Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Web browsing suddenly slow


  • This topic is locked This topic is locked

#1
JP in LA

JP in LA

    New Member

  • Member
  • Pip
  • 5 posts
Hi, thanks for providing this service! I appreciate any help you can provide.

The only symptom I can report is that web browsing has slowed to an utter crawl and eventually completely stalls. It's not the connection--other computers in my house can browse the web just fine.

Firefox says "domain.com waiting" and the animated wait icon appears but no page loads, or a page or two may load right after I reboot. Particularly with Firefox, when I quit the app the process remains and I have to kill it manually.

I can't get to my web servers via SSH, but I can check email, although that slows down occasionally as well.

I had a similar problem a while back. Someone on a different forum looked at my HJT log and discovered a strange entry, which we deleted and after which everything was fine, but that entry is not visible in HJT.

I'm posting here because you're using OTL, which I have never used before, so I thought I'd give it a shot. Any help would be greatly appreciated! Being online is part of my business and every minute equals $$$. :)

Jerome

OTL logfile created on: 5/12/2011 12:34:04 PM - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Jerome\Downloads

An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy



3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 52.00% Memory free

6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]



%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 279.02 Gb Total Space | 64.90 Gb Free Space | 23.26% Space Free | Partition Type: NTFS



Computer Name: CEREBRO | User Name: Jerome | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days



========== Processes (SafeList) ==========



PRC - File not found --

PRC - [2011/05/12 12:25:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jerome\Downloads\OTL.exe

PRC - [2011/04/30 13:59:21 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Jerome\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe

PRC - [2011/04/27 09:55:28 | 000,973,824 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

PRC - [2011/04/14 10:31:22 | 000,894,544 | ---- | M] () -- C:\Users\Jerome\AppData\Local\Spoon\Cache\XVM\9-3-1642-1__1\XVM.exe

PRC - [2011/03/30 11:58:55 | 002,044,280 | ---- | M] (Code Systems Corporation) -- C:\Users\Jerome\AppData\Local\Spoon\3.25.0.15\Spoon-Sandbox.exe

PRC - [2011/03/22 11:37:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe

PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011/02/17 06:21:58 | 002,190,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe

PRC - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

PRC - [2011/02/11 20:32:50 | 002,771,968 | ---- | M] (SoftPerfect Research) -- C:\Program Files\NetWorx\networx.exe

PRC - [2011/02/11 06:25:52 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe

PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe

PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe

PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe

PRC - [2011/02/08 05:32:52 | 001,025,376 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe

PRC - [2011/02/08 05:32:48 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe

PRC - [2011/02/08 05:32:46 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe

PRC - [2011/02/04 16:40:58 | 001,864,992 | ---- | M] (Code Systems Corporation) -- C:\Users\Jerome\AppData\Local\Spoon\3.24.0.9\Spoon-Sandbox.exe

PRC - [2011/01/30 23:36:36 | 000,038,840 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2010/11/20 05:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2010/11/17 16:34:52 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe

PRC - [2010/11/15 12:08:08 | 001,158,512 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe

PRC - [2010/11/15 12:08:06 | 004,807,536 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

PRC - [2010/10/15 17:33:35 | 001,921,960 | ---- | M] (Code Systems Corporation) -- C:\Users\Jerome\AppData\Local\Spoon\3.23.0.12\Spoon-Sandbox.exe

PRC - [2010/09/24 14:19:08 | 006,351,600 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Zune\ZuneNss.exe

PRC - [2010/09/22 19:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

PRC - [2010/08/03 13:57:35 | 001,873,360 | ---- | M] (Code Systems Corporation) -- C:\Users\Jerome\AppData\Local\Spoon\3.21.0.22\Spoon-Sandbox.exe

PRC - [2010/04/24 02:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010/04/24 02:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010/01/26 13:46:14 | 000,939,272 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe

PRC - [2009/12/17 15:32:30 | 000,497,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

PRC - [2009/11/02 14:17:08 | 000,604,888 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoTransfer.exe

PRC - [2009/11/02 14:17:04 | 000,430,808 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoNotify.exe

PRC - [2009/01/26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

PRC - [2008/02/22 18:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe

PRC - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe

PRC - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe

PRC - [2007/07/02 14:29:22 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe

PRC - [2007/06/26 02:56:06 | 000,598,664 | ---- | M] ( ) -- C:\Windows\System32\dldfcoms.exe

PRC - [2007/06/06 17:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe

PRC - [2007/05/22 15:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe

PRC - [2007/05/09 18:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe

PRC - [2007/02/16 09:58:12 | 000,856,064 | ---- | M] (Christian Diefer) -- C:\Program Files\I8kfanGUI\I8kfanGUI.exe

PRC - [2006/09/08 16:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe

PRC - [1999/12/31 17:00:00 | 001,116,568 | ---- | M] (Code Systems Corporation) -- C:\Users\Jerome\AppData\Local\Spoon\3.20.0.8\Spoon-Sandbox.exe

PRC - [1999/12/31 17:00:00 | 001,108,864 | ---- | M] (Code Systems Corporation) -- C:\Users\Jerome\AppData\Local\Spoon\3.19.0.5\Spoon-Sandbox.exe

PRC - [1999/12/31 17:00:00 | 001,089,416 | ---- | M] (Code Systems Corporation) -- C:\Users\Jerome\AppData\Local\Spoon\3.16.0.6\Spoon-Sandbox.exe





========== Modules (SafeList) ==========



MOD - [2011/05/12 12:25:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jerome\Downloads\OTL.exe

MOD - [2010/11/20 04:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll





========== Win32 Services (SafeList) ==========



SRV - [2011/05/02 20:53:11 | 003,274,328 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_3f211bc.dll -- (Akamai)

SRV - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)

SRV - [2011/01/25 23:06:49 | 000,309,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\ftpsvc.dll -- (ftpsvc)

SRV - [2011/01/19 10:39:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011/01/04 02:06:02 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010/11/17 16:34:52 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)

SRV - [2010/11/15 12:08:06 | 004,807,536 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)

SRV - [2010/09/24 14:19:16 | 000,444,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)

SRV - [2010/09/24 14:19:16 | 000,268,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)

SRV - [2010/09/24 14:19:08 | 006,351,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)

SRV - [2010/06/25 10:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2010/04/24 02:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010/04/24 02:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010/03/01 23:14:02 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2010/01/26 13:46:16 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)

SRV - [2010/01/26 13:46:14 | 000,939,272 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)

SRV - [2009/12/17 15:32:30 | 000,497,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)

SRV - [2009/11/02 14:17:00 | 001,098,968 | ---- | M] (TiVo Inc.) [Disabled | Stopped] -- C:\Program Files\TiVo\Desktop\TiVoBeacon.exe -- (TivoBeacon2)

SRV - [2009/07/13 18:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)

SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)

SRV - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)

SRV - [2007/06/26 02:56:08 | 000,098,952 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)

SRV - [2007/06/26 02:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldfcoms.exe -- (dldf_device)





========== Driver Services (SafeList) ==========



DRV - [2011/03/30 17:17:06 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)

DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)

DRV - [2011/02/22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)

DRV - [2011/02/17 18:06:10 | 000,160,560 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)

DRV - [2011/02/17 18:06:10 | 000,122,032 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)

DRV - [2011/02/17 18:06:10 | 000,111,152 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV - [2011/02/17 18:06:10 | 000,044,784 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)

DRV - [2011/02/10 07:54:00 | 000,296,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)

DRV - [2011/02/10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)

DRV - [2011/02/10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)

DRV - [2011/02/08 02:07:22 | 000,051,640 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\Windows\System32\drivers\networx.sys -- (networx)

DRV - [2011/01/19 04:32:56 | 000,032,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)

DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)

DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)

DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)

DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)

DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)

DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)

DRV - [2010/11/02 17:07:54 | 000,010,752 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)

DRV - [2010/10/25 11:59:32 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)

DRV - [2010/10/25 11:59:28 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)

DRV - [2010/06/25 10:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)

DRV - [2010/04/24 02:10:54 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)

DRV - [2010/04/24 02:10:52 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)

DRV - [2010/04/24 02:10:50 | 000,195,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)

DRV - [2010/04/24 02:10:44 | 000,550,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)

DRV - [2010/03/16 17:01:53 | 011,597,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010/02/05 00:25:01 | 000,050,944 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM)

DRV - [2010/01/19 10:58:40 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\pssdk42.sys -- (PSSDK42)

DRV - [2009/12/17 15:18:50 | 000,020,152 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva)

DRV - [2009/09/02 15:29:06 | 000,158,344 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MAudioMobilePre.sys -- (MAUSBMOBILEPRE)

DRV - [2009/08/20 12:11:30 | 000,073,232 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)

DRV - [2009/07/13 17:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV - [2009/07/13 16:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)

DRV - [2009/06/25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)

DRV - [2009/06/25 16:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)

DRV - [2009/06/25 16:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2009/06/17 09:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)

DRV - [2009/06/17 09:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2009/06/17 09:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)

DRV - [2008/12/26 12:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)

DRV - [2008/10/27 23:51:34 | 000,127,496 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TotRec7.sys -- (TotRec7)

DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)

DRV - [2007/10/10 18:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)

DRV - [2007/10/03 23:55:36 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)

DRV - [2007/10/03 23:55:28 | 000,015,400 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SiRemFil.sys -- (SiRemFil)

DRV - [2007/10/03 23:55:08 | 000,080,424 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SI3132.sys -- (SI3132)

DRV - [2007/09/13 15:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)

DRV - [2007/06/25 19:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)

DRV - [2007/03/05 11:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)

DRV - [2007/02/16 02:05:48 | 000,014,464 | ---- | M] (Christian Diefer) [Kernel | System | Running] -- C:\Windows\System32\drivers\fanio.sys -- (fanio)





========== Standard Registry (SafeList) ==========





========== Internet Explorer ==========





IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E1 B3 56 FF 98 90 CA 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



========== FireFox ==========



FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://workflowy.com/"

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: ""

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0

FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 0

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888

FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1

FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1

FF - prefs.js..extensions.enabledItems: [email protected]:1.7.0

FF - prefs.js..extensions.enabledItems: [email protected]:3.9.2

FF - prefs.js..extensions.enabledItems: [email protected]:1.75

FF - prefs.js..extensions.enabledItems: {E0B8C461-F8FB-49b4-8373-FE32E9252800}:4.0.0.106602

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.6.1

FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: [email protected]:2.0.8

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {f1ac39e3-5cd4-4b04-902f-e1add0245a11}:0.9.0.6

FF - prefs.js..extensions.enabledItems: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}:0.7.2

FF - prefs.js..keyword.URL: "http://www.gobrs.com...ls=TWKTmrt7&q="

FF - prefs.js..network.proxy.backup.ftp: "ts-proxy.online.disney.com"

FF - prefs.js..network.proxy.backup.ftp_port: 9080

FF - prefs.js..network.proxy.backup.gopher: "ts-proxy.online.disney.com"

FF - prefs.js..network.proxy.backup.gopher_port: 9080

FF - prefs.js..network.proxy.backup.socks: "ts-proxy.online.disney.com"

FF - prefs.js..network.proxy.backup.socks_port: 9080

FF - prefs.js..network.proxy.backup.ssl: "ts-proxy.online.disney.com"

FF - prefs.js..network.proxy.backup.ssl_port: 9080

FF - prefs.js..network.proxy.ftp: "ts-proxy.online.disney.com"

FF - prefs.js..network.proxy.ftp_port: 9080

FF - prefs.js..network.proxy.gopher: "ts-proxy.online.disney.com"

FF - prefs.js..network.proxy.gopher_port: 9080

FF - prefs.js..network.proxy.http: "ts-proxy.online.disney.com"

FF - prefs.js..network.proxy.http_port: 9080

FF - prefs.js..network.proxy.no_proxies_on: "192.168.1.0/254"

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "ts-proxy.online.disney.com"

FF - prefs.js..network.proxy.socks_port: 9080

FF - prefs.js..network.proxy.ssl: "ts-proxy.online.disney.com"

FF - prefs.js..network.proxy.ssl_port: 9080

FF - prefs.js..network.proxy.type: 0



FF - user.js..keyword.URL: "http://www.gobrs.com...ls=TWKTmrt7&q="



FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Fiddler2\FiddlerHook [2010/01/08 16:52:51 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/04/15 10:30:58 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 12:00:02 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/10 10:25:53 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0b10\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 9\components [2011/02/10 10:24:34 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0b10\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 9\plugins

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 01:59:18 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird



[2010/01/04 12:15:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Portfolio\AppData\Roaming\Mozilla\Extensions

[2010/01/04 12:15:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Portfolio\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011/05/12 11:43:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions

[2010/10/26 08:25:16 | 000,000,000 | ---D | M] (MacOSX Theme) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}

[2011/02/03 15:29:01 | 000,000,000 | ---D | M] (Instaright!) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\{1d682819-bef2-4a75-8ffa-adf3733f5557}

[2010/08/02 08:09:08 | 000,000,000 | ---D | M] (Charles Autoconfiguration) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}

[2011/04/14 11:16:53 | 000,000,000 | ---D | M] (Bloomind FT GraphiteGlow) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\{99e34760-2754-11e0-91fa-0800200c9a66}

[2011/03/31 14:04:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011/04/25 12:32:19 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}

[2011/04/14 11:16:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2011/01/14 11:55:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\{f1ac39e3-5cd4-4b04-902f-e1add0245a11}

[2011/04/19 10:15:30 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\[email protected]

[2011/04/16 19:55:46 | 000,000,000 | ---D | M] (Flashbug) -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\[email protected]

[2011/04/14 11:16:53 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Jerome\AppData\Roaming\mozilla\Firefox\Profiles\5i0qb11b.default\extensions\[email protected]

[2011/03/11 20:24:45 | 000,001,919 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\bing-zugo.xml

[2010/10/21 11:02:01 | 000,000,914 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\dictionarycom.xml

[2011/04/18 17:20:37 | 000,001,969 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\duckduckgo.xml

[2010/02/10 11:33:35 | 000,001,961 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\flickr.xml

[2010/01/01 16:28:31 | 000,001,512 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\imdb.xml

[2010/01/01 16:28:37 | 000,005,005 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\linkedin.xml

[2010/04/13 11:58:18 | 000,005,509 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\soundcloud.xml

[2010/02/01 11:45:34 | 000,002,006 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\urban-dictionary.xml

[2010/01/01 16:28:47 | 000,001,640 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\weathercom.xml

[2010/01/01 16:29:16 | 000,002,284 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\wolframalpha.xml

[2010/01/01 17:54:28 | 000,001,720 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\searchplugins\youtube-video-search.xml

[2011/03/11 18:40:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/10/28 13:28:41 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2010/04/24 00:13:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/09/10 07:21:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/10/22 22:43:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/12/26 12:23:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/03/11 18:40:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

File not found (No name found) --

[2011/04/15 10:30:58 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4

() (No name found) -- C:\USERS\Jerome\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5I0QB11B.DEFAULT\EXTENSIONS\{340C2BBC-CE74-4362-90B5-7C26312808EF}.XPI

() (No name found) -- C:\USERS\Jerome\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5I0QB11B.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI

() (No name found) -- C:\USERS\Jerome\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5I0QB11B.DEFAULT\EXTENSIONS\[email protected]

() (No name found) -- C:\USERS\Jerome\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5I0QB11B.DEFAULT\EXTENSIONS\[email protected]

() (No name found) -- C:\USERS\Jerome\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5I0QB11B.DEFAULT\EXTENSIONS\[email protected]

() (No name found) -- C:\USERS\Jerome\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5I0QB11B.DEFAULT\EXTENSIONS\[email protected]

() (No name found) -- C:\USERS\Jerome\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5I0QB11B.DEFAULT\EXTENSIONS\[email protected]

[2011/04/29 11:59:59 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2011/03/22 11:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml.old



O1 HOSTS File: ([2011/04/16 11:54:53 | 000,431,577 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 14881 more lines...

O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)

O3 - HKLM\..\Toolbar: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research)

O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\ExplorerFrame.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [NetWorx] C:\Program Files\NetWorx\networx.exe (SoftPerfect Research)

O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)

O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)

O4 - HKCU..\Run: [AdobeBridge] File not found

O4 - HKCU..\Run: [i8kfangui] C:\Program Files\I8kfanGUI\I8kfanGUI.exe (Christian Diefer)

O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)

O4 - HKCU..\Run: [TivoNotify] C:\Program Files\TiVo\Desktop\TiVoNotify.exe (TiVo Inc.)

O4 - HKCU..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)

O4 - HKCU..\Run: [TivoTransfer] C:\Program Files\TiVo\Desktop\TiVoTransfer.exe (TiVo Inc.)

O4 - HKCU..\Run: [TranscodingService] C:\Program Files\TiVo\Desktop\Plus\\TranscodingService.exe ()

O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()

O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O4 - Startup: C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.16.lnk = C:\Users\Jerome\AppData\Local\Spoon\3.16.0.6\Spoon-Sandbox-Native.exe ()

O4 - Startup: C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.19.lnk = C:\Users\Jerome\AppData\Local\Spoon\3.19.0.5\Spoon-Sandbox-Native.exe ()

O4 - Startup: C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.20.lnk = C:\Users\Jerome\AppData\Local\Spoon\3.20.0.8\Spoon-Sandbox-Native.exe ()

O4 - Startup: C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.21.lnk = C:\Users\Jerome\AppData\Local\Spoon\3.21.0.22\Spoon-Sandbox-Native.exe ()

O4 - Startup: C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.23.lnk = C:\Users\Jerome\AppData\Local\Spoon\3.23.0.12\Spoon-Sandbox-Native.exe ()

O4 - Startup: C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.24.lnk = C:\Users\Jerome\AppData\Local\Spoon\3.24.0.9\Spoon-Sandbox-Native.exe ()

O4 - Startup: C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.25.lnk = C:\Users\Jerome\AppData\Local\Spoon\3.25.0.15\Spoon-Sandbox-Native.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)

O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)

O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - Reg Error: Key error. File not found

O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - Reg Error: Key error. File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)

O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)

O15 - HKCU\..Trusted Ranges: Range1 ([file] in Local intranet)

O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://vpn-noho.dig...ries/vpnweb.cab (Cisco AnyConnect VPN Client Web Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (pdboot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)

O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*



========== Files/Folders - Created Within 30 Days ==========



[2011/05/12 06:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011/05/10 23:25:22 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys

[2011/05/10 23:25:21 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys

[2011/05/10 23:25:18 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2011/05/10 23:25:17 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2011/05/10 16:58:18 | 000,000,000 | ---D | C] -- C:\ProgramData\WebEx

[2011/05/08 16:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote

[2011/05/06 19:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse

[2011/05/06 19:14:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint

[2011/05/06 15:12:00 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital

[2011/05/05 16:07:31 | 000,000,000 | -HSD | C] -- C:\found.000

[2011/04/29 20:16:01 | 000,000,000 | ---D | C] -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat

[2011/04/29 20:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat

[2011/04/29 20:16:01 | 000,000,000 | ---D | C] -- C:\Program Files\WinDirStat

[2011/04/29 20:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\cygwin

[2011/04/29 20:12:07 | 000,000,000 | ---D | C] -- C:\cygwin

[2011/04/28 01:47:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe

[2011/04/28 01:47:08 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll

[2011/04/28 01:47:08 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys

[2011/04/28 01:47:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe

[2011/04/28 01:47:03 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll

[2011/04/28 01:47:02 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2011/04/24 11:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011/04/24 11:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/04/24 07:14:31 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll

[2011/04/23 17:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard

[2011/04/20 19:49:20 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%

[2011/04/19 10:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games

[2011/04/18 17:24:57 | 000,000,000 | ---D | C] -- C:\Users\Jerome\.googlecl

[2011/04/16 12:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour Print Services

[2011/04/16 12:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour Print Services

[2011/04/16 10:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2011/04/16 10:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011/04/16 10:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2011/04/16 07:30:04 | 000,000,000 | ---D | C] -- C:\Users\Jerome\AppData\Roaming\Malwarebytes

[2011/04/16 07:28:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/04/16 07:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/04/16 07:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/04/16 07:28:10 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/04/16 07:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/04/16 02:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011/04/15 10:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011

[2011/04/15 10:30:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG

[2011/04/14 15:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2011/04/14 15:24:36 | 000,000,000 | ---D | C] -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2011/04/13 16:31:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10

[2011/04/13 16:21:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2011/04/13 16:21:14 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2011/04/13 16:21:14 | 000,000,000 | ---D | C] -- C:\Users\Portfolio\AppData\Local\temp

[2011/04/13 15:51:17 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2011/04/13 15:51:17 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2011/04/13 15:51:17 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2011/04/13 15:50:50 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2011/04/13 15:49:46 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2011/04/13 14:03:02 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011/04/13 05:24:53 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe

[2011/04/13 05:24:51 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2011/04/13 05:24:51 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2011/04/13 05:24:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe

[2011/04/13 05:24:44 | 002,333,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2011/04/13 05:24:42 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll

[2011/04/13 05:14:41 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll

[2011/04/13 05:14:40 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll

[2010/09/08 16:48:55 | 001,200,128 | ---- | C] ( ) -- C:\Windows\System32\dldfserv.dll

[2010/09/08 16:48:55 | 000,950,272 | ---- | C] ( ) -- C:\Windows\System32\dldfusb1.dll

[2010/09/08 16:48:55 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\dldfcomc.dll

[2010/09/08 16:48:55 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldfhbn3.dll

[2010/09/08 16:48:55 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\dldfpmui.dll

[2010/09/08 16:48:55 | 000,598,664 | ---- | C] ( ) -- C:\Windows\System32\dldfcoms.exe

[2010/09/08 16:48:55 | 000,565,248 | ---- | C] ( ) -- C:\Windows\System32\dldflmpm.dll

[2010/09/08 16:48:55 | 000,434,176 | ---- | C] ( ) -- C:\Windows\System32\dldfhcp.dll

[2010/09/08 16:48:55 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldfcomm.dll

[2010/09/08 16:48:55 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\dldfinpa.dll

[2010/09/08 16:48:55 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldfiesc.dll

[2010/09/08 16:48:55 | 000,320,136 | ---- | C] ( ) -- C:\Windows\System32\dldfih.exe

[2010/09/08 16:48:55 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldfprox.dll

[2010/09/08 16:48:54 | 000,365,192 | ---- | C] ( ) -- C:\Windows\System32\dldfcfg.exe

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]



========== Files - Modified Within 30 Days ==========



[2011/05/12 12:36:19 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/05/12 12:36:19 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/05/12 12:36:00 | 000,000,976 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-2846039889-803451671-1898855674-1001UA.job

[2011/05/12 12:36:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-2846039889-803451671-1898855674-1001Core.job

[2011/05/12 12:31:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/05/12 12:29:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/05/12 12:27:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/05/12 12:27:45 | 2414,379,008 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/12 12:06:35 | 000,000,132 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011/05/12 12:04:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2846039889-803451671-1898855674-1001UA.job

[2011/05/12 11:26:05 | 000,000,000 | ---- | M] () -- C:\Users\Jerome\AppData\Local\prvlcl.dat

[2011/05/12 08:55:24 | 114,850,379 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm

[2011/05/12 06:04:03 | 000,003,418 | ---- | M] () -- C:\Users\Jerome\Documents\cc_20110512_060354.reg

[2011/05/11 19:36:10 | 000,002,377 | ---- | M] () -- C:\Users\Jerome\Desktop\RockMelt.lnk

[2011/05/11 19:00:12 | 000,186,360 | ---- | M] () -- C:\Users\Jerome\Documents\cc_20110511_185957.reg

[2011/05/11 18:57:38 | 000,000,600 | ---- | M] () -- C:\Users\Jerome\AppData\Local\PUTTY.RND

[2011/05/11 18:21:34 | 000,527,663 | ---- | M] () -- C:\Users\Jerome\Desktop\me.jpg

[2011/05/11 16:01:09 | 000,001,456 | ---- | M] () -- C:\Users\Jerome\AppData\Local\Adobe Save for Web 12.0 Prefs

[2011/05/11 14:24:12 | 003,752,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/05/11 14:04:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2846039889-803451671-1898855674-1001Core.job

[2011/05/10 23:18:17 | 000,624,622 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/05/10 23:18:17 | 000,106,708 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/05/08 16:30:01 | 000,001,064 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

[2011/05/08 16:29:48 | 000,000,890 | ---- | M] () -- C:\Users\Jerome\Desktop\Evernote.lnk

[2011/04/25 12:45:55 | 000,004,544 | ---- | M] () -- C:\Users\Jerome\Desktop\New Journal Document.jnt

[2011/04/24 11:08:03 | 000,001,152 | ---- | M] () -- C:\Windows\System32\mapisvc.inf

[2011/04/21 07:10:13 | 000,061,580 | ---- | M] () -- C:\Users\Jerome\Desktop\missiontolearn_library.jpg

[2011/04/21 05:33:33 | 000,007,634 | ---- | M] () -- C:\Users\Jerome\AppData\Local\resmon.resmoncfg

[2011/04/19 01:00:11 | 000,407,433 | ---- | M] () -- C:\Users\Jerome\Desktop\silvia_hrblock.jpg

[2011/04/18 07:04:33 | 000,115,606 | ---- | M] () -- C:\Users\Jerome\Desktop\writebg.jpg

[2011/04/18 07:03:32 | 003,888,056 | ---- | M] () -- C:\Users\Jerome\Desktop\writebg.bmp

[2011/04/18 07:03:32 | 000,000,132 | ---- | M] () -- C:\Users\Jerome\AppData\Roaming\Adobe BMP Format CS5 Prefs

[2011/04/18 07:03:09 | 000,364,723 | ---- | M] () -- C:\Users\Jerome\Desktop\writebg.psd

[2011/04/16 11:56:24 | 000,000,362 | RHS- | M] () -- C:\ProgramData\ntuser.pol

[2011/04/16 11:54:53 | 000,431,577 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2011/04/16 11:41:07 | 000,431,577 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110416-115453.backup

[2011/04/15 12:38:33 | 001,217,973 | ---- | M] () -- C:\Users\Jerome\Desktop\Pennington_2010_Tax_Extension_Request.pdf

[2011/04/15 12:30:41 | 000,173,840 | ---- | M] () -- C:\Users\Jerome\Desktop\Pennington_2010_W2_1099.pdf

[2011/04/14 15:24:36 | 000,003,015 | ---- | M] () -- C:\Users\Jerome\Desktop\HiJackThis.lnk

[2011/04/14 15:09:55 | 001,040,788 | ---- | M] () -- C:\Users\Jerome\Desktop\2009ExtensionRequestForm.pdf

[2011/04/14 15:03:17 | 000,439,811 | ---- | M] () -- C:\Users\Jerome\Desktop\jpsig.tif

[2011/04/13 16:09:24 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110416-114107.backup

[2011/04/13 15:50:40 | 004,320,410 | R--- | M] () -- C:\Users\Jerome\Desktop\clonerevolt123.exe

[2011/04/13 14:28:39 | 001,854,235 | ---- | M] () -- C:\Users\Jerome\Desktop\AVGInstLog.cab

[2011/04/12 15:56:51 | 002,155,265 | ---- | M] () -- C:\Users\Jerome\Desktop\Pennington_XMRadio_invoice_Ref_Claim_18160904-01.pdf

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]



========== Files Created - No Company Name ==========



[2011/05/12 08:55:24 | 114,850,379 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm

[2011/05/12 06:03:57 | 000,003,418 | ---- | C] () -- C:\Users\Jerome\Documents\cc_20110512_060354.reg

[2011/05/11 19:00:02 | 000,186,360 | ---- | C] () -- C:\Users\Jerome\Documents\cc_20110511_185957.reg

[2011/05/11 18:18:52 | 000,527,663 | ---- | C] () -- C:\Users\Jerome\Desktop\me.jpg

[2011/05/08 16:30:01 | 000,001,064 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

[2011/04/25 12:45:55 | 000,004,544 | ---- | C] () -- C:\Users\Jerome\Desktop\New Journal Document.jnt

[2011/04/21 07:10:13 | 000,061,580 | ---- | C] () -- C:\Users\Jerome\Desktop\missiontolearn_library.jpg

[2011/04/19 00:58:37 | 000,407,433 | ---- | C] () -- C:\Users\Jerome\Desktop\silvia_hrblock.jpg

[2011/04/18 07:04:29 | 000,115,606 | ---- | C] () -- C:\Users\Jerome\Desktop\writebg.jpg

[2011/04/18 07:03:09 | 000,364,723 | ---- | C] () -- C:\Users\Jerome\Desktop\writebg.psd

[2011/04/17 07:38:02 | 000,000,132 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Adobe BMP Format CS5 Prefs

[2011/04/17 07:38:00 | 003,888,056 | ---- | C] () -- C:\Users\Jerome\Desktop\writebg.bmp

[2011/04/15 12:35:24 | 001,217,973 | ---- | C] () -- C:\Users\Jerome\Desktop\Pennington_2010_Tax_Extension_Request.pdf

[2011/04/15 12:20:46 | 000,173,840 | ---- | C] () -- C:\Users\Jerome\Desktop\Pennington_2010_W2_1099.pdf

[2011/04/14 15:24:36 | 000,003,015 | ---- | C] () -- C:\Users\Jerome\Desktop\HiJackThis.lnk

[2011/04/14 15:09:47 | 001,040,788 | ---- | C] () -- C:\Users\Jerome\Desktop\2009ExtensionRequestForm.pdf

[2011/04/14 15:03:17 | 000,439,811 | ---- | C] () -- C:\Users\Jerome\Desktop\jpsig.tif

[2011/04/14 10:27:22 | 000,001,238 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.25.lnk

[2011/04/14 10:27:22 | 000,001,233 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.24.lnk

[2011/04/14 10:27:22 | 000,001,232 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.23.lnk

[2011/04/14 10:27:22 | 000,001,232 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.21.lnk

[2011/04/14 10:27:22 | 000,001,227 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.20.lnk

[2011/04/14 10:27:22 | 000,001,227 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.19.lnk

[2011/04/14 10:27:22 | 000,001,227 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.16.lnk

[2011/04/13 15:51:17 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2011/04/13 15:51:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2011/04/13 15:51:17 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe

[2011/04/13 15:51:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2011/04/13 15:51:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2011/04/13 14:18:34 | 001,854,235 | ---- | C] () -- C:\Users\Jerome\Desktop\AVGInstLog.cab

[2011/04/13 13:45:26 | 004,320,410 | R--- | C] () -- C:\Users\Jerome\Desktop\clonerevolt123.exe

[2011/04/12 14:35:47 | 000,000,890 | ---- | C] () -- C:\Users\Jerome\Desktop\Evernote.lnk

[2011/04/05 23:17:19 | 000,000,132 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Adobe GIF Format CS5 Prefs

[2011/03/24 21:41:01 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2011/03/24 21:41:01 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2011/02/24 02:14:47 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

[2011/02/01 00:05:56 | 000,000,132 | ---- | C] () -- C:\Users\Jerome\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011/01/18 00:54:55 | 000,001,456 | ---- | C] () -- C:\Users\Jerome\AppData\Local\Adobe Save for Web 12.0 Prefs

[2011/01/14 11:55:39 | 000,000,125 | ---- | C] () -- C:\Windows\FlashDecompiler.INI

[2010/10/26 11:11:49 | 000,000,000 | ---- | C] () -- C:\Users\Jerome\AppData\Local\prvlcl.dat

[2010/09/10 12:44:46 | 000,000,059 | ---- | C] () -- C:\Windows\wpd99.drv

[2010/09/10 12:44:45 | 000,051,716 | ---- | C] () -- C:\Windows\System32\pdf995mon.dll

[2010/09/08 16:49:49 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dldfoem.dll

[2010/09/08 16:49:49 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLDFPMON.DLL

[2010/09/08 16:49:49 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLDFFXPU.DLL

[2010/09/08 16:49:49 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DLDFPMRC.DLL

[2010/09/08 16:48:55 | 000,499,712 | ---- | C] () -- C:\Windows\System32\dldfutil.dll

[2010/09/08 16:48:55 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldfinst.dll

[2010/09/08 16:48:55 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldfgrd.dll

[2010/09/08 16:48:55 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldfinsb.dll

[2010/09/08 16:48:55 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldfins.dll

[2010/09/08 16:48:55 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldfjswr.dll

[2010/09/08 16:48:55 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldfinsr.dll

[2010/09/08 16:48:55 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldfcub.dll

[2010/09/08 16:48:55 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldfcu.dll

[2010/09/08 16:48:55 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldfcur.dll

[2010/07/16 13:43:13 | 000,005,632 | ---- | C] () -- C:\Users\Jerome\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/06/25 10:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[2010/04/21 18:28:08 | 000,000,413 | ---- | C] () -- C:\Windows\System32\JYLUpdates.ini

[2010/03/16 20:45:52 | 000,095,994 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin

[2010/01/21 02:58:29 | 000,007,634 | ---- | C] () -- C:\Users\Jerome\AppData\Local\resmon.resmoncfg

[2010/01/21 00:00:49 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

[2010/01/19 10:40:08 | 000,000,185 | ---- | C] () -- C:\Windows\System32\msblcd32.dll

[2010/01/13 11:42:17 | 000,000,068 | ---- | C] () -- C:\Windows\ZMatrixSS.ini

[2010/01/13 00:21:19 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI

[2010/01/07 13:05:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/01/04 11:23:24 | 000,000,600 | ---- | C] () -- C:\Users\Jerome\AppData\Local\PUTTY.RND

[2010/01/01 19:37:56 | 000,000,362 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2010/01/01 16:55:25 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin

[2010/01/01 12:41:18 | 000,028,979 | ---- | C] () -- C:\ProgramData\nvModes.001

[2010/01/01 12:41:16 | 000,028,979 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe

[2009/08/03 01:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2009/08/03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2009/08/03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2009/07/13 21:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/13 21:33:53 | 003,752,608 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009/07/13 19:05:48 | 000,624,622 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009/07/13 19:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009/07/13 19:05:48 | 000,106,708 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009/07/13 19:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009/07/13 19:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009/07/13 19:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009/07/13 16:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 16:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2007/05/22 14:17:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dldfcaps.dll

[2007/05/08 18:48:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dldfdrs.dll

[2007/05/03 15:50:10 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldfcoin.dll

[2007/04/16 13:47:48 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldfcfg.dll

[2007/03/12 22:17:08 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldfcnv4.dll

[2006/08/01 01:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldfvs.dll



========== Alternate Data Streams ==========



@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:DED17083



< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there did you set the following proxy in firefox ?
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888

I see you have run Combofix, could you post the log please

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0

#3
JP in LA

JP in LA

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
That is a debugging proxy that I haven't needed in a while. I didn't realize that it was still enabled. I've deactivated it, but I don't think it has been affecting performance.

I ran ComboFix a while back and have since deleted the app. Do you want me to run it again? I can't seem to find the log I generated back then. Did you see the combofix logfile in the OTL log? I searched my computer and couldn't find it.


aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-12 14:00:14
-----------------------------
14:00:14.743 OS Version: Windows 6.1.7601 Service Pack 1
14:00:14.743 Number of processors: 2 586 0x1706
14:00:14.743 ComputerName: CEREBRO UserName:
14:00:16.537 Initialize success
14:00:27.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2
14:00:27.831 Disk 0 Vendor: WDC_WD3200BEKT-00F3T0 11.01A11 Size: 305245MB BusType: 11
14:00:29.875 Disk 0 MBR read successfully
14:00:29.875 Disk 0 MBR scan
14:00:29.891 Disk 0 unknown MBR code
14:00:31.903 Disk 0 scanning sectors +606316711
14:00:31.934 Disk 0 scanning C:\Windows\system32\drivers
14:00:38.502 Service scanning
14:00:41.013 Disk 0 trace - called modules:
14:00:41.029 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
14:00:41.045 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865c2468]
14:00:41.045 3 CLASSPNP.SYS[8b40459e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-2[0x860b6908]
14:00:41.045 Scan finished successfully
14:01:17.595 Disk 0 MBR has been saved successfully to "C:\Users\Jerome\Desktop\MBR.dat"
14:01:17.611 The log file has been saved successfully to "C:\Users\Jerome\Desktop\aswMBR.txt"
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes could you run a fresh copy please

Download ComboFix from one of these locations:


Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#5
JP in LA

JP in LA

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
ComboFix 11-05-12.04 - Jerome 05/13/2011 11:47:55.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3070.1904 [GMT -7:00]
Running from: c:\users\Jerome\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jerome\AppData\Local\temp\SPOON\CACHE\0x51413803\STUBEXE\0x9A3ABD31A675CB00\Spoon-Sync.exe
c:\users\JEROME~1\AppData\Local\Temp\SPOON\CACHE\0x51413803\STUBEXE\0x9A3ABD31A675CB00\Spoon-Sync.exe
c:\users\Portfolio\Desktop\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-04-13 to 2011-05-13 )))))))))))))))))))))))))))))))
.
.
2011-05-13 18:59 . 2011-05-13 19:01 -------- d-----w- c:\users\Jerome\AppData\Local\temp
2011-05-13 18:59 . 2011-05-13 18:59 -------- d-----w- c:\users\X\AppData\Local\temp
2011-05-13 18:59 . 2011-05-13 18:59 -------- d-----w- c:\users\Portfolio\AppData\Local\temp
2011-05-13 18:59 . 2011-05-13 18:59 -------- d-----w- c:\users\Mcx1\AppData\Local\temp
2011-05-13 18:59 . 2011-05-13 18:59 -------- d-----w- c:\users\Mcx1-JEROMEBOT\AppData\Local\temp
2011-05-13 18:59 . 2011-05-13 18:59 -------- d-----w- c:\users\Mcx1-JEROMEBOT.Jeromebot\AppData\Local\temp
2011-05-13 18:59 . 2011-05-13 18:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-12 13:24 . 2011-05-12 13:24 -------- d-----w- c:\program files\ESET
2011-05-12 13:18 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C32A22AE-871F-4E89-A67A-89B6F910D0A3}\mpengine.dll
2011-05-11 06:25 . 2011-03-25 02:58 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 06:25 . 2011-03-25 02:57 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 06:25 . 2011-03-25 02:58 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 06:25 . 2011-03-25 02:58 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 06:25 . 2011-03-25 02:57 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 06:25 . 2011-03-25 02:57 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 06:25 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-11 06:25 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-10 23:58 . 2011-05-10 23:58 -------- d-----w- c:\programdata\WebEx
2011-05-07 02:14 . 2011-05-07 02:14 -------- d-----w- c:\program files\Microsoft IntelliPoint
2011-05-06 22:12 . 2011-05-06 22:12 -------- d-----w- c:\program files\Western Digital
2011-05-05 23:07 . 2011-05-05 23:07 -------- d-----w- C:\found.000
2011-04-30 03:16 . 2011-04-30 03:16 -------- d-----w- c:\program files\WinDirStat
2011-04-30 03:12 . 2011-04-30 03:12 -------- d-----w- c:\program files\cygwin
2011-04-30 03:12 . 2011-04-30 03:12 -------- d-----w- C:\cygwin
2011-04-24 18:18 . 2011-04-24 18:18 -------- d-----w- c:\program files\iPod
2011-04-24 14:14 . 2009-08-20 07:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-04-24 00:31 . 2011-04-24 00:31 -------- d-----w- c:\programdata\Hewlett-Packard
2011-04-24 00:31 . 2009-07-14 01:15 280064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzppw71.dll
2011-04-21 02:49 . 2011-04-21 02:49 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-04-19 17:17 . 2011-04-19 17:17 -------- d-----w- c:\program files\EA Games
2011-04-19 00:24 . 2011-04-19 00:24 -------- d-----w- c:\users\Jerome\.googlecl
2011-04-16 19:41 . 2011-04-16 19:41 -------- d-----w- c:\program files\Bonjour Print Services
2011-04-16 17:52 . 2011-05-12 15:37 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-04-16 17:52 . 2011-04-16 18:39 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-16 14:30 . 2011-04-16 14:30 -------- d-----w- c:\users\Jerome\AppData\Roaming\Malwarebytes
2011-04-16 14:28 . 2010-12-21 01:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-16 14:28 . 2011-04-16 14:28 -------- d-----w- c:\programdata\Malwarebytes
2011-04-16 14:28 . 2011-04-16 14:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-16 14:28 . 2010-12-21 01:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-16 09:20 . 2011-04-16 09:20 -------- d-----w- c:\program files\CCleaner
2011-04-14 22:24 . 2011-04-14 22:24 388096 ----a-r- c:\users\Jerome\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-14 22:24 . 2011-04-14 22:24 -------- d-----w- c:\program files\Trend Micro
2011-04-13 22:02 . 2011-04-13 22:02 40984 ----a-w- c:\windows\system32\drivers\point32.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-09 06:02 . 2011-04-09 06:02 390656 ----a-w- c:\windows\system32\ipcoin815.dll
2011-04-06 23:20 . 2011-04-06 23:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 23:20 . 2011-04-06 23:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-05 00:47 . 2011-04-05 00:48 737280 ----a-w- c:\windows\iun6002.exe
2011-03-21 13:58 . 2011-03-25 04:41 152064 ----a-w- c:\windows\system32\xvid.ax
2011-03-19 15:06 . 2011-03-25 04:41 240640 ----a-w- c:\windows\system32\xvidvfw.dll
2011-03-19 15:04 . 2011-03-25 04:41 650752 ----a-w- c:\windows\system32\xvidcore.dll
2011-03-15 06:35 . 2011-03-15 06:35 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-15 06:35 . 2011-03-15 06:35 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-15 06:35 . 2011-03-15 06:35 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-15 06:35 . 2011-03-15 06:35 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-03-15 06:35 . 2011-03-15 06:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-15 06:35 . 2011-03-15 06:35 367104 ----a-w- c:\windows\system32\html.iec
2011-03-15 06:35 . 2011-03-15 06:35 161792 ----a-w- c:\windows\system32\msls31.dll
2011-03-15 06:35 . 2011-03-15 06:35 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-03-15 06:35 . 2011-03-15 06:35 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-15 06:35 . 2011-03-15 06:35 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-03-15 06:35 . 2011-03-15 06:35 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-15 06:35 . 2011-03-15 06:35 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-03-15 06:35 . 2011-03-15 06:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-15 06:35 . 2011-03-15 06:35 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-15 06:35 . 2011-03-15 06:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-03-15 06:35 . 2011-03-15 06:35 152064 ----a-w- c:\windows\system32\wextract.exe
2011-03-15 06:35 . 2011-03-15 06:35 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-03-15 06:35 . 2011-03-15 06:35 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-15 06:35 . 2011-03-15 06:35 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-15 06:35 . 2011-03-15 06:35 11776 ----a-w- c:\windows\system32\mshta.exe
2011-03-15 06:35 . 2011-03-15 06:35 101888 ----a-w- c:\windows\system32\admparse.dll
2011-03-11 05:33 . 2011-04-13 12:14 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-13 12:14 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:16 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-08 05:28 . 2011-04-13 12:19 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 19:44 . 2009-07-09 11:00 45648 ------w- c:\windows\system32\drivers\pxhelp20.sys
2011-03-03 05:38 . 2011-04-13 12:24 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:36 . 2011-04-13 12:24 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:42 . 2011-04-13 12:24 2333184 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 09:25 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-02-24 05:38 . 2011-04-13 12:24 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 04:48 . 2011-04-13 12:29 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 04:48 . 2011-04-13 12:29 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 04:47 . 2011-04-13 12:29 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 04:47 . 2011-04-13 12:09 223232 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 04:47 . 2011-04-13 12:09 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 04:47 . 2011-04-13 12:09 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 04:47 . 2011-04-13 12:09 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 06:30 . 2011-03-09 03:13 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:30 . 2011-03-09 03:13 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:30 . 2011-03-09 03:13 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:30 . 2011-04-13 12:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 04:34 . 2011-04-13 12:24 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 00:36 . 2011-02-19 00:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-19 00:36 . 2011-02-19 00:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-18 01:06 . 2011-04-12 17:38 160560 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-02-18 01:06 . 2011-04-12 17:38 44784 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-02-18 01:06 . 2011-02-18 01:06 122032 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-02-18 01:06 . 2011-02-18 01:06 111152 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-02-18 01:06 . 2011-02-18 01:06 135472 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2006-06-16 04:33 . 2010-01-01 23:55 233472 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2006-05-26 02:43 . 2010-01-01 23:55 204895 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2005-09-29 22:41 . 2010-01-01 23:55 77824 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2006-06-19 21:10 . 2010-01-01 23:55 426081 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2005-02-02 20:19 . 2010-01-01 23:55 458752 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2006-04-11 02:35 . 2010-01-01 23:55 139264 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2005-11-09 19:10 . 2010-01-01 23:55 204800 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2005-11-09 19:42 . 2010-01-01 23:55 106496 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2006-01-04 19:22 . 2010-01-01 23:55 212992 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2006-01-04 19:21 . 2010-01-01 23:55 167936 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2011-04-29 18:59 . 2011-03-10 17:25 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 19:06 163328 --sha-r- c:\windows\System32\flvDX.dll
2007-02-21 20:47 31232 --sha-r- c:\windows\System32\msfDX.dll
2008-03-16 22:30 216064 --sha-r- c:\windows\System32\nbDX.dll
.
.
((((((((((((((((((((((((((((( [email protected]_23.09.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-28 08:47 . 2011-03-11 03:48 76288 c:\windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.21680_none_4ac7a4d10f6f3253\USBSTOR.SYS
+ 2011-04-28 08:47 . 2011-03-11 04:01 76288 c:\windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.17577_none_4a4fd9f7f64327f9\USBSTOR.SYS
+ 2011-04-28 08:47 . 2011-03-11 04:14 75776 c:\windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7600.20921_none_492329831217353f\USBSTOR.SYS
+ 2011-04-28 08:47 . 2011-03-11 04:08 75776 c:\windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7600.16778_none_486a7d3bf91bd564\USBSTOR.SYS
+ 2011-05-11 06:25 . 2011-03-25 02:54 24064 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbuhci.sys
+ 2011-05-11 06:25 . 2011-03-25 02:54 20480 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbohci.sys
+ 2011-05-11 06:25 . 2011-03-25 02:54 43008 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbehci.sys
+ 2011-05-11 06:25 . 2011-03-25 02:57 24064 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbuhci.sys
+ 2011-05-11 06:25 . 2011-03-25 02:57 20480 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbohci.sys
+ 2011-05-11 06:25 . 2011-03-25 02:57 43008 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbehci.sys
+ 2011-05-11 06:25 . 2011-03-29 03:06 24064 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbuhci.sys
+ 2011-05-11 06:25 . 2011-03-29 03:06 20480 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbohci.sys
+ 2011-05-11 06:25 . 2011-03-29 03:06 43008 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbehci.sys
+ 2011-05-11 06:25 . 2011-03-25 03:06 24064 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbuhci.sys
+ 2011-05-11 06:25 . 2011-03-25 03:06 20480 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbohci.sys
+ 2011-05-11 06:25 . 2011-03-25 03:06 43008 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbehci.sys
+ 2011-05-11 06:25 . 2011-03-25 02:54 76288 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.21692_none_cd30edb88614b91e\usbccgp.sys
+ 2011-05-11 06:25 . 2011-03-25 02:58 75776 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.17586_none_ccb622016ceb62bf\usbccgp.sys
+ 2011-05-11 06:25 . 2011-03-29 03:06 76288 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.20934_none_cb8d72b488bbd561\usbccgp.sys
+ 2011-05-11 06:25 . 2011-03-25 03:06 75776 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.16788_none_cad1c58f6fc32981\usbccgp.sys
+ 2011-04-28 08:47 . 2011-02-18 05:10 31232 c:\windows\winsxs\x86_microsoft-windows-shell-previewhost_31bf3856ad364e35_6.1.7601.21663_none_45975bf37867d112\prevhost.exe
+ 2011-04-28 08:47 . 2011-02-18 05:39 31232 c:\windows\winsxs\x86_microsoft-windows-shell-previewhost_31bf3856ad364e35_6.1.7601.17562_none_450cbede5f4b17f1\prevhost.exe
+ 2011-04-28 08:47 . 2011-02-18 05:54 31232 c:\windows\winsxs\x86_microsoft-windows-shell-previewhost_31bf3856ad364e35_6.1.7600.20904_none_43f2e0a57b0fd3fe\prevhost.exe
+ 2011-04-28 08:47 . 2011-02-18 05:33 31232 c:\windows\winsxs\x86_microsoft-windows-shell-previewhost_31bf3856ad364e35_6.1.7600.16762_none_432661d86224ac05\prevhost.exe
+ 2009-07-14 02:10 . 2009-07-14 02:10 85504 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wmiutils.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 29184 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wbemprox.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 16384 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\SvcIni.exe
+ 2009-07-14 02:10 . 2009-07-14 02:10 35328 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\mspatcha.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 58880 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\mofinstall.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 28672 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsMsg.dll
+ 2011-04-28 08:47 . 2011-03-11 05:18 74240 c:\windows\winsxs\x86_microsoft-windows-fsutil_31bf3856ad364e35_6.1.7601.21680_none_cea56a936788b341\fsutil.exe
+ 2011-04-28 08:47 . 2011-03-11 05:31 74240 c:\windows\winsxs\x86_microsoft-windows-fsutil_31bf3856ad364e35_6.1.7601.17577_none_ce2d9fba4e5ca8e7\fsutil.exe
+ 2011-04-28 08:47 . 2011-03-11 05:46 74240 c:\windows\winsxs\x86_microsoft-windows-fsutil_31bf3856ad364e35_6.1.7600.20921_none_cd00ef456a30b62d\fsutil.exe
+ 2011-04-28 08:47 . 2011-03-11 05:37 74240 c:\windows\winsxs\x86_microsoft-windows-fsutil_31bf3856ad364e35_6.1.7600.16778_none_cc4842fe51355652\fsutil.exe
+ 2011-04-28 08:47 . 2011-03-11 05:27 22400 c:\windows\winsxs\x86_amdsata.inf_31bf3856ad364e35_6.1.7601.21680_none_4eae2d5af9871de8\amdxata.sys
+ 2011-04-28 08:47 . 2011-03-11 05:27 80256 c:\windows\winsxs\x86_amdsata.inf_31bf3856ad364e35_6.1.7601.21680_none_4eae2d5af9871de8\amdsata.sys
+ 2011-04-28 08:47 . 2011-03-11 05:38 22400 c:\windows\winsxs\x86_amdsata.inf_31bf3856ad364e35_6.1.7601.17577_none_4e366281e05b138e\amdxata.sys
+ 2011-04-28 08:47 . 2011-03-11 05:38 80256 c:\windows\winsxs\x86_amdsata.inf_31bf3856ad364e35_6.1.7601.17577_none_4e366281e05b138e\amdsata.sys
+ 2011-04-28 08:47 . 2011-03-11 05:52 22400 c:\windows\winsxs\x86_amdsata.inf_31bf3856ad364e35_6.1.7600.20921_none_4d09b20cfc2f20d4\amdxata.sys
+ 2011-04-28 08:47 . 2011-03-11 05:52 80256 c:\windows\winsxs\x86_amdsata.inf_31bf3856ad364e35_6.1.7600.20921_none_4d09b20cfc2f20d4\amdsata.sys
+ 2011-04-28 08:47 . 2011-03-11 05:43 22400 c:\windows\winsxs\x86_amdsata.inf_31bf3856ad364e35_6.1.7600.16778_none_4c5105c5e333c0f9\amdxata.sys
+ 2011-04-28 08:47 . 2011-03-11 05:43 80256 c:\windows\winsxs\x86_amdsata.inf_31bf3856ad364e35_6.1.7600.16778_none_4c5105c5e333c0f9\amdsata.sys
+ 2009-07-14 04:55 . 2011-05-13 18:39 58378 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-01 17:27 . 2011-05-13 18:39 26286 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2846039889-803451671-1898855674-1001_UserData.bin
- 2009-07-13 23:39 . 2010-01-07 01:57 37376 c:\windows\System32\themeservice.dll
+ 2009-07-13 23:39 . 2009-07-14 01:16 37376 c:\windows\System32\themeservice.dll
+ 2009-07-14 00:59 . 2009-07-14 01:15 20992 c:\windows\System32\spool\drivers\w32x86\3\hpfrsw71.dll
+ 2011-04-28 08:47 . 2011-02-18 05:39 31232 c:\windows\System32\prevhost.exe
- 2011-02-24 09:14 . 2010-11-20 12:17 31232 c:\windows\System32\prevhost.exe
+ 2011-04-14 18:17 . 2011-05-12 22:53 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
+ 2009-07-14 00:58 . 2009-07-14 01:15 39936 c:\windows\System32\hpzllw71.dll
+ 2011-04-28 08:47 . 2011-03-11 05:31 74240 c:\windows\System32\fsutil.exe
+ 2009-07-14 04:50 . 2011-05-11 10:26 86016 c:\windows\System32\DriverStore\infpub.dat
- 2009-07-14 04:50 . 2011-04-12 17:39 86016 c:\windows\System32\DriverStore\infpub.dat
+ 2008-05-06 23:06 . 2008-05-06 23:06 11520 c:\windows\System32\DriverStore\FileRepository\wdcsam.inf_x86_neutral_782a203832146fb2\wdcsam.sys
+ 2011-04-28 08:47 . 2011-03-11 04:01 76288 c:\windows\System32\DriverStore\FileRepository\usbstor.inf_x86_neutral_e6d53e776821c5b8\USBSTOR.SYS
+ 2011-05-11 06:25 . 2011-03-25 02:57 24064 c:\windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbuhci.sys
+ 2011-05-11 06:25 . 2011-03-25 02:57 20480 c:\windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbohci.sys
+ 2011-05-11 06:25 . 2011-03-25 02:57 43008 c:\windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbehci.sys
+ 2011-05-11 06:25 . 2011-03-25 02:58 75776 c:\windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_1584ed9878602b0f\usbccgp.sys
+ 2011-04-13 22:02 . 2011-04-13 22:02 40984 c:\windows\System32\DriverStore\FileRepository\point32.inf_x86_neutral_f2677eeb29fc84fc\point32.sys
+ 2011-04-13 22:02 . 2011-04-13 22:02 21784 c:\windows\System32\DriverStore\FileRepository\nuidfltr.inf_x86_neutral_50e248b7eca99c27\nuidfltr.sys
+ 2011-04-12 20:01 . 2011-04-12 20:01 45464 c:\windows\System32\DriverStore\FileRepository\dc3du.inf_x86_neutral_78edb1f7145306b3\dc3d.sys
+ 2011-04-13 22:02 . 2011-04-13 22:02 45464 c:\windows\System32\DriverStore\FileRepository\dc3dh.inf_x86_neutral_dd8895551dd4deb3\dc3d.sys
+ 2011-04-28 08:47 . 2011-03-11 05:38 22400 c:\windows\System32\DriverStore\FileRepository\amdsata.inf_x86_neutral_5c3d0d1e97e99e10\amdxata.sys
+ 2011-04-28 08:47 . 2011-03-11 05:38 80256 c:\windows\System32\DriverStore\FileRepository\amdsata.inf_x86_neutral_5c3d0d1e97e99e10\amdsata.sys
+ 2008-05-06 23:06 . 2008-05-06 23:06 11520 c:\windows\System32\drivers\wdcsam.sys
- 2011-02-24 09:15 . 2010-11-20 10:00 76288 c:\windows\System32\drivers\USBSTOR.SYS
+ 2011-04-28 08:47 . 2011-03-11 04:01 76288 c:\windows\System32\drivers\USBSTOR.SYS
- 2011-02-24 09:15 . 2010-11-20 12:29 22400 c:\windows\System32\drivers\amdxata.sys
+ 2011-04-28 08:47 . 2011-03-11 05:38 22400 c:\windows\System32\drivers\amdxata.sys
- 2011-02-24 09:15 . 2010-11-20 12:29 80256 c:\windows\System32\drivers\amdsata.sys
+ 2011-04-28 08:47 . 2011-03-11 05:38 80256 c:\windows\System32\drivers\amdsata.sys
- 2010-01-01 17:11 . 2011-04-11 19:19 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-01 17:11 . 2011-05-06 15:31 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-01 17:11 . 2011-04-11 19:19 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-01 17:11 . 2011-05-06 15:31 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:41 . 2011-04-11 19:19 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:41 . 2011-05-06 15:31 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-26 19:09 . 2011-04-22 02:06 95768 c:\windows\System32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
- 2010-12-26 19:09 . 2011-04-09 20:23 95768 c:\windows\System32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
+ 2011-05-03 21:26 . 2011-05-03 21:26 25088 c:\windows\Installer\2d96e9.msi
+ 2011-04-23 12:23 . 2011-04-23 12:23 32256 c:\windows\Installer\2b95e3.msi
+ 2011-01-05 17:09 . 2011-04-24 14:14 25214 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Distiller.exe
- 2011-01-05 17:09 . 2011-03-29 07:58 25214 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Distiller.exe
- 2011-01-05 17:09 . 2011-03-29 07:58 36294 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_Standard.exe
+ 2011-01-05 17:09 . 2011-04-24 14:14 36294 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_Standard.exe
+ 2011-01-05 17:09 . 2011-04-24 14:14 38926 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_3D.exe
- 2011-01-05 17:09 . 2011-03-29 07:58 38926 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_3D.exe
+ 2011-01-05 17:09 . 2011-04-24 14:14 38926 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat.exe
- 2011-01-05 17:09 . 2011-03-29 07:58 38926 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat.exe
+ 2010-06-04 14:47 . 2011-04-21 02:49 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-06-04 14:47 . 2011-02-24 09:29 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\9824b202ffe88c945577effdc7fc8fc3\UIAutomationProvider.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\6474ae2cebac637025eab3cbcdc9ffe6\System.Windows.Presentation.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\50cbf014f60fa88f67a763dfbead1fee\System.Web.ApplicationServices.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f472171edc898ea876f14b97b4f332b8\System.ServiceModel.Channels.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\473102f936b4a823e5e2b2e6282c5104\System.AddIn.Contract.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\1a21a54acf18fabfddb0b94d40e509a1\Microsoft.VisualC.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\7600f9d2a3bc01ba15674667283c2e53\Accessibility.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\UIXControls\c269b38737fbb523dc68a318989558b4\UIXControls.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\dfb36b130027150837defb84a9d4abf7\System.Windows.Presentation.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d715edceb8bdce537631d04bc43a4535\System.Web.DynamicData.Design.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\7c11261ecfd9a81a4084c8731e7c825a\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\2fb647062270c8f8f189ba2903f85cbe\System.AddIn.Contract.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\8d4aea49abb824c98d5dc8fb3efd0b28\PresentationFontCache.ni.exe
+ 2011-04-13 23:18 . 2011-04-13 23:18 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\1fafee5a143a8e0f3bec6672f1685694\napcrypt.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\5bf53978099f528bc659608f8c8ab8be\Microsoft.WSMan.Runtime.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ffac6254b58fb82a636cc68ba2831356\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\fd515a49c0fa54f3c317e2413958e853\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ba42bf0a777fac5e918522ae7d1b1bf5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\8b26e77e412445182590f1263ca2c7f0\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\86d33dd637f9a2aefc5d7dbd58c73c17\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\3a25aed2c1b12492f76f87c8e75d87c5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\2942d0111bee78ea35d34a43bd7e427f\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\77dd4d2efab9f4a095b4bdf97a7fcea0\Microsoft.Vsa.ni.dll
+ 2011-05-11 06:25 . 2011-03-25 02:54 5888 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbd.sys
+ 2011-05-11 06:25 . 2011-03-25 02:57 5888 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbd.sys
+ 2011-05-11 06:25 . 2011-03-29 03:06 5888 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbd.sys
+ 2011-05-11 06:25 . 2011-03-25 03:06 5888 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbd.sys
+ 2009-07-13 23:26 . 2009-07-14 01:03 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.1.7601.21674_none_0e725f5869dccc48\AcRes.dll
+ 2009-07-13 23:26 . 2009-07-14 01:03 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.1.7601.17571_none_0de5c1af50c1e079\AcRes.dll
+ 2009-07-13 23:26 . 2009-07-14 01:03 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.1.7600.20915_none_0ccde40a6c84cf34\AcRes.dll
+ 2009-07-13 23:26 . 2009-07-14 01:03 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.1.7600.16773_none_0c01653d5399a73b\AcRes.dll
+ 2010-01-07 01:58 . 2011-05-11 06:26 3176 c:\windows\System32\wdi\ERCQueuedResolutions.dat
+ 2011-04-25 05:01 . 2011-04-25 05:01 9560 c:\windows\System32\NetworkList\Icons\{4DC0B78A-6D81-4F9A-9BF4-2367163F076A}_48.bin
+ 2011-04-25 05:01 . 2011-04-25 05:01 4280 c:\windows\System32\NetworkList\Icons\{4DC0B78A-6D81-4F9A-9BF4-2367163F076A}_32.bin
+ 2011-04-25 05:01 . 2011-04-25 05:01 2456 c:\windows\System32\NetworkList\Icons\{4DC0B78A-6D81-4F9A-9BF4-2367163F076A}_24.bin
+ 2011-05-11 06:25 . 2011-03-25 02:57 5888 c:\windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbd.sys
+ 2011-05-13 18:37 . 2011-05-13 18:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-04-13 22:45 . 2011-04-13 22:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-13 18:37 . 2011-05-13 18:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-13 22:45 . 2011-04-13 22:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-05 17:09 . 2011-04-24 14:14 7278 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_ELEMENTS_DT.exe
- 2011-01-05 17:09 . 2011-03-29 07:58 7278 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_ELEMENTS_DT.exe
+ 2011-04-13 23:19 . 2011-04-13 23:19 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\1a4701c5a061d081b78353bd04349c3e\dfsvc.ni.exe
+ 2011-05-11 06:25 . 2011-03-25 02:54 284672 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbport.sys
+ 2011-05-11 06:25 . 2011-03-25 02:55 258560 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbhub.sys
+ 2011-05-11 06:25 . 2011-03-25 02:58 284672 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbport.sys
+ 2011-05-11 06:25 . 2011-03-25 02:58 258560 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbhub.sys
+ 2011-05-11 06:25 . 2011-03-29 03:06 284160 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbport.sys
+ 2011-05-11 06:25 . 2011-03-29 03:07 258560 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbhub.sys
+ 2011-05-11 06:25 . 2011-03-25 03:06 284160 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbport.sys
+ 2011-05-11 06:25 . 2011-03-25 03:06 258560 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbhub.sys
+ 2011-05-11 06:25 . 2011-03-25 02:55 258560 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.21692_none_cd30edb88614b91e\usbhub.sys
+ 2011-05-11 06:25 . 2011-03-25 02:58 258560 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.17586_none_ccb622016ceb62bf\usbhub.sys
+ 2011-05-11 06:25 . 2011-03-29 03:07 258560 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.20934_none_cb8d72b488bbd561\usbhub.sys
+ 2011-05-11 06:25 . 2011-03-25 03:06 258560 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.16788_none_cad1c58f6fc32981\usbhub.sys
+ 2011-04-28 08:47 . 2011-03-11 05:28 143744 c:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
+ 2011-04-28 08:47 . 2011-03-11 05:28 117120 c:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
+ 2011-04-28 08:47 . 2011-03-11 05:39 143744 c:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
+ 2011-04-28 08:47 . 2011-03-11 05:39 117120 c:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
+ 2011-04-28 08:47 . 2011-03-11 05:52 143744 c:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
+ 2011-04-28 08:47 . 2011-03-11 05:52 117120 c:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys
+ 2011-04-28 08:47 . 2011-03-11 05:44 143744 c:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
+ 2011-04-28 08:47 . 2011-03-11 05:44 117120 c:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
+ 2011-04-28 08:47 . 2011-03-11 05:28 148864 c:\windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.21680_none_29bda4c3a7cafce3\storport.sys
+ 2011-04-28 08:47 . 2011-03-11 05:39 148864 c:\windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.17577_none_2945d9ea8e9ef289\storport.sys
+ 2011-04-28 08:47 . 2011-03-11 05:52 148864 c:\windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.1.7600.20921_none_28192975aa72ffcf\storport.sys
+ 2011-04-28 08:47 . 2011-03-11 05:44 146304 c:\windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.1.7600.16778_none_27607d2e91779ff4\storport.sys
+ 2009-07-14 02:10 . 2009-07-14 02:10 180224 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\xmllite.dll
+ 2011-01-19 20:04 . 2010-11-20 12:21 363008 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wbemcomn.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 300544 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\repdrvfs.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 151040 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\OEMHelpIns.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 305152 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\msdelta.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 192000 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\mofd.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 229888 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\locdrv.dll
+ 2011-01-19 20:04 . 2010-11-20 12:19 105472 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\helpcins.dll
+ 2011-01-19 20:04 . 2010-11-20 12:19 606208 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\fastprox.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 266240 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\esscli.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 173568 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 296448 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\cmitrust.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 201216 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\apss.dll
+ 2011-04-28 08:47 . 2011-03-12 11:17 870912 c:\windows\winsxs\x86_microsoft-windows-printing-xpsprint_31bf3856ad364e35_6.1.7601.21682_none_ade679d888e5990e\XpsPrint.dll
+ 2011-04-28 08:47 . 2011-03-12 11:23 870912 c:\windows\winsxs\x86_microsoft-windows-printing-xpsprint_31bf3856ad364e35_6.1.7601.17578_none_ad6daeb56fba755d\XpsPrint.dll
+ 2011-04-28 08:47 . 2011-03-12 11:41 442880 c:\windows\winsxs\x86_microsoft-windows-printing-xpsprint_31bf3856ad364e35_6.1.7600.20923_none_ac41fe8a8b8d9bfa\XpsPrint.dll
+ 2011-04-28 08:47 . 2011-03-12 11:31 442880 c:\windows\winsxs\x86_microsoft-windows-printing-xpsprint_31bf3856ad364e35_6.1.7600.16779_none_ab8851f9729322c8\XpsPrint.dll
+ 2009-07-13 23:26 . 2009-07-14 01:14 211968 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.1.7601.21674_none_0e76608069d931a4\AcXtrnal.dll
+ 2011-02-24 09:15 . 2010-11-20 12:18 562176 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.1.7601.21674_none_0e76608069d931a4\AcLayers.dll
+ 2009-07-13 23:26 . 2009-07-14 01:14 211968 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.1.7601.17571_none_0de9c2d750be45d5\AcXtrnal.dll
+ 2011-02-24 09:15 . 2010-11-20 12:18 562176 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.1.7601.17571_none_0de9c2d750be45d5\AcLayers.dll
+ 2009-07-13 23:26 . 2009-07-14 01:14 211968 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.1.7600.20915_none_0cd1e5326c813490\AcXtrnal.dll
+ 2009-07-13 23:27 . 2009-07-14 01:14 559616 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.1.7600.20915_none_0cd1e5326c813490\AcLayers.dll
+ 2009-07-13 23:26 . 2009-07-14 01:14 211968 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.1.7600.16773_none_0c05666553960c97\AcXtrnal.dll
+ 2009-07-13 23:27 . 2009-07-14 01:14 559616 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.1.7600.16773_none_0c05666553960c97\AcLayers.dll
+ 2011-04-28 08:47 . 2011-03-11 05:28 332160 c:\windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
+ 2011-04-28 08:47 . 2011-03-11 05:38 332160 c:\windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
+ 2011-04-28 08:47 . 2011-03-11 05:52 332160 c:\windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
+ 2011-04-28 08:47 . 2011-03-11 05:43 332160 c:\windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
+ 2006-11-01 20:06 . 2006-11-01 20:06 158520 c:\windows\whois.exe
+ 2011-04-28 08:47 . 2011-03-12 11:23 870912 c:\windows\System32\XpsPrint.dll
- 2011-02-23 05:44 . 2011-01-07 07:46 870912 c:\windows\System32\XpsPrint.dll
+ 2010-01-03 06:54 . 2011-05-08 16:55 487424 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-01-01 23:20 . 2011-04-26 06:31 371238 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2010-01-01 17:45 . 2011-05-13 18:39 145016 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-13 23:40 . 2010-01-07 01:57 249856 c:\windows\System32\uxtheme.dll
+ 2009-07-13 23:40 . 2009-07-14 01:16 249856 c:\windows\System32\uxtheme.dll
+ 2009-07-14 00:58 . 2009-07-14 01:05 694272 c:\windows\System32\spool\drivers\w32x86\3\hpzssw71.dll
+ 2009-07-14 00:57 . 2009-07-14 01:15 358400 c:\windows\System32\spool\drivers\w32x86\3\hpzprw71.dll
+ 2009-07-14 00:58 . 2009-07-14 01:15 788480 c:\windows\System32\spool\drivers\w32x86\3\hpzlew71.dll
+ 2009-07-14 00:56 . 2009-07-14 01:15 854528 c:\windows\System32\spool\drivers\w32x86\3\HPZEVW71.DLL
+ 2009-07-14 00:59 . 2009-07-14 01:15 237568 c:\windows\System32\spool\drivers\w32x86\3\hpzc3w71.dll
+ 2009-07-14 00:58 . 2009-07-14 01:05 977408 c:\windows\System32\spool\drivers\w32x86\3\hpz3cw71.dll
+ 2009-07-14 00:58 . 2009-07-14 01:15 244224 c:\windows\System32\spool\drivers\w32x86\3\hpfigw71.dll
+ 2009-07-14 00:55 . 2009-07-14 01:15 225792 c:\windows\System32\spool\drivers\w32x86\3\hpfiew71.dll
+ 2009-07-14 00:59 . 2009-07-14 01:15 163328 c:\windows\System32\spool\drivers\w32x86\3\hpcdmc71.dll
- 2009-07-14 02:05 . 2011-04-13 21:35 624622 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2011-05-11 06:18 624622 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2011-04-13 21:35 106708 c:\windows\System32\perfc009.dat
+ 2009-07-14 02:05 . 2011-05-11 06:18 106708 c:\windows\System32\perfc009.dat
- 2010-01-01 17:36 . 2010-10-19 18:41 222080 c:\windows\System32\MpSigStub.exe
+ 2010-01-01 17:36 . 2011-02-03 01:11 222080 c:\windows\System32\MpSigStub.exe
+ 2011-04-22 02:10 . 2011-04-22 02:10 235168 c:\windows\System32\Macromed\Flash\FlashUtil10p_Plugin.exe
- 2009-07-14 04:50 . 2011-04-12 17:39 143360 c:\windows\System32\DriverStore\infstrng.dat
+ 2009-07-14 04:50 . 2011-05-11 10:26 143360 c:\windows\System32\DriverStore\infstrng.dat
+ 2009-07-14 04:50 . 2011-05-11 10:26 143360 c:\windows\System32\DriverStore\infstor.dat
- 2009-07-14 04:50 . 2011-04-12 17:39 143360 c:\windows\System32\DriverStore\infstor.dat
+ 2011-05-11 06:25 . 2011-03-25 02:58 284672 c:\windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbport.sys
+ 2011-05-11 06:25 . 2011-03-25 02:58 258560 c:\windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbhub.sys
+ 2011-05-11 06:25 . 2011-03-25 02:58 258560 c:\windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_1584ed9878602b0f\usbhub.sys
+ 2011-04-28 08:47 . 2011-03-11 05:39 143744 c:\windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
+ 2011-04-28 08:47 . 2011-03-11 05:39 117120 c:\windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
+ 2011-04-09 06:02 . 2011-04-09 06:02 390656 c:\windows\System32\DriverStore\FileRepository\ipcdless.inf_x86_neutral_ba29bd54882cbd80\ipcoin815.dll
+ 2011-04-28 08:47 . 2011-03-11 05:38 332160 c:\windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
+ 2011-04-13 22:02 . 2011-04-13 22:02 395672 c:\windows\System32\DriverStore\FileRepository\dc3dh.inf_x86_neutral_dd8895551dd4deb3\ipcoin815.dll
- 2009-07-14 04:51 . 2011-02-24 18:25 399360 c:\windows\System32\DriverStore\drvindex.dat
+ 2009-07-14 04:51 . 2011-05-11 10:26 399360 c:\windows\System32\DriverStore\drvindex.dat
- 2011-02-24 09:15 . 2010-11-20 12:30 148864 c:\windows\System32\drivers\storport.sys
+ 2011-04-28 08:47 . 2011-03-11 05:39 148864 c:\windows\System32\drivers\storport.sys
+ 2011-04-28 08:47 . 2011-03-11 05:39 143744 c:\windows\System32\drivers\nvstor.sys
- 2011-02-24 09:15 . 2010-11-20 12:30 143744 c:\windows\System32\drivers\nvstor.sys
- 2011-02-24 09:15 . 2010-11-20 12:30 117120 c:\windows\System32\drivers\nvraid.sys
+ 2011-04-28 08:47 . 2011-03-11 05:39 117120 c:\windows\System32\drivers\nvraid.sys
+ 2011-04-28 08:47 . 2011-03-11 05:38 332160 c:\windows\System32\drivers\iaStorV.sys
- 2011-02-24 09:15 . 2010-11-20 12:29 332160 c:\windows\System32\drivers\iaStorV.sys
+ 2011-04-21 02:49 . 2011-04-21 02:49 262144 c:\windows\System32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:34 . 2011-05-12 15:45 108256 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:47 . 2011-05-13 18:36 465336 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-03-15 17:23 . 2011-03-15 17:23 694272 c:\windows\Installer\3b06c7.msi
+ 2011-01-04 09:04 . 2011-04-24 14:14 335872 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
- 2011-01-04 09:04 . 2011-03-29 07:58 335872 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
+ 2011-04-24 18:19 . 2011-04-24 18:19 380928 c:\windows\Installer\{353FE16B-30FE-469A-BF55-B978F4218003}\iTunesIco.exe
+ 2011-04-13 23:43 . 2011-04-13 23:43 245760 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\c854ff737035c79fdf1b56b95e28fdbc\WindowsFormsIntegration.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 195584 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\c085fc0d222fb39afe14cc8e5eb32eee\UIAutomationTypes.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 481792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\974f99cb0c5b67484ce5a3fd1fc5e7dd\UIAutomationClient.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6d7c87b19bf40f2bc57ec4429b628c9a\System.Xml.Linq.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 187904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\21eb4743be4fdd8df5f0a9cd0dd52f5d\System.Windows.Input.Manipulations.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 645632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\1fac5b5769af4e4dd0aa3f09d9834734\System.Transactions.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 220672 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\4e5c6a1e261c43961b19f4712359234f\System.ServiceProcess.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\9fc58e83505ef6bf05a4529665c7737d\System.ServiceModel.Routing.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 310272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7de8fccb064fff0d219e8594a014b600\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 758784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\30b7ffac8d9d7ba0364dd19c158fe291\System.Runtime.Remoting.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 651264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\56158e581a3dfce8f930fe7388cfe156\System.Net.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 625152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\8b3e59239912537657fc7f9c6b88dd8a\System.Messaging.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 392704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\117067671949b80852b0a7c112888b7b\System.Management.Instrumentation.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 405504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\a483116d4df8444911c9d47fd99b8b95\System.IO.Log.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 228352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\3891b868ee83ca630686d547c328da31\System.IdentityModel.Selectors.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 230912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\547669d593c2ac7c94391e153ea6068f\System.EnterpriseServices.Wrapper.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 784896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\547669d593c2ac7c94391e153ea6068f\System.EnterpriseServices.ni.dll
+ 2011-04-13 23:41 . 2011-04-13 23:41 911872 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\8a7ceaec74327e2be758e7291b8a5849\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-04-13 23:41 . 2011-04-13 23:41 461824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\698dd101afeceb8ffc4a435b9be82038\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-13 23:41 . 2011-04-13 23:41 112128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\65b4592d5d04a0c5b6f102f8d1e065e8\System.Device.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\ee0a48c4f9340f1002baa71004a14932\System.Data.DataSetExtensions.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 145920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\9a074aee02c2c27bd8a64bd39bb0f954\System.Configuration.Install.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 193536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\f02a6c23986ba9eee3699717437b0f94\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 613888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\d5de48c1c29a8498c89ed5da48e40690\System.AddIn.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 402944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\d60de251f6401ab42fe195f6bf25ca73\System.Activities.DurableInstancing.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 316928 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\d42aded7e797fe07a002cec27071b509\SMSvcHost.ni.exe
+ 2011-04-13 23:20 . 2011-04-13 23:20 142336 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\22f477b2dad8700e564daead57f5b825\SMDiagnostics.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e6c8530bfd8c9a39e07a5401b3acba04\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 418304 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\a78fa250714cf42472bc22d0b7ea14e5\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 193024 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\e665571fbfd43f6f3f715b715dd01f14\CustomMarshalers.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\198b4ee83566b62a5c87bd814fb1f8f4\WsatConfig.ni.exe
+ 2011-04-13 23:19 . 2011-04-13 23:19 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\d8ec0071fec3b06af38f1234eb82a884\WindowsFormsIntegration.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\bbad088f478c91b9174ffe65844ad199\UIAutomationClient.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\02d928a826c82b92331c71f30d579d4a\TaskScheduler.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\4b9b436024b4847c648480acf01eea91\System.Xml.Linq.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\b53d0d634c6051d969f30ecffd701ecb\System.Web.Routing.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\445de76ec99cc5d3459189d544f29dd7\System.Web.Extensions.Design.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\3088d07cc9bbdc97dc73b6bc7386be95\System.Web.Entity.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\42653eb1a62181355ad352f99cce12e5\System.Web.Entity.Design.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\876d46e41c5d576cb918ea2871f4cbb3\System.Web.DynamicData.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\a390ed921e281c51ea3615c17accb390\System.Web.Abstractions.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\fe4f5ea7aa5cd4f73624ce332e0c4aa3\System.Net.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\bc56f838c38758438d997bc84f1172cf\System.Management.Instrumentation.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4d5702ad52cb18b8e139f9f8411e5eb1\System.IO.Log.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6301fcda2740f71e5a0c975aa051e5cf\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\6ef6398e4588952ffbdca267195c5df1\System.Data.Services.Design.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\d3c413606d2dd8596a581ad96a394e0b\System.Data.Entity.Design.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\9ca8ec5c8497f8f0eb5a3a920a0a8251\System.Data.DataSetExtensions.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\711f9b29a5d89be5bc9ff6e995cd9cde\System.AddIn.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\c88a961c8746ccc8c9fe8e7371f5353d\sysglobl.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\12a14dd6703b406947cb1ec2732825e8\SMSvcHost.ni.exe
+ 2011-04-13 23:17 . 2011-04-13 23:17 294912 c:\windows\assembly\NativeImages_v2.0.50727_32\SecurityAuditPolici#\3bf965d29c59ea5486c7f8323aacedf6\SecurityAuditPoliciesSnapIn.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\27692dc3aa6d2acfb9bc70875abfb326\napsnap.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\f945d9b3f3b72309bc5ef063abcc755f\napinit.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\b04dde005a1a67942619125bfeb8a5c2\naphlpr.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\87bb057d02ef59d0357d5848ad0bf07a\MSBuild.ni.exe
+ 2011-04-13 23:18 . 2011-04-13 23:18 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\98b538c23cd6c4f4a251d698a467358b\Microsoft.WSMan.Management.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\55ce518405fa1fd83e1076c9a81d588d\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\e80eb45235e45af15f627a1ae11b48b0\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 210944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\d06b8e3d7cac83ee9dd7eccc4f1219d1\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f34199718c23732c93eaa85d72c1003b\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b81855257d7d958c7f4f94be1c47130f\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8da8b5fe5374dd89ddbab7d1240858e5\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2727054421023a7d569d5c255791c0b3\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\06777e53e4715d2b525c49cfee391fca\Microsoft.PowerShell.Security.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 105472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\783612a3df15dd55d11bccacf9c587cb\Microsoft.MediaCenter.Mheg.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 664064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.IIS.Power#\400f9d8a566ace2c90592e2bf304edb8\Microsoft.IIS.PowerShell.Framework.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 496640 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.IIS.Power#\0810c4e581b01f0984e714ace2b27ee4\Microsoft.IIS.Powershell.Provider.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 455168 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\edbbe467e50cccefd86438e58777a98e\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 286208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\0d3581d8af0617baf8f5c30042ab7adf\Microsoft.GroupPolicy.Interop.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\99b81691a93680a7b02f2312e76c77bb\Microsoft.Build.Utilities.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\56289d6ea357999bd77143f5ee1c736f\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-07-14 02:10 . 2009-07-14 02:10 1798144 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\apds.dll
+ 2011-05-11 06:25 . 2011-04-09 06:01 3912576 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntoskrnl.exe
+ 2011-05-11 06:25 . 2011-04-09 06:01 3967872 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntkrnlpa.exe
+ 2011-05-11 06:25 . 2011-04-09 06:02 3912576 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntoskrnl.exe
+ 2011-05-11 06:25 . 2011-04-09 06:02 3967872 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntkrnlpa.exe
+ 2011-05-11 06:25 . 2011-04-09 06:21 3911552 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_6cb79c952e776446\ntoskrnl.exe
+ 2011-05-11 06:25 . 2011-04-09 06:21 3967360 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_6cb79c952e776446\ntkrnlpa.exe
+ 2011-05-11 06:25 . 2011-04-09 06:13 3901824 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_6bf8ee9215816c61\ntoskrnl.exe
+ 2011-05-11 06:25 . 2011-04-09 06:13 3957632 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_6bf8ee9215816c61\ntkrnlpa.exe
+ 2011-04-28 08:47 . 2011-03-11 05:28 1211264 c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys
+ 2011-04-28 08:47 . 2011-03-11 05:39 1211264 c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys
+ 2011-04-28 08:47 . 2011-03-11 05:52 1210752 c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys
+ 2011-04-28 08:47 . 2011-03-11 05:44 1210240 c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys
+ 2011-04-28 08:47 . 2011-02-26 05:19 2616320 c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
+ 2011-04-28 08:47 . 2011-02-25 05:30 2616320 c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
+ 2011-04-28 08:47 . 2011-02-26 05:51 2614784 c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
+ 2011-04-28 08:47 . 2011-02-26 05:33 2614784 c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
+ 2011-04-28 08:47 . 2011-03-11 05:20 1699328 c:\windows\winsxs\x86_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7601.21680_none_f4259cfba3a7d619\esent.dll
+ 2011-04-28 08:47 . 2011-03-11 05:33 1699328 c:\windows\winsxs\x86_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7601.17577_none_f3add2228a7bcbbf\esent.dll
+ 2011-04-28 08:47 . 2011-03-11 05:48 1686016 c:\windows\winsxs\x86_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7600.20921_none_f28121ada64fd905\esent.dll
+ 2011-04-28 08:47 . 2011-03-11 05:39 1686016 c:\windows\winsxs\x86_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7600.16778_none_f1c875668d54792a\esent.dll
+ 2009-07-14 00:58 . 2009-07-14 01:05 1176064 c:\windows\System32\spool\drivers\w32x86\3\hpzurw71.dll
+ 2009-07-14 00:57 . 2009-07-14 01:16 4066304 c:\windows\System32\spool\drivers\w32x86\3\HPZUIW71.DLL
+ 2009-07-14 00:58 . 2009-07-14 01:05 6061568 c:\windows\System32\spool\drivers\w32x86\3\HPZSTW71.DLL
+ 2009-07-14 00:56 . 2009-07-14 01:15 7118848 c:\windows\System32\spool\drivers\w32x86\3\hpzlaw71.dll
+ 2009-07-14 00:58 . 2009-07-14 01:15 1801728 c:\windows\System32\spool\drivers\w32x86\3\hpz3rw71.dll
- 2009-07-14 02:03 . 2011-04-13 14:15 7077888 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:03 . 2011-05-13 02:12 7077888 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-10-28 03:37 . 2011-04-22 02:10 6053536 c:\windows\System32\Macromed\Flash\NPSWF32.dll
- 2009-10-28 03:37 . 2011-03-25 04:38 6053536 c:\windows\System32\Macromed\Flash\NPSWF32.dll
+ 2009-07-14 04:33 . 2011-05-11 21:24 3752608 c:\windows\System32\FNTCACHE.DAT
+ 2011-04-28 08:47 . 2011-03-11 05:33 1699328 c:\windows\System32\esent.dll
+ 2011-04-13 22:02 . 2011-04-13 22:02 1461992 c:\windows\System32\DriverStore\FileRepository\point32.inf_x86_neutral_f2677eeb29fc84fc\wdfcoinstaller01009.dll
+ 2011-04-13 22:02 . 2011-04-13 22:02 1461992 c:\windows\System32\DriverStore\FileRepository\nuidfltr.inf_x86_neutral_50e248b7eca99c27\wdfcoinstaller01009.dll
+ 2011-04-12 20:01 . 2011-04-12 20:01 1461992 c:\windows\System32\DriverStore\FileRepository\dc3du.inf_x86_neutral_78edb1f7145306b3\WdfCoInstaller01009.dll
+ 2011-04-13 22:02 . 2011-04-13 22:02 1461992 c:\windows\System32\DriverStore\FileRepository\dc3dh.inf_x86_neutral_dd8895551dd4deb3\WdfCoInstaller01009.dll
+ 2011-04-28 08:47 . 2011-03-11 05:39 1211264 c:\windows\System32\drivers\ntfs.sys
- 2011-02-24 09:16 . 2010-11-20 12:30 1211264 c:\windows\System32\drivers\ntfs.sys
- 2009-07-14 04:34 . 2011-04-13 22:43 7385888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:34 . 2011-05-11 10:31 7385888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-04-24 18:11 . 2011-04-24 18:11 2336768 c:\windows\Installer\d4d01e.msi
+ 2011-04-24 18:07 . 2011-04-24 18:07 4432384 c:\windows\Installer\d4cfe5.msi
+ 2011-04-14 22:15 . 2011-04-14 22:15 1402880 c:\windows\Installer\3c0e1.msi
+ 2011-04-14 15:11 . 2011-04-14 15:11 3898368 c:\windows\Installer\2fb12.msp
+ 2011-05-02 18:50 . 2011-05-02 18:50 6371328 c:\windows\Installer\2eaab00.msi
+ 2010-05-19 01:23 . 2010-05-19 01:23 2714112 c:\windows\Installer\295d7e.msi
+ 2011-04-13 22:02 . 2011-04-13 22:02 1372160 c:\windows\Installer\11899e5.msi
+ 2011-04-13 22:02 . 2011-04-13 22:02 1850368 c:\windows\Installer\1189845.msi
- 2011-02-24 09:16 . 2010-11-20 12:17 2616320 c:\windows\explorer.exe
+ 2011-04-28 08:47 . 2011-02-25 05:30 2616320 c:\windows\explorer.exe
+ 2011-04-13 23:43 . 2011-04-13 23:43 1055744 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\28121866e3d6d8b0dc72d9e250b0af1c\UIAutomationClientsideProviders.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 1776640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\738a078bc59722d6b06b5ae5e99569f9\System.Xaml.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 4496384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\eec21f9b08bbed54d9e36038badaf289\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 1828352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\46f59c5b9fee41849705f2b5f1102d66\System.Web.Services.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 1992192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\01a3b3bf7fadd971e17400c8502ec886\System.Speech.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 1127424 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\6856341eadab4c3ace0e39182649bba2\System.ServiceModel.Discovery.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 1388032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4048a5620b0fa66a7414cff30155d30c\System.ServiceModel.Activities.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 2625024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\c46375bba06671d2a9369e630752987a\System.Runtime.Serialization.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 1011200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\6b6309a2e7f384bac4ccbdf1eca34c30\System.Runtime.DurableInstancing.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 1047040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\24f97354b0a95ef77b2db8de9e7374fe\System.Printing.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 1159168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\05a0937d76f565aa728348fc24f6c2eb\System.Management.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 1065984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1f045fc92d6402b27f6b9fb9291d44c3\System.IdentityModel.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 1151488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\6dc0ed081400ec315f895bdc7fd016c4\System.DirectoryServices.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 1872384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\2a2a921350a9651e9bd681197edeb88d\System.Deployment.ni.dll
+ 2011-04-13 23:41 . 2011-04-13 23:41 1332736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\aa778d274523b93d389e581e58698918\System.Data.Services.Client.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 4103168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\ec488a50a47246a625159744ad8e0931\System.Activities.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 3691520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\00fb4f96c610880aeee34d8670347a6d\System.Activities.Presentation.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 1506304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\a965a0f825fb91ce7cf78d99263968b4\System.Activities.Core.Presentation.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 2842624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\3f04b2ab8961aceac03f8ae2ccabe947\ReachFramework.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 1622528 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\3aebfb1497141c9466ee8ce68a3bf805\PresentationUI.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 1819648 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ff572ca3a119cd72903df8c6ed667b62\Microsoft.VisualBasic.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 1134080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\c9bbe042f095b833c13bf65d50aa54b6\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-04-13 23:20 . 2011-04-13 23:20 1167872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\320f1578082f1de1f8562ce92c0c2dab\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 1079808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\ac03be8a96bd10965da87208d81eb07d\Microsoft.Transactions.Bridge.ni.dll
+ 2011-04-13 23:42 . 2011-04-13 23:42 2441728 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\d4572ad085979b16261058f1433e73e9\Microsoft.JScript.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 4268032 c:\windows\assembly\NativeImages_v2.0.50727_32\ZuneShell\6700f0381c1d68c86b3e0f419a686cca\ZuneShell.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 2512896 c:\windows\assembly\NativeImages_v2.0.50727_32\ZuneDBApi\ad7cc3e8c16d6e6d1aea7ba652092620\ZuneDBApi.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 4567552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIX\8289d851fa339e0cf20e5c3d7f3b92ee\UIX.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 1831424 c:\windows\assembly\NativeImages_v2.0.50727_32\UIX.RenderApi\8ff2410ce74ec4888468853167b1a364\UIX.RenderApi.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\340d2cc6272f593540770ecd9990007b\UIAutomationClientsideProviders.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\0d470f8338859e54be16ebec7e79b5b6\System.WorkflowServices.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\485933e63996c470b0d348f35ab77cdd\System.Web.Mobile.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f2e654f9371cf91226c417cb47c1c38f\System.Web.Extensions.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\4969e915932821a817fb269cc96ecf35\System.Speech.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e13b76494792a49bde49cfad0e96e76\System.ServiceModel.Web.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\ab4c31d3ee3773fda080f88a55ee9f2e\System.Management.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\bebcea4ae5ea9d7ec4cbeebd1481101e\System.Management.Automation.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\c66046c87c2fe3315ce3d410872fab69\System.Data.Services.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\8206992eccb64a56e3f3520d9b097022\System.Data.Services.Client.ni.dll
+ 2011-04-13 23:19 . 2011-04-13 23:19 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\2fd643266ccb0b03eabb18cf09b45b65\System.Data.Linq.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\7e846721b3f7b306e2e4c26802f6c62e\System.Data.Entity.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\6742e47031a28663d334548f2a33bb12\System.Core.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 1351168 c:\windows\assembly\NativeImages_v2.0.50727_32\SrpUxSnapIn\673460f0608a79cd972b113e585c797d\SrpUxSnapIn.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\5f2866cd1fe525b4f1270930748bffa6\PresentationBuildTasks.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\3e3e25577990f7692630f993d4b182fa\Narrator.ni.exe
+ 2011-04-13 23:18 . 2011-04-13 23:18 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\5c22eb831850beaeecb974dbf8003e10\MMCEx.ni.dll
+ 2011-04-13 23:18 . 2011-04-13 23:18 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\192f7e75e336e6d0866507ca23338c3b\Microsoft.VisualBasic.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f2dadfc1eb3c2a9618604a84ebe33746\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\833f106ce629ab82fa5259cfa21d6b70\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0e301ec660103ae8aa32439ec8319604\Microsoft.PowerShell.Editor.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 1125376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\cc533cdc5db5023713aa2323cb7f9323\Microsoft.MediaCenter.Bml.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\dcb4aa0dc3628ef3508de5f524de7ac5\Microsoft.JScript.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\50bd345c781705d11217431250829909\Microsoft.Ink.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 4071424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\1365a115f3a04e6d8d24888a9db57c43\Microsoft.GroupPolicy.Reporting.ni.dll
+ 2011-04-13 23:17 . 2011-04-13 23:17 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\dfae386d163ee5ac304a9b3b64b04c66\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-01-01 17:35 . 2011-04-29 18:29 42829768 c:\windows\System32\MRT.exe
+ 2010-04-30 08:10 . 2011-05-13 17:49 33547488 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2846039889-803451671-1898855674-1001-8192.dat
+ 2010-05-23 03:00 . 2011-05-12 18:19 24381208 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2846039889-803451671-1898855674-1001-12288.dat
+ 2011-04-24 18:14 . 2011-04-24 18:14 39834112 c:\windows\Installer\d4d9f8.msi
+ 2011-04-24 18:11 . 2011-04-24 18:11 17837568 c:\windows\Installer\d4cff0.msi
+ 2011-05-08 23:29 . 2011-05-08 23:29 57131008 c:\windows\Installer\70a0b9c.msi
+ 2011-04-21 02:49 . 2011-04-21 02:49 20314624 c:\windows\Installer\24cef92.msp
+ 2011-04-13 23:42 . 2011-04-13 23:42 17919488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\8964b15d32028ef9dfe776216af8524d\System.ServiceModel.ni.dll
+ 2011-04-13 23:41 . 2011-04-13 23:41 13273600 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\38409bc0ee7cdb9fbc981fefea83ab23\System.Data.Entity.ni.dll
+ 2011-01-20 17:20 . 2011-05-13 02:35 116236225 c:\windows\winsxs\ManifestCache\ee9f676b8aa4122b_blobs.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TivoServer"="c:\program files\TiVo\Desktop\TiVoServer.exe" [2009-11-02 2195160]
"TivoTransfer"="c:\program files\TiVo\Desktop\TiVoTransfer.exe" [2009-11-02 604888]
"TivoNotify"="c:\program files\TiVo\Desktop\TiVoNotify.exe" [2009-11-02 430808]
"TranscodingService"="c:\program files\TiVo\Desktop\Plus\\TranscodingService.exe" [2009-11-02 856280]
"i8kfangui"="c:\program files\I8kfanGUI\I8kfanGUI.exe" [2007-02-16 856064]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"AdobeBridge"="" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-10 36864]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-07-02 159744]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-03-22 74752]
"NetWorx"="c:\program files\NetWorx\networx.exe" [2011-02-12 2771968]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-03-17 88168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-01-31 38840]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-23 640440]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-15 47904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 1808784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
.
c:\users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2011-4-27 973824]
Spoon Sandbox Manager 3.16.lnk - c:\users\Jerome\AppData\Local\Spoon\3.16.0.6\Spoon-Sandbox-Native.exe [2010-3-16 446853]
Spoon Sandbox Manager 3.19.lnk - c:\users\Jerome\AppData\Local\Spoon\3.19.0.5\Spoon-Sandbox-Native.exe [2010-3-6 455864]
Spoon Sandbox Manager 3.20.lnk - c:\users\Jerome\AppData\Local\Spoon\3.20.0.8\Spoon-Sandbox-Native.exe [2010-5-24 190656]
Spoon Sandbox Manager 3.21.lnk - c:\users\Jerome\AppData\Local\Spoon\3.21.0.22\Spoon-Sandbox-Native.exe [2010-8-25 268536]
Spoon Sandbox Manager 3.23.lnk - c:\users\Jerome\AppData\Local\Spoon\3.23.0.12\Spoon-Sandbox-Native.exe [2010-10-16 268536]
Spoon Sandbox Manager 3.24.lnk - c:\users\Jerome\AppData\Local\Spoon\3.24.0.9\Spoon-Sandbox-Native.exe [2011-2-7 232696]
Spoon Sandbox Manager 3.25.lnk - c:\users\Jerome\AppData\Local\Spoon\3.25.0.15\Spoon-Sandbox-Native.exe [2011-4-4 310008]
Spoon Sandbox Manager 3.26.lnk - c:\users\Jerome\AppData\Local\Spoon\3.26.0.4\Spoon-Sandbox-Native.exe [2011-5-12 310008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ pdboot.exe\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Users^Jerome^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dldfmon.exe]
2009-04-27 21:30 455336 ----a-w- c:\program files\Dell AIO Printer 948\dldfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MemoryCardManager]
2009-04-27 21:30 410280 ----a-w- c:\program files\Dell AIO Printer 948\memcard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RockMelt Update]
2010-12-01 20:31 136336 ----atw- c:\users\Jerome\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 dldfCATSCustConnectService;dldfCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\dldfserv.exe [2007-06-26 98952]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 136176]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 136176]
R3 MAUSBMOBILEPRE;Service for M-Audio MobilePre;c:\windows\system32\DRIVERS\MAudioMobilePre.sys [2009-09-02 158344]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-11-03 10752]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-02 1343400]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2010-09-24 268528]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
R4 TivoBeacon2;TiVo Beacon Service;c:\program files\TiVo\Desktop\TiVoBeacon.exe [2009-11-02 1098968]
S1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [2007-02-16 14464]
S1 networx;networx;c:\windows\system32\drivers\networx.sys [2011-02-08 51640]
S1 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [2010-01-19 38976]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-02-18 160560]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-02-18 44784]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 dldf_device;dldf_device;c:\windows\system32\dldfcoms.exe [2007-06-26 598664]
S2 ftpsvc;Microsoft FTP Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S2 TabletServiceWacom;TabletServiceWacom;c:\program files\Tablet\Wacom\Wacom_Tablet.exe [2010-11-15 4807536]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-12-17 497856]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [2010-02-05 50944]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 550760]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 195944]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [2008-10-28 127496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-02-18 111152]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-02-18 122032]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
ftpsvc REG_MULTI_SZ ftpsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-09 12:39]
.
2011-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-09 12:39]
.
2011-05-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2846039889-803451671-1898855674-1001Core.job
- c:\users\Jerome\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-07 19:06]
.
2011-05-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2846039889-803451671-1898855674-1001UA.job
- c:\users\Jerome\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-07 19:06]
.
2011-05-12 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-2846039889-803451671-1898855674-1001Core.job
- c:\users\Jerome\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2010-12-01 20:31]
.
2011-05-13 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-2846039889-803451671-1898855674-1001UA.job
- c:\users\Jerome\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2010-12-01 20:31]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn-noho.dig.com/CACHE/stc/2/binaries/vpnweb.cab
FF - ProfilePath - c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\5i0qb11b.default\
FF - prefs.js: browser.startup.homepage - hxxp://workflowy.com/
FF - prefs.js: keyword.URL - hxxp://www.gobrs.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=TWKTmrt7&q=
FF - prefs.js: network.proxy.ftp - ts-proxy.online.disney.com
FF - prefs.js: network.proxy.ftp_port - 9080
FF - prefs.js: network.proxy.gopher - ts-proxy.online.disney.com
FF - prefs.js: network.proxy.gopher_port - 9080
FF - prefs.js: network.proxy.http - ts-proxy.online.disney.com
FF - prefs.js: network.proxy.http_port - 9080
FF - prefs.js: network.proxy.socks - ts-proxy.online.disney.com
FF - prefs.js: network.proxy.socks_port - 9080
FF - prefs.js: network.proxy.ssl - ts-proxy.online.disney.com
FF - prefs.js: network.proxy.ssl_port - 9080
FF - prefs.js: network.proxy.type - 0
FF - user.js: keyword.URL - hxxp://www.gobrs.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=TWKTmrt7&q=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
.
------- File Associations -------
.
.txt=UltraEdit.txt
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-05-13 12:13:45
ComboFix-quarantined-files.txt 2011-05-13 19:13
ComboFix2.txt 2011-04-13 23:21
.
Pre-Run: 69,275,971,584 bytes free
Post-Run: 69,060,591,616 bytes free
.
- - End Of File - - 03B9F770486F8561141F54F0C5044C57
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The proxy is still showing in Firefox... I can see nothing that jumps out at me on any logs - so mayhap a deep virus scan/analysis

First we will run a virus scan

On the first tab select all elements down to and including Computer and then select start scan
Once it has finished select report and post that.

Posted Image

Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop

Now an analysis scan

Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP