Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cycbot, Rootkit, Alureon-G and Renosa


  • This topic is locked This topic is locked

#1
butterrice

butterrice

    Member

  • Member
  • PipPipPip
  • 347 posts
My Acer had been running then Avasti Security caught several problems during a boot scan it suggested. They are the following -

Win32:Rootkit-gen [Rtk]
MBR:Alureon-G [Rtk]
Win32:Cycbot-HL [Trj] (at least 3 of these are recent, 2 were caught earlier by Avast)
Win32:Renosa-J [Wrm] (caught by avast)

All of these have been put in Avast virus vault.

Any suggestions as to what to do?
  • 0

Advertisements


#2
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hi,

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


    Posted Image

  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.


    Posted Image

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.





Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

  • 0

#3
butterrice

butterrice

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 347 posts
2011/08/24 22:37:42.0078 2360 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/24 22:37:42.0375 2360 ================================================================================
2011/08/24 22:37:42.0375 2360 SystemInfo:
2011/08/24 22:37:42.0375 2360
2011/08/24 22:37:42.0375 2360 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/24 22:37:42.0375 2360 Product type: Workstation
2011/08/24 22:37:42.0375 2360 ComputerName: ACER-CELERON-M
2011/08/24 22:37:42.0375 2360 UserName: Bea
2011/08/24 22:37:42.0375 2360 Windows directory: C:\WINDOWS
2011/08/24 22:37:42.0375 2360 System windows directory: C:\WINDOWS
2011/08/24 22:37:42.0375 2360 Processor architecture: Intel x86
2011/08/24 22:37:42.0375 2360 Number of processors: 1
2011/08/24 22:37:42.0375 2360 Page size: 0x1000
2011/08/24 22:37:42.0375 2360 Boot type: Normal boot
2011/08/24 22:37:42.0375 2360 ================================================================================
2011/08/24 22:37:44.0187 2360 Initialize success
2011/08/24 22:37:48.0671 1756 ================================================================================
2011/08/24 22:37:48.0671 1756 Scan started
2011/08/24 22:37:48.0671 1756 Mode: Manual;
2011/08/24 22:37:48.0671 1756 ================================================================================
2011/08/24 22:37:50.0125 1756 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/08/24 22:37:50.0234 1756 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/24 22:37:50.0281 1756 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/08/24 22:37:50.0343 1756 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/24 22:37:50.0406 1756 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/08/24 22:37:50.0468 1756 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/24 22:37:50.0578 1756 AgereSoftModem (ceffa3db1657293322e0bdea7d99e754) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/08/24 22:37:50.0843 1756 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/08/24 22:37:50.0890 1756 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/08/24 22:37:50.0921 1756 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/08/24 22:37:50.0968 1756 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/08/24 22:37:51.0015 1756 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/08/24 22:37:51.0093 1756 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/08/24 22:37:51.0156 1756 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/24 22:37:51.0171 1756 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/24 22:37:51.0234 1756 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/24 22:37:51.0296 1756 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/24 22:37:51.0390 1756 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/08/24 22:37:51.0437 1756 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/24 22:37:51.0546 1756 btaudio (3dc7b0c7be6164d3152513c0c208ad3b) C:\WINDOWS\system32\drivers\btaudio.sys
2011/08/24 22:37:51.0625 1756 BTDriver (4854ed2ee57769b9527680978a9dd5b4) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/08/24 22:37:51.0718 1756 BTKRNL (4ebd4ebff01617fbda6ce7963f150918) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/08/24 22:37:51.0796 1756 BTSERIAL (6d9f1d03d4eba886e1626d856762b4f0) C:\WINDOWS\system32\drivers\btserial.sys
2011/08/24 22:37:51.0859 1756 BTWDNDIS (96708d343264abaf8ad93c464b2fc9ca) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/08/24 22:37:52.0046 1756 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/24 22:37:52.0109 1756 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/24 22:37:52.0171 1756 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/24 22:37:52.0234 1756 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/24 22:37:52.0296 1756 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/08/24 22:37:52.0406 1756 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/08/24 22:37:52.0562 1756 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/24 22:37:52.0609 1756 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
2011/08/24 22:37:52.0671 1756 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/24 22:37:52.0750 1756 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/24 22:37:52.0796 1756 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/24 22:37:52.0843 1756 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/24 22:37:52.0921 1756 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/24 22:37:52.0984 1756 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/24 22:37:53.0046 1756 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/08/24 22:37:53.0109 1756 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/24 22:37:53.0140 1756 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/24 22:37:53.0187 1756 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/24 22:37:53.0250 1756 fssfltr (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/08/24 22:37:53.0281 1756 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/24 22:37:53.0328 1756 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/24 22:37:53.0359 1756 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2011/08/24 22:37:53.0421 1756 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/24 22:37:53.0468 1756 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/24 22:37:53.0515 1756 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/24 22:37:53.0625 1756 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/24 22:37:53.0718 1756 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/24 22:37:53.0812 1756 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/08/24 22:37:53.0875 1756 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/24 22:37:54.0218 1756 IntcAzAudAddService (909d03b3b7fb7c830b74f74f4d0ea7ce) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/24 22:37:54.0359 1756 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/24 22:37:54.0406 1756 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/24 22:37:54.0453 1756 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/24 22:37:54.0515 1756 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/24 22:37:54.0562 1756 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/24 22:37:54.0609 1756 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/24 22:37:54.0656 1756 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/24 22:37:54.0703 1756 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
2011/08/24 22:37:54.0765 1756 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/24 22:37:54.0843 1756 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/24 22:37:54.0890 1756 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/24 22:37:54.0937 1756 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/24 22:37:54.0984 1756 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/24 22:37:55.0171 1756 lvmvdrv (fa974ad25cd6c1fc94380d7dc5271b0d) C:\WINDOWS\system32\drivers\lvmvdrv.sys
2011/08/24 22:37:55.0265 1756 LVPrcMon (b750d805a1e024e42096970ad01434cf) C:\WINDOWS\system32\drivers\LVPrcMon.sys
2011/08/24 22:37:55.0328 1756 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/24 22:37:55.0390 1756 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/24 22:37:55.0437 1756 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/24 22:37:55.0484 1756 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/24 22:37:55.0515 1756 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/24 22:37:55.0921 1756 MREMPR5 (2bc9e43f55de8c30fc817ed56d0ee907) C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
2011/08/24 22:37:55.0968 1756 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
2011/08/24 22:37:56.0015 1756 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/24 22:37:56.0156 1756 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/24 22:37:56.0218 1756 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/24 22:37:56.0265 1756 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/24 22:37:56.0343 1756 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/24 22:37:56.0390 1756 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/24 22:37:56.0437 1756 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/24 22:37:56.0484 1756 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/24 22:37:56.0515 1756 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/24 22:37:56.0593 1756 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/24 22:37:56.0640 1756 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/24 22:37:56.0671 1756 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/24 22:37:56.0734 1756 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/24 22:37:56.0765 1756 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/24 22:37:56.0828 1756 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/24 22:37:56.0890 1756 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/24 22:37:56.0968 1756 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/24 22:37:57.0031 1756 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/24 22:37:57.0078 1756 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/24 22:37:57.0109 1756 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/24 22:37:57.0171 1756 nxsIO32 (f77e1270169604c87da56038dce99603) C:\WINDOWS\System32\DRIVERS\nxsIO32.sys
2011/08/24 22:37:57.0234 1756 PalmUSBD (240c0d4049a833b16b63b636acf01672) C:\WINDOWS\system32\drivers\PalmUSBD.sys
2011/08/24 22:37:57.0296 1756 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/08/24 22:37:57.0312 1756 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/24 22:37:57.0359 1756 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/24 22:37:57.0406 1756 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/24 22:37:57.0468 1756 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/24 22:37:57.0500 1756 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/08/24 22:37:57.0703 1756 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/24 22:37:57.0734 1756 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/08/24 22:37:57.0765 1756 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/24 22:37:57.0796 1756 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/24 22:37:57.0828 1756 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/24 22:37:57.0968 1756 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/24 22:37:58.0015 1756 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/08/24 22:37:58.0062 1756 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/24 22:37:58.0093 1756 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/24 22:37:58.0125 1756 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/24 22:37:58.0187 1756 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/24 22:37:58.0218 1756 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/24 22:37:58.0265 1756 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/24 22:37:58.0328 1756 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/24 22:37:58.0390 1756 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/24 22:37:58.0468 1756 RimUsb (92d33f76769a028ddc54a863eb7de4a2) C:\WINDOWS\system32\Drivers\RimUsb.sys
2011/08/24 22:37:58.0515 1756 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2011/08/24 22:37:58.0578 1756 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/08/24 22:37:58.0703 1756 RTL8192cu (5b3a5bc13614fffa1be65d434688ed3f) C:\WINDOWS\system32\DRIVERS\RTL8192cu.sys
2011/08/24 22:37:58.0859 1756 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/24 22:37:58.0937 1756 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/08/24 22:37:59.0015 1756 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/24 22:37:59.0109 1756 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/24 22:37:59.0171 1756 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/24 22:37:59.0234 1756 SRS_SSCFilter (ddf31872859eb9a3e30bfebdd11b8f28) C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys
2011/08/24 22:37:59.0312 1756 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/24 22:37:59.0375 1756 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/24 22:37:59.0437 1756 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/24 22:37:59.0609 1756 SynTP (9d3611fa3bcca8090fdd1a45bd1ea586) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/08/24 22:37:59.0656 1756 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/24 22:37:59.0750 1756 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/24 22:37:59.0812 1756 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/24 22:37:59.0828 1756 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/24 22:37:59.0906 1756 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/24 22:37:59.0984 1756 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
2011/08/24 22:38:00.0062 1756 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/24 22:38:00.0140 1756 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/24 22:38:00.0218 1756 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/08/24 22:38:00.0296 1756 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/24 22:38:00.0359 1756 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/24 22:38:00.0390 1756 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/24 22:38:00.0453 1756 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/24 22:38:00.0500 1756 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/24 22:38:00.0531 1756 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/24 22:38:00.0609 1756 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/24 22:38:00.0640 1756 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/24 22:38:00.0718 1756 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/24 22:38:00.0781 1756 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/24 22:38:00.0859 1756 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/08/24 22:38:01.0390 1756 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/24 22:38:01.0500 1756 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/08/24 22:38:01.0578 1756 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/24 22:38:01.0640 1756 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/08/24 22:38:01.0703 1756 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/24 22:38:01.0734 1756 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/24 22:38:01.0796 1756 XPTWOPORT (c36d1ee1f52e95beedeea275ad8a48f7) C:\WINDOWS\system32\DRIVERS\XPTWOPORT.SYS
2011/08/24 22:38:01.0875 1756 yukonwxp (c0205974c099e5fcdc8f96de97f34292) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
2011/08/24 22:38:01.0937 1756 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/08/24 22:38:02.0140 1756 Boot (0x1200) (cf4b2286ad38f0646d1d9321dd28e356) \Device\Harddisk0\DR0\Partition0
2011/08/24 22:38:02.0171 1756 Boot (0x1200) (b72d40168902154df1ff385edaca9729) \Device\Harddisk0\DR0\Partition1
2011/08/24 22:38:02.0187 1756 ================================================================================
2011/08/24 22:38:02.0187 1756 Scan finished
2011/08/24 22:38:02.0187 1756 ================================================================================
2011/08/24 22:38:02.0203 1572 Detected object count: 0
2011/08/24 22:38:02.0203 1572 Actual detected object count: 0
2011/08/24 22:38:11.0578 1704 ================================================================================
2011/08/24 22:38:11.0578 1704 Scan started
2011/08/24 22:38:11.0578 1704 Mode: Manual;
2011/08/24 22:38:11.0578 1704 ================================================================================
2011/08/24 22:38:12.0515 1704 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/08/24 22:38:12.0593 1704 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/24 22:38:12.0625 1704 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/08/24 22:38:12.0687 1704 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/24 22:38:12.0734 1704 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/08/24 22:38:12.0781 1704 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/24 22:38:12.0984 1704 AgereSoftModem (ceffa3db1657293322e0bdea7d99e754) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/08/24 22:38:13.0312 1704 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/08/24 22:38:13.0359 1704 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/08/24 22:38:13.0390 1704 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/08/24 22:38:13.0437 1704 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/08/24 22:38:13.0500 1704 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/08/24 22:38:13.0562 1704 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/08/24 22:38:13.0625 1704 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/24 22:38:13.0656 1704 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/24 22:38:13.0703 1704 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/24 22:38:13.0765 1704 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/24 22:38:13.0859 1704 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/08/24 22:38:13.0937 1704 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/24 22:38:14.0046 1704 btaudio (3dc7b0c7be6164d3152513c0c208ad3b) C:\WINDOWS\system32\drivers\btaudio.sys
2011/08/24 22:38:14.0109 1704 BTDriver (4854ed2ee57769b9527680978a9dd5b4) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/08/24 22:38:14.0218 1704 BTKRNL (4ebd4ebff01617fbda6ce7963f150918) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/08/24 22:38:14.0265 1704 BTSERIAL (6d9f1d03d4eba886e1626d856762b4f0) C:\WINDOWS\system32\drivers\btserial.sys
2011/08/24 22:38:14.0328 1704 BTWDNDIS (96708d343264abaf8ad93c464b2fc9ca) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/08/24 22:38:14.0468 1704 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/24 22:38:14.0531 1704 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/24 22:38:14.0593 1704 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/24 22:38:14.0656 1704 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/24 22:38:14.0718 1704 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/08/24 22:38:14.0812 1704 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/08/24 22:38:14.0953 1704 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/24 22:38:15.0000 1704 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
2011/08/24 22:38:15.0078 1704 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/24 22:38:15.0140 1704 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/24 22:38:15.0218 1704 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/24 22:38:15.0296 1704 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/24 22:38:15.0437 1704 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/24 22:38:15.0515 1704 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/24 22:38:15.0562 1704 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/08/24 22:38:15.0625 1704 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/24 22:38:15.0656 1704 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/24 22:38:15.0687 1704 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/24 22:38:15.0765 1704 fssfltr (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/08/24 22:38:15.0796 1704 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/24 22:38:15.0828 1704 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/24 22:38:15.0906 1704 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2011/08/24 22:38:15.0968 1704 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/24 22:38:16.0015 1704 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/24 22:38:16.0078 1704 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/24 22:38:16.0171 1704 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/24 22:38:16.0281 1704 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/24 22:38:16.0375 1704 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/08/24 22:38:16.0421 1704 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/24 22:38:16.0781 1704 IntcAzAudAddService (909d03b3b7fb7c830b74f74f4d0ea7ce) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/24 22:38:16.0875 1704 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/24 22:38:16.0921 1704 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/24 22:38:16.0953 1704 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/24 22:38:17.0000 1704 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/24 22:38:17.0046 1704 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/24 22:38:17.0109 1704 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/24 22:38:17.0140 1704 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/24 22:38:17.0203 1704 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
2011/08/24 22:38:17.0265 1704 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/24 22:38:17.0343 1704 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/24 22:38:17.0390 1704 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/24 22:38:17.0437 1704 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/24 22:38:17.0500 1704 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/24 22:38:17.0875 1704 lvmvdrv (fa974ad25cd6c1fc94380d7dc5271b0d) C:\WINDOWS\system32\drivers\lvmvdrv.sys
2011/08/24 22:38:17.0937 1704 LVPrcMon (b750d805a1e024e42096970ad01434cf) C:\WINDOWS\system32\drivers\LVPrcMon.sys
2011/08/24 22:38:18.0015 1704 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/24 22:38:18.0093 1704 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/24 22:38:18.0156 1704 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/24 22:38:18.0203 1704 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/24 22:38:18.0250 1704 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/24 22:38:18.0609 1704 MREMPR5 (2bc9e43f55de8c30fc817ed56d0ee907) C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
2011/08/24 22:38:18.0640 1704 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
2011/08/24 22:38:18.0671 1704 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/24 22:38:18.0750 1704 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/24 22:38:18.0812 1704 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/24 22:38:18.0859 1704 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/24 22:38:18.0906 1704 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/24 22:38:18.0937 1704 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/24 22:38:19.0000 1704 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/24 22:38:19.0046 1704 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/24 22:38:19.0109 1704 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/24 22:38:19.0156 1704 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/24 22:38:19.0218 1704 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/24 22:38:19.0250 1704 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/24 22:38:19.0312 1704 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/24 22:38:19.0343 1704 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/24 22:38:19.0390 1704 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/24 22:38:19.0453 1704 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/24 22:38:19.0531 1704 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/24 22:38:19.0578 1704 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/24 22:38:19.0656 1704 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/24 22:38:19.0671 1704 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/24 22:38:19.0734 1704 nxsIO32 (f77e1270169604c87da56038dce99603) C:\WINDOWS\System32\DRIVERS\nxsIO32.sys
2011/08/24 22:38:19.0812 1704 PalmUSBD (240c0d4049a833b16b63b636acf01672) C:\WINDOWS\system32\drivers\PalmUSBD.sys
2011/08/24 22:38:19.0906 1704 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/08/24 22:38:19.0937 1704 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/24 22:38:20.0015 1704 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/24 22:38:20.0062 1704 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/24 22:38:20.0109 1704 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/24 22:38:20.0156 1704 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/08/24 22:38:20.0375 1704 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/24 22:38:20.0406 1704 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/08/24 22:38:20.0437 1704 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/24 22:38:20.0500 1704 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/24 22:38:20.0546 1704 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/24 22:38:20.0687 1704 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/24 22:38:20.0734 1704 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/08/24 22:38:20.0781 1704 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/24 22:38:20.0812 1704 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/24 22:38:20.0843 1704 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/24 22:38:20.0890 1704 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/24 22:38:20.0921 1704 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/24 22:38:20.0984 1704 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/24 22:38:21.0046 1704 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/24 22:38:21.0109 1704 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/24 22:38:21.0187 1704 RimUsb (92d33f76769a028ddc54a863eb7de4a2) C:\WINDOWS\system32\Drivers\RimUsb.sys
2011/08/24 22:38:21.0234 1704 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2011/08/24 22:38:21.0281 1704 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/08/24 22:38:21.0390 1704 RTL8192cu (5b3a5bc13614fffa1be65d434688ed3f) C:\WINDOWS\system32\DRIVERS\RTL8192cu.sys
2011/08/24 22:38:21.0546 1704 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/24 22:38:21.0625 1704 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/08/24 22:38:21.0687 1704 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/24 22:38:21.0796 1704 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/24 22:38:21.0843 1704 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/24 22:38:21.0921 1704 SRS_SSCFilter (ddf31872859eb9a3e30bfebdd11b8f28) C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys
2011/08/24 22:38:21.0984 1704 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/24 22:38:22.0109 1704 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/24 22:38:22.0187 1704 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/24 22:38:22.0421 1704 SynTP (9d3611fa3bcca8090fdd1a45bd1ea586) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/08/24 22:38:22.0468 1704 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/24 22:38:22.0562 1704 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/24 22:38:22.0625 1704 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/24 22:38:22.0656 1704 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/24 22:38:22.0718 1704 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/24 22:38:22.0796 1704 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
2011/08/24 22:38:22.0875 1704 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/24 22:38:22.0968 1704 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/24 22:38:23.0031 1704 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/08/24 22:38:23.0093 1704 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/24 22:38:23.0171 1704 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/24 22:38:23.0218 1704 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/24 22:38:23.0281 1704 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/24 22:38:23.0328 1704 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/24 22:38:23.0375 1704 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/24 22:38:23.0437 1704 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/24 22:38:23.0484 1704 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/24 22:38:23.0562 1704 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/24 22:38:23.0640 1704 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/24 22:38:23.0718 1704 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/08/24 22:38:23.0796 1704 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/24 22:38:23.0875 1704 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/08/24 22:38:23.0937 1704 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/24 22:38:24.0000 1704 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/08/24 22:38:24.0046 1704 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/24 22:38:24.0078 1704 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/24 22:38:24.0156 1704 XPTWOPORT (c36d1ee1f52e95beedeea275ad8a48f7) C:\WINDOWS\system32\DRIVERS\XPTWOPORT.SYS
2011/08/24 22:38:24.0218 1704 yukonwxp (c0205974c099e5fcdc8f96de97f34292) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
2011/08/24 22:38:24.0281 1704 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/08/24 22:38:24.0718 1704 Boot (0x1200) (cf4b2286ad38f0646d1d9321dd28e356) \Device\Harddisk0\DR0\Partition0
2011/08/24 22:38:24.0765 1704 Boot (0x1200) (b72d40168902154df1ff385edaca9729) \Device\Harddisk0\DR0\Partition1
2011/08/24 22:38:24.0765 1704 ================================================================================
2011/08/24 22:38:24.0765 1704 Scan finished
2011/08/24 22:38:24.0765 1704 ================================================================================
2011/08/24 22:38:24.0796 3984 Detected object count: 0
2011/08/24 22:38:24.0796 3984 Actual detected object count: 0
  • 0

#4
butterrice

butterrice

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 347 posts
OTL logfile created on: 8/24/2011 10:41:24 PM - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Bea\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.11 Mb Total Physical Memory | 576.34 Mb Available Physical Memory | 56.83% Memory free
2.36 Gb Paging File | 2.09 Gb Available in Paging File | 88.40% Paging File free
Paging file location(s): C:\pagefile.sys 1500 1500 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 60.49 Gb Total Space | 29.40 Gb Free Space | 48.60% Space Free | Partition Type: NTFS
Drive E: | 51.29 Gb Total Space | 46.93 Gb Free Space | 91.48% Space Free | Partition Type: NTFS

Computer Name: ACER-CELERON-M | User Name: Bea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/24 22:39:25 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bea\My Documents\Downloads\OTL(1).exe
PRC - [2011/08/04 13:34:23 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Bea\Local Settings\Application Data\Google\Update\1.3.21.65\GoogleCrashHandler.exe
PRC - [2011/07/04 07:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/06/01 17:57:16 | 000,561,984 | ---- | M] (Apple Inc.) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/04 02:38:34 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxddmon.exe
PRC - [2007/04/26 01:21:42 | 000,099,248 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxddserv.exe
PRC - [2007/04/26 01:21:22 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxddcoms.exe
PRC - [2007/03/05 03:40:25 | 000,020,480 | ---- | M] (Lexmark) -- C:\Program Files\Lexmark 2500 Series\lxddamon.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/24 08:33:59 | 001,288,704 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082401\algo.dll
MOD - [2011/08/23 10:54:58 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082401\aswRep.dll
MOD - [2011/08/11 03:22:54 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
MOD - [2011/08/11 03:22:12 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/08/11 03:19:33 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/11 03:19:17 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011/08/11 03:18:51 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011/08/11 03:15:54 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/06/29 21:07:03 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/05/04 02:38:34 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxddmon.exe
MOD - [2007/04/24 07:12:01 | 000,040,960 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.Monitor.Core.dll
MOD - [2007/04/24 07:12:00 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.Monitor.Common.dll
MOD - [2007/04/24 07:11:04 | 000,057,344 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.dll
MOD - [2007/03/06 03:16:47 | 000,589,824 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxdddatr.dll
MOD - [2007/03/05 03:41:15 | 000,011,776 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll
MOD - [2007/03/05 03:40:22 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.DevMons.ScanDevMon.dll
MOD - [2007/02/27 00:16:25 | 000,103,936 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdddrpp.dll
MOD - [2007/02/21 19:14:15 | 000,012,288 | ---- | M] () -- C:\WINDOWS\system32\LXF3PMRC.DLL
MOD - [2007/02/21 19:11:50 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\LXF3PMON.DLL
MOD - [2007/02/21 19:08:56 | 000,032,768 | ---- | M] () -- C:\Program Files\Lexmark Fax Solutions\ipcmt.dll
MOD - [2007/01/09 12:10:05 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxddscw.dll
MOD - [2006/11/07 06:02:18 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\lxf3oem.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus®
SRV - File not found [Disabled | Stopped] -- -- (cmdAgent)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/06/06 13:52:18 | 000,266,240 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\CSHelper.exe -- (CSHelper)
SRV - [2007/04/26 01:21:42 | 000,099,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe -- (lxddCATSCustConnectService)
SRV - [2007/04/26 01:21:22 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxddcoms.exe -- (lxdd_device)
SRV - [2007/03/30 14:39:36 | 000,482,920 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe -- (ioloDMV)
SRV - [2006/06/23 11:40:58 | 000,086,016 | ---- | M] (Logitech) [Disabled | Stopped] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)


========== Driver Services (SafeList) ==========

DRV - [2011/07/04 07:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 07:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 07:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 07:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 07:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 07:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 07:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/02/10 21:34:28 | 000,987,904 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV - [2010/12/09 22:43:16 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/09/28 09:50:50 | 000,015,872 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\XPTWOPORT.SYS -- (XPTWOPORT)
DRV - [2010/06/02 03:41:58 | 000,533,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2010/02/05 22:17:32 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2010/01/26 23:29:13 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2009/10/21 05:22:00 | 000,298,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2007/05/24 19:53:58 | 000,002,208 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nxsIO32.sys -- (nxsIO32)
DRV - [2007/05/03 10:28:04 | 000,039,552 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM)
DRV - [2006/10/12 17:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/06/23 11:40:58 | 002,400,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (lvmvdrv)
DRV - [2006/06/23 11:40:58 | 000,016,768 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVPrcMon.sys -- (LVPrcMon)
DRV - [2006/01/17 11:19:46 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/01/17 11:18:22 | 000,850,474 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/01/17 11:15:36 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/01/17 11:11:56 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2004/11/22 19:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2004/11/22 19:36:34 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2004/10/08 11:51:08 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2001/08/17 14:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1844237615-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1844237615-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1844237615-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1844237615-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1844237615-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1844237615-776561741-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1844237615-776561741-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..network.proxy.no_proxies_on: ""

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@yverinfo.yahoo.com/YahooVersionInfoPlugin;version=1.0.0.1: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Bea\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Bea\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/03 01:52:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/17 21:27:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/17 19:59:05 | 000,000,000 | ---D | M]

[2010/02/15 01:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bea\Application Data\Mozilla\Extensions
[2009/08/14 03:30:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bea\Application Data\Mozilla\Extensions\[email protected]
[2011/08/03 00:33:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bea\Application Data\Mozilla\Firefox\Profiles\7ey52m4f.default\extensions
[2010/12/17 21:58:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Bea\Application Data\Mozilla\Firefox\Profiles\7ey52m4f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/10 19:55:58 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Bea\Application Data\Mozilla\Firefox\Profiles\7ey52m4f.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/08/03 00:33:01 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Documents and Settings\Bea\Application Data\Mozilla\Firefox\Profiles\7ey52m4f.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/06/26 23:22:50 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\Bea\Application Data\Mozilla\Firefox\Profiles\7ey52m4f.default\extensions\[email protected]
[2011/03/26 04:34:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2009/08/17 09:58:28 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/08/17 21:27:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/03/11 18:03:30 | 000,065,536 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2011/06/12 20:00:55 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/06/12 20:00:55 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

Hosts file not found
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1844237615-776561741-839522115-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [lxddamon] C:\Program Files\Lexmark 2500 Series\lxddamon.exe (Lexmark)
O4 - HKLM..\Run: [lxddmon.exe] C:\Program Files\Lexmark 2500 Series\lxddmon.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1844237615-776561741-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1844237615-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1844237615-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1844237615-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_18.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/...UI.cab55579.cab (StagingUI Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/...dy.cab55579.cab (MSN Games – Buddy Invite)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/...at.cab55579.cab (ZonePAChat Object)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1180052573437 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1183974491937 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/...xy.cab55579.cab (MSN Games – Game Communicator)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/24 18:07:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/24 03:00:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/08/21 12:50:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/08/17 20:14:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/08/17 20:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/08/17 20:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/17 20:04:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/08/17 19:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/08/17 19:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/07/31 01:49:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/07/31 01:23:43 | 004,158,851 | R--- | C] (Swearware) -- C:\Documents and Settings\Bea\Desktop\ComboFix.exe
[2007/11/26 03:56:51 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDDhcp.dll
[2007/11/26 03:56:49 | 000,394,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddcfg.exe
[2007/04/26 01:21:26 | 000,385,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddih.exe
[2007/04/26 01:21:22 | 000,537,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddcoms.exe
[2007/03/02 10:13:41 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddpmui.dll
[2007/03/02 10:12:21 | 001,232,896 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddserv.dll
[2007/03/02 10:05:53 | 000,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddcomm.dll
[2007/03/02 10:04:14 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddlmpm.dll
[2007/03/02 10:02:55 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddiesc.dll
[2007/03/02 10:00:23 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddpplc.dll
[2007/03/02 09:59:32 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddcomc.dll
[2007/03/02 09:58:58 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddprox.dll
[2007/03/02 09:51:50 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddinpa.dll
[2007/03/02 09:51:09 | 000,999,424 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddusb1.dll
[2007/03/02 09:47:01 | 000,700,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddhbn3.dll

========== Files - Modified Within 30 Days ==========

[2011/08/24 22:52:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C78EAB38-8876-422B-960A-4047F8801EE5}.job
[2011/08/24 22:39:02 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-776561741-839522115-1003UA.job
[2011/08/24 13:39:01 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-776561741-839522115-1003Core.job
[2011/08/24 11:40:49 | 000,002,268 | ---- | M] () -- C:\Documents and Settings\Bea\Desktop\Google Chrome.lnk
[2011/08/24 11:40:49 | 000,002,246 | ---- | M] () -- C:\Documents and Settings\Bea\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/08/24 07:44:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/08/22 19:12:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/22 19:12:36 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/08/22 19:12:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/17 20:14:52 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/08/17 19:58:46 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/08/11 03:14:39 | 000,560,230 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/11 03:14:39 | 000,099,696 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/11 03:10:13 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/03 01:52:13 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/07/30 20:12:58 | 004,158,851 | R--- | M] (Swearware) -- C:\Documents and Settings\Bea\Desktop\ComboFix.exe
[2011/07/28 21:47:54 | 001,008,041 | ---- | M] () -- C:\Documents and Settings\Bea\Desktop\rkill.com

========== Files Created - No Company Name ==========

[2011/08/17 20:14:52 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/08/17 19:58:45 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/07/29 03:57:52 | 001,008,041 | ---- | C] () -- C:\Documents and Settings\Bea\Desktop\rkill.com
[2011/07/11 23:29:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2011/06/09 15:40:56 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2011/04/16 00:06:37 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/04/16 00:06:37 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/04/16 00:06:37 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/04/16 00:06:37 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/16 00:06:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/09 22:45:59 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/12/03 01:34:52 | 000,044,816 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/29 00:46:40 | 001,094,720 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/20 14:22:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/06 13:52:18 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\CSHelper.exe
[2010/03/28 01:39:06 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2010/03/28 01:39:06 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/03/07 19:26:25 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2010/03/07 01:59:24 | 000,000,794 | ---- | C] () -- C:\WINDOWS\lrun32.ini
[2010/02/05 22:08:15 | 000,024,576 | ---- | C] () -- C:\WINDOWS\DetectHWID.exe
[2010/02/05 21:56:27 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2010/02/05 21:43:14 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2009/09/01 09:30:27 | 000,000,597 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/03/17 00:24:13 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/01/05 16:44:10 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2009/01/05 16:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/06/04 20:48:01 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\lkfl.dat
[2008/06/04 20:48:01 | 000,000,096 | ---- | C] () -- C:\WINDOWS\System32\pdfl.dat
[2008/06/04 20:48:01 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\ibfl.dat
[2008/04/27 21:21:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2008/01/09 02:15:28 | 000,001,167 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/12/19 23:41:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/12/09 03:52:29 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2007/11/26 04:08:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMON.DLL
[2007/11/26 04:08:48 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXF3FXPU.DLL
[2007/11/26 04:08:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxf3oem.dll
[2007/11/26 04:08:28 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL
[2007/11/26 03:58:00 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxddrwrd.ini
[2007/11/26 03:56:52 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\LXDDinst.dll
[2007/11/26 03:55:42 | 000,344,064 | R--- | C] () -- C:\WINDOWS\System32\lxddcoin.dll
[2007/11/19 07:35:42 | 000,002,917 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/09/12 00:48:47 | 000,006,314 | ---- | C] () -- C:\WINDOWS\silkquit.ini
[2007/07/31 01:00:09 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2007/07/21 15:30:59 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Bea\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/18 20:13:09 | 000,047,360 | R--- | C] () -- C:\WINDOWS\System32\drivers\Surroundhp_kern_i386.sys
[2007/07/18 20:13:09 | 000,046,592 | R--- | C] () -- C:\WINDOWS\System32\drivers\tshd4_kern_i386.sys
[2007/07/18 20:13:09 | 000,039,552 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter_i386.sys
[2007/07/18 20:13:09 | 000,037,248 | R--- | C] () -- C:\WINDOWS\System32\drivers\csiidecoder_kern_i386.sys
[2007/05/26 09:50:36 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007/05/26 09:45:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/05/25 19:44:06 | 000,696,320 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2007/05/25 19:44:00 | 000,435,816 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll
[2007/05/25 19:44:00 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\iolobtdfg.exe
[2007/05/25 19:44:00 | 000,025,264 | ---- | C] () -- C:\WINDOWS\System32\smrgdf.exe
[2007/05/25 19:34:21 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/05/25 19:33:26 | 000,314,880 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll
[2007/05/25 19:15:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/05/24 20:40:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007/05/24 19:53:58 | 000,002,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\nxsIO32.sys
[2007/05/24 18:09:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/05/24 18:04:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/05/24 13:57:58 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/05/24 13:56:50 | 000,233,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/04/25 22:17:09 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxddgrd.dll
[2007/01/23 14:40:03 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxddcaps.dll
[2007/01/09 12:13:08 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdddrs.dll
[2006/10/06 13:08:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxddcnv4.dll
[2006/06/23 11:40:58 | 002,400,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys
[2006/06/23 11:40:58 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2006/06/01 08:55:00 | 000,298,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\yk51x86.sys
[2006/05/17 22:47:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxddvs.dll
[2006/01/17 11:31:30 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/03/31 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/03/31 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/03/31 08:00:00 | 000,560,230 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/03/31 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/03/31 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/03/31 08:00:00 | 000,099,696 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/03/31 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/03/31 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/03/31 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/03/31 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/03/31 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/08/13 01:55:38 | 000,467,001 | ---- | C] () -- C:\WINDOWS\System32\W3MKDE.DLL
[2002/08/13 01:55:38 | 000,106,564 | ---- | C] () -- C:\WINDOWS\System32\W3DBSMGR.EXE
[2002/08/13 01:55:38 | 000,061,499 | ---- | C] () -- C:\WINDOWS\System32\W3MKDERC.DLL
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2007/05/26 00:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MailFrontier
[2011/06/04 15:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/03/07 18:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/02/07 12:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broadcom
[2010/06/02 03:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/05/16 14:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eBay
[2008/04/27 21:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2007/05/25 19:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Individual Software
[2010/02/06 02:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2007/05/25 19:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2007/12/06 18:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2010/02/06 01:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/11/29 00:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2007/07/18 20:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SRS Labs
[2009/01/16 21:05:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WholeSecurity
[2011/06/04 14:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2009/04/05 21:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/12/03 01:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/15 23:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/21 22:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/10/12 00:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\Blackberry Desktop
[2011/06/12 20:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\Catalina Marketing Corp
[2008/06/05 19:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\CheckPoint
[2009/05/16 14:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\eBay
[2009/08/31 05:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\FrostWire
[2008/04/27 21:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\HotSync
[2007/05/26 14:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\Individual Software
[2007/05/25 19:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\InterTrust
[2007/05/25 19:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\iolo
[2007/08/18 03:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\Leadertech
[2007/11/26 04:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\Lexmark Productivity Studio
[2009/08/14 04:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\LimeWire
[2007/12/09 05:13:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\MailFrontier(2)
[2011/03/06 22:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\MP3Rocket
[2010/01/28 21:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\MSNInstaller
[2009/08/18 22:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\Netscape
[2011/06/23 20:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\QuickScan
[2007/09/12 00:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\QuitCounter
[2010/11/29 00:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\Research In Motion
[2010/04/28 03:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\SecondLife
[2010/02/20 12:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\Stardock
[2010/02/07 00:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\System Tweaker
[2010/02/07 09:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\Uniblue
[2010/02/14 04:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bea\Application Data\WinPatrol
[2007/05/25 19:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2010/01/09 20:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2011/08/22 19:12:36 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2011/08/24 22:52:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C78EAB38-8876-422B-960A-4047F8801EE5}.job

========== Purity Check ==========



< End of report >
  • 0

#5
butterrice

butterrice

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 347 posts
An Extras.txt report did not pop up. I searched and could not find it.
  • 0

#6
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hi,

Please note: ComboFix is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert". It is NOT for unsupervised use. Please read Combofix's Disclaimer.

Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.






First please delete your copy of ComboFix.exe from the Desktop.

Then download the latest version of ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the ComboFix log in your next reply as well as describe how your computer is running now
  • 0

#7
butterrice

butterrice

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 347 posts
ComboFix 11-08-25.05 - Bea 08/25/2011 23:39:54.13.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.520 [GMT -4:00]
Running from: c:\documents and settings\Bea\Desktop\Geeksfix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((( Files Created from 2011-07-26 to 2011-08-26 )))))))))))))))))))))))))))))))
.
.
2011-08-25 04:25 . 2011-08-25 04:25 -------- d-----w- c:\program files\iPod
2011-08-25 04:25 . 2011-08-25 04:26 -------- d-----w- c:\program files\iTunes
2011-08-24 07:00 . 2011-08-24 07:00 -------- d-----w- c:\windows\LastGood
2011-08-18 00:04 . 2011-08-18 00:04 -------- d-----w- c:\program files\Bonjour
2011-08-10 23:04 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-15 13:29 . 2003-03-31 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 15:20 . 2011-07-12 15:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 15:20 . 2011-07-12 15:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 15:20 . 2011-07-12 15:20 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 15:20 . 2011-07-12 15:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-08 14:02 . 2003-03-31 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-05 22:37 . 2011-07-05 22:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 22:37 . 2011-07-05 22:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-07-04 11:43 . 2011-06-04 19:06 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2011-06-04 19:06 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-06-04 19:06 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2011-06-04 19:06 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2011-06-04 19:06 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2011-06-04 19:06 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2011-06-04 19:06 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2011-06-04 19:06 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2011-06-04 19:06 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-04 11:32 . 2011-06-04 19:06 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-30 01:08 . 2011-06-12 23:36 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-27 22:37 . 2011-07-17 23:55 2233856 ----a-r- C:\OTLPE.exe
2011-06-24 14:10 . 2007-05-24 22:03 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2003-03-31 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2003-03-31 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36 . 2003-03-31 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2007-05-24 22:26 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2003-03-31 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-12 19:29 . 2011-06-12 19:29 398760 ----a-r- c:\windows\system32\cpnprt2.cid
2011-06-09 19:41 . 2011-06-09 19:41 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys
2011-06-02 14:02 . 2003-03-31 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-29 13:11 . 2009-08-18 05:36 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 13:11 . 2009-08-18 05:36 22712 -c--a-w- c:\windows\system32\drivers\mbam.sys
2011-08-18 01:27 . 2011-03-26 08:34 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-03-11 22:03 . 2010-03-07 22:56 65536 -c--a-w- c:\program files\mozilla firefox\components\FFComm.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-07-31_05.44.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-01-29 08:58 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
- 2007-01-29 08:58 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
- 2003-03-31 12:00 . 2011-06-28 03:56 99696 c:\windows\system32\perfc009.dat
+ 2003-03-31 12:00 . 2011-08-11 07:14 99696 c:\windows\system32\perfc009.dat
+ 2003-03-31 12:00 . 2011-06-23 18:36 66560 c:\windows\system32\mshtmled.dll
- 2003-03-31 12:00 . 2011-04-25 16:11 66560 c:\windows\system32\mshtmled.dll
- 2006-11-08 01:03 . 2011-04-25 16:11 55296 c:\windows\system32\msfeedsbs.dll
+ 2006-11-08 01:03 . 2011-06-23 18:36 55296 c:\windows\system32\msfeedsbs.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 25600 c:\windows\system32\jsproxy.dll
- 2003-03-31 12:00 . 2011-04-25 16:11 25600 c:\windows\system32\jsproxy.dll
- 2009-08-17 14:15 . 2011-04-25 16:11 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-08-17 14:15 . 2011-06-23 18:36 12800 c:\windows\system32\dllcache\xpshims.dll
- 2007-05-25 01:41 . 2011-04-25 16:11 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-05-25 01:41 . 2011-06-23 18:36 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-04-25 08:41 . 2011-06-23 18:36 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-04-25 08:41 . 2011-04-25 16:11 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2003-03-31 12:00 . 2011-04-25 16:11 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2003-03-31 12:00 . 2011-04-25 16:11 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2011-08-11 07:03 . 2011-04-25 16:11 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
+ 2011-08-11 07:02 . 2011-04-25 16:11 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
+ 2011-08-11 07:02 . 2011-04-25 16:11 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
+ 2011-08-11 07:02 . 2011-04-25 16:11 43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
+ 2011-08-11 07:02 . 2011-04-25 16:11 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\97e97eafeae00970e0712db0f4f934b6\WindowsLiveWriter.ni.exe
+ 2011-08-11 07:23 . 2011-08-11 07:23 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\78b53ad4063e0928bbcba152067fa7fe\WindowsLive.Writer.Api.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\343c52b741531ce9ae874ea7508831a7\System.Windows.Presentation.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\246110974e3c48733458819b07464b23\System.Web.DynamicData.Design.ni.dll
+ 2011-08-11 07:24 . 2011-08-11 07:24 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-11 07:17 . 2011-08-11 07:17 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\40ee65aacd9d7472cd6f8dddbfca604b\PresentationFontCache.ni.exe
+ 2011-08-11 07:16 . 2011-08-11 07:16 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\12c424eed7ee0e9c017bf72ff09eb78c\PresentationCFFRasterizer.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f9c514544c8e23220493cd42a0e20678\Microsoft.Vsa.ni.dll
- 2011-06-28 03:55 . 2011-06-28 03:55 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-06-28 03:55 . 2011-06-28 03:55 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-06-28 03:55 . 2011-06-28 03:55 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 105984 c:\windows\system32\url.dll
- 2003-03-31 12:00 . 2009-03-08 09:34 105984 c:\windows\system32\url.dll
- 2003-03-31 12:00 . 2011-06-28 03:56 560230 c:\windows\system32\perfh009.dat
+ 2003-03-31 12:00 . 2011-08-11 07:14 560230 c:\windows\system32\perfh009.dat
- 2003-03-31 12:00 . 2011-04-25 16:11 206848 c:\windows\system32\occache.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 206848 c:\windows\system32\occache.dll
- 2003-03-31 12:00 . 2011-04-25 16:11 611840 c:\windows\system32\mstime.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 611840 c:\windows\system32\mstime.dll
+ 2006-11-08 01:03 . 2011-06-23 18:36 602112 c:\windows\system32\msfeeds.dll
- 2006-11-08 01:03 . 2011-04-25 16:11 602112 c:\windows\system32\msfeeds.dll
- 2003-03-31 12:00 . 2011-04-25 16:11 184320 c:\windows\system32\iepeers.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 184320 c:\windows\system32\iepeers.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 387584 c:\windows\system32\iedkcs32.dll
- 2003-03-31 12:00 . 2011-04-25 16:11 387584 c:\windows\system32\iedkcs32.dll
- 2003-03-31 12:00 . 2011-04-25 12:01 173568 c:\windows\system32\ie4uinit.exe
+ 2003-03-31 12:00 . 2011-06-23 12:05 173568 c:\windows\system32\ie4uinit.exe
+ 2010-06-18 17:45 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
- 2010-06-18 17:45 . 2011-04-26 11:07 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2007-05-25 01:41 . 2011-06-23 18:36 916480 c:\windows\system32\dllcache\wininet.dll
- 2007-05-25 01:41 . 2011-04-25 16:11 916480 c:\windows\system32\dllcache\wininet.dll
- 2006-10-17 16:05 . 2009-03-08 09:34 105984 c:\windows\system32\dllcache\url.dll
+ 2006-10-17 16:05 . 2011-06-23 18:36 105984 c:\windows\system32\dllcache\url.dll
+ 2007-05-24 22:03 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys
- 2007-05-24 22:03 . 2008-04-14 00:13 139656 c:\windows\system32\dllcache\rdpwd.sys
- 2006-10-17 16:04 . 2011-04-25 16:11 206848 c:\windows\system32\dllcache\occache.dll
+ 2006-10-17 16:04 . 2011-06-23 18:36 206848 c:\windows\system32\dllcache\occache.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 611840 c:\windows\system32\dllcache\mstime.dll
- 2003-03-31 12:00 . 2011-04-25 16:11 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-04-25 08:41 . 2011-06-23 18:36 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2007-04-25 08:41 . 2011-04-25 16:11 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-11-12 23:46 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
- 2008-11-12 23:46 . 2011-04-29 16:19 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2009-08-17 14:15 . 2011-06-23 18:36 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-08-17 14:15 . 2011-04-25 16:11 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 184320 c:\windows\system32\dllcache\iepeers.dll
- 2003-03-31 12:00 . 2011-04-25 16:11 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-06-11 03:22 . 2011-04-25 16:11 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-11 03:22 . 2011-06-23 18:36 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2003-03-31 12:00 . 2011-04-25 16:11 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2003-03-31 12:00 . 2011-06-23 12:05 173568 c:\windows\system32\dllcache\ie4uinit.exe
- 2003-03-31 12:00 . 2011-04-25 12:01 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2011-08-25 04:27 . 2011-08-25 04:27 380928 c:\windows\Installer\{69995C7A-062A-4A90-A4DF-8C22895DF522}\iTunesIco.exe
+ 2011-08-11 07:02 . 2011-04-25 16:11 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll
+ 2011-08-11 07:02 . 2009-03-08 09:34 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll
+ 2011-08-11 07:03 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
+ 2011-08-11 07:03 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
+ 2011-08-11 07:02 . 2011-04-25 16:11 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll
+ 2011-08-11 07:02 . 2011-04-25 16:11 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll
+ 2011-08-11 07:02 . 2011-04-25 16:11 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
+ 2011-08-11 07:03 . 2011-04-25 16:11 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
+ 2011-08-11 07:02 . 2011-04-25 16:11 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
+ 2011-08-11 07:03 . 2011-04-25 16:11 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
+ 2011-08-11 07:02 . 2011-04-25 16:11 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
+ 2011-08-11 07:02 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
- 2008-11-12 23:46 . 2011-04-29 16:19 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-11-12 23:46 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-08-11 07:23 . 2011-08-11 07:23 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe
+ 2011-08-11 07:23 . 2011-08-11 07:23 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\e8e227f8d6f7e673a88df199558f48b4\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f73c94fa0013742b73f324125c580453\WindowsLive.Writer.FileDestinations.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f1353befa955f012cd30f76ad8297306\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f0c4570b4222b775a7a40e097a5d8065\WindowsLive.Writer.Instrumentation.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\edc5f41c43b9691ee627f6830fbd3d63\WindowsLive.Writer.SpellChecker.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d03ecf5f53da074d00ee83514cb01037\WindowsLive.Writer.Passport.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a1e0ab442d63b900ab191df44c9bc87d\WindowsLive.Writer.Controls.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\93e2d41c89a4aec33e67d629636be312\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8b820482a2d9fb2c2ca60d501d1f0fee\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6ff7182984713139fd834adde115ae68\WindowsLive.Writer.Interop.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5ca46ae4422c6a299892ce94c321a562\WindowsLive.Writer.Localization.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\30ea49e7278bbc186912fef6cb23f8e1\WindowsLive.Writer.Extensibility.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\25b63a138fb6bb341ac5b712e87b843e\WindowsLive.Writer.BlogClient.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1eec36ce6bf0107aaff32457b9e45ded\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\3337eba040f4c0337e26225eea39a89f\WindowsLive.Client.ni.dll
+ 2011-08-11 07:19 . 2011-08-11 07:19 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961\WindowsFormsIntegration.ni.dll
+ 2011-08-11 07:19 . 2011-08-11 07:19 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\431e918aee8da919f5b9e3a5195ccf93\UIAutomationClient.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\System.Web.Routing.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54\System.Web.Extensions.Design.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\2314ff800782dc85224e69e802a073f7\System.Web.Entity.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c\System.Web.Entity.Design.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c5c96400424b85536443623f96f64581\System.Web.DynamicData.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Net.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad\System.Management.Instrumentation.ni.dll
+ 2011-08-11 07:21 . 2011-08-11 07:21 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll
+ 2011-08-11 07:21 . 2011-08-11 07:21 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
+ 2011-08-11 07:18 . 2011-08-11 07:18 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\822c996e6ad4901219b7de399a6f78bf\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8\System.Data.Services.Design.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6\System.Data.Services.Client.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead\System.Data.Entity.Design.ni.dll
+ 2011-08-11 07:24 . 2011-08-11 07:24 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b\System.Data.DataSetExtensions.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\585e68739b2a8aff61ee6b2786513245\System.Configuration.Install.ni.dll
+ 2011-08-11 07:24 . 2011-08-11 07:24 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fbf6ef12d1456058acde29f2640092fb\System.AddIn.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe
+ 2011-08-11 07:23 . 2011-08-11 07:23 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575a6beb3a416bd480b98a7\ServiceModelReg.ni.exe
+ 2011-08-11 07:17 . 2011-08-11 07:17 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f52e48f55258d0a04fbab3a1f93752e9\PresentationFramework.Classic.ni.dll
+ 2011-08-11 07:17 . 2011-08-11 07:17 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\cf812b99f587ab514afb36fa9d4c1567\PresentationFramework.Aero.ni.dll
+ 2011-08-11 07:17 . 2011-08-11 07:17 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b7795999cc67f3a6cec40f5b24005e00\PresentationFramework.Luna.ni.dll
+ 2011-08-11 07:17 . 2011-08-11 07:17 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09f5af61ea2af04eb32c04b3091ffc86\PresentationFramework.Royale.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe
+ 2011-08-11 07:23 . 2011-08-11 07:23 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
+ 2011-08-11 07:24 . 2011-08-11 07:24 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe
+ 2011-08-11 07:21 . 2011-08-11 07:21 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetMMCExt.ni.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-06-28 03:55 . 2011-06-28 03:55 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-06-28 03:55 . 2011-06-28 03:55 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-06-28 03:55 . 2011-06-28 03:55 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-06-28 03:55 . 2011-06-28 03:55 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2003-03-31 12:00 . 2011-06-23 18:36 1212416 c:\windows\system32\urlmon.dll
+ 2003-03-31 12:00 . 2011-07-25 15:17 5969920 c:\windows\system32\mshtml.dll
- 2006-10-17 15:57 . 2011-04-25 16:11 1991680 c:\windows\system32\iertutil.dll
+ 2006-10-17 15:57 . 2011-06-23 18:36 1991680 c:\windows\system32\iertutil.dll
+ 2007-05-25 01:41 . 2011-06-23 18:36 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2007-05-25 01:41 . 2011-07-25 15:17 5969920 c:\windows\system32\dllcache\mshtml.dll
+ 2007-04-25 08:41 . 2011-06-23 18:36 1991680 c:\windows\system32\dllcache\iertutil.dll
- 2007-04-25 08:41 . 2011-04-25 16:11 1991680 c:\windows\system32\dllcache\iertutil.dll
- 2011-01-18 08:39 . 2011-01-18 08:39 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-04-29 01:50 . 2011-04-29 01:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-08-25 04:27 . 2011-08-25 04:27 5467136 c:\windows\Installer\b67d6ef.msi
+ 2011-08-18 00:04 . 2011-08-18 00:04 1984512 c:\windows\Installer\a7df34c.msi
+ 2011-08-18 00:00 . 2011-08-18 00:00 1485312 c:\windows\Installer\a7df2f9.msi
+ 2011-08-17 23:58 . 2011-08-17 23:58 9474048 c:\windows\Installer\a7df1ce.msi
+ 2011-05-02 04:06 . 2011-05-02 04:06 2705920 c:\windows\Installer\2a6ec70e.msp
+ 2011-08-22 23:36 . 2011-08-22 23:36 1066496 c:\windows\Installer\15d0ac.msi
+ 2011-08-11 07:02 . 2011-04-25 16:11 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-08-11 07:02 . 2011-05-30 22:19 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
+ 2011-08-11 07:02 . 2011-04-25 16:11 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fdad016fef04d32712a21af80a23051d\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dc8595dc676d5134e7be100dc2713745\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9dd26d88f17b553c4a2b2a842642735d\WindowsLive.Writer.PostEditor.ni.dll
+ 2011-08-11 07:16 . 2011-08-11 07:16 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsBase.ni.dll
+ 2011-08-11 07:19 . 2011-08-11 07:19 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\162600dde59fbaa0c048a949158ecba3\UIAutomationClientsideProviders.ni.dll
+ 2011-08-11 07:15 . 2011-08-11 07:15 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
+ 2011-08-11 07:19 . 2011-08-11 07:19 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\22229a30650a9afbac984e1093898b13\System.WorkflowServices.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a\System.Workflow.Runtime.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e\System.Workflow.ComponentModel.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\ab4b50c7c789e46a485903365765fde8\System.Workflow.Activities.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll
+ 2011-08-11 07:26 . 2011-08-11 07:26 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll
+ 2011-08-11 07:19 . 2011-08-11 07:19 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e1208f0d981c420fc59f806bfbaa713b\System.Speech.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69\System.ServiceModel.Web.ni.dll
+ 2011-08-11 07:21 . 2011-08-11 07:21 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
+ 2011-08-11 07:18 . 2011-08-11 07:18 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\90b444d02047ef27921153d46967ef0e\System.Printing.ni.dll
+ 2011-08-11 07:21 . 2011-08-11 07:21 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll
+ 2011-08-11 07:18 . 2011-08-11 07:18 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll
+ 2011-08-11 07:18 . 2011-08-11 07:18 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\c1b9b8ce390548dcca661a5e6a908408\System.Data.Services.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\c729750d54f6e7427230622bcccd4709\System.Data.OracleClient.ni.dll
+ 2011-08-11 07:18 . 2011-08-11 07:18 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\571af34939797a7c1cd05b0b925a45bf\System.Data.Linq.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\2b58cc071d6bf0c741e91f86c09de5d7\System.Data.Entity.ni.dll
+ 2011-08-11 07:18 . 2011-08-11 07:18 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll
+ 2011-08-11 07:18 . 2011-08-11 07:18 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24ab0cacc77e8696ceff3157942a2de4\ReachFramework.ni.dll
+ 2011-08-11 07:17 . 2011-08-11 07:17 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fac1ca86f4fea17de40d7fdaba38563e\PresentationUI.ni.dll
+ 2011-08-11 07:16 . 2011-08-11 07:16 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b187becbc388c4ce7f33ede4da76e7b1\PresentationBuildTasks.ni.dll
+ 2011-08-11 07:24 . 2011-08-11 07:24 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-11 07:25 . 2011-08-11 07:25 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\345abd035c9378667b1cac54c1f21c97\Microsoft.JScript.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
+ 2011-08-11 07:23 . 2011-08-11 07:23 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-06-28 03:55 . 2011-06-28 03:55 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-06-28 03:55 . 2011-06-28 03:55 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-08-11 07:13 . 2011-08-11 07:13 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-06-28 03:55 . 2011-06-28 03:55 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-08-11 07:14 . 2011-08-11 07:14 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-06-28 03:56 . 2011-06-28 03:56 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-06-28 03:56 . 2011-08-11 07:14 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2007-05-25 01:55 . 2011-08-11 07:03 52390856 c:\windows\system32\MRT.exe
+ 2006-11-08 01:03 . 2011-06-23 18:36 11081728 c:\windows\system32\ieframe.dll
- 2006-11-08 01:03 . 2011-04-26 14:11 11081728 c:\windows\system32\ieframe.dll
+ 2007-04-25 08:41 . 2011-06-23 18:36 11081728 c:\windows\system32\dllcache\ieframe.dll
- 2007-04-25 08:41 . 2011-04-26 14:11 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-08-11 07:02 . 2011-04-26 14:11 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-08-11 07:19 . 2011-08-11 07:19 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
+ 2011-08-11 07:22 . 2011-08-11 07:22 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
+ 2011-08-11 07:21 . 2011-08-11 07:21 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll
+ 2011-08-11 07:18 . 2011-08-11 07:18 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038c8e2e41415657db8fc\System.Design.ni.dll
+ 2011-08-11 07:17 . 2011-08-11 07:17 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll
+ 2011-08-11 07:16 . 2011-08-11 07:16 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03eca57419c4f0e884092ee\PresentationCore.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-06-07 22:03 194848 ------w- c:\program files\Yontoo Layers Runtime\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-29 766041]
"lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" [2007-05-04 291760]
"lxddamon"="c:\program files\Lexmark 2500 Series\lxddamon.exe" [2007-03-05 20480]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
backup=c:\windows\pss\HotSync Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RNX-MiniN1 11n USB Wireless LAN Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\RNX-MiniN1 11n USB Wireless LAN Utility.lnk
backup=c:\windows\pss\RNX-MiniN1 11n USB Wireless LAN Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ymetray.lnk]
backup=c:\windows\pss\ymetray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Bea^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Bea^Start Menu^Programs^Startup^MEMonitor.lnk]
backup=c:\windows\pss\MEMonitor.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Bea^Start Menu^Programs^Startup^Secunia PSI.lnk]
backup=c:\windows\pss\Secunia PSI.lnkStartup
path=c:\documents and settings\Bea\Start Menu\Programs\Startup\Secunia PSI.lnk
.
[HKLM\~\startupfolder\C:^Documents and Settings^Bea^Start Menu^Programs^Startup^Yahoo! Widgets.lnk]
backup=c:\windows\pss\Yahoo! Widgets.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2010-12-10 02:43 69632 ----a-w- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2010-12-10 02:43 53248 ------w- c:\program files\Realtek\InstallShield\AzMixerSel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-02-10 02:09 135664 ----atw- c:\documents and settings\Bea\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2010-02-06 02:49 77824 -c--a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2010-02-06 02:49 118784 -c--a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2010-02-06 02:49 94208 -c--a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-08-19 05:07 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2010-02-06 04:04 471040 -c--a-w- c:\progra~1\LAUNCH~1\QtZgAcer.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
2006-06-26 20:47 331776 -c--a-w- c:\program files\Acer\OrbiCam\CameraAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraService(E)]
2004-11-01 23:22 262144 -c--a-w- c:\windows\system32\ElkCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]
2006-06-26 20:55 73728 -c--a-w- c:\program files\Acer\OrbiCam\InstallHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
2006-06-23 15:39 225280 -c--a-w- c:\windows\system32\LVCOMSX.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 14:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-12-10 02:43 16248320 ----a-w- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
2007-08-30 21:43 4670704 -c--a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
2007-06-08 14:59 224248 -c--a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ioloDMV"=2 (0x2)
"Lavasoft Ad-Aware Service"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"wlidsvc"=2 (0x2)
"LVPrcSrv"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"fsssvc"=3 (0x3)
"CSHelper"=2 (0x2)
"cmdAgent"=2 (0x2)
"btwdins"=2 (0x2)
"W32Time"=2 (0x2)
"UPS"=3 (0x3)
"mnmsrvc"=3 (0x3)
"helpsvc"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"ERSvc"=2 (0x2)
"CiSvc"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\App4R.exe"=
"c:\\WINDOWS\\system32\\lxddcoms.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\SecondLifeViewer2\\SLVoice.exe"=
"c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=
"c:\\Program Files\\RNX-MiniN1\\11n USB Wireless LAN Utility\\RtWLan.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddwbgw.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddjswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\lxddmon.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot
"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot
"53:UDP"= 53:UDP:Realtek AP UDP Prot
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [6/4/2011 3:06 PM 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6/4/2011 3:06 PM 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/4/2011 3:06 PM 19544]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [6/15/2011 5:33 PM 249648]
R2 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?]
R2 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxddserv.exe [4/26/2007 1:21 AM 99248]
R2 nxsIO32;NextSensor Kernel I/O Driver;c:\windows\system32\drivers\nxsIO32.sys [5/24/2007 7:53 PM 2208]
R3 RTL8192cu;RNX-MiniN1 Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [6/9/2011 3:41 PM 987904]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys --> c:\windows\system32\DRIVERS\cmdguard.sys [?]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys --> c:\windows\system32\DRIVERS\cmdhlp.sys [?]
S1 MpKsl16b132f5;MpKsl16b132f5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5A94C2D5-B20A-4417-8DB4-0AC78DA094B0}\MpKsl16b132f5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5A94C2D5-B20A-4417-8DB4-0AC78DA094B0}\MpKsl16b132f5.sys [?]
S1 MpKsl1726781a;MpKsl1726781a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{53590676-7959-4F11-9E79-09E687DC2F62}\MpKsl1726781a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{53590676-7959-4F11-9E79-09E687DC2F62}\MpKsl1726781a.sys [?]
S1 MpKsl22c1879f;MpKsl22c1879f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E0B0095C-40FA-4D70-9BAA-DAB16A77D255}\MpKsl22c1879f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E0B0095C-40FA-4D70-9BAA-DAB16A77D255}\MpKsl22c1879f.sys [?]
S1 MpKsl35e2d707;MpKsl35e2d707;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F3BF5254-81AE-48AD-8FCD-8C8071BBBBEC}\MpKsl35e2d707.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F3BF5254-81AE-48AD-8FCD-8C8071BBBBEC}\MpKsl35e2d707.sys [?]
S1 MpKsl3d2a8f83;MpKsl3d2a8f83;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{362F860F-47F4-4D19-B522-16C0DCB9BE44}\MpKsl3d2a8f83.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{362F860F-47F4-4D19-B522-16C0DCB9BE44}\MpKsl3d2a8f83.sys [?]
S1 MpKsl5076531f;MpKsl5076531f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F06B8A9B-28DA-447F-AA49-C64F955D1F23}\MpKsl5076531f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F06B8A9B-28DA-447F-AA49-C64F955D1F23}\MpKsl5076531f.sys [?]
S1 MpKsl7be8fdbc;MpKsl7be8fdbc;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{606217A1-466B-4F85-B883-C4D9A0CD673F}\MpKsl7be8fdbc.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{606217A1-466B-4F85-B883-C4D9A0CD673F}\MpKsl7be8fdbc.sys [?]
S1 MpKsla634e47f;MpKsla634e47f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C9928F29-07EF-4CF1-9F55-7FA21FF86D2E}\MpKsla634e47f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C9928F29-07EF-4CF1-9F55-7FA21FF86D2E}\MpKsla634e47f.sys [?]
S1 MpKslc86e4a84;MpKslc86e4a84;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{34F6F536-D31E-4442-A68A-FC28AFDB403B}\MpKslc86e4a84.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{34F6F536-D31E-4442-A68A-FC28AFDB403B}\MpKslc86e4a84.sys [?]
S1 MpKslfe538485;MpKslfe538485;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{606217A1-466B-4F85-B883-C4D9A0CD673F}\MpKslfe538485.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{606217A1-466B-4F85-B883-C4D9A0CD673F}\MpKslfe538485.sys [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.SYS --> c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [?]
S3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [7/7/2011 7:31 PM 195336]
S3 XPTWOPORT;XP TWO PORT Intermediate Driver;c:\windows\system32\drivers\XPTWOPORT.SYS [6/9/2011 3:41 PM 15872]
S4 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [6/6/2010 1:52 PM 266240]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 33490009
*NewlyCreated* - BBSVC
*NewlyCreated* - BBUPDATE
*NewlyCreated* - IPOD_SERVICE
*Deregistered* - 33490009
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 21:57]
.
2011-08-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-776561741-839522115-1003Core.job
- c:\documents and settings\Bea\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-10 02:09]
.
2011-08-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-776561741-839522115-1003UA.job
- c:\documents and settings\Bea\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-10 02:09]
.
2011-08-22 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 20:07]
.
2011-08-26 c:\windows\Tasks\User_Feed_Synchronization-{C78EAB38-8876-422B-960A-4047F8801EE5}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Bea\Application Data\Mozilla\Firefox\Profiles\7ey52m4f.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-25 23:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_MFEHIDK\0000\LogConf]
@DACL=(02 0000)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3224)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-08-25 23:57:11
ComboFix-quarantined-files.txt 2011-08-26 03:57
ComboFix2.txt 2011-07-31 05:49
ComboFix3.txt 2011-04-16 04:24
.
Pre-Run: 31,366,885,376 bytes free
Post-Run: 31,388,815,360 bytes free
.
- - End Of File - - C4199E463A6555766989AF05FC42C767
  • 0

#8
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hi,

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, click the "Update" tab and click the "Check For updates" button.
  • Once the updates were downloaded, click the "Scanner" tab, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
  • 0

#9
butterrice

butterrice

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 347 posts
Malwarebytes Report - Eset on the way.


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7587

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

8/27/2011 9:30:07 AM
mbam-log-2011-08-27 (09-30-07).txt

Scan type: Quick scan
Objects scanned: 202981
Time elapsed: 8 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#10
butterrice

butterrice

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 347 posts
[email protected] as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=0ab124025cc8c04f9807f7b513757df9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-03-27 07:39:26
# local_time=2011-03-27 03:39:26 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=3073 16777213 80 89 24046246 33954937 0 0
# compatibility_mode=5891 16776869 42 87 0 12352878 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# compatibility_mode=9217 16777214 0 4 71191066 71191066 0 0
# scanned=85306
# found=5
# cleaned=5
# scan_time=6752
C:\Documents and Settings\Bea\Application Data\Uniblue\RegistryBooster\_temp\ub.exe a variant of Win32/RegistryBooster application (deleted - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{628A3290-3B78-4B45-B31D-D532493B9D73}\RP363\A0092795.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{628A3290-3B78-4B45-B31D-D532493B9D73}\RP363\A0092796.exe a variant of Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{628A3290-3B78-4B45-B31D-D532493B9D73}\RP365\A0092913.exe a variant of Win32/RegistryBooster application (deleted - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\02162010_173150\C_Documents and Settings\All Users\Application Data\920b81e\4846.mof Win32/RogueAV.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=0ab124025cc8c04f9807f7b513757df9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-04-02 06:47:30
# local_time=2011-04-02 02:47:30 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=3073 16777213 80 89 24518048 34426739 0 0
# compatibility_mode=5891 16776869 42 87 0 12824680 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# compatibility_mode=9217 16777214 0 4 71662868 71662868 0 0
# scanned=86372
# found=1
# cleaned=1
# scan_time=7034
C:\System Volume Information\_restore{628A3290-3B78-4B45-B31D-D532493B9D73}\RP365\A0092914.mof Win32/RogueAV.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=0ab124025cc8c04f9807f7b513757df9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-04-05 04:37:56
# local_time=2011-04-05 12:37:56 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=3073 16777213 80 89 24769660 34678351 0 0
# compatibility_mode=5891 16776869 42 87 0 13076292 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# compatibility_mode=9217 16777214 0 4 71914480 71914480 0 0
# scanned=85861
# found=0
# cleaned=0
# scan_time=6848
[email protected] as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=0ab124025cc8c04f9807f7b513757df9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-08-27 04:04:38
# local_time=2011-08-27 12:04:38 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 12284852 12284852 0 0
# compatibility_mode=9217 16777214 0 4 84396938 84396938 0 0
# scanned=91973
# found=5
# cleaned=5
# scan_time=7190
C:\Documents and Settings\Bea\My Documents\Downloads\PageRageSetup.exe probably a variant of Win32/Adware.BGJATNS application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll Win32/Adware.Yontoo.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{628A3290-3B78-4B45-B31D-D532493B9D73}\RP35\A0017676.dll a variant of Win32/Adware.Yontoo.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{628A3290-3B78-4B45-B31D-D532493B9D73}\RP57\A0023552.dll Win32/Adware.Yontoo.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
  • 0

#11
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hi,

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    [2011/06/26 23:22:50 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\Bea\Application Data\Mozilla\Firefox\Profiles\7ey52m4f.default\extensions\[email protected]
    O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
    
    :Files
    C:\Program Files\Yontoo Layers Runtime
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done





Your logs appear to be clean now. There is only a bit of cleanup that we will deal with in this post, as well as prevention from future infections. ^_^

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
    Posted Image
  • Please follow the prompts to uninstall Combofix.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • Download OTC to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep a backup of your important files
Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Make proper use of your anti-virus and firewall
You should keep your anti-virus and firewall guard enabled at all times, don't shut them off unless there's a specific reason to do so.

Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure nothing has slipped through your protection. Once every two weeks works well for many people. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Keep in mind that anti-virus programs are far from perfect. They don't protect you against every piece of malware that's out there, so don't trust them blindly. If an anti-virus reports a file as 'clean' then it's doesn't necessarily has to mean it is.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep all your software updated
It is important to keep up on system updates from Microsoft by regularly checking their website at: http://windowsupdate.microsoft.com/, as these patch critical security vulnerabilities and help to keep you safe.

It's also important to keep programs up to date so that malware doesn't exploit any old security flaws. FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Java and Adobe Reader are two of the main security vulnerabilities. You can find the latest version of Java here, you will want the Java SE Runtime Environment (JRE) one. You can find the latest version of Adobe Reader here.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Use a safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a couple good free alternatives: Firefox and Opera. Both are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these. If you wish to continue using Internet Explorer, it would be a good idea to follow the tutorial here which will help you to make IE much safer.

If you decide to use the Firefox browser, the McAfee SiteAdvisor add-on will nicely help to enhance your security. This add-on tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Some other security programs

It is wise these days to have a few security programs installed and running on your machine except from just an anti-virus and a firewall. I will list some of them.
  • A good anti-spyware program installed on your pc is very important to help remove any spyware that may have gotten on your computer. I highly recommend Malwarebytes' Anti-Malware.
  • SpywareBlaster to help prevent spyware from installing in the first place.
  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites in the future.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be careful
Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to exercise common sense. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully to make sure that you know what you're getting.

Using peer-to-peer programs (eg: LimeWire, BitTorrent, uTorrent, Kazaa) or downloading cracks and keygens is something else to avoid. These are the most common way to get infected. Malware writers use these programs to spread infections as it is the easiest way for them. The majority of infections we see in the Malware Removal forum are due to people using p2p programs to download cracks/keygens/warez. These are not only illegal, but will always contain some form of malware. You have no way of verifying that the things you download are legitimate or that they don't contain malware. Even with an up to date anti-virus and firewall, some of these things will still infect you. It is highly recommend that you uninstall all peer-to-peer programs. It just isn't worth it.

Other common ways of getting infected are dis-reputable sites forcing you to download and install a codec. Or viruses using Instant Messaging programs (Windows Live Messenger, MSN Messenger, AIM) to send a file claiming it to be "photos" from a friend, only for it to turn out to be a virus.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Slow computer?
If your computer begins to slow down in the future for no particular reason, your first step should not be to come to the malware forum. As your computer ages and is used, it's parts wear, files and programs accumulate, and its performance can decrease. To restore your computer's performance to its best possible level, follow the steps in this page written by malware expert Miekiemoes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'll leave this thread open for a couple days in case you come across any lingering problems that need fixing, then I'll close it up. If you need it reopened for any reason just shoot me a PM. It's been a pleasure working with you, now best of luck!

Cheers,
Gammo :)
  • 0

#12
butterrice

butterrice

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 347 posts
All is looking good!! Thank you so much for your help!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP