\Windows\SysWow64\dleacub.dll -> [2010/07/25 16:51:54 | 000,090,112 | ---- | C] ()
 DLEAcfg.dll -> C:\Windows\SysWow64\DLEAcfg.dll -> [2010/07/25 16:51:49 | 000,086,180 | ---- | C] ()
 DLEAsm.dll -> C:\Windows\SysWow64\DLEAsm.dll -> [2010/07/25 16:50:23 | 000,299,008 | ---- | C] ()
 DLEAsmr.dll -> C:\Windows\SysWow64\DLEAsmr.dll -> [2010/07/25 16:50:23 | 000,028,672 | ---- | C] ()
 CT4CET.bin -> C:\Windows\CT4CET.bin -> [2010/07/17 18:27:26 | 000,000,075 | RHS- | C] ()
 igkrng500.bin -> C:\Windows\SysWow64\igkrng500.bin -> [2010/05/31 04:40:17 | 000,982,220 | ---- | C] ()
 igfcg500.bin -> C:\Windows\SysWow64\igfcg500.bin -> [2010/05/31 04:40:15 | 000,134,592 | ---- | C] ()
 igfcg500m.bin -> C:\Windows\SysWow64\igfcg500m.bin -> [2010/05/31 04:40:15 | 000,092,216 | ---- | C] ()
 igcompkrng500.bin -> C:\Windows\SysWow64\igcompkrng500.bin -> [2010/05/31 04:40:11 | 000,439,300 | ---- | C] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/14 01:38:36 | 000,067,584 | --S- | C] ()
 NOISE.DAT -> C:\Windows\SysWow64\NOISE.DAT -> [2009/07/13 22:35:51 | 000,000,741 | ---- | C] ()
 dssec.dat -> C:\Windows\SysWow64\dssec.dat -> [2009/07/13 22:34:42 | 000,215,943 | ---- | C] ()
 mib.bin -> C:\Windows\mib.bin -> [2009/07/13 20:10:29 | 000,043,131 | ---- | C] ()
 BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/13 19:42:10 | 000,064,000 | ---- | C] ()
 msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 17:03:59 | 000,364,544 | ---- | C] ()
 mlang.dat -> C:\Windows\SysWow64\mlang.dat -> [2009/06/10 17:26:10 | 000,673,088 | ---- | C] ()
 missouri.dll -> C:\Windows\SysWow64\missouri.dll -> [2006/11/02 10:12:52 | 000,217,088 | ---- | C] ()
 
