Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Security Guard 2012/Win32.Tracur.F cant open MBAM


  • This topic is locked This topic is locked

#16
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

I need to have you run TDSSKiller again, and take action on this item:

13:49:52.0953 2200 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
13:49:52.0984 2200 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:49:52.0984 2200 \Device\Harddisk0\DR0 - detected TDSS File System (1)

You will need to select Cure on this specific one.
  • 0

Advertisements


#17
StupidVirus

StupidVirus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
I ran TDSS again the only thing I see that looks similar to what you posted is " TDDS File System, Physical Drive: \Device\Harddisk0\DR0 suspicious object medium risk" but the only options for me are skip, copy to quarantine, delete.
  • 0

#18
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
hmm... That's really interesting.. Basically what that is showing me is that you're still infected with a TDSS infection.

When you first ran ComboFix, did you allow it to install the Recovery Console?

Also, can you please attempt to run this utility for me?


Scanning with GMER

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.


Posted Image
Download GMER Rootkit Scanner from here or here.
  • Extract the contents of the zipped file to desktop.
  • Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

    Posted Image
    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop, and attach it in your reply.

Notes:
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.
  • 0

#19
StupidVirus

StupidVirus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
I clicked yes to everything on combofix im unsure if recovery console came up but I have used combofix before and remember recovery console being installed previously if that helps. Here is the GMER log


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-14 14:50:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 ST316081 rev.3.AD
Running: gmer.exe; Driver: C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\ugtyypow.sys


---- System - GMER 1.0.15 ----

SSDT spso.sys ZwCreateKey [0xF74510E0]
SSDT spso.sys ZwEnumerateKey [0xF7469DA4]
SSDT spso.sys ZwEnumerateValueKey [0xF746A132]
SSDT spso.sys ZwOpenKey [0xF74510C0]
SSDT spso.sys ZwQueryKey [0xF746A20A]
SSDT spso.sys ZwQueryValueKey [0xF746A08A]
SSDT spso.sys ZwSetValueKey [0xF746A29C]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xA55EC640]

INT 0x63 ? 866A5F00
INT 0x73 ? 87165BF8
INT 0x83 ? 866A5F00
INT 0x84 ? 866A5F00
INT 0x94 ? 866A5F00
INT 0xA4 ? 866A5F00

---- Kernel code sections - GMER 1.0.15 ----

? spso.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload F5CD88AC 5 Bytes JMP 866A54E0

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[936] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\PROGRA~1\MI1933~1\OFFICE11\OUTLOOK.EXE[2268] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 30F52DF0 C:\Program Files\Common Files\Microsoft Shared\office11\mso.dll (Microsoft Office 2003 component/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 285507792

---- Files - GMER 1.0.15 ----

ADS C:\_OTL\MovedFiles\10112011_100425\C_WINDOWS\1934543457:2654318988.exe 784 bytes executable

---- EOF - GMER 1.0.15 ----
  • 0

#20
StupidVirus

StupidVirus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Just letting you know I will be gone till monday, thanks for your help this week.
  • 0

#21
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

Thanks for that information.

Please run this script with ComboFix when you get a chance:

ComboFix Script
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
  • They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Copy/paste the text inside the Codebox below into notepad:

Here's how to do that:
Click Start > Run type Notepad click OK.
This will open an empty notepad file:

Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy')

KillAll::
ADS::
C:\_OTL\MovedFiles\10112011_100425\C_WINDOWS\1934543457

Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste')

Save this file to your desktop, Save this as "CFScript"


Here's how to do that:

1.Click File;
2.Click Save As... Change the directory to your desktop;
3.Change the Save as type to "All Files";
4.Type in the file name: CFScript
5.Click Save ...

Posted Image
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. If ComboFix prompts you to update to the newest version, please allow it to do so. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you.
  • Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
  • 0

#22
StupidVirus

StupidVirus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hi, here is the combofix log.


