DDS (Ver_10-03-17.01) - NTFSX64 Run by SanderK at 20:59:20,51 on 14.06.2010 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_18 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.47.1033.18.8191.5121 [GMT 2:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Spotify\spotify.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Public\Games\World of Warcraft\WoW.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Users\SanderK\Downloads\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== mLocal Page = c:\windows\syswow64\blank.htm uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\vuze_remote\tbVuze.dll mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\vuze_remote\tbVuze.dll mWinlogon: Userinit=userinit.exe BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\vuze_remote\tbVuze.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\vuze_remote\tbVuze.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files (x86)\daemon tools toolbar\DTToolbar.dll uRun: [VeohPlugin] "c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe" uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background uRun: [Steam] "c:\program files (x86)\steam\steam.exe" -silent uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun uRun: [HydraVisionDesktopManager] "c:\program files (x86)\ati technologies\hydravision\HydraDM.exe" mRun: [HDAudDeck] c:\program files (x86)\via\viaudioi\vdeck\VDeck.exe -r mRun: [avgnt] "c:\program files (x86)\avira\antivir desktop\avgnt.exe" /min mRun: [PWRISOVM.EXE] c:\program files (x86)\poweriso\PWRISOVM.EXE mRun: [VoddlerNet Manager] c:\program files (x86)\voddler\service\VNetManager.exe mRun: [DivXUpdate] "c:\program files (x86)\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [StartCCC] "c:\program files (x86)\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun StartupFolder: c:\users\sanderk\appdata\roaming\microsoft\windows\start menu\programs\startup\CurseClientStartup.ccip StartupFolder: c:\users\sanderk\appdata\roaming\micros~1\windows\startm~1\programs\startup\openoffice.org 3.2.lnk - c:\program files (x86)\openoffice.org 3\program\quickstart.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-explorer: NoResolveTrack = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} {32099AAC-C132-4136-9E9A-4E364A424E17} TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\users\sanderk\appdata\roaming\mozilla\firefox\profiles\2we275lf.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google Powered Search FF - component: c:\program files (x86)\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll FF - component: c:\users\sanderk\appdata\roaming\mozilla\firefox\profiles\2we275lf.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll FF - component: c:\users\sanderk\appdata\roaming\mozilla\firefox\profiles\2we275lf.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll FF - component: c:\users\sanderk\appdata\roaming\mozilla\firefox\profiles\2we275lf.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files (x86)\voddler\plugin\npvoddler.dll FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-4-7 202752] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\avira\antivir desktop\sched.exe [2010-3-6 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files (x86)\avira\antivir desktop\avguard.exe [2010-3-6 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-3-6 74880] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2010-2-25 1398088] R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-4-7 6659072] R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-4-7 195584] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt64win7.sys [2009-12-19 314400] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-3-11 1222144] S2 VoddlerNet;VoddlerNet;c:\program files (x86)\voddler\service\voddler.exe [2010-3-18 1160912] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-3-6 61280] S3 fsssvc;Windows Live Tryggere for familien-tjenesten;c:\program files (x86)\windows live\family safety\fsssvc.exe [2009-8-6 704864] S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\netr7364.sys [2009-7-29 717312] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-3-8 31800] =============== Created Last 30 ================ 2010-06-14 18:56:09 0 d-----w- c:\users\sanderk\appdata\roaming\Malwarebytes 2010-06-14 18:56:01 24664 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-14 18:56:01 0 d-----w- c:\programdata\Malwarebytes 2010-06-14 18:56:01 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2010-06-11 12:08:54 0 d-----w- c:\users\sanderk\appdata\roaming\GetRightToGo 2010-06-05 01:00:32 0 d-sh--w- c:\windows\syswow64\%APPDATA% 2010-06-02 21:15:00 0 d-----w- c:\programdata\PMCallCenter 2010-06-02 21:10:10 0 d-----w- c:\program files (x86)\Monsters 2010-06-01 13:24:42 0 d-----w- c:\programdata\Spybot - Search & Destroy 2010-06-01 13:24:42 0 d-----w- c:\program files (x86)\Spybot - Search & Destroy 2010-06-01 13:12:45 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-06-01 13:11:22 0 d-----w- c:\programdata\Lavasoft 2010-06-01 13:07:30 0 d-----w- c:\program files (x86)\CCleaner 2010-05-26 12:19:53 2048 ----a-w- c:\windows\syswow64\tzres.dll 2010-05-26 12:19:53 2048 ----a-w- c:\windows\system32\tzres.dll 2010-05-23 14:47:15 0 d-----w- c:\programdata\ATI 2010-05-23 12:45:05 123408 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys 2010-05-21 19:13:58 0 d-----w- c:\program files (x86)\GameGain 2010-05-20 20:25:04 0 d-----w- c:\program files (x86)\VideoLAN 2010-05-20 19:53:51 999424 ----a-w- c:\windows\syswow64\divxdec.ax 2010-05-20 19:53:51 887296 ----a-w- c:\windows\syswow64\xvidcore.dll 2010-05-20 19:53:51 797184 ----a-w- c:\windows\syswow64\ac3filter.ax 2010-05-20 19:53:51 532480 ----a-w- c:\windows\syswow64\DivXsm.exe 2010-05-20 19:53:51 497664 ----a-w- c:\windows\syswow64\ac3filter.acm 2010-05-20 19:53:51 4816 ----a-w- c:\windows\syswow64\divxsm.tlb 2010-05-20 19:53:51 3596288 ----a-w- c:\windows\syswow64\qt-dx331.dll 2010-05-20 19:53:51 319488 ----a-w- c:\windows\syswow64\coreaac.ax 2010-05-20 19:53:51 271872 ----a-w- c:\windows\syswow64\coreavcdecoder.ax 2010-05-20 19:53:51 198144 ----a-w- c:\windows\syswow64\xvidvfw.dll 2010-05-20 19:53:51 150528 ----a-w- c:\windows\syswow64\xvid.ax 2010-05-20 19:53:51 0 d-----w- c:\program files (x86)\Codec 2010-05-20 19:26:36 0 d-----w- c:\users\sanderk\appdata\roaming\CoreCodec 2010-05-20 19:26:20 0 d-----w- c:\program files (x86)\Haali 2010-05-20 19:26:19 0 d-----w- c:\program files (x86)\CoreCodec 2010-05-19 21:55:05 0 d-----w- C:\Fraps ==================== Find3M ==================== 2010-06-13 13:38:59 73930 ----a-w- c:\windows\system32\perfc014.dat 2010-06-13 13:38:59 447984 ----a-w- c:\windows\system32\perfh014.dat 2010-05-27 07:24:13 34304 ----a-w- c:\windows\syswow64\atmlib.dll 2010-05-27 06:34:09 46080 ----a-w- c:\windows\system32\atmlib.dll 2010-05-27 04:11:32 366080 ----a-w- c:\windows\system32\atmfd.dll 2010-05-27 03:49:37 293888 ----a-w- c:\windows\syswow64\atmfd.dll 2010-05-22 20:00:02 218808 ----a-w- c:\windows\syswow64\PnkBstrB.exe 2010-05-21 05:52:30 1192960 ----a-w- c:\windows\system32\wininet.dll 2010-05-21 05:18:06 977920 ----a-w- c:\windows\syswow64\wininet.dll 2010-05-21 05:14:50 48128 ----a-w- c:\windows\syswow64\jsproxy.dll 2010-05-12 09:21:16 270208 ------w- c:\windows\system32\MpSigStub.exe 2010-05-06 12:42:05 1225216 ----a-w- c:\windows\syswow64\urlmon.dll 2010-05-06 12:41:55 606208 ----a-w- c:\windows\syswow64\mstime.dll 2010-05-06 12:41:53 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll 2010-05-06 12:41:53 5970944 ----a-w- c:\windows\syswow64\mshtml.dll 2010-05-06 12:41:49 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll 2010-05-06 12:41:49 10984448 ----a-w- c:\windows\syswow64\ieframe.dll 2010-05-01 15:07:05 3122176 ----a-w- c:\windows\system32\win32k.sys 2010-04-27 12:45:56 72856 ----a-w- c:\windows\syswow64\xliveinstallhost.exe 2010-04-27 12:45:56 187544 ----a-w- c:\windows\syswow64\xliveinstall.dll 2010-04-07 02:40:36 18929664 ----a-w- c:\windows\system32\atio6axx.dll 2010-04-07 02:16:30 143360 ----a-w- c:\windows\system32\atiapfxx.exe 2010-04-07 02:16:20 489472 ----a-w- c:\windows\syswow64\aticfx32.dll 2010-04-07 02:15:26 553472 ----a-w- c:\windows\system32\aticfx64.dll 2010-04-07 02:13:10 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll 2010-04-07 02:13:00 455168 ----a-w- c:\windows\system32\atieclxx.exe 2010-04-07 02:12:18 202752 ----a-w- c:\windows\system32\atiesrxx.exe 2010-04-07 02:12:12 14321664 ----a-w- c:\windows\syswow64\atioglxx.dll 2010-04-07 02:10:56 120320 ----a-w- c:\windows\system32\atitmm64.dll 2010-04-07 02:10:40 421376 ----a-w- c:\windows\system32\atipdl64.dll 2010-04-07 02:10:32 356352 ----a-w- c:\windows\syswow64\atipdlxx.dll 2010-04-07 02:10:18 278528 ----a-w- c:\windows\syswow64\Oemdspif.dll 2010-04-07 02:10:12 12288 ----a-w- c:\windows\system32\atimuixx.dll 2010-04-07 02:10:08 59392 ----a-w- c:\windows\system32\atiedu64.dll 2010-04-07 02:10:00 43520 ----a-w- c:\windows\syswow64\ati2edxx.dll 2010-04-07 02:06:26 3164160 ----a-w- c:\windows\syswow64\atidxx32.dll 2010-04-07 01:54:40 3834880 ----a-w- c:\windows\system32\atidxx64.dll 2010-04-07 01:46:50 55296 ----a-w- c:\windows\system32\coinst.dll 2010-04-07 01:40:46 3707904 ----a-w- c:\windows\syswow64\atiumdag.dll 2010-04-07 01:40:18 53248 ----a-w- c:\windows\syswow64\aticalrt.dll 2010-04-07 01:40:18 43008 ----a-w- c:\windows\system32\aticalrt64.dll 2010-04-07 01:40:12 39936 ----a-w- c:\windows\system32\aticalcl64.dll 2010-04-07 01:40:10 53248 ----a-w- c:\windows\syswow64\aticalcl.dll 2010-04-07 01:40:04 5186048 ----a-w- c:\windows\system32\aticaldd64.dll 2010-04-07 01:38:12 4018176 ----a-w- c:\windows\syswow64\aticaldd.dll 2010-04-07 01:32:56 4806144 ----a-w- c:\windows\system32\atiumd64.dll 2010-04-07 01:27:22 2701312 ----a-w- c:\windows\system32\atiumd6a.dll 2010-04-07 01:24:02 334336 ----a-w- c:\windows\system32\atiadlxx.dll 2010-04-07 01:23:54 237568 ----a-w- c:\windows\syswow64\atiadlxy.dll 2010-04-07 01:23:42 14848 ----a-w- c:\windows\system32\atig6pxx.dll 2010-04-07 01:23:40 12800 ----a-w- c:\windows\syswow64\atiglpxx.dll 2010-04-07 01:23:40 12800 ----a-w- c:\windows\system32\atiglpxx.dll 2010-04-07 01:23:36 16384 ----a-w- c:\windows\system32\atig6txx.dll 2010-04-07 01:23:32 14848 ----a-w- c:\windows\syswow64\atigktxx.dll 2010-04-07 01:22:52 36864 ----a-w- c:\windows\system32\atiuxp64.dll 2010-04-07 01:22:44 28160 ----a-w- c:\windows\syswow64\atiuxpag.dll 2010-04-07 01:22:38 28160 ----a-w- c:\windows\system32\atiu9p64.dll 2010-04-07 01:22:30 20480 ----a-w- c:\windows\syswow64\atiu9pag.dll 2010-04-07 01:21:08 2983936 ----a-w- c:\windows\syswow64\atiumdva.dll 2010-04-07 01:08:58 53248 ----a-w- c:\windows\system32\atimpc64.dll 2010-04-07 01:08:58 53248 ----a-w- c:\windows\system32\amdpcom64.dll 2010-04-07 01:08:52 52224 ----a-w- c:\windows\syswow64\atimpc32.dll 2010-04-07 01:08:52 52224 ----a-w- c:\windows\syswow64\amdpcom32.dll 2010-04-03 15:48:50 466520 ----a-w- c:\windows\system32\wrap_oal.dll 2010-04-03 15:48:50 445016 ----a-w- c:\windows\syswow64\wrap_oal.dll 2010-04-03 15:48:50 122968 ----a-w- c:\windows\system32\OpenAL32.dll 2010-04-03 15:48:50 109144 ----a-w- c:\windows\syswow64\OpenAL32.dll 2010-04-02 16:09:08 2023 ----a-w- c:\windows\syswow64\atipblag.dat 2010-04-02 16:09:08 2023 ----a-w- c:\windows\system32\atipblag.dat 2010-04-02 15:17:52 15426200 ----a-w- c:\windows\syswow64\xlive.dll 2010-04-02 15:17:52 13642904 ----a-w- c:\windows\syswow64\xlivefnt.dll 2010-03-31 05:15:22 86016 ----a-w- c:\windows\syswow64\frapsvid.dll 2010-03-31 05:15:20 84992 ----a-w- c:\windows\system32\frapsv64.dll 2010-03-17 15:06:30 202234 ----a-w- c:\windows\system32\atiicdxx.dat 2010-03-06 06:06:05 36156 ----a-w- c:\windows\inf\perflib\0414\perfd.dat 2010-03-06 06:06:05 36156 ----a-w- c:\windows\inf\perflib\0414\perfc.dat 2010-03-06 06:06:05 298300 ----a-w- c:\windows\inf\perflib\0414\perfi.dat 2010-03-06 06:06:05 298300 ----a-w- c:\windows\inf\perflib\0414\perfh.dat 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2010-03-06 05:50:45 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat 2010-03-06 05:54:05 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 20:59:40,08 ===============