[File - Lop Check]
 FixCleaner -> C:\Users\Cathy\AppData\Roaming\FixCleaner -> [2011/07/03 19:16:57 | 000,000,000 | ---D | M]
 FreeFixer -> C:\Users\Cathy\AppData\Roaming\FreeFixer -> [2011/07/04 13:15:12 | 000,000,000 | ---D | M]
 Oberon Media -> C:\Users\Cathy\AppData\Roaming\Oberon Media -> [2011/06/29 19:04:13 | 000,000,000 | ---D | M]
 Playrix Entertainment -> C:\Users\Cathy\AppData\Roaming\Playrix Entertainment -> [2011/01/16 19:46:40 | 000,000,000 | -H-D | M]
 ToolkitCMA -> C:\Users\Cathy\AppData\Roaming\ToolkitCMA -> [2011/06/29 19:04:14 | 000,000,000 | ---D | M]
 Windows Live Writer -> C:\Users\Cathy\AppData\Roaming\Windows Live Writer -> [2011/07/02 15:39:58 | 000,000,000 | ---D | M]
 Xerox -> C:\Users\Cathy\AppData\Roaming\Xerox -> [2011/06/29 19:04:14 | 000,000,000 | ---D | M]
 Xerox -> C:\Users\Tim\AppData\Roaming\Xerox -> [2011/07/06 19:07:43 | 000,000,000 | ---D | M]
 SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2011/07/03 13:58:36 | 000,032,654 | ---- | M] ()
[Custom Scans]
< netsvcs >
< %SYSTEMDRIVE%\*.exe >
< MD5 Scans Start>
< %systemdrive%\EXPLORER.EXE  /md5 /s >
 explorer.exe : MD5=00B0358734CAA32C39D181FE6916B178 -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe -> [2010/07/17 20:52:08 | 002,613,248 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=0862495E0C825893DB75EF44FAEA8E93 -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe -> [2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=0FB9C74046656D1579A64660AD67B746 -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe -> [2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=15BC38A7492BEFE831966ADB477CF76F -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe -> [2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=255CF508D7CFB10E0794D6AC93280BD8 -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe -> [2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=2626FC9755BE22F805D3CFA0CE3EE727 -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe -> [2010/07/17 20:52:21 | 002,614,272 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe -> [2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=332FEAB1435662FC6C672E25BEB37BE3 -> C:\Windows\ERDNT\cache86\explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=332FEAB1435662FC6C672E25BEB37BE3 -> C:\Windows\explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=332FEAB1435662FC6C672E25BEB37BE3 -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=3B69712041F3D63605529BD66DC00C48 -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe -> [2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=40D777B7A95E00593EB1568C68514493 -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe -> [2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=6D4F9E4B640B413C6F73414327484C80 -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe -> [2010/07/17 20:52:08 | 002,868,736 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=700073016DAC1C3D2E7E2CE4223334B6 -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe -> [2010/07/17 20:52:13 | 002,868,224 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=8B88EBBB05A0E56B7DCC708498C02B3E -> C:\Windows\SysWOW64\explorer.exe -> [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=8B88EBBB05A0E56B7DCC708498C02B3E -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe -> [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=9AAAEC8DAC27AA17B053E6352AD233AE -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe -> [2010/07/17 20:52:21 | 002,870,272 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=9FF6C4C91A3711C0A3B18F87B08B518D -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe -> [2010/07/17 20:52:13 | 002,613,248 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=AC4C51EB24AA95B77F705AB159189E24 -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe -> [2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=B8EC4BD49CE8F6FC457721BFC210B67F -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe -> [2010/07/17 20:52:21 | 002,870,272 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe -> [2010/07/17 20:52:13 | 002,613,248 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe -> [2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=C76153C7ECA00FA852BB0C193378F917 -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe -> [2010/07/17 20:52:21 | 002,614,272 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=CA17F8620815267DC838E30B68CB5052 -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe -> [2010/07/17 20:52:08 | 002,868,736 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=E38899074D4951D31B4040E994DD7C8D -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe -> [2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=F170B4A061C9E026437B193B4D571799 -> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe -> [2010/07/17 20:52:13 | 002,868,224 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=FC89FACA0473641CB625EDA9277D0885 -> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe -> [2010/07/17 20:52:08 | 002,613,248 | ---- | M] (Microsoft Corporation)
< %systemdrive%\SVCHOST.EXE  /md5 /s >
 svchost.exe : MD5=54A47F6B5E09A77E61649109C6A08866 -> C:\Windows\ERDNT\cache86\svchost.exe -> [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
 svchost.exe : MD5=54A47F6B5E09A77E61649109C6A08866 -> C:\Windows\SysWOW64\svchost.exe -> [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
 svchost.exe : MD5=54A47F6B5E09A77E61649109C6A08866 -> C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe -> [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
 svchost.exe : MD5=C78655BC80301D76ED4FEF1C1EA40A7D -> C:\Windows\ERDNT\cache64\svchost.exe -> [2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation)
 svchost.exe : MD5=C78655BC80301D76ED4FEF1C1EA40A7D -> C:\Windows\SysNative\svchost.exe -> [2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation)
 svchost.exe : MD5=C78655BC80301D76ED4FEF1C1EA40A7D -> C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe -> [2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation)
< %systemdrive%\USERINIT.EXE  /md5 /s >
 userinit.exe : MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -> C:\Windows\ERDNT\cache86\userinit.exe -> [2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation)
 userinit.exe : MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -> C:\Windows\SysWOW64\userinit.exe -> [2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation)
 userinit.exe : MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -> C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe -> [2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation)
 userinit.exe : MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -> C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe -> [2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation)
 userinit.exe : MD5=6F8F1376A13114CC10C0E69274F5A4DE -> C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe -> [2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation)
 userinit.exe : MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -> C:\Windows\ERDNT\cache64\userinit.exe -> [2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation)
 userinit.exe : MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -> C:\Windows\SysNative\userinit.exe -> [2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation)
 userinit.exe : MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -> C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe -> [2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation)
< %systemdrive%\VOLSNAP.INF  /md5 /s >
 volsnap.inf : MD5=593691C1DC069091778C2FD849031976 -> C:\Windows\inf\volsnap.inf -> [2009/07/14 01:31:48 | 000,001,686 | ---- | M] ()
 volsnap.inf : MD5=593691C1DC069091778C2FD849031976 -> C:\Windows\SysNative\DriverStore\FileRepository\volsnap.inf_amd64_neutral_7499a4fac85b39fc\volsnap.inf -> [2009/07/13 16:17:30 | 000,001,686 | ---- | M] ()
 volsnap.inf : MD5=593691C1DC069091778C2FD849031976 -> C:\Windows\winsxs\amd64_volsnap.inf_31bf3856ad364e35_6.1.7600.16385_none_c994a0d049937743\volsnap.inf -> [2009/07/13 16:17:30 | 000,001,686 | ---- | M] ()
< %systemdrive%\VOLSNAP.INF_LOC  /md5 /s >
 volsnap.inf_loc : MD5=F040058B592FE682204B2FC15DDEAC0D -> C:\Windows\SysNative\DriverStore\en-US\volsnap.inf_loc -> [2009/07/13 22:28:02 | 000,000,198 | ---- | M] ()
 volsnap.inf_loc : MD5=F040058B592FE682204B2FC15DDEAC0D -> C:\Windows\winsxs\amd64_volsnap.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6f581c9c9aef0771\volsnap.inf_loc -> [2009/07/13 22:28:02 | 000,000,198 | ---- | M] ()
< %systemdrive%\VOLSNAP.PNF  /md5 /s >
 volsnap.PNF : MD5=54353746A0A6B4B9AC86EB7C43F16D0F -> C:\Windows\inf\volsnap.PNF -> [2010/07/17 18:20:08 | 000,005,120 | ---- | M] ()
 volsnap.PNF : MD5=EAD92392723316801433419E3B0F4B32 -> C:\Windows\SysNative\DriverStore\FileRepository\volsnap.inf_amd64_neutral_7499a4fac85b39fc\volsnap.PNF -> [2010/07/17 18:20:07 | 000,005,120 | ---- | M] ()
< %systemdrive%\VOLSNAP.SYS  /md5 /s >
 volsnap.sys : MD5=0D08D2F3B3FF84E433346669B5E0F639 -> C:\Windows\SysNative\drivers\volsnap.sys -> [2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation)
 volsnap.sys : MD5=0D08D2F3B3FF84E433346669B5E0F639 -> C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys -> [2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation)
 volsnap.sys : MD5=0D08D2F3B3FF84E433346669B5E0F639 -> C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys -> [2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation)
 volsnap.sys : MD5=58F82EED8CA24B461441F9C3E4F0BF5C -> C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys -> [2009/07/13 21:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation)
< %systemdrive%\VOLSNAP.SYS.MUI  /md5 /s >
 volsnap.sys.mui : MD5=308E04CFA8407B0C7099C9D40BC19023 -> C:\Windows\SysNative\drivers\en-US\volsnap.sys.mui -> [2009/07/13 22:28:14 | 000,023,552 | ---- | M] (Microsoft Corporation)
 volsnap.sys.mui : MD5=308E04CFA8407B0C7099C9D40BC19023 -> C:\Windows\winsxs\amd64_volume.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d71b3bdfd9a663dc\volsnap.sys.mui -> [2009/07/13 22:28:14 | 000,023,552 | ---- | M] (Microsoft Corporation)
< %systemdrive%\WINLOGON.EXE  /md5 /s >
 winlogon.exe : MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -> C:\Windows\ERDNT\cache64\winlogon.exe -> [2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation)
 winlogon.exe : MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -> C:\Windows\SysNative\winlogon.exe -> [2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation)
 winlogon.exe : MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe -> [2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation)
 winlogon.exe : MD5=132328DF455B0028F13BF0ABEE51A63A -> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe -> [2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation)
 winlogon.exe : MD5=A93D41A4D4B0D91C072D11DD8AF266DE -> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe -> [2010/07/17 20:52:21 | 000,389,632 | ---- | M] (Microsoft Corporation)
 winlogon.exe : MD5=DA3E2A6FA9660CC75B471530CE88453A -> C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe -> [2010/07/17 20:52:21 | 000,389,632 | ---- | M] (Microsoft Corporation)
< MD5 Scans End>
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS] -> [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS] -> [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL] -> [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\ -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE] -> [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\ -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE ["C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES] -> [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\ -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE ["C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE] -> [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand -> C:\Windows\SysWow64\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW] -> [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand -> C:\Windows\SysWow64\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL] -> [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand -> C:\Windows\SysWow64\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE] -> [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\ -> C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE ["C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF] -> [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\ -> C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE ["C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE"] -> [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS] -> [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS] -> [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE ["C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL] -> [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\ -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE] -> [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\ -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE ["C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES] -> [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\ -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE ["C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE] -> [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand -> C:\Windows\SysNative\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW] -> [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand -> C:\Windows\SysNative\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL] -> [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand -> C:\Windows\SysNative\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE] -> [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\ -> C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE ["C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF] -> [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command ->  -> 
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\ -> C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE ["C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE"] -> [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTS Restore Point
 
[Alternate Data Streams]
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:38C4D9C2
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:2F141B68
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:813B8EB6
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >
My System SpecsSystem Spec
10 Jul 2011   #19
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

@ trie66, First... update Java. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.
Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6u26 allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u26-windows-i586-p.exe to install the newest version.

Next, I'd like you to reset your router and change your password using a "strong" password. Change Passwords | Create Strong Passwords | Microsoft Security

Please let me know if you're still being redirected.
My System SpecsSystem Spec
10 Jul 2011   #20
trie66

Windows 7 Home Premium x65 w service pack 1
 
 
OTS Log

Removed, rebooted, and updated Java. Changed modem password.
Unfortunately, still getting redirected.

I ran the OTS this time while disconnected and have attached the log.

thank you


Attached Files
File Type: txt OTS Log 07102011.Txt (491.6 KB, 11 views)
My System SpecsSystem Spec
Reply

 Browser search links hijacked




Thread Tools




Similar help and support threads
Thread Forum
links is missing when pasting text with links in any browser or office
Hi, When I'm copying text withe links from the web and trying to paste it, The links is missing. I try to paste it into word or excel, and in all kinds of html editors in all browsers but the links are still missing. only text is shown. Is anybody here knows how to fix it? Tx very much...
Browsers & Mail
My IE11 Google browser has been Hijacked!?
Yesterday when I opened IE11 (fully win updated) after a cold startup, I noticed that the "Install Google Chrome" button was missing (FF27.01 too)? Then when I went to browse Redbox, nothing was showing properly (very slow/garbled!))? I rebooted & ran negative KIS2013 Full/Critical/rootkit scans....
System Security
hijacked links
can anyone please help me!!!! Every time I click a link on a webpage I get hijacked to a different page (usually selling some rubbish) how on earth do I stop this from happening I do not have a virus or anything nasty on my computer and all my security is totally up to date. Please somebody help...
System Security
My IE 10 browser has been hijacked
Thank goodness I have the Chrome browser. My IE will not open pages. When I place my cursor in the address bar and enter any address (e.g.: google.com), the cursor jumps back to the beginning of the address and nothing happens. I have done a full scan with MSE: nothing found Ran ADW cleaner...
System Security
IE Browser hijacked: suspect Delta search is the culprit
I have done the following without any success Ran ADW cleaner at least 3 times and restarted each time Ran thorough scan with MSE: negative Performed full scan with Malwarebytes and SuperAntispyware: deleted all adware/spyware I went to IE options and disabled all BHO that were in the list...
System Security
Browser Hijacked
Over the past few days I have been trying to resolve an issue with IE8 having been Hijacked. Most of the time when I use a search through Google or Bing, upon clicking one of the results I will get a random redirect. I have tried scanning with MSE, Malwarebytes, Onecare.live, and Spybot S&D. I...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:11.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App