ComboFix 11-10-18.02 - Christopher Nova 10/18/2011 12:26:03.11.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.484 [GMT -4:00]
Running from: c:\documents and settings\Christopher Nova\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Christopher Nova\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
* Created a new restore point
.
ADS - 1934543457: deleted 784 bytes in 1 streams.
.
((((((((((((((((((((((((( Files Created from 2011-09-18 to 2011-10-18 )))))))))))))))))))))))))))))))
.
.
2011-10-11 18:16 . 2011-10-11 18:16 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-10-11 17:46 . 2011-10-11 17:46 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer
2011-10-07 19:08 . 2011-10-07 19:09 -------- d-----w- c:\documents and settings\Administrator
2011-10-04 17:06 . 2011-10-04 17:06 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-04 16:05 . 2011-10-04 16:05 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-04 16:00 . 2011-10-04 16:00 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{71D3F924-CDB7-4143-A394-C07FD2CDA337}\offreg.dll
2011-10-04 16:00 . 2011-09-12 23:14 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{71D3F924-CDB7-4143-A394-C07FD2CDA337}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-11 18:23 . 2007-05-09 15:52 98304 ----a-w- c:\windows\DUMP5a45.tmp
2011-10-11 17:22 . 2007-05-09 15:52 98304 ----a-w- c:\windows\DUMP5880.tmp
2011-09-26 15:41 . 2008-07-29 23:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-10 16:51 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2004-08-10 16:51 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-12 23:14 . 2010-08-23 13:16 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-09 09:12 . 2004-08-10 16:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2004-08-10 16:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 21:00 . 2009-09-23 19:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-22 23:48 . 2004-08-10 16:51 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-10 16:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-10 16:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-10 16:51 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-10 16:50 138496 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((( SnapShot_2011-10-11_19.56.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-18 16:35 . 2011-10-18 16:35 16384 c:\windows\temp\Perflib_Perfdata_768.dat
+ 2004-08-10 16:51 . 2011-10-13 20:56 92722 c:\windows\system32\perfc009.dat
- 2004-08-10 16:51 . 2011-06-23 18:36 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-10 16:51 . 2011-08-22 23:48 66560 c:\windows\system32\mshtmled.dll
- 2006-11-08 01:03 . 2011-06-23 18:36 55296 c:\windows\system32\msfeedsbs.dll
+ 2006-11-08 01:03 . 2011-08-22 23:48 55296 c:\windows\system32\msfeedsbs.dll
- 2004-08-10 16:51 . 2011-06-23 18:36 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-10 16:51 . 2011-08-22 23:48 25600 c:\windows\system32\jsproxy.dll
+ 2009-10-07 18:34 . 2011-08-22 23:48 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-10-07 18:34 . 2011-06-23 18:36 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-10-08 18:56 . 2009-10-08 18:56 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2009-10-08 18:56 . 2011-09-26 15:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
- 2007-05-09 16:01 . 2011-06-23 18:36 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-05-09 16:01 . 2011-08-22 23:48 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-04-25 08:41 . 2011-08-22 23:48 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-04-25 08:41 . 2011-06-23 18:36 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2006-10-17 16:05 . 2011-06-23 18:36 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2006-10-17 16:05 . 2011-08-22 23:48 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2007-05-09 16:01 . 2011-06-23 18:36 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-05-09 16:01 . 2011-08-22 23:48 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2011-09-09 17:51 . 2011-10-12 15:47 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2011-09-09 17:51 . 2011-10-11 20:00 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-05-16 20:59 . 2011-10-11 20:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2007-05-16 20:59 . 2011-10-12 15:47 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-09-09 17:51 . 2011-10-12 15:47 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2011-09-09 17:51 . 2011-10-11 20:00 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-09-23 19:55 . 2010-09-23 19:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-07-08 18:00 . 2011-07-08 18:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-07-07 16:04 . 2011-07-07 16:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-09-23 06:26 . 2010-09-23 06:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-09-23 06:26 . 2010-09-23 06:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-07-07 16:04 . 2011-07-07 16:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-09-23 06:26 . 2010-09-23 06:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-07-07 16:03 . 2011-07-07 16:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2010-09-23 07:17 . 2010-09-23 07:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-07-07 17:09 . 2011-07-07 17:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-09-23 07:17 . 2010-09-23 07:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-07-07 17:09 . 2011-07-07 17:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2007-06-12 18:00 . 2011-09-15 14:06 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-06-04 14:01 . 2011-10-13 20:57 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-06-04 14:01 . 2011-06-16 14:09 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 12800 c:\windows\ie8updates\KB2586448-IE8\xpshims.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 66560 c:\windows\ie8updates\KB2586448-IE8\mshtmled.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 55296 c:\windows\ie8updates\KB2586448-IE8\msfeedsbs.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 43520 c:\windows\ie8updates\KB2586448-IE8\licmgr10.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 25600 c:\windows\ie8updates\KB2586448-IE8\jsproxy.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fac3dddc\System.Drawing.Design.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_fcb6225a\CustomMarshalers.dll
+ 2011-10-14 15:04 . 2011-10-14 15:04 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\888b745ca99d39692c2e9af222e5eae8\UIAutomationProvider.ni.dll
+ 2011-10-14 17:40 . 2011-10-14 17:40 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\6c334564da041df8fb75415f2d503224\System.Windows.Presentation.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a54a122f1070ab71931dd9679ddd8e90\System.Web.DynamicData.Design.ni.dll
+ 2011-10-14 16:54 . 2011-10-14 16:54 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-14 16:54 . 2011-10-14 16:54 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll
+ 2011-10-13 20:57 . 2011-10-13 20:57 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\66873b557d5c7013e4c630361473b0c2\PresentationFontCache.ni.exe
+ 2011-10-13 20:56 . 2011-10-13 20:56 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5b30652a7b802199984f93b5e414260f\PresentationCFFRasterizer.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\eaa8d72317e5b8047e413939cc71ffba\Microsoft.Vsa.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe
+ 2011-10-14 15:44 . 2011-10-14 15:44 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-07 14:00 . 2010-10-07 14:00 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2007-06-12 18:00 . 2011-09-15 14:06 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2011-08-17 14:16 . 2011-08-17 14:16 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-08-17 14:16 . 2011-08-17 14:16 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2004-08-10 16:51 . 2011-06-23 18:36 105984 c:\windows\system32\url.dll
+ 2004-08-10 16:51 . 2011-08-22 23:48 105984 c:\windows\system32\url.dll
+ 2004-08-10 16:51 . 2011-10-13 20:56 497378 c:\windows\system32\perfh009.dat
- 2004-08-10 16:51 . 2011-06-23 18:36 206848 c:\windows\system32\occache.dll
+ 2004-08-10 16:51 . 2011-08-22 23:48 206848 c:\windows\system32\occache.dll
+ 2004-08-10 16:51 . 2011-08-22 23:48 611840 c:\windows\system32\mstime.dll
- 2004-08-10 16:51 . 2011-06-23 18:36 611840 c:\windows\system32\mstime.dll
+ 2006-11-08 01:03 . 2011-08-22 23:48 602112 c:\windows\system32\msfeeds.dll
- 2006-11-08 01:03 . 2011-06-23 18:36 602112 c:\windows\system32\msfeeds.dll
- 2004-08-10 16:51 . 2011-06-23 18:36 184320 c:\windows\system32\iepeers.dll
+ 2004-08-10 16:51 . 2011-08-22 23:48 184320 c:\windows\system32\iepeers.dll
- 2004-08-10 16:51 . 2011-06-23 18:36 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-10 16:51 . 2011-08-22 23:48 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-10 16:51 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe
+ 2004-08-10 16:57 . 2011-10-14 15:00 305216 c:\windows\system32\FNTCACHE.DAT
- 2004-08-10 16:57 . 2011-07-14 14:21 305216 c:\windows\system32\FNTCACHE.DAT
- 2007-05-09 16:01 . 2011-06-23 18:36 916480 c:\windows\system32\dllcache\wininet.dll
+ 2007-05-09 16:01 . 2011-08-22 23:48 916480 c:\windows\system32\dllcache\wininet.dll
- 2006-10-17 16:05 . 2011-06-23 18:36 105984 c:\windows\system32\dllcache\url.dll
+ 2006-10-17 16:05 . 2011-08-22 23:48 105984 c:\windows\system32\dllcache\url.dll
- 2009-10-08 18:57 . 2009-10-08 18:57 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2009-10-08 18:57 . 2011-09-26 15:41 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2006-10-17 16:04 . 2011-08-22 23:48 206848 c:\windows\system32\dllcache\occache.dll
- 2006-10-17 16:04 . 2011-06-23 18:36 206848 c:\windows\system32\dllcache\occache.dll
+ 2007-05-09 16:01 . 2011-08-22 23:48 611840 c:\windows\system32\dllcache\mstime.dll
- 2007-05-09 16:01 . 2011-06-23 18:36 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-04-25 08:41 . 2011-08-22 23:48 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2007-04-25 08:41 . 2011-06-23 18:36 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-10-07 18:34 . 2011-08-22 23:48 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-10-07 18:34 . 2011-06-23 18:36 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2007-05-09 16:01 . 2011-06-23 18:36 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2007-05-09 16:01 . 2011-08-22 23:48 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-11 13:18 . 2011-08-22 23:48 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-06-11 13:18 . 2011-06-23 18:36 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2006-11-07 07:27 . 2011-06-23 18:36 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2006-11-07 07:27 . 2011-08-22 23:48 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2006-11-07 07:26 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-06-20 11:40 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
- 2008-06-20 11:40 . 2011-02-16 13:22 138496 c:\windows\system32\dllcache\afd.sys
+ 2011-07-07 09:18 . 2011-07-07 09:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-03-25 10:15 . 2011-03-25 10:15 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-03-25 10:15 . 2011-03-25 10:15 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 09:18 . 2011-07-07 09:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 16:04 . 2011-07-07 16:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 06:26 . 2010-09-23 06:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 06:25 . 2010-09-23 06:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-07-07 16:01 . 2011-07-07 16:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-09-23 07:17 . 2010-09-23 07:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-07-07 17:09 . 2011-07-07 17:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-06-12 18:00 . 2011-10-13 20:51 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-06-12 18:00 . 2011-10-13 20:51 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2007-06-12 18:00 . 2011-09-15 14:06 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2011-10-13 20:51 . 2011-06-23 18:36 916480 c:\windows\ie8updates\KB2586448-IE8\wininet.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 105984 c:\windows\ie8updates\KB2586448-IE8\url.dll
+ 2011-10-13 20:51 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll
+ 2011-10-13 20:51 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe
+ 2011-10-13 20:51 . 2011-06-23 18:36 206848 c:\windows\ie8updates\KB2586448-IE8\occache.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 611840 c:\windows\ie8updates\KB2586448-IE8\mstime.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 602112 c:\windows\ie8updates\KB2586448-IE8\msfeeds.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 247808 c:\windows\ie8updates\KB2586448-IE8\ieproxy.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 184320 c:\windows\ie8updates\KB2586448-IE8\iepeers.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 743424 c:\windows\ie8updates\KB2586448-IE8\iedvtool.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 387584 c:\windows\ie8updates\KB2586448-IE8\iedkcs32.dll
+ 2011-10-13 20:51 . 2011-06-23 12:05 173568 c:\windows\ie8updates\KB2586448-IE8\ie4uinit.exe
+ 2011-10-13 20:50 . 2011-10-13 20:50 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_45b7c193\System.Drawing.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_528bd19c\System.Drawing.Design.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_f7f32806\CustomMarshalers.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe
+ 2011-10-14 15:04 . 2011-10-14 15:04 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a2c1bb3c5b1447b398e72c56091ca571\WindowsFormsIntegration.ni.dll
+ 2011-10-14 15:04 . 2011-10-14 15:04 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f102afdffdbe2565bcedb7fa0626b865\UIAutomationTypes.ni.dll
+ 2011-10-14 15:04 . 2011-10-14 15:04 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\ba55240b7753047f8d1b03ef473bf74e\UIAutomationClient.ni.dll
+ 2011-10-14 17:40 . 2011-10-14 17:40 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3533d614ebecd4344efbee619dd11a74\System.Web.Routing.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d93514a764a83b18f6f3547b59cc8ae9\System.Web.Extensions.Design.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\93b5d1b77a74b76ac73cbf51ec871c01\System.Web.Entity.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d06a7d5872bbe85795f947f6c75d38c6\System.Web.Entity.Design.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ad0851438a18bf730d974c9b2f5f776a\System.Web.DynamicData.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\b2a84980f206431821d85d5155d5916f\System.Net.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\f36eded354122da9555a6c7cdbdb5431\System.Management.Instrumentation.ni.dll
+ 2011-10-14 15:44 . 2011-10-14 15:44 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll
+ 2011-10-14 15:44 . 2011-10-14 15:44 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
+ 2011-10-14 15:03 . 2011-10-14 15:03 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca06e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11cdd1c0d65428cd3505d3813d36638c\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-14 17:38 . 2011-10-14 17:38 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3f179f373f31817a914b639a56cc0497\System.Data.Services.Design.ni.dll
+ 2011-10-14 17:38 . 2011-10-14 17:38 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\fee1a48b769a8c4beb335ee5ce006091\System.Data.Entity.Design.ni.dll
+ 2011-10-14 16:54 . 2011-10-14 16:54 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\b9d9ff5d03e90ede1116794f2c7dd6da\System.Data.DataSetExtensions.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll
+ 2011-10-14 16:54 . 2011-10-14 16:54 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3048737e9e3bf5173121a084337256bc\System.AddIn.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe
+ 2011-10-14 16:53 . 2011-10-14 16:53 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe
+ 2011-10-14 15:01 . 2011-10-14 15:01 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c2ebcc8d60422f224b4088f3d7a2ac1f\PresentationFramework.Luna.ni.dll
+ 2011-10-14 15:01 . 2011-10-14 15:01 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94cfc00ad448575bfb0e67c53b514cd5\PresentationFramework.Aero.ni.dll
+ 2011-10-14 15:01 . 2011-10-14 15:01 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\478d57d96f3d8d5fc15c7ac635a4a6a1\PresentationFramework.Classic.ni.dll
+ 2011-10-14 15:01 . 2011-10-14 15:01 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\23c5852ff8ed973ff9b63ce9ba7f91f0\PresentationFramework.Royale.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe
+ 2011-10-14 16:53 . 2011-10-14 16:53 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\47ff0720cb80a0fc0bbd15ddc3d12adc\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\dc278e1123086ae32fec8f7e9751db14\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe
+ 2011-10-14 15:44 . 2011-10-14 15:44 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2004-08-10 16:51 . 2011-06-23 18:36 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-10 16:51 . 2011-08-22 23:48 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-10 16:51 . 2011-10-03 08:35 5971456 c:\windows\system32\mshtml.dll
+ 2006-10-17 15:57 . 2011-08-22 23:48 2000384 c:\windows\system32\iertutil.dll
+ 2008-10-16 12:57 . 2011-09-06 13:20 1858944 c:\windows\system32\dllcache\win32k.sys
- 2008-10-16 12:57 . 2011-06-02 14:02 1858944 c:\windows\system32\dllcache\win32k.sys
- 2007-05-09 16:01 . 2011-06-23 18:36 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2007-05-09 16:01 . 2011-08-22 23:48 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2007-05-09 16:01 . 2011-10-03 08:35 5971456 c:\windows\system32\dllcache\mshtml.dll
+ 2007-04-25 08:41 . 2011-08-22 23:48 2000384 c:\windows\system32\dllcache\iertutil.dll
- 2011-03-25 10:15 . 2011-03-25 10:15 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-07-07 09:18 . 2011-07-07 09:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-03-25 10:15 . 2011-03-25 10:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-07-07 09:18 . 2011-07-07 09:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-07-08 17:59 . 2011-07-08 17:59 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-09-23 19:55 . 2010-09-23 19:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2011-07-08 17:59 . 2011-07-08 17:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 19:55 . 2010-09-23 19:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-07-07 16:02 . 2011-07-07 16:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2010-09-23 06:26 . 2010-09-23 06:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 16:02 . 2011-07-07 16:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2010-09-23 19:55 . 2010-09-23 19:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-07-08 17:59 . 2011-07-08 17:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-09-20 19:36 . 2011-09-20 19:36 5521408 c:\windows\Installer\1409fff.msp
+ 2011-10-13 20:51 . 2011-06-23 18:36 1212416 c:\windows\ie8updates\KB2586448-IE8\urlmon.dll
+ 2011-10-13 20:51 . 2011-07-25 15:17 5969920 c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
+ 2011-10-13 20:51 . 2011-06-23 18:36 1991680 c:\windows\ie8updates\KB2586448-IE8\iertutil.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_3f019a40\System.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_0f90c00c\System.dll
+ 2011-10-13 20:51 . 2011-10-13 20:51 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_becfd4de\System.Xml.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_9ee748fa\System.Xml.dll
+ 2011-10-13 20:51 . 2011-10-13 20:51 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f7a5b1ed\System.Windows.Forms.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_9068317d\System.Windows.Forms.dll
+ 2011-10-13 20:51 . 2011-10-13 20:51 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_ef5a4918\System.Drawing.dll
+ 2011-10-13 20:51 . 2011-10-13 20:51 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_99c53a07\System.Design.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_16844648\System.Design.dll
+ 2011-10-13 20:51 . 2011-10-13 20:51 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ab18a0e8\mscorlib.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a09e82f3\mscorlib.dll
+ 2011-10-13 20:57 . 2011-10-13 20:57 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll
+ 2011-10-14 15:04 . 2011-10-14 15:04 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\55d4813580b1e5d268ff0564942cee9c\UIAutomationClientsideProviders.ni.dll
+ 2011-10-13 20:56 . 2011-10-13 20:56 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
+ 2011-10-14 15:04 . 2011-10-14 15:04 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
+ 2011-10-14 17:40 . 2011-10-14 17:40 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\17902fdb0e0d3bc8b49bce693415fe7e\System.WorkflowServices.ni.dll
+ 2011-10-14 17:40 . 2011-10-14 17:40 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f72c5f649951b0403e62bfab6c453e6f\System.Workflow.Runtime.ni.dll
+ 2011-10-14 17:40 . 2011-10-14 17:40 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0aa4f4174204c93cc5181df4a6b2fb09\System.Workflow.ComponentModel.ni.dll
+ 2011-10-14 17:40 . 2011-10-14 17:40 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\921629dc69a5a895101097c88ae67897\System.Workflow.Activities.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ccaf6bdd256a9b5079fedadcc8993327\System.Web.Extensions.ni.dll
+ 2011-10-14 15:03 . 2011-10-14 15:03 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\10d7daa3d1e62a0e40587cdc707be93f\System.Speech.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9ec7da53380a754b4ad97709df0dd7e7\System.ServiceModel.Web.ni.dll
+ 2011-10-14 15:44 . 2011-10-14 15:44 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
+ 2011-10-14 15:03 . 2011-10-14 15:03 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\0f8e14bfdb27645fb1a92ce26f9bf521\System.Printing.ni.dll
+ 2011-10-14 15:44 . 2011-10-14 15:44 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll
+ 2011-10-14 15:03 . 2011-10-14 15:03 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
+ 2011-10-14 15:02 . 2011-10-14 15:02 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll
+ 2011-10-14 17:38 . 2011-10-14 17:38 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\541142d8742e6e88f1e729fafee04e71\System.Data.Services.ni.dll
+ 2011-10-14 15:02 . 2011-10-14 15:02 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\d96a94076acb8e0c5a96a1b2de4b3a7a\System.Data.Linq.ni.dll
+ 2011-10-14 17:38 . 2011-10-14 17:38 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\a3ce22c2a84fdcb008d72d230ee0b2c0\System.Data.Entity.ni.dll
+ 2011-10-14 15:02 . 2011-10-14 15:02 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll
+ 2011-10-14 15:02 . 2011-10-14 15:02 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\714e9504255565bd9076fe13628e104a\ReachFramework.ni.dll
+ 2011-10-14 15:02 . 2011-10-14 15:02 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7dc6ee14234b0686182ced75f7dae990\PresentationUI.ni.dll
+ 2011-10-13 20:56 . 2011-10-13 20:56 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b42ad515bb20ec1f1250c040371c6730\PresentationBuildTasks.ni.dll
+ 2011-10-14 16:54 . 2011-10-14 16:54 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\8ad32b72258899177c07dc5912b5b748\Microsoft.JScript.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\415cef6abab5bb959f200f6c537bc289\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-08-17 14:15 . 2011-08-17 14:15 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-10-13 20:55 . 2011-10-13 20:55 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-08-17 14:16 . 2011-08-17 14:16 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-10-07 14:00 . 2010-10-07 14:00 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-10-13 20:50 . 2011-10-13 20:50 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-07 14:00 . 2010-10-07 14:00 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-04-17 13:04 . 2011-10-13 20:52 48324552 c:\windows\system32\MRT.exe
- 2006-11-08 01:03 . 2011-06-23 18:36 11081728 c:\windows\system32\ieframe.dll
+ 2006-11-08 01:03 . 2011-08-23 21:48 11081728 c:\windows\system32\ieframe.dll
- 2007-04-25 08:41 . 2011-06-23 18:36 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2007-04-25 08:41 . 2011-08-23 21:48 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-07-13 02:49 . 2011-07-13 02:49 11459584 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp
+ 2011-10-13 20:56 . 2011-10-13 20:56 20333568 c:\windows\Installer\140a014.msp
+ 2011-07-12 00:43 . 2011-07-12 00:43 11641344 c:\windows\Installer\140a009.msp
+ 2011-07-12 19:50 . 2011-07-12 19:50 17555968 c:\windows\Installer\1409feb.msp
+ 2011-10-13 20:51 . 2011-06-23 18:36 11081728 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll
+ 2011-10-14 15:04 . 2011-10-14 15:04 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
+ 2011-10-14 17:39 . 2011-10-14 17:39 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
+ 2011-10-14 16:53 . 2011-10-14 16:53 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll
+ 2011-10-14 15:03 . 2011-10-14 15:03 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b7e3e46b32176f76558\System.Design.ni.dll
+ 2011-10-14 15:01 . 2011-10-14 15:01 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll
+ 2011-10-13 20:57 . 2011-10-13 20:57 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll
+ 2011-10-13 20:56 . 2011-10-13 20:56 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-10 385024]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-30 68856]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-09-28 4611456]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe" [2004-04-06 172032]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-10 385024]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-01-15 267048]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"TomcatStartup 2.5"="c:\program files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2004-11-12 245760]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
Wireless USB 2.0 WLAN Card Utility.lnk - c:\program files\Dell Wireless\PRISMCFG.exe [2010-1-19 921707]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-30 113024]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PRISMAPI.DLL]
2006-10-12 14:42 450649 ----a-r- c:\windows\system32\PRISMAPI.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2006-08-14 18:20 462336 ----a-w- c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2007-05-09 16:16 169984 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\I.R.I.S. Desktop Search]
2006-01-11 13:37 5193512 ----a-w- c:\program files\IRIS Desktop Search\IRISDesktopSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-01-15 08:22 267048 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-07-30 13:15 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"=
"c:\\Program Files\\HP\\digital imaging\\bin\\hpqgalry.exe"=
"c:\\Documents and Settings\\Christopher Nova\\Desktop\\nes\\VirtuaNES.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [10/13/2009 8:48 AM 28544]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3/25/2011 8:49 AM 691696]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10/12/2009 9:24 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/12/2009 9:24 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [7/2/2010 8:35 AM 116608]
R2 PRISMSVC;PRISMSVC;c:\windows\system32\PRISMSVC.exe [1/19/2010 2:27 PM 61529]
R3 HPPLSBULK;HPPLSBULK;c:\windows\system32\drivers\hpplsbulk.sys [9/5/2007 11:30 AM 9344]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [1/14/2008 6:06 AM 21632]
S1 MpKsl348a0138;MpKsl348a0138;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{425DB155-C825-4CD2-8696-CFA42DB50DBF}\MpKsl348a0138.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{425DB155-C825-4CD2-8696-CFA42DB50DBF}\MpKsl348a0138.sys [?]
S1 MpKsl4a861a9e;MpKsl4a861a9e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{11CEB32F-3F2E-4B10-900D-4B7E25029816}\MpKsl4a861a9e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{11CEB32F-3F2E-4B10-900D-4B7E25029816}\MpKsl4a861a9e.sys [?]
S1 MpKsl587ae904;MpKsl587ae904;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A0DDDBCC-27EE-4A7C-AA0D-C623596B7323}\MpKsl587ae904.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A0DDDBCC-27EE-4A7C-AA0D-C623596B7323}\MpKsl587ae904.sys [?]
S1 MpKsl7cd5c4b0;MpKsl7cd5c4b0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8E1294D3-77FA-473F-AFCF-EAC03B262390}\MpKsl7cd5c4b0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8E1294D3-77FA-473F-AFCF-EAC03B262390}\MpKsl7cd5c4b0.sys [?]
S1 MpKsl8c05965a;MpKsl8c05965a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{98E544DF-F6F3-4658-AC67-014C9465481B}\MpKsl8c05965a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{98E544DF-F6F3-4658-AC67-014C9465481B}\MpKsl8c05965a.sys [?]
S1 MpKsl995b3c26;MpKsl995b3c26;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C3DED232-1984-43F5-B1E8-131F4F8C063E}\MpKsl995b3c26.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C3DED232-1984-43F5-B1E8-131F4F8C063E}\MpKsl995b3c26.sys [?]
S1 MpKsl9a7cda48;MpKsl9a7cda48;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8E1294D3-77FA-473F-AFCF-EAC03B262390}\MpKsl9a7cda48.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8E1294D3-77FA-473F-AFCF-EAC03B262390}\MpKsl9a7cda48.sys [?]
S1 MpKsla0e20273;MpKsla0e20273;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CFCB3CFE-4EC5-454F-8F32-1C5E150EB9E2}\MpKsla0e20273.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CFCB3CFE-4EC5-454F-8F32-1C5E150EB9E2}\MpKsla0e20273.sys [?]
S1 MpKslb4638dd0;MpKslb4638dd0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2C106391-F796-4F48-B6BD-110837462DB5}\MpKslb4638dd0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2C106391-F796-4F48-B6BD-110837462DB5}\MpKslb4638dd0.sys [?]
S1 MpKslf837ab25;MpKslf837ab25;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{16F2659B-730B-47FA-A691-122483152B2D}\MpKslf837ab25.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{16F2659B-730B-47FA-A691-122483152B2D}\MpKslf837ab25.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [10/12/2009 9:24 PM 12872]
S3 XDva390;XDva390;\??\c:\windows\system32\XDva390.sys --> c:\windows\system32\XDva390.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 19:57]
.
2011-10-03 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 19:39]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070509
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070509
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 68.237.161.12 71.243.0.12
FF - ProfilePath - c:\documents and settings\Christopher Nova\Application Data\Mozilla\Firefox\Profiles\ntuzg8xd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Move Media Player: [email protected] - c:\documents and settings\Christopher Nova\Application Data\Move Networks
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-18 12:35
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(736)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(3060)
c:\windows\system32\WININET.dll
c:\program files\IRIS Desktop Search\IRISDesktopSearchIntegration910.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\PRISMSVR.EXE
c:\windows\stsystra.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-10-18 12:42:03 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-18 16:42
ComboFix2.txt 2011-10-12 15:04
ComboFix3.txt 2011-10-11 20:02
ComboFix4.txt 2011-07-07 15:08
.
Pre-Run: 78,767,177,728 bytes free
Post-Run: 78,779,379,712 bytes free
.
- - End Of File - - BE4511E311DDAC1389F1228C370C93A2
  • 0

#23
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Do you have your Windows XP disc?
  • 0

#24
StupidVirus

StupidVirus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Yup
  • 0

#25
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Okay good to know.

Please run these tools:

Running aswMBR.exe

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image



NEXT:


Scanning with DDS

Posted Image
Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop.
-----------------------------------------------------

Please include the following logs in your thread:
  • Post the contents of the DDS.txt & Attach.txt reports in your next reply.

  • 0

Advertisements


#26
StupidVirus

StupidVirus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
I am about to run the aswmbr scan but it asked me if i would like to download "Avast!" for better detection results, should I click yes or no?
  • 0

#27
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Click No.
  • 0

#28
StupidVirus

StupidVirus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Here is the aswMBR log

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-19 13:18:28
-----------------------------
13:18:28.312 OS Version: Windows 5.1.2600 Service Pack 3
13:18:28.312 Number of processors: 2 586 0xF02
13:18:28.312 ComputerName: RECEPTION UserName:
13:18:33.890 Initialize success
13:19:16.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
13:19:16.031 Disk 0 Vendor: ST316081 3.AD Size: 152587MB BusType: 3
13:19:18.078 Disk 0 MBR read successfully
13:19:18.078 Disk 0 MBR scan
13:19:18.078 Disk 0 unknown MBR code
13:19:18.078 Disk 0 scanning sectors +312496380
13:19:18.171 Disk 0 scanning C:\WINDOWS\system32\drivers
13:19:25.796 Service scanning
13:19:26.484 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
13:19:27.046 Modules scanning
13:19:32.843 Disk 0 trace - called modules:
13:19:32.859 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys spfk.sys hal.dll >>UNKNOWN [0x87186938]<<
13:19:32.859 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86bf35b8]
13:19:32.859 3 CLASSPNP.SYS[f7684fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0x8710d030]
13:19:32.859 Scan finished successfully
13:20:04.906 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Christopher Nova\Desktop\MBR.dat"
13:20:04.906 The log file has been saved successfully to "C:\Documents and Settings\Christopher Nova\Desktop\aswMBR.txt"


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-19 13:18:28
-----------------------------
13:18:28.312 OS Version: Windows 5.1.2600 Service Pack 3
13:18:28.312 Number of processors: 2 586 0xF02
13:18:28.312 ComputerName: RECEPTION UserName:
13:18:33.890 Initialize success
13:19:16.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
13:19:16.031 Disk 0 Vendor: ST316081 3.AD Size: 152587MB BusType: 3
13:19:18.078 Disk 0 MBR read successfully
13:19:18.078 Disk 0 MBR scan
13:19:18.078 Disk 0 unknown MBR code
13:19:18.078 Disk 0 scanning sectors +312496380
13:19:18.171 Disk 0 scanning C:\WINDOWS\system32\drivers
13:19:25.796 Service scanning
13:19:26.484 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
13:19:27.046 Modules scanning
13:19:32.843 Disk 0 trace - called modules:
13:19:32.859 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys spfk.sys hal.dll >>UNKNOWN [0x87186938]<<
13:19:32.859 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86bf35b8]
13:19:32.859 3 CLASSPNP.SYS[f7684fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0x8710d030]
13:19:32.859 Scan finished successfully
13:20:04.906 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Christopher Nova\Desktop\MBR.dat"
13:20:04.906 The log file has been saved successfully to "C:\Documents and Settings\Christopher Nova\Desktop\aswMBR.txt"
13:20:44.609 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Christopher Nova\Desktop\MBR.dat"
13:20:44.609 The log file has been saved successfully to "C:\Documents and Settings\Christopher Nova\Desktop\aswMBR.txt"
  • 0

#29
StupidVirus

StupidVirus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Here is the DDS log


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Run by Christopher Nova at 13:25:00 on 2011-10-19
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.391 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070509
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070509
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: I.R.I.S. Desktop Search: {577ebca9-8ed3-45fc-a514-55b3817d4bcf} - c:\program files\iris desktop search\IRISDesktopSearchIntegration910.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [TomcatStartup 2.5] c:\program files\hewlett-packard\toolbox\hpbpsttp.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\dell wireless\PRISMCFG.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {AAD32D2E-02C8-11D7-81B3-0050FC352236} - hxxp://192.168.1.244:81/activeX/DvrActiveXSetup.exe
TCP: DhcpNameServer = 68.237.161.12 71.243.0.12
TCP: Interfaces\{EDA9A897-F7AD-4E92-A112-15EF00C6927D} : DhcpNameServer = 68.237.161.12 71.243.0.12
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: PRISMAPI.DLL - PRISMAPI.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\christopher nova\application data\mozilla\firefox\profiles\ntuzg8xd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\documents and settings\christopher nova\application data\mozilla\firefox\profiles\ntuzg8xd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\christopher nova\application data\mozilla\firefox\profiles\ntuzg8xd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\all users\application data\mozilla\firefox extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Move Media Player: [email protected] - c:\documents and settings\christopher nova\application data\Move Networks
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-10-13 28544]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165648]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-10-12 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-10-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-7-2 116608]
R2 PRISMSVC;PRISMSVC;c:\windows\system32\PRISMSVC.exe [2010-1-19 61529]
R3 HPPLSBULK;HPPLSBULK;c:\windows\system32\drivers\hpplsbulk.sys [2007-9-5 9344]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
S1 MpKsl348a0138;MpKsl348a0138;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{425db155-c825-4cd2-8696-cfa42db50dbf}\mpksl348a0138.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{425db155-c825-4cd2-8696-cfa42db50dbf}\MpKsl348a0138.sys [?]
S1 MpKsl4a861a9e;MpKsl4a861a9e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{11ceb32f-3f2e-4b10-900d-4b7e25029816}\mpksl4a861a9e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{11ceb32f-3f2e-4b10-900d-4b7e25029816}\MpKsl4a861a9e.sys [?]
S1 MpKsl587ae904;MpKsl587ae904;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a0dddbcc-27ee-4a7c-aa0d-c623596b7323}\mpksl587ae904.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a0dddbcc-27ee-4a7c-aa0d-c623596b7323}\MpKsl587ae904.sys [?]
S1 MpKsl7cd5c4b0;MpKsl7cd5c4b0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8e1294d3-77fa-473f-afcf-eac03b262390}\mpksl7cd5c4b0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8e1294d3-77fa-473f-afcf-eac03b262390}\MpKsl7cd5c4b0.sys [?]
S1 MpKsl8c05965a;MpKsl8c05965a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{98e544df-f6f3-4658-ac67-014c9465481b}\mpksl8c05965a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{98e544df-f6f3-4658-ac67-014c9465481b}\MpKsl8c05965a.sys [?]
S1 MpKsl995b3c26;MpKsl995b3c26;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c3ded232-1984-43f5-b1e8-131f4f8c063e}\mpksl995b3c26.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c3ded232-1984-43f5-b1e8-131f4f8c063e}\MpKsl995b3c26.sys [?]
S1 MpKsl9a7cda48;MpKsl9a7cda48;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8e1294d3-77fa-473f-afcf-eac03b262390}\mpksl9a7cda48.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8e1294d3-77fa-473f-afcf-eac03b262390}\MpKsl9a7cda48.sys [?]
S1 MpKsla0e20273;MpKsla0e20273;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{cfcb3cfe-4ec5-454f-8f32-1c5e150eb9e2}\mpksla0e20273.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{cfcb3cfe-4ec5-454f-8f32-1c5e150eb9e2}\MpKsla0e20273.sys [?]
S1 MpKslb4638dd0;MpKslb4638dd0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2c106391-f796-4f48-b6bd-110837462db5}\mpkslb4638dd0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2c106391-f796-4f48-b6bd-110837462db5}\MpKslb4638dd0.sys [?]
S1 MpKslf837ab25;MpKslf837ab25;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{16f2659b-730b-47fa-a691-122483152b2d}\mpkslf837ab25.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{16f2659b-730b-47fa-a691-122483152b2d}\MpKslf837ab25.sys [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-10-12 12872]
S3 XDva390;XDva390;\??\c:\windows\system32\xdva390.sys --> c:\windows\system32\XDva390.sys [?]
.
=============== Created Last 30 ================
.
2011-10-04 17:06:21 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-04 16:05:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-04 16:00:59 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{71d3f924-cdb7-4143-a394-c07fd2cda337}\offreg.dll
2011-10-04 16:00:51 7269712 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{71d3f924-cdb7-4143-a394-c07fd2cda337}\mpengine.dll
.
==================== Find3M ====================
.
2011-10-11 18:23:21 98304 ----a-w- c:\windows\DUMP5a45.tmp
2011-10-11 17:22:06 98304 ----a-w- c:\windows\DUMP5880.tmp
2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
.
============= FINISH: 13:26:03.53 ===============








Here is the attach log


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 5/16/2007 5:25:54 PM
System Uptime: 10/19/2011 10:30:06 AM (3 hours ago)
.
Motherboard: Dell Inc. | | 0CT017
Processor: Intel® Core™2 CPU 4300 @ 1.80GHz | Microprocessor | 1795/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 146 GiB total, 73.272 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP10: 7/18/2011 9:42:50 AM - Software Distribution Service 3.0
RP11: 7/19/2011 10:53:41 AM - System Checkpoint
RP12: 7/20/2011 3:07:42 PM - Software Distribution Service 3.0
RP13: 7/22/2011 10:16:42 AM - Software Distribution Service 3.0
RP14: 7/25/2011 8:14:08 AM - Software Distribution Service 3.0
RP15: 7/26/2011 10:08:27 AM - Software Distribution Service 3.0
RP16: 7/27/2011 10:19:15 AM - Software Distribution Service 3.0
RP17: 7/28/2011 10:19:35 AM - Software Distribution Service 3.0
RP18: 7/29/2011 10:20:32 AM - Software Distribution Service 3.0
RP19: 8/1/2011 8:33:08 AM - Software Distribution Service 3.0
RP20: 8/2/2011 9:41:06 AM - Software Distribution Service 3.0
RP21: 8/3/2011 9:43:44 AM - Software Distribution Service 3.0
RP22: 8/5/2011 9:59:51 AM - Software Distribution Service 3.0
RP23: 8/8/2011 8:42:59 AM - Software Distribution Service 3.0
RP24: 8/9/2011 10:00:17 AM - Software Distribution Service 3.0
RP25: 8/10/2011 4:05:48 PM - Software Distribution Service 3.0
RP26: 8/11/2011 9:57:33 AM - Software Distribution Service 3.0
RP27: 8/12/2011 10:09:20 AM - Software Distribution Service 3.0
RP28: 8/15/2011 10:01:37 AM - Software Distribution Service 3.0
RP29: 8/16/2011 11:01:14 AM - Restore Operation
RP30: 8/17/2011 10:02:25 AM - Software Distribution Service 3.0
RP31: 8/18/2011 1:01:59 PM - Software Distribution Service 3.0
RP32: 8/23/2011 1:16:21 PM - Software Distribution Service 3.0
RP33: 8/24/2011 1:53:30 PM - Software Distribution Service 3.0
RP34: 8/24/2011 5:29:20 PM - Software Distribution Service 3.0
RP35: 8/26/2011 12:44:15 PM - Software Distribution Service 3.0
RP36: 8/29/2011 12:34:56 PM - Software Distribution Service 3.0
RP37: 8/31/2011 10:32:37 AM - Software Distribution Service 3.0
RP38: 9/1/2011 11:41:49 AM - Software Distribution Service 3.0
RP39: 9/6/2011 10:14:32 AM - Software Distribution Service 3.0
RP40: 9/7/2011 4:23:13 PM - Software Distribution Service 3.0
RP41: 9/8/2011 12:59:54 PM - Software Distribution Service 3.0
RP42: 9/9/2011 2:01:39 PM - Software Distribution Service 3.0
RP43: 9/12/2011 9:12:34 AM - Software Distribution Service 3.0
RP44: 9/13/2011 11:53:43 AM - Software Distribution Service 3.0
RP45: 9/14/2011 3:19:18 PM - Software Distribution Service 3.0
RP46: 9/15/2011 10:00:43 AM - Software Distribution Service 3.0
RP47: 9/16/2011 10:32:01 AM - System Checkpoint
RP48: 9/16/2011 12:23:02 PM - Software Distribution Service 3.0
RP49: 9/19/2011 11:34:01 AM - Software Distribution Service 3.0
RP50: 9/20/2011 5:51:43 PM - System Checkpoint
RP51: 9/21/2011 10:55:06 AM - Software Distribution Service 3.0
RP52: 9/22/2011 11:37:12 AM - Software Distribution Service 3.0
RP53: 9/23/2011 9:42:46 AM - Installed Microsoft ActiveSync
RP54: 9/26/2011 1:38:04 PM - Software Distribution Service 3.0
RP55: 9/28/2011 10:00:55 AM - Software Distribution Service 3.0
RP56: 9/29/2011 10:03:17 AM - Software Distribution Service 3.0
RP57: 9/30/2011 9:57:52 AM - Software Distribution Service 3.0
RP58: 10/1/2011 9:57:43 AM - Software Distribution Service 3.0
RP59: 10/2/2011 9:57:42 AM - Software Distribution Service 3.0
RP60: 10/3/2011 11:42:02 AM - Software Distribution Service 3.0
RP61: 10/4/2011 11:57:03 AM - Software Distribution Service 3.0
RP62: 10/4/2011 12:00:48 PM - Software Distribution Service 3.0
RP63: 10/4/2011 1:19:42 PM - Restore Operation
RP64: 10/4/2011 1:25:47 PM - Restore Operation
RP65: 10/11/2011 10:06:27 AM - OTL Restore Point
RP66: 10/12/2011 1:17:05 PM - System Checkpoint
RP67: 10/13/2011 1:37:16 PM - System Checkpoint
RP68: 10/13/2011 4:49:57 PM - Software Distribution Service 3.0
RP69: 10/18/2011 12:24:49 PM - ComboFix created restore point
.
==== Installed Programs ======================
.
Acrobat.com
[email protected] ISO Burner
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.2
AIM 6
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Control Center
ATI Display Driver
AutoUpdate
Bonjour
BufferChm
Conexant D850 56K V.9x DFVc Modem
Corel Paint Shop Pro Photo XI
Corel Snapfire Plus
CP_PLSBusinessFlyers
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Dell CinePlayer
Dell Driver Download Manager
Dell Driver Reset Tool
Dell Support 3.2.1
Dell Support Center (Support Software)
Dell System Restore
Destinations
Digital Line Detect
Director
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DocumentViewer
ERUNT 1.1j
ESET Online Scanner v3
Google Desktop
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Color LaserJet 2820/2830/2840 2.0
HP Diagnostic Assistant
HP Image Zone 4.7
HP Software Update
HP Update
hppCLJ2800
hppDustDevil
hppFaxDrv
hppFonts
hppIOFiles
hppManuals2800
hppscan2800
hppScanTo
hppSendFax
hppTooCool
HPSystemDiagnostics
I.R.I.S. Desktop Search
InstantShare
Intel® Matrix Storage Manager
Intel® PRO Network Connections
iTunes
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java™ 6 Update 20
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware version 1.51.2.1300
ManyCam 2.4 (remove only)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word 2007
Microsoft Office Word MUI (English) 2007
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
Modem Helper
Move Media Player
Mozilla Firefox (3.6.18)
MP3 Player Utilities 3.73
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
Norton 360
Overland
Panda ActiveScan 2.0
PhotoGallery
Photosmart 320,370,7400,8100,8400 Series
PrintScreen
Project64 1.6
PS8100
PSPrinters06
QFolder
Qualxserve Service Agreement
QuickProjects
QuickTime
Readiris Pro 11
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Scan
SearchAssist
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SkinsHP1
Sonic Activation Module
Sonic Update Manager
SUPERAntiSpyware Free Edition
Symantec Technical Support Web Controls
TrayApp
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB980302)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URGE
URL Assistant
USB 2.0 Wireless LAN Card Utility
Viewpoint Media Player
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
WinRAR archiver
WinZip 11.2
.
==== Event Viewer Messages From Past Week ========
.
10/13/2011 11:00:34 AM, error: Print [19] - Sharing printer failed + 1722, Printer HP Photosmart 8100 Series share name HP Photosmart 8100 Series.
10/12/2011 12:15:45 PM, error: DCOM [10009] - DCOM was unable to communicate with the computer HECTOR using any of the configured protocols.
10/12/2011 12:15:24 PM, error: DCOM [10009] - DCOM was unable to communicate with the computer BROKEN using any of the configured protocols.
10/12/2011 11:54:32 AM, error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: Access is denied.
10/12/2011 11:51:25 AM, error: Print [19] - Sharing printer failed + 1722, Printer HP CLJ2840 PCL 6 - Black_White (1) share name HP CLJ2840 PCL 6 - Black_White (1).
10/12/2011 10:48:38 AM, error: Service Control Manager [7034] - The PRISMSVC service terminated unexpectedly. It has done this 1 time(s).
10/12/2011 10:48:38 AM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
10/12/2011 10:48:38 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
10/12/2011 10:48:38 AM, error: Service Control Manager [7034] - The Intel® Matrix Storage Event Monitor service terminated unexpectedly. It has done this 1 time(s).
10/12/2011 10:48:38 AM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
10/12/2011 10:48:38 AM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
10/12/2011 10:48:38 AM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
10/12/2011 10:48:38 AM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
10/12/2011 10:48:38 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/12/2011 10:48:37 AM, error: Service Control Manager [7034] - The SupportSoft Sprocket Service (DellSupportCenter) service terminated unexpectedly. It has done this 1 time(s).
10/12/2011 10:48:37 AM, error: Service Control Manager [7034] - The LiveUpdate Notice Service service terminated unexpectedly. It has done this 1 time(s).
10/12/2011 10:48:37 AM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
10/12/2011 10:48:36 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s).
10/12/2011 10:48:36 AM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
  • 0

#30
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

Can you please zip up the following file and then attach it in your next reply?

C:\Documents and Settings\Christopher Nova\Desktop\MBR.dat
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP