Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer rebooting, antivirus gets disabled

Started by WWhermit , Dec 17 2011 12:40 PM

Please log in to reply

#1
WWhermit

Posted 17 December 2011 - 12:40 PM

Member

Member
35 posts

I hope you kind folks can help me. My computer, Windows XP operating system, developed a habit of rebooting. When this first started, I would start up the computer, it will shut down and immediately reboot about 3 times in a row. Then, it would be fine. This gradually increased until it would reboot several times for about 45 minutes. Once in a while, about 1/2 into my work, it would do it again, destroying all my work.

I thought it might be mechanical. I swapped out the power supply. Didn't fix it. Then, I noticed that my Norton antivirus, about every 4 days, would be turned off, saying my computer is at risk. Now, every day when the computer is on, Norton tells me that it blocked an attack, usually something like the Malicious Spyware Package 9.

I had a problem about a year ago with Spyware, read about it on here. It was the fortuneroli.com malware. I used ComboFix and tdsskiller, and it seemed to work, but now I fear the fix was not complete. Please help! It's time for me to upgrade my system, but I need to know how to clear this stuff and protect my new system as well.

I appreciate all the help.

WWhermit

#2
WWhermit

Posted 17 December 2011 - 12:48 PM

Member

Topic Starter
Member
35 posts

Here's my OTL log.

OTL logfile created on: 12/17/2011 10:45:59 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Tim\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 57.14% Memory free
3.85 Gb Paging File | 3.00 Gb Available in Paging File | 77.92% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 56.64 Gb Total Space | 17.09 Gb Free Space | 30.18% Space Free | Partition Type: NTFS
Drive E: | 92.40 Gb Total Space | 85.12 Gb Free Space | 92.12% Space Free | Partition Type: NTFS

Computer Name: SYLVIA | User Name: Tim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/17 10:41:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
PRC - [2011/08/10 12:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe
PRC - [2010/09/07 08:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2010/09/07 08:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2009/10/14 13:31:02 | 000,098,304 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008/10/09 06:07:56 | 000,107,912 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/08/14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/07/26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/28 19:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/04/09 13:49:00 | 001,423,360 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
PRC - [2002/07/02 16:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE

========== Modules (No Company Name) ==========

MOD - [2011/10/13 08:20:49 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2011/10/13 08:20:48 | 003,182,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/10/13 08:20:47 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2011/10/13 08:20:44 | 004,550,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2011/10/13 08:20:42 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/10/13 08:20:38 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/09/07 08:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
MOD - [2010/09/07 08:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/02/05 10:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/10/09 06:07:56 | 000,107,912 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2008/08/14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
MOD - [2007/04/09 13:49:00 | 001,423,360 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
MOD - [2006/11/10 02:25:38 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/08/10 12:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe -- (NIS)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/09/07 08:47:18 | 000,202,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2009/10/14 13:31:02 | 000,098,304 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2008/10/09 06:07:56 | 000,107,912 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/07/26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/11/28 19:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe -- (LiveUpdate Notice Service)
SRV - [2003/03/09 12:31:02 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - [2011/11/20 09:29:12 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111216.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/11/20 09:29:12 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/11/20 09:29:12 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111216.034\NAVENG.SYS -- (NAVENG)
DRV - [2011/11/20 09:18:44 | 000,127,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/11/18 16:39:36 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111216.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/11/14 19:31:30 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111210.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/09 09:10:21 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/09/26 16:38:08 | 000,897,656 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMEFA.SYS -- (SymEFA)
DRV - [2011/08/08 15:38:11 | 000,132,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\ccSetx86.sys -- (ccSet_NIS)
DRV - [2011/08/02 18:22:10 | 000,566,904 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SRTSP.SYS -- (SRTSP)
DRV - [2011/08/02 18:22:10 | 000,031,864 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/07/25 18:18:39 | 000,387,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/07/25 18:18:35 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMDS.SYS -- (SymDS)
DRV - [2011/07/25 18:15:51 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\Ironx86.SYS -- (SymIRON)
DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/07/26 08:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/07/26 07:26:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/07/26 07:25:46 | 000,627,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/07/26 07:22:32 | 002,570,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2008/07/26 07:22:20 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008/04/13 10:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/03/24 03:20:24 | 000,046,208 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2007/03/15 06:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2007/01/23 14:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2006/10/18 11:12:16 | 000,012,664 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006/02/07 11:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2004/10/07 17:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/13 10:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002/07/24 12:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/19 09:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/07/19 09:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/19 09:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/19 09:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/07/19 09:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/07/19 09:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2001/08/17 11:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2011/11/20 09:32:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2011/12/17 10:19:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D86314B6-76A1-403C-9441-31A44CBC6F1C}: C:\Documents and Settings\Tim\Local Settings\Application Data\{D86314B6-76A1-403C-9441-31A44CBC6F1C} [2011/04/19 13:44:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3B436346-F3D1-4125-BD76-1F1FD537F238}: C:\Documents and Settings\Sylbasia\Local Settings\Application Data\{3B436346-F3D1-4125-BD76-1F1FD537F238} [2011/04/19 13:51:59 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2011/05/10 10:32:15 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.72.0.cab (SysInfo Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.c...driveragent.cab (Driver Agent ActiveX Control)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67614F0A-0FCF-4948-BCD6-31DF117B9991}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/23 21:06:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/17 10:41:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
[2011/12/16 12:05:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/12/15 09:19:21 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/12/14 09:35:53 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/12/14 09:34:10 | 000,463,080 | ---- | C] (CNET Download.com) -- C:\Documents and Settings\Tim\My Documents\cnet2_ComboFix_exe.exe
[2011/11/23 03:01:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2007/10/24 00:30:36 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/17 10:41:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
[2011/12/17 10:24:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/17 10:20:10 | 003,374,149 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000002-00001102-00000002-80651102}.CDF
[2011/12/17 10:20:10 | 003,374,149 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000002-00001102-00000002-80651102}.BAK
[2011/12/17 10:19:57 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/17 10:19:57 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/12/17 10:19:56 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/17 10:19:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/16 12:15:30 | 000,025,296 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000005-00000000-00000002-00001102-00000002-80651102}.rfx
[2011/12/16 12:15:30 | 000,025,296 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000005-00000000-00000002-00001102-00000002-80651102}.rfx
[2011/12/16 12:15:30 | 000,016,516 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000002-80651102}.rfx
[2011/12/16 12:15:30 | 000,016,516 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000002-00001102-00000002-80651102}.rfx
[2011/12/16 12:15:30 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011/12/16 12:15:30 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2011/12/16 12:15:30 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000005-00000000-00000002-00001102-00000002-80651102}.dat
[2011/12/16 12:15:30 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000002-00001102-00000002-80651102}.dat
[2011/12/15 22:43:51 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Tim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/15 16:05:03 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\MotoHelper Routing.job
[2011/12/15 13:55:39 | 000,671,370 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1302000.00A\Cat.DB
[2011/12/15 10:18:33 | 000,270,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 09:37:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/14 09:34:11 | 000,463,080 | ---- | M] (CNET Download.com) -- C:\Documents and Settings\Tim\My Documents\cnet2_ComboFix_exe.exe
[2011/12/13 16:05:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\MotoHelper Update.job
[2011/11/24 16:05:01 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\MotoHelper MUM.job
[2011/11/20 09:32:02 | 000,001,973 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2011/11/20 09:29:13 | 000,004,782 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1302000.00A\VT20111023.023
[2011/11/20 09:18:44 | 000,127,096 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/11/20 09:18:44 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/11/20 09:18:44 | 000,007,510 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011/11/20 09:18:44 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/21 10:32:06 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Tim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/11 10:04:18 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/05/10 10:05:27 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/10 10:05:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/10 10:05:27 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/10 10:05:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/10 10:05:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/19 13:44:55 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Ynegeburimuqujuz.dat
[2011/04/19 13:44:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Gyuroxosokar.bin
[2011/03/09 16:55:37 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/01/30 10:39:50 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/01/30 10:39:47 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/01/30 10:39:47 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/10/28 00:26:32 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Tim\Local Settings\Application Data\fusioncache.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/06/24 12:23:22 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/05/23 11:43:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/04/30 21:02:00 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2008/11/08 14:14:11 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/11/08 13:59:54 | 000,066,482 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/07/26 08:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/12/28 10:35:09 | 000,015,496 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
[2007/11/12 11:06:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/24 00:53:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000005-00000000-00000002-00001102-00000002-80651102}.dat
[2007/10/24 00:53:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000002-00001102-00000002-80651102}.dat
[2007/10/24 00:30:51 | 000,000,128 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2007/10/24 00:30:50 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2007/10/24 00:30:50 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2007/10/24 00:30:37 | 000,179,669 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2007/10/24 00:30:37 | 000,164,044 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2007/10/24 00:30:37 | 000,113,373 | ---- | C] () -- C:\WINDOWS\System32\ctbasicw.dat
[2007/10/24 00:30:37 | 000,113,273 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2007/10/24 00:30:37 | 000,044,055 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2007/10/24 00:30:37 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2007/10/24 00:30:37 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/10/24 00:30:36 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2007/10/24 00:30:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2007/10/24 00:30:36 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2007/10/24 00:30:36 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007/10/24 00:04:21 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2007/10/24 00:04:21 | 000,012,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2007/10/24 00:04:15 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2007/10/24 00:04:15 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2007/10/24 00:02:50 | 000,015,121 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/10/23 23:17:08 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/10/23 21:24:00 | 000,015,435 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2007/10/23 21:23:24 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/10/23 21:19:34 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/10/23 21:08:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/10/23 21:03:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/10/23 13:57:08 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/10/23 13:54:21 | 000,270,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/17 00:07:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/03/27 10:45:22 | 000,038,567 | ---- | C] () -- C:\WINDOWS\System32\pcpbios.exe
[2007/03/27 10:45:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[2006/02/28 04:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 04:00:00 | 000,465,838 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 04:00:00 | 000,079,598 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 04:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 04:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/03/09 12:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

========== LOP Check ==========

[2011/03/09 15:19:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/11/17 10:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2011/03/09 11:59:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011/03/09 12:18:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJFax
[2011/03/09 15:24:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2011/12/12 10:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2011/08/09 10:00:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/03/09 15:24:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2010/09/29 10:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2011/01/31 22:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2010/10/27 13:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/07/15 16:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2011/08/09 10:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Canon
[2009/06/24 12:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\LPECommon
[2011/05/10 10:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\SPE
[2010/07/15 16:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Western Digital
[2010/03/03 10:13:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Windows Desktop Search
[2010/03/08 10:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Windows Search
[2011/11/24 16:05:01 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\MotoHelper MUM.job
[2011/12/15 16:05:03 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\MotoHelper Routing.job
[2011/12/13 16:05:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\MotoHelper Update.job
[2011/12/17 10:19:57 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

========== Purity Check ==========

< End of report >

#3
Nedklaw

Posted 17 December 2011 - 04:10 PM

Trusted Helper

Malware Removal
1,652 posts

Hello, WWhermit! :wave:

I'm Nedklaw and I'll be glad to help you with your malware issues.

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

These instructions are specifically designed for WWhermit only. No one else should follow these instructions because it can cause serious damage to your computer.

Before we start to clean your computer of malware, please read through the following points to help me and you, and prevent damage to your computer:

Please completely read through all of the instructions given to you before attempting to follow them. Reading too lightly will cause you to miss important steps, which could have DESTRUCTIVE effects. If you can't perform a certain step or you are unsure about what to do, let me know!
Don't be afraid to ask questions! If you are unsure about anything, ask me! No question is considered stupid here!
Be patient with me, logs can take some time to research and my life can mean that I'm busy.
Please copy and paste all logs into your reply. Do not attach logs to a post unless I tell you to or if they don't fit in the post.
If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
NEVER fix anything in OTL or other programs on your own! This can be very dangerous and cause harm to your system.
Refrain from running any other tools apart from the ones I tell you to.

Note: You should save or print out my instructions for easy reference, as part of the fix may be in Safe Mode and you won't be able to access GeeksToGo.

I am currently reviewing your log and I will post back soon.
Whilst I am doing this could you please perform the following steps:

Step 1

Download aswMBR.exe (1.8mb) to your desktop.

Double click aswMBR.exe to run it.

Click the "Scan" button to start the scan.

Posted Image

On completion of the scan click save log, save it to your desktop and post it in your next reply.

Posted Image

Step 2

Do the following:
Start -> Run.
type diskmgmt.msc.
Click "OK".

Disk Management will open.

Click and hold the right side of the Disk Management Window and drag it to the right until you can see all the columns.

Take a screenshot of the Disk Management Window and attach the screen shot to your reply.

Things I want to see in your next reply

aswMBR.txt
A screenshot of the Disk Management Window

#4
WWhermit

Posted 18 December 2011 - 12:59 PM

Member

Topic Starter
Member
35 posts

OK, a little computer drama while doing the tasks. The aswMBR.exe downloaded fine, but would only run part way, then would crash. The error message that came up was: The instruction at “0x0053c3e7” referenced memory at “0xf6a80275”. The memory could not be “written”. Click on OK to terminate the program.

I tried 3 times to run, but would only get part way. I did manage to save a log:

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-18 10:40:03
-----------------------------
10:40:03.203 OS Version: Windows 5.1.2600 Service Pack 3
10:40:03.203 Number of processors: 2 586 0xF0B
10:40:03.203 ComputerName: SYLVIA UserName: Tim
10:40:06.171 Initialize success
10:40:20.984 AVAST engine defs: 11121800
10:40:24.000 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:40:24.000 Disk 0 Vendor: WDC_WD1600AAJS-08PSA0 05.06H05 Size: 152627MB BusType: 3
10:40:26.015 Disk 0 MBR read successfully
10:40:26.015 Disk 0 MBR scan
10:40:26.062 Disk 0 Windows XP default MBR code
10:40:26.062 Disk 0 scanning sectors +312560640
10:40:26.125 Disk 0 scanning C:\WINDOWS\system32\drivers
10:40:36.125 Service scanning
10:40:37.234 Modules scanning
10:40:42.546 Disk 0 trace - called modules:
10:40:42.562
10:40:43.328 AVAST engine scan C:\WINDOWS
10:40:57.843 AVAST engine scan C:\WINDOWS\system32
10:42:12.203 AVAST engine scan C:\WINDOWS\system32\drivers
10:42:22.187 AVAST engine scan C:\Documents and Settings\Tim
10:46:38.765 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Tim\Desktop\MBR.dat"
10:46:38.796 The log file has been saved successfully to "C:\Documents and Settings\Tim\Desktop\aswMBR.txt"

Next was the screenshot of diskmgmt.msc. Either I couldn't find where the image was stored, or I the "Print Screen" button was not working, but I did snap a picture with my camera for you:

Posted Image

Hope this helps at least a bit.

WWhermit

#5
Nedklaw

Posted 19 December 2011 - 04:18 PM

Trusted Helper

Malware Removal
1,652 posts

Hi.

Do you still experience rebooting and Norton being turned off and giving warnings?

Step 1

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2

Ensure all Firefox windows are closed.
To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
When prompted to run the scan, click Yes.
GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

Step 2

Run OTL.

Under the Custom Scans/Fixes box at the bottom, paste in the following:

:OTL 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D86314B6-76A1-403C-9441-31A44CBC6F1C}: C:\Documents and Settings\Tim\Local Settings\Application Data\{D86314B6-76A1-403C-9441-31A44CBC6F1C} [2011/04/19 13:44:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3B436346-F3D1-4125-BD76-1F1FD537F238}: C:\Documents and Settings\Sylbasia\Local Settings\Application Data\{3B436346-F3D1-4125-BD76-1F1FD537F238} [2011/04/19 13:51:59 | 000,000,000 | ---D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
[2011/04/19 13:44:55 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Ynegeburimuqujuz.dat
[2011/04/19 13:44:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Gyuroxosokar.bin
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] 

:Files
ipconfig /flushdns /c

:Commands 
[purity] 
[resethosts] 
[emptytemp] 
[EMPTYFLASH]
[CREATERESTOREPOINT] 
[Reboot]

Then click the Run Fix button at the top.
Let the program run unhindered, reboot the PC when it is done.
Post the log that appears upon reboot in your next reply.
Open OTL again and select the "Scan All Users" box.
Click the Quick Scan button. Post the log it produces in your next reply.

Things I want to see in your next reply

GooredFix.txt
OTL Fix Log
OTL.txt

#6
WWhermit

Posted 20 December 2011 - 11:48 AM

Member

Topic Starter
Member
35 posts

OK, here we go. Yes, I still had problems with rebooting before this set of instructions. All tasks were completed successfully.

1. GooredFix.txt here:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 09:17 on 20/12/2011 (Tim)
Firefox version [Unable to determine]

========== GooredScan ==========

Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{D86314B6-76A1-403C-9441-31A44CBC6F1C} -> Success!
Deleting C:\Documents and Settings\Tim\Local Settings\Application Data\{D86314B6-76A1-403C-9441-31A44CBC6F1C} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{3B436346-F3D1-4125-BD76-1F1FD537F238} -> Success!
Deleting C:\Documents and Settings\Sylbasia\Local Settings\Application Data\{3B436346-F3D1-4125-BD76-1F1FD537F238} -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [17:53 02/08/2009]
"[email protected]"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [19:04 23/01/2010]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\" [17:21 20/11/2011]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\" [17:00 20/12/2011]

-=E.O.F=-

2. OTL Fix Log here:

All processes killed
========== OTL ==========
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D86314B6-76A1-403C-9441-31A44CBC6F1C}: C:\Documents and Settings\Tim\Local Settings\Application Data\{D86314B6-76A1-403C-9441-31A44CBC6F1C} not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3B436346-F3D1-4125-BD76-1F1FD537F238}: C:\Documents and Settings\Sylbasia\Local Settings\Application Data\{3B436346-F3D1-4125-BD76-1F1FD537F238} not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\Ynegeburimuqujuz.dat moved successfully.
C:\WINDOWS\Gyuroxosokar.bin moved successfully.
C:\WINDOWS\003065_.tmp deleted successfully.
C:\WINDOWS\SET29.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Tim\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Tim\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 3260550 bytes
->Flash cache emptied: 42575 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 20199518 bytes
->Java cache emptied: 11 bytes
->Flash cache emptied: 52941 bytes

User: Sylbasia
->Temp folder emptied: 2826639 bytes
->Temporary Internet Files folder emptied: 115671592 bytes
->Java cache emptied: 3057227 bytes
->Flash cache emptied: 520 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33022 bytes
->Flash cache emptied: 0 bytes

User: Tim
->Temp folder emptied: 299090198 bytes
->Temporary Internet Files folder emptied: 1248801440 bytes
->Java cache emptied: 155873 bytes
->Flash cache emptied: 503 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 42268507 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 26511412 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 17465612 bytes

Total Files Cleaned = 1,697.00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Sylbasia
->Flash cache emptied: 0 bytes

User: TEMP
->Flash cache emptied: 0 bytes

User: Tim
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.31.0 log created on 12202011_091850

Files\Folders moved on Reboot...
C:\Documents and Settings\Tim\Local Settings\Temp\~DF8B47.tmp moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temp\~DF8B61.tmp moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temp\~DF8BE5.tmp moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temp\~DF8BFD.tmp moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\Content.IE5\SI4OQ81B\ads[2].htm moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\Content.IE5\GKHY9R1Y\311610-computer-rebooting-antivirus-gets-disabled[1].htm moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\Content.IE5\GKHY9R1Y\ads[4].htm moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\Content.IE5\84IXLN4K\ads[3].htm moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\Content.IE5\84IXLN4K\ads[4].htm moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\Content.IE5\6OB7W8QV\fastbutton[1].htm moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\Content.IE5\6OB7W8QV\iframe[1].htm moved successfully.
C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_c0.dat moved successfully.

Registry entries deleted on Reboot...

3. OTL.txt here:

OTL logfile created on: 12/20/2011 9:38:33 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Tim\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 65.30% Memory free
3.85 Gb Paging File | 3.18 Gb Available in Paging File | 82.71% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 56.64 Gb Total Space | 18.75 Gb Free Space | 33.10% Space Free | Partition Type: NTFS
Drive E: | 92.40 Gb Total Space | 85.12 Gb Free Space | 92.12% Space Free | Partition Type: NTFS

Computer Name: SYLVIA | User Name: Tim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/17 10:41:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
PRC - [2011/08/10 12:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe
PRC - [2010/09/07 08:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2010/09/07 08:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2009/10/14 13:31:02 | 000,098,304 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008/10/09 06:07:56 | 000,107,912 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/08/14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/07/26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/28 19:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/04/09 13:49:00 | 001,423,360 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
PRC - [2002/07/02 16:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE

========== Modules (No Company Name) ==========

MOD - [2011/10/13 08:20:49 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2011/10/13 08:20:48 | 003,182,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/10/13 08:20:47 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2011/10/13 08:20:44 | 004,550,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2011/10/13 08:20:42 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/10/13 08:20:38 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/09/07 08:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
MOD - [2010/09/07 08:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2008/10/09 06:07:56 | 000,107,912 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2008/08/14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
MOD - [2008/07/26 08:24:04 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
MOD - [2007/04/09 13:49:00 | 001,423,360 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
MOD - [2006/11/10 02:25:38 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/08/10 12:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe -- (NIS)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/09/07 08:47:18 | 000,202,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2009/10/14 13:31:02 | 000,098,304 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2008/10/09 06:07:56 | 000,107,912 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/07/26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/11/28 19:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe -- (LiveUpdate Notice Service)
SRV - [2003/03/09 12:31:02 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - [2011/11/20 09:29:12 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111220.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/11/20 09:29:12 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/11/20 09:29:12 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111220.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/11/20 09:18:44 | 000,127,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/11/18 16:39:36 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111219.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/11/14 19:31:30 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111210.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/09 09:10:21 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/09/26 16:38:08 | 000,897,656 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMEFA.SYS -- (SymEFA)
DRV - [2011/08/08 15:38:11 | 000,132,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\ccSetx86.sys -- (ccSet_NIS)
DRV - [2011/08/02 18:22:10 | 000,566,904 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SRTSP.SYS -- (SRTSP)
DRV - [2011/08/02 18:22:10 | 000,031,864 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/07/25 18:18:39 | 000,387,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/07/25 18:18:35 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMDS.SYS -- (SymDS)
DRV - [2011/07/25 18:15:51 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\Ironx86.SYS -- (SymIRON)
DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/07/26 08:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/07/26 07:26:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/07/26 07:25:46 | 000,627,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/07/26 07:22:32 | 002,570,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2008/07/26 07:22:20 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008/04/13 10:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/03/24 03:20:24 | 000,046,208 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2007/03/15 06:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2007/01/23 14:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2006/10/18 11:12:16 | 000,012,664 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006/02/07 11:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2004/10/07 17:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/13 10:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002/07/24 12:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/19 09:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/07/19 09:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/19 09:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/19 09:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/07/19 09:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/07/19 09:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2001/08/17 11:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-448539723-854245398-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-448539723-854245398-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2011/11/20 09:32:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2011/12/20 09:36:15 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2011/12/20 09:18:55 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-448539723-854245398-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-448539723-854245398-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-448539723-854245398-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.72.0.cab (SysInfo Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.c...driveragent.cab (Driver Agent ActiveX Control)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67614F0A-0FCF-4948-BCD6-31DF117B9991}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/23 21:06:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/20 09:18:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/20 09:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tim\Desktop\GooredFix Backups
[2011/12/20 09:17:13 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\Tim\Desktop\GooredFix.exe
[2011/12/18 10:10:20 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Tim\Desktop\aswMBR.exe
[2011/12/17 10:41:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
[2011/12/16 12:05:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/12/15 09:19:21 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/12/14 09:35:53 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/12/14 09:34:10 | 000,463,080 | ---- | C] (CNET Download.com) -- C:\Documents and Settings\Tim\My Documents\cnet2_ComboFix_exe.exe
[2011/11/23 03:01:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2007/10/24 00:30:36 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

========== Files - Modified Within 30 Days ==========

[2011/12/20 09:37:07 | 003,374,149 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000002-00001102-00000002-80651102}.CDF
[2011/12/20 09:37:07 | 003,374,149 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000002-00001102-00000002-80651102}.BAK
[2011/12/20 09:36:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/20 09:36:19 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/12/20 09:36:15 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/20 09:35:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/20 09:24:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/20 09:18:55 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/12/20 09:17:13 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\Tim\Desktop\GooredFix.exe
[2011/12/19 11:53:11 | 000,025,296 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000005-00000000-00000002-00001102-00000002-80651102}.rfx
[2011/12/19 11:53:11 | 000,025,296 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000005-00000000-00000002-00001102-00000002-80651102}.rfx
[2011/12/19 11:53:11 | 000,016,516 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000002-80651102}.rfx
[2011/12/19 11:53:11 | 000,016,516 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000002-00001102-00000002-80651102}.rfx
[2011/12/19 11:53:11 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011/12/19 11:53:11 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2011/12/19 11:53:11 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000005-00000000-00000002-00001102-00000002-80651102}.dat
[2011/12/19 11:53:11 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000002-00001102-00000002-80651102}.dat
[2011/12/18 10:52:31 | 000,112,598 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\Screenshot.JPG
[2011/12/18 10:46:38 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\MBR.dat
[2011/12/18 10:10:29 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Tim\Desktop\aswMBR.exe
[2011/12/17 10:41:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
[2011/12/15 22:43:51 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Tim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/15 16:05:03 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\MotoHelper Routing.job
[2011/12/15 10:18:33 | 000,270,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 09:37:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/14 09:34:11 | 000,463,080 | ---- | M] (CNET Download.com) -- C:\Documents and Settings\Tim\My Documents\cnet2_ComboFix_exe.exe
[2011/12/13 16:05:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\MotoHelper Update.job
[2011/11/24 16:05:01 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\MotoHelper MUM.job

========== Files Created - No Company Name ==========

[2011/12/18 10:52:30 | 000,112,598 | ---- | C] () -- C:\Documents and Settings\Tim\Desktop\Screenshot.JPG
[2011/12/18 10:46:38 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Tim\Desktop\MBR.dat
[2011/07/21 10:32:06 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Tim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/11 10:04:18 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/05/10 10:05:27 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/10 10:05:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/10 10:05:27 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/10 10:05:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/10 10:05:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/03/09 16:55:37 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/01/30 10:39:50 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/01/30 10:39:47 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/01/30 10:39:47 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/10/28 00:26:32 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Tim\Local Settings\Application Data\fusioncache.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/06/24 12:23:22 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/05/23 11:43:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/04/30 21:02:00 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2008/11/08 14:14:11 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/11/08 13:59:54 | 000,066,482 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/07/26 08:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/12/28 10:35:09 | 000,015,496 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
[2007/11/12 11:06:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/24 00:53:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000005-00000000-00000002-00001102-00000002-80651102}.dat
[2007/10/24 00:53:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000002-00001102-00000002-80651102}.dat
[2007/10/24 00:30:51 | 000,000,128 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2007/10/24 00:30:50 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2007/10/24 00:30:50 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2007/10/24 00:30:37 | 000,179,669 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2007/10/24 00:30:37 | 000,164,044 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2007/10/24 00:30:37 | 000,113,373 | ---- | C] () -- C:\WINDOWS\System32\ctbasicw.dat
[2007/10/24 00:30:37 | 000,113,273 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2007/10/24 00:30:37 | 000,044,055 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2007/10/24 00:30:37 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2007/10/24 00:30:37 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/10/24 00:30:36 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2007/10/24 00:30:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2007/10/24 00:30:36 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2007/10/24 00:30:36 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007/10/24 00:04:21 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2007/10/24 00:04:21 | 000,012,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2007/10/24 00:04:15 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2007/10/24 00:04:15 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2007/10/24 00:02:50 | 000,015,121 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/10/23 23:17:08 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/10/23 21:24:00 | 000,015,435 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2007/10/23 21:23:24 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/10/23 21:19:34 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/10/23 21:08:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/10/23 21:03:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/10/23 13:57:08 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/10/23 13:54:21 | 000,270,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/17 00:07:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/03/27 10:45:22 | 000,038,567 | ---- | C] () -- C:\WINDOWS\System32\pcpbios.exe
[2007/03/27 10:45:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[2006/02/28 04:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 04:00:00 | 000,465,838 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 04:00:00 | 000,079,598 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 04:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 04:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/03/09 12:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

========== LOP Check ==========

[2011/03/09 15:19:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/11/17 10:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2011/03/09 11:59:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011/03/09 12:18:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJFax
[2011/03/09 15:24:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2011/12/12 10:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2011/08/09 10:00:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/03/09 15:24:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2010/09/29 10:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2011/01/31 22:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2010/10/27 13:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/07/15 16:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2008/12/27 10:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylbasia\Application Data\Leadertech
[2009/06/23 20:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylbasia\Application Data\LPECommon
[2011/10/03 09:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylbasia\Application Data\Tific
[2007/10/24 01:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylbasia\Application Data\Turbine
[2010/02/01 13:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylbasia\Application Data\Windows Desktop Search
[2010/02/01 13:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylbasia\Application Data\Windows Search
[2010/09/10 13:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEMP\Application Data\Windows Desktop Search
[2010/09/10 13:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEMP\Application Data\Windows Search
[2011/08/09 10:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Canon
[2009/06/24 12:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\LPECommon
[2011/05/10 10:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\SPE
[2010/07/15 16:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Western Digital
[2010/03/03 10:13:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Windows Desktop Search
[2010/03/08 10:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Windows Search
[2011/11/24 16:05:01 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\MotoHelper MUM.job
[2011/12/15 16:05:03 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\MotoHelper Routing.job
[2011/12/13 16:05:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\MotoHelper Update.job
[2011/12/20 09:36:19 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

========== Purity Check ==========

< End of report >

Now, is it fixed? The only way to verify that is to run the computer for a day or so and see if it reboots. It will do it several times when first starting up, then seems to stablize for a while. I will report back in 24 hours and let you know.

Thanks for the help so far! Hopefully this does the trick.

WWhermit

Edited by WWhermit, 20 December 2011 - 11:49 AM.

#7
WWhermit

Posted 20 December 2011 - 12:22 PM

Member

Topic Starter
Member
35 posts

Well, apparently the fix was not complete. My computer just randomly bebooted.

WWhermit

#8
Nedklaw

Posted 22 December 2011 - 03:07 PM

Trusted Helper

Malware Removal
1,652 posts

Hi.

Delete your current copy of ComboFix then perform the following instructions:

Download ComboFix from one of these locations and set the Save as type to All Files before saving it.

Link 1
Link 2
Link 3

IMPORTANT !!! You need to Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you are still unsure on how to do this, see here.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click Yes, to continue scanning for malware. Please be patient and don't use the PC whilst it is scanning.

When finished, it shall produce a log for you. Please copy & paste the contents of this log at C:\ComboFix.txt in your next reply.

Things I want to see in your next reply

ComboFix.txt

#9
WWhermit

Posted 22 December 2011 - 04:07 PM

Member

Topic Starter
Member
35 posts

ComboFix 11-12-22.04 - Tim 12/22/2011 13:35:02.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1441 [GMT -8:00]
Running from: c:\documents and settings\Tim\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Tim\Application Data\ntos.exe
c:\windows\bwUnin-8.1.1.50-8876480SL.exe
c:\windows\system32\oobe\isperror
c:\windows\system32\oobe\isperror\ispcnerr.htm
c:\windows\system32\oobe\isperror\ispdtone.htm
c:\windows\system32\oobe\isperror\isphdshk.htm
c:\windows\system32\oobe\isperror\ispins.htm
c:\windows\system32\oobe\isperror\ispnoanw.htm
c:\windows\system32\oobe\isperror\isppberr.htm
c:\windows\system32\oobe\isperror\ispphbsy.htm
c:\windows\system32\oobe\isperror\ispsbusy.htm
c:\windows\TEMP\logishrd\LVPrcInj02.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-11-22 to 2011-12-22 )))))))))))))))))))))))))))))))
.
.
2011-12-20 17:18 . 2011-12-20 17:18 -------- d-----w- C:\_OTL
2011-12-15 17:19 . 2011-12-15 17:19 -------- d-----w- C:\found.000
2011-11-23 11:01 . 2011-11-23 11:01 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:25 . 2006-02-28 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 17:18 . 2010-12-09 00:00 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-11-20 17:18 . 2010-12-09 00:00 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-11-16 17:27 . 2011-05-17 17:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:20 . 2006-02-28 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2006-02-28 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2006-02-28 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2006-02-28 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2006-02-28 12:00 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2006-02-28 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2006-02-28 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-03 22:59 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2006-02-28 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2007-10-24 05:04 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2006-02-28 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-27 00:38 . 2011-11-20 17:29 897656 ----a-w- c:\windows\system32\drivers\NIS\1302000.00A\symefa.sys
2011-09-26 18:41 . 2008-07-30 02:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41 . 2006-02-28 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41 . 2006-02-28 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-10_18.32.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-19 05:51 . 2011-04-19 05:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_214ee422\vcomp90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90rus.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90kor.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90jpn.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90ita.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90fra.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esp.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esn.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90enu.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90deu.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90cht.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90chs.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90u.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90.dll
+ 2011-05-14 03:17 . 2011-05-14 03:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
- 2005-09-23 09:35 . 2005-09-23 09:35 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
+ 2005-09-23 08:35 . 2005-09-23 08:35 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
- 2005-09-23 08:58 . 2005-09-23 08:58 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
- 2005-09-23 08:58 . 2005-09-23 08:58 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
- 2005-09-23 08:58 . 2005-09-23 08:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
- 2005-09-23 08:58 . 2005-09-23 08:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
- 2005-09-23 08:58 . 2005-09-23 08:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
- 2005-09-23 08:58 . 2005-09-23 08:58 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
- 2005-09-23 08:58 . 2005-09-23 08:58 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
- 2005-09-23 08:58 . 2005-09-23 08:58 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
- 2005-09-23 08:58 . 2005-09-23 08:58 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2011-05-14 08:06 . 2011-05-14 08:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-14 08:23 . 2011-05-14 08:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
- 2005-09-23 09:16 . 2005-09-23 09:16 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2005-09-23 08:16 . 2005-09-23 08:16 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
- 2005-09-23 09:16 . 2005-09-23 09:16 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2005-09-23 08:16 . 2005-09-23 08:16 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2011-05-14 01:37 . 2011-05-14 01:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2011-12-22 21:41 . 2011-12-22 21:41 16384 c:\windows\Temp\Perflib_Perfdata_7cc.dat
- 2007-07-18 12:42 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2007-07-18 12:42 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
+ 2006-02-28 12:00 . 2011-11-06 22:01 79598 c:\windows\system32\perfc009.dat
+ 2006-02-28 12:00 . 2011-11-04 19:20 66560 c:\windows\system32\mshtmled.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 66560 c:\windows\system32\mshtmled.dll
- 2007-08-14 01:54 . 2011-02-22 23:06 55296 c:\windows\system32\msfeedsbs.dll
+ 2007-08-14 01:54 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 25600 c:\windows\system32\jsproxy.dll
+ 2011-11-20 17:29 . 2011-08-03 02:22 31864 c:\windows\system32\drivers\NIS\1302000.00A\srtspx.sys
+ 2006-02-28 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
+ 2011-03-23 17:10 . 2011-09-01 00:00 22216 c:\windows\system32\drivers\mbam.sys
- 2009-06-11 16:38 . 2011-02-22 23:06 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-06-11 16:38 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll
- 2006-02-28 12:00 . 2009-10-08 22:56 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2006-02-28 12:00 . 2011-09-26 18:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2011-08-11 17:09 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
- 2006-02-28 12:00 . 2011-02-22 23:06 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2007-10-24 06:29 . 2011-02-22 23:06 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-10-24 06:29 . 2011-11-04 19:20 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-12-14 07:08 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2009-12-14 07:08 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-12-22 00:09 . 2011-12-22 08:17 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-10-24 05:09 . 2011-05-08 19:18 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-10-24 05:09 . 2011-05-08 19:18 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2007-10-24 05:09 . 2011-12-22 08:17 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-07-19 18:09 . 2011-12-22 08:17 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2007-10-24 05:09 . 2011-05-08 19:18 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-07-08 21:00 . 2011-07-08 21:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-07-07 19:04 . 2011-07-07 19:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-07-07 19:04 . 2011-07-07 19:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-07-07 19:03 . 2011-07-07 19:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-07-07 20:09 . 2011-07-07 20:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-09-23 10:17 . 2010-09-23 10:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-09-23 10:17 . 2010-09-23 10:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-07-07 20:09 . 2011-07-07 20:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-05-14 18:43 . 2011-05-14 18:43 30208 c:\windows\Installer\71000.msi
+ 2011-10-24 22:19 . 2011-10-24 22:19 22016 c:\windows\Installer\4efe4f.msi
+ 2011-07-21 19:43 . 2011-07-21 19:43 27648 c:\windows\Installer\2d02d.msp
- 2009-06-24 04:11 . 2009-06-24 04:11 45056 c:\windows\Installer\{BAA11826-70EF-4E44-9E97-8476793E022F}\LaunchpadEnhanced._8A97BFC2468646D9B73B2DD1F9EAA832.exe
+ 2011-06-07 23:58 . 2011-06-07 23:58 45056 c:\windows\Installer\{BAA11826-70EF-4E44-9E97-8476793E022F}\LaunchpadEnhanced._8A97BFC2468646D9B73B2DD1F9EAA832.exe
+ 2011-06-07 23:58 . 2011-06-07 23:58 45056 c:\windows\Installer\{BAA11826-70EF-4E44-9E97-8476793E022F}\LaunchpadEnhanced._3642BF459D6B4C6884D243D34F3321DA.exe
- 2009-06-24 04:11 . 2009-06-24 04:11 45056 c:\windows\Installer\{BAA11826-70EF-4E44-9E97-8476793E022F}\LaunchpadEnhanced._3642BF459D6B4C6884D243D34F3321DA.exe
+ 2011-06-07 23:58 . 2011-06-07 23:58 10134 c:\windows\Installer\{BAA11826-70EF-4E44-9E97-8476793E022F}\ARPPRODUCTICON.exe
- 2009-06-24 04:11 . 2009-06-24 04:11 10134 c:\windows\Installer\{BAA11826-70EF-4E44-9E97-8476793E022F}\ARPPRODUCTICON.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 90112 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 90112 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 45056 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 45056 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 22528 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 22528 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 30720 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 30720 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 16384 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 16384 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 34304 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 34304 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 81920 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 81920 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2010-06-04 16:59 . 2011-10-13 16:22 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-06-04 16:59 . 2011-03-17 18:14 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-05-27 16:53 . 2011-05-27 16:53 16832 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\ViewerPS.dll
+ 2011-05-27 21:52 . 2011-05-27 21:52 40368 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\reader_sl.exe
+ 2011-05-27 16:52 . 2011-05-27 16:52 67016 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\PDFPrevHndlrShim.exe
+ 2011-05-27 16:52 . 2011-05-27 16:52 83376 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\PDFPrevHndlr.dll
+ 2011-05-27 16:01 . 2011-05-27 16:01 95672 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\nppdf32.dll
+ 2011-05-27 16:10 . 2011-05-27 16:10 13752 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\AcroRd32Info.exe
+ 2011-05-27 15:24 . 2011-05-27 15:24 61888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\AcroIEHelper.dll
+ 2010-12-21 10:54 . 2010-12-21 10:54 93576 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ACCOLK.DLL
+ 2010-02-25 18:07 . 2010-02-25 18:07 49488 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VBAJET32.DLL
+ 2010-01-10 04:47 . 2010-01-10 04:47 29528 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\THOCRAPI.DLL
+ 2010-03-23 04:30 . 2010-03-23 04:30 40296 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\RECALL.DLL
+ 2010-02-28 09:22 . 2010-02-28 09:22 48504 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\PUBTRAP.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 82848 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\PEOPLEDATAHANDLER.DLL
+ 2010-03-23 17:57 . 2010-03-23 17:57 43352 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OUTLRPC.DLL
+ 2010-03-23 17:57 . 2010-03-23 17:57 30560 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OUTLACCT.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 15776 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OMUOPTINPS.DLL
+ 2010-02-28 09:13 . 2010-02-28 09:13 20880 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MUOPTIN.DLL
+ 2010-03-01 12:17 . 2010-03-01 12:17 14736 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSOCFUIU.DLL
+ 2010-01-11 02:48 . 2010-01-11 02:48 18832 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSOCFU.DLL
+ 2010-03-01 12:09 . 2010-03-01 12:09 61832 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSAEXP30.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 58232 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\EXP_XPS.DLL
+ 2010-03-23 04:29 . 2010-03-23 04:29 87408 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\DLGSETP.DLL
+ 2010-03-23 03:51 . 2010-03-23 03:51 44480 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACERCLR.DLL
+ 2010-02-28 11:33 . 2010-02-28 11:33 93576 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACCOLK.DLL
+ 2010-07-16 01:16 . 2010-07-16 01:16 11656 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACCESSPL.DLL
+ 2010-07-16 01:16 . 2010-07-16 01:16 11656 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACC12PL.DLL
+ 2011-12-15 17:36 . 2011-08-22 23:48 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 12800 c:\windows\ie8updates\KB2586448-IE8\xpshims.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 66560 c:\windows\ie8updates\KB2586448-IE8\mshtmled.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 55296 c:\windows\ie8updates\KB2586448-IE8\msfeedsbs.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 43520 c:\windows\ie8updates\KB2586448-IE8\licmgr10.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 25600 c:\windows\ie8updates\KB2586448-IE8\jsproxy.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 12800 c:\windows\ie8updates\KB2530548-IE8\xpshims.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 66560 c:\windows\ie8updates\KB2530548-IE8\mshtmled.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 55296 c:\windows\ie8updates\KB2530548-IE8\msfeedsbs.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 43520 c:\windows\ie8updates\KB2530548-IE8\licmgr10.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 25600 c:\windows\ie8updates\KB2530548-IE8\jsproxy.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 62392 c:\windows\assembly\tmp\STINSPMJ\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 32688 c:\windows\assembly\tmp\SHEJGLIF\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 41408 c:\windows\assembly\tmp\SDI789E7\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 24496 c:\windows\assembly\tmp\S5YZOLI7\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 77752 c:\windows\assembly\tmp\S1UVK9AR\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 63408 c:\windows\assembly\tmp\OXURW1UN\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 83896 c:\windows\assembly\tmp\OD2B452Z\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 23976 c:\windows\assembly\tmp\O1UNSXMJ\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 11656 c:\windows\assembly\tmp\CXYNK9IB\Policy.12.0.Microsoft.Office.Interop.Access.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 35256 c:\windows\assembly\tmp\81IBC1M3\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 11656 c:\windows\assembly\tmp\0PIFCTI7\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 41408 c:\windows\assembly\tmp\052749E7\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f8b95d69\System.Drawing.Design.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_3b397b5a\CustomMarshalers.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\888b745ca99d39692c2e9af222e5eae8\UIAutomationProvider.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\6c334564da041df8fb75415f2d503224\System.Windows.Presentation.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a54a122f1070ab71931dd9679ddd8e90\System.Web.DynamicData.Design.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll
+ 2011-10-13 16:22 . 2011-10-13 16:22 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\66873b557d5c7013e4c630361473b0c2\PresentationFontCache.ni.exe
+ 2011-10-13 16:21 . 2011-10-13 16:21 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5b30652a7b802199984f93b5e414260f\PresentationCFFRasterizer.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\eaa8d72317e5b8047e413939cc71ffba\Microsoft.Vsa.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f56fa961accf8b6c7d9ab47c3c467dc2\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\cbf0bf00b8fb72ad80ca1c20fd73a224\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\cbd15cbb5eacaf606d052b4267e97640\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b98ee6317d6fd485c7a22abdb520a2b8\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\892d03284e9e3e7dc3f902b702169f29\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\779bdfba4d94de16bbda0cf353af1d28\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\7106aefbb0fb707283b37d9cedc30461\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\710038107829842461d82b979e8bca6e\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\586591c3074fab256425b22aaf86ec39\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\46d1d2e105ca9a4e833077305feda17c\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 51712 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4403bfde9f098294efb181bca6f484ff\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\38c7bec5a6f041476b1e473af4f00604\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\21bd613b56fb6841b9773e58c947072d\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 84992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1ba169c1c409902306b0a3a6b3613350\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\081e37557930a13004b9c19ecc431c8b\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 86016 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\00644c987f4c50e9234a142f3f8ab19f\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9855d3fb15e6c63a811b1f0b66d78428\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7618f444d33b1311e952ba9285e4a4b2\Microsoft.PowerShell.Security.resources.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1b23e2c0707d81e7eb14f78552562635\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\05bbffbe100ede49139819641a41dfda\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2011-10-13 16:45 . 2011-10-13 16:45 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\02af0ddfacf0bfcbc95058e324bf09e7\Microsoft.Office.InfoPath.Permission.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\ipdmctrl\84d2a811b7c0329e2bdbbf2526757fbc\ipdmctrl.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe
+ 2011-10-13 16:44 . 2011-10-13 16:44 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-07-16 01:16 . 2010-07-16 01:16 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Access.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Access.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
- 2010-07-16 01:16 . 2010-07-16 01:16 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 83896 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 41408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 63408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 77752 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 23976 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 62392 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 32688 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 35256 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 24496 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 41408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-07 19:03 . 2010-10-07 19:03 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-24 23:38 . 2010-11-03 13:12 46080 c:\windows\$NtUninstallKB2570791$\tzchange.exe
+ 2011-08-24 23:38 . 2011-07-09 00:32 16896 c:\windows\$NtUninstallKB2570791$\spuninst\tzchange.dll
+ 2011-08-11 19:08 . 2008-04-13 18:57 10112 c:\windows\$NtUninstallKB2566454$\ndistapi.sys
+ 2011-10-13 16:21 . 2009-10-08 22:56 20480 c:\windows\$NtUninstallKB2564958$\oleaccrc.dll
+ 2011-07-13 17:25 . 2010-12-09 14:30 33280 c:\windows\$NtUninstallKB2507938$\csrsrv.dll
+ 2011-11-11 08:22 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2641690\update\spcustom.dll
+ 2011-11-11 08:22 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2641690\spmsg.dll
+ 2011-09-15 18:21 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2616676\update\spcustom.dll
+ 2011-09-15 18:21 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2616676\spmsg.dll
+ 2011-09-06 22:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2607712\update\spcustom.dll
+ 2011-09-06 22:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2607712\spmsg.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2592799\update\spcustom.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2592799\spmsg.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2586448-IE8\update\spcustom.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2586448-IE8\spmsg.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 12800 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\xpshims.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 66560 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtmled.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 55296 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\msfeedsbs.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 43520 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\licmgr10.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 25600 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\jsproxy.dll
+ 2011-09-15 18:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570947\update\spcustom.dll
+ 2011-09-15 18:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570947\spmsg.dll
+ 2011-08-11 19:10 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570222\update\spcustom.dll
+ 2011-08-11 19:10 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570222\spmsg.dll
+ 2011-08-11 19:11 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2567680\update\spcustom.dll
+ 2011-08-11 19:11 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2567680\spmsg.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2567053\update\spcustom.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2567053\spmsg.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2566454\update\spcustom.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2566454\spmsg.dll
+ 2011-08-11 17:09 . 2011-07-08 13:51 10496 c:\windows\$hf_mig$\KB2566454\SP3QFE\ndistapi.sys
+ 2011-08-11 19:08 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2562937\update\spcustom.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2562937\spmsg.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2559049-IE8\update\spcustom.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2559049-IE8\spmsg.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 12800 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\xpshims.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 66560 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtmled.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 55296 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeedsbs.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 43520 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\licmgr10.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 25600 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\jsproxy.dll
+ 2011-07-13 17:23 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2555917\update\spcustom.dll
+ 2011-07-13 17:23 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2555917\spmsg.dll
+ 2011-06-15 22:51 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893\update\spcustom.dll
+ 2011-06-15 22:51 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893\spmsg.dll
+ 2011-11-09 17:26 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893-v2\update\spcustom.dll
+ 2011-11-09 17:26 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893-v2\spmsg.dll
+ 2011-06-15 22:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544521-IE8\update\spcustom.dll
+ 2011-06-15 22:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544521-IE8\spmsg.dll
+ 2011-06-30 16:39 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2541763\update\spcustom.dll
+ 2011-06-30 16:39 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2541763\spmsg.dll
+ 2011-06-15 22:54 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276\update\spcustom.dll
+ 2011-06-15 22:54 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276\spmsg.dll
+ 2011-08-11 19:10 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276-v2\update\spcustom.dll
+ 2011-08-11 19:10 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276-v2\spmsg.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2535512\update\spcustom.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2535512\spmsg.dll
+ 2011-06-15 22:54 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2530548-IE8\update\spcustom.dll
+ 2011-06-15 22:54 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2530548-IE8\spmsg.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 12800 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\xpshims.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 66560 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtmled.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 55296 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeedsbs.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 43520 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\licmgr10.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 25600 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\jsproxy.dll
+ 2011-07-13 17:25 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll
+ 2011-07-13 17:25 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507938\spmsg.dll
+ 2011-04-26 11:02 . 2011-04-26 11:02 33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2503665\update\spcustom.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2503665\spmsg.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476490\spmsg.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2007-11-12 19:06 . 2011-06-15 22:59 3584 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 3584 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 8192 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 8192 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 2560 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 2560 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2011-04-14 20:06 . 2011-04-14 20:06 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcr90.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcp90.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcm90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_65b7a93a\atl90.dll
+ 2011-05-14 08:17 . 2011-05-14 08:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 08:12 . 2011-05-14 08:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 08:11 . 2011-05-14 08:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
- 2006-06-05 22:14 . 2006-06-05 22:14 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
+ 2006-06-05 21:14 . 2006-06-05 21:14 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
+ 2006-06-05 21:14 . 2006-06-05 21:14 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
- 2006-06-05 22:14 . 2006-06-05 22:14 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
+ 2006-06-05 21:14 . 2006-06-05 21:14 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
- 2006-06-05 22:14 . 2006-06-05 22:14 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
+ 2011-12-22 21:41 . 2008-07-26 16:25 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll
- 2006-02-28 12:00 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
+ 2006-02-28 12:00 . 2011-06-20 17:44 293376 c:\windows\system32\winsrv.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 105984 c:\windows\system32\url.dll
- 2006-02-28 12:00 . 2009-03-08 11:34 105984 c:\windows\system32\url.dll
+ 2006-02-28 12:00 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll
+ 2006-02-28 12:00 . 2011-11-06 22:01 465838 c:\windows\system32\perfh009.dat
- 2006-02-28 12:00 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll
+ 2006-02-28 12:00 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 206848 c:\windows\system32\occache.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 206848 c:\windows\system32\occache.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 611840 c:\windows\system32\mstime.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 611840 c:\windows\system32\mstime.dll
+ 2007-08-14 01:54 . 2011-11-04 19:20 602112 c:\windows\system32\msfeeds.dll
- 2007-08-14 01:54 . 2011-02-22 23:06 602112 c:\windows\system32\msfeeds.dll
+ 2011-11-16 17:27 . 2011-11-16 17:27 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
+ 2011-11-16 17:27 . 2011-11-16 17:27 335520 c:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.dll
+ 2011-10-26 16:58 . 2011-10-26 16:58 247968 c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe
- 2006-02-28 12:00 . 2011-02-22 23:06 184320 c:\windows\system32\iepeers.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 184320 c:\windows\system32\iepeers.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 387584 c:\windows\system32\iedkcs32.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 387584 c:\windows\system32\iedkcs32.dll
+ 2006-02-28 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
+ 2007-10-23 21:54 . 2011-12-15 18:18 270192 c:\windows\system32\FNTCACHE.DAT
- 2007-10-23 21:54 . 2011-04-15 17:20 270192 c:\windows\system32\FNTCACHE.DAT
+ 2007-10-24 05:02 . 2011-06-24 14:10 139656 c:\windows\system32\drivers\rdpwd.sys
- 2007-10-24 05:02 . 2008-04-14 00:13 139656 c:\windows\system32\drivers\rdpwd.sys
+ 2011-11-20 17:29 . 2011-07-26 02:18 344184 c:\windows\system32\drivers\NIS\1302000.00A\symtdiv.sys
+ 2011-11-20 17:29 . 2011-07-26 02:18 387192 c:\windows\system32\drivers\NIS\1302000.00A\symtdi.sys
+ 2011-11-20 17:29 . 2011-07-26 02:18 314488 c:\windows\system32\drivers\NIS\1302000.00A\symnets.sys
+ 2011-11-20 17:29 . 2011-07-26 02:18 340088 c:\windows\system32\drivers\NIS\1302000.00A\symds.sys
+ 2011-11-20 17:29 . 2011-08-03 02:22 566904 c:\windows\system32\drivers\NIS\1302000.00A\srtsp.sys
+ 2011-11-20 17:29 . 2011-07-26 02:15 149624 c:\windows\system32\drivers\NIS\1302000.00A\ironx86.sys
+ 2011-11-20 17:29 . 2011-08-08 23:38 132744 c:\windows\system32\drivers\NIS\1302000.00A\ccsetx86.sys
+ 2006-02-28 12:00 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
+ 2006-02-28 12:00 . 2011-07-15 13:29 456320 c:\windows\system32\drivers\mrxsmb.sys
- 2006-02-28 12:00 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys
+ 2006-02-28 12:00 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys
- 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2010-06-18 17:45 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 916992 c:\windows\system32\dllcache\wininet.dll
+ 2007-10-24 05:04 . 2011-04-30 03:01 758784 c:\windows\system32\dllcache\vgx.dll
- 2006-02-28 12:00 . 2009-03-08 11:34 105984 c:\windows\system32\dllcache\url.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 105984 c:\windows\system32\dllcache\url.dll
+ 2008-12-05 06:54 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll
+ 2011-08-11 17:10 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys
+ 2010-12-20 17:32 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
- 2006-02-28 12:00 . 2009-10-08 22:57 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2006-02-28 12:00 . 2011-09-26 18:41 220160 c:\windows\system32\dllcache\oleacc.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 206848 c:\windows\system32\dllcache\occache.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 206848 c:\windows\system32\dllcache\occache.dll
+ 2011-06-15 22:00 . 2011-04-21 13:37 105472 c:\windows\system32\dllcache\mup.sys
+ 2006-02-28 12:00 . 2011-11-04 19:20 611840 c:\windows\system32\dllcache\mstime.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-10-24 06:29 . 2011-11-04 19:20 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2007-10-24 06:29 . 2011-02-22 23:06 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-11-12 16:53 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-08-14 16:24 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2008-08-14 16:24 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-06-11 16:38 . 2011-11-04 19:20 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-06-11 16:38 . 2011-02-22 23:06 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 184320 c:\windows\system32\dllcache\iepeers.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-06-10 17:26 . 2011-02-22 23:06 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-10 17:26 . 2011-11-04 19:20 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2006-02-28 12:00 . 2011-02-22 23:06 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2006-02-28 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2011-02-09 13:53 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
+ 2011-09-03 10:17 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
- 2008-06-20 11:40 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys
+ 2008-06-20 11:40 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
- 2011-01-18 11:39 . 2011-01-18 11:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-03-25 13:15 . 2011-03-25 13:15 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2011-01-18 11:39 . 2011-01-18 11:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2011-01-18 11:39 . 2011-01-18 11:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 19:04 . 2011-07-07 19:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 09:25 . 2010-09-23 09:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-07-07 19:01 . 2011-07-07 19:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-07-07 20:09 . 2011-07-07 20:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-06-15 22:57 . 2011-06-15 22:57 223744 c:\windows\Installer\8f00bd.msi
+ 2011-03-18 01:19 . 2011-03-18 01:19 304128 c:\windows\Installer\8f009e.msp
+ 2011-06-15 22:51 . 2011-06-15 22:51 467456 c:\windows\Installer\8f006c.msi
+ 2011-06-07 23:58 . 2011-06-07 23:58 400384 c:\windows\Installer\5331b.msi
+ 2011-10-27 06:46 . 2011-10-27 06:46 794112 c:\windows\Installer\362c5.msp
+ 2011-06-28 18:39 . 2011-06-28 18:39 331264 c:\windows\Installer\2dba0.msi
+ 2011-06-20 06:33 . 2011-06-20 06:33 407552 c:\windows\Installer\2d017.msp
+ 2011-08-22 06:19 . 2011-08-22 06:19 133120 c:\windows\Installer\2cf5b.msp
+ 2011-04-29 04:27 . 2011-04-29 04:27 608768 c:\windows\Installer\2a98d.msp
+ 2011-10-27 07:23 . 2011-10-27 07:23 925696 c:\windows\Installer\2669e.msp
+ 2011-10-27 06:51 . 2011-10-27 06:51 592896 c:\windows\Installer\203595.msp
+ 2011-05-11 18:02 . 2011-05-11 18:02 223232 c:\windows\Installer\1b940b.msi
+ 2011-06-28 18:59 . 2011-06-28 18:59 213504 c:\windows\Installer\164bc8.msi
+ 2011-10-04 17:37 . 2011-10-04 17:38 295606 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A83000000003}\SC_Reader.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 114688 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 114688 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2007-11-12 19:06 . 2011-04-14 20:08 167936 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2007-11-12 19:06 . 2011-06-15 22:59 167936 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2011-11-23 11:00 . 2011-11-23 11:00 571232 c:\windows\Installer\{90140000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2010-07-16 01:24 . 2010-07-16 01:24 571232 c:\windows\Installer\{90140000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2011-05-27 16:06 . 2011-05-27 16:06 372736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\pdfshell.dll
+ 2011-05-27 15:20 . 2011-05-27 15:20 140728 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\AdobeUpdateCheck.exe
+ 2011-05-27 16:51 . 2011-05-27 16:51 738776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\AdobeCollabSync.exe
+ 2011-05-27 16:42 . 2011-05-27 16:42 112048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\AcroRdIF.dll
+ 2011-05-27 21:52 . 2011-05-27 21:52 345520 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\AcroRd32.exe
+ 2011-05-27 15:24 . 2011-05-27 15:24 632240 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\AcroPDF.dll
+ 2010-12-21 09:30 . 2010-12-21 09:30 579968 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\VPREVIEW.EXE
+ 2011-03-02 15:20 . 2011-03-02 15:20 169864 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\OARPMANY.EXE
+ 2010-10-20 21:35 . 2010-10-20 21:35 473952 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\MSOICONS.EXE
+ 2010-12-21 09:02 . 2010-12-21 09:02 501600 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\MSODCW.DLL
+ 2009-09-04 16:02 . 2009-09-04 16:02 591680 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\MSLID.DLL
+ 2010-10-23 02:56 . 2010-10-23 02:56 447872 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\LOBICLI.DLL
+ 2010-10-20 23:04 . 2010-10-20 23:04 178560 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\IETAG.DLL
+ 2010-10-20 20:50 . 2010-10-20 20:50 120160 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\FLTLDR.EXE
+ 2010-12-28 05:42 . 2010-12-28 05:42 105336 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\EXP_PDF.DLL
+ 2010-12-21 08:26 . 2010-12-21 08:26 525664 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\DWDCW20.DLL
+ 2010-02-28 10:13 . 2010-02-28 10:13 579968 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VPREVIEW.EXE
+ 2010-01-10 04:47 . 2010-01-10 04:47 133512 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\TWCUTCHR.DLL
+ 2010-02-28 09:18 . 2010-02-28 09:18 105344 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\TRANSMGR.DLL
+ 2010-03-01 12:09 . 2010-03-01 12:09 524176 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\SOA.DLL
+ 2010-03-25 17:23 . 2010-03-25 17:23 203632 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\SHAREPOINTPROVIDER.DLL
+ 2010-02-28 09:13 . 2010-02-28 09:13 521616 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\SELFCERT.EXE
+ 2010-03-23 04:29 . 2010-03-23 04:29 340400 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\SCNPST64.DLL
+ 2010-03-23 04:30 . 2010-03-23 04:30 329640 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\SCNPST32.DLL
+ 2010-03-23 17:57 . 2010-03-23 17:57 415088 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\RTFHTML.DLL
+ 2010-03-01 11:56 . 2010-03-01 11:56 647552 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\PTXT9.DLL
+ 2010-03-23 04:30 . 2010-03-23 04:30 308584 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\PSTPRX32.DLL
+ 2010-02-28 09:22 . 2010-02-28 09:22 139136 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\PRTF9.DLL
+ 2010-03-23 17:57 . 2010-03-23 17:57 329104 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OUTLPH.DLL
+ 2010-03-23 04:30 . 2010-03-23 04:30 523656 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OUTLMIME.DLL
+ 2010-03-23 04:30 . 2010-03-23 04:30 122720 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OUTLCTL.DLL
+ 2010-02-28 11:41 . 2010-02-28 11:41 615800 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ONWORDADDIN.DLL
+ 2010-02-28 11:41 . 2010-02-28 11:41 560512 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ONPPTADDIN.DLL
+ 2010-03-30 03:26 . 2010-03-30 03:26 227712 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ONENOTEM.EXE
+ 2010-02-28 11:41 . 2010-02-28 11:41 533368 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ONBTTNWD.DLL
+ 2010-02-28 11:41 . 2010-02-28 11:41 533376 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ONBTTNPPT.DLL
+ 2010-03-01 12:19 . 2010-03-01 12:19 697728 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ONBTTNOL.DLL
+ 2010-03-01 11:53 . 2010-03-01 11:53 234384 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OMSXP32.DLL
+ 2010-03-01 11:53 . 2010-03-01 11:53 724352 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OMSMAIN.DLL
+ 2010-02-28 09:21 . 2010-02-28 09:21 259960 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OISGRAPH.DLL
+ 2010-02-28 09:21 . 2010-02-28 09:21 886640 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OISAPP.DLL
+ 2010-02-28 09:21 . 2010-02-28 09:21 274280 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OIS.EXE
+ 2010-02-28 09:09 . 2010-02-28 09:09 401784 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OFFXML.DLL
+ 2010-01-10 04:23 . 2010-01-10 04:23 169352 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OARPMANY.EXE
+ 2010-02-28 09:15 . 2010-02-28 09:15 702312 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSTORDB.EXE
+ 2010-03-30 04:47 . 2010-03-30 04:47 218464 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSPROOF6.DLL
+ 2010-03-16 09:58 . 2010-03-16 09:58 360824 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSOUC.EXE
+ 2010-03-16 09:58 . 2010-03-16 09:58 718208 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSOSYNC.EXE
+ 2010-03-25 03:28 . 2010-03-25 03:28 473952 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSOICONS.EXE
+ 2010-03-06 12:29 . 2010-03-06 12:29 501088 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSODCW.DLL
+ 2010-03-01 12:17 . 2010-03-01 12:17 152952 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSOCF.DLL
+ 2010-03-30 04:47 . 2010-03-30 04:47 787864 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSET7TKJP.DLL
+ 2010-03-30 04:47 . 2010-03-30 04:47 512392 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSET7TK.DLL
+ 2010-03-30 04:47 . 2010-03-30 04:47 543144 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSET7.DLL
+ 2010-03-01 11:56 . 2010-03-01 11:56 457104 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MORPH9.DLL
+ 2010-03-25 03:28 . 2010-03-25 03:28 571232 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MISC.EXE
+ 2010-03-23 04:29 . 2010-03-23 04:29 358240 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MIMEDIR.DLL
+ 2010-02-28 09:15 . 2010-02-28 09:15 698216 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MEDCAT.DLL
+ 2010-03-23 04:29 . 2010-03-23 04:29 272800 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MAPIPH.DLL
+ 2010-07-16 01:16 . 2010-07-16 01:16 427904 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\LOBITOOL.DLL
+ 2010-07-16 01:17 . 2010-07-16 01:17 169856 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\LOBITOIN.DLL
+ 2010-03-13 07:58 . 2010-03-13 07:58 960384 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\LOBIOBDR.DLL
+ 2010-07-16 01:16 . 2010-07-16 01:16 567168 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\LOBICLNT.DLL
+ 2010-03-13 07:58 . 2010-03-13 07:58 567168 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\LOBICLNR.DLL
+ 2010-03-13 21:54 . 2010-03-13 21:54 447872 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\LOBICLI.DLL
+ 2010-03-13 07:58 . 2010-03-13 07:58 518016 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\LOBIBDCR.DLL
+ 2010-03-30 03:45 . 2010-03-30 03:45 169352 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\IPOLK.DLL
+ 2010-03-23 04:30 . 2010-03-23 04:30 135016 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\IMPMAIL.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 178560 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\IETAG.DLL
+ 2010-02-28 11:41 . 2010-02-28 11:41 578472 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\IECONTENTSERVICE.EXE
+ 2010-03-25 04:17 . 2010-03-25 04:17 944008 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\GROOVEMN.EXE
+ 2010-02-04 11:41 . 2010-02-04 11:41 120160 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FLTLDR.EXE
+ 2010-02-25 18:07 . 2010-02-25 18:07 452936 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\EXPSRV.DLL
+ 2010-03-23 18:03 . 2010-03-23 18:03 104824 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\EXP_PDF.DLL
+ 2010-03-23 04:30 . 2010-03-23 04:30 155008 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ENVELOPE.DLL
+ 2010-03-23 04:30 . 2010-03-23 04:30 115584 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\EMABLT32.DLL
+ 2010-02-28 09:09 . 2010-02-28 09:09 519584 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\DWTRIG20.EXE
+ 2010-02-28 09:09 . 2010-02-28 09:09 526176 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\DWDCW20.DLL
+ 2010-03-23 17:57 . 2010-03-23 17:57 135032 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\CONTAB32.DLL
+ 2010-03-01 12:18 . 2010-03-01 12:18 397656 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\CDLMSO.DLL
+ 2010-01-19 03:59 . 2010-01-19 03:59 998776 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ASMAIN.DLL
+ 2010-01-19 03:59 . 2010-01-19 03:59 100280 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ASLTS.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 362904 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACEXBE.DLL
+ 2010-03-01 12:19 . 2010-03-01 12:19 247200 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACEWSS.DLL
+ 2010-03-23 17:54 . 2010-03-23 17:54 220560 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACETXT.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 527776 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACEREP.DLL
+ 2010-03-23 03:51 . 2010-03-23 03:51 329624 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACER3X.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 383904 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACEOLEDB.DLL
+ 2010-03-23 03:51 . 2010-03-23 03:51 278448 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACEODBC.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 643992 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACEEXCL.DLL
+ 2010-03-23 17:54 . 2010-03-23 17:54 334752 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACEEXCH.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 686504 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACEES.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 548792 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACEDAO.DLL
+ 2010-02-28 11:33 . 2010-02-28 11:33 164224 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACCWIZ.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 548792 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACACEDAO.DLL
+ 2010-02-13 13:25 . 2010-02-13 13:25 128384 c:\windows\Installer\$PatchCache$\Managed\00004109E60090400000000000F01FEC\14.0.4763\FPLACE.DLL
+ 2010-02-28 09:15 . 2010-02-28 09:15 991072 c:\windows\Installer\$PatchCache$\Managed\00004109010090400000000000F01FEC\14.0.4763\MSONSEXT.DLL
+ 2011-12-15 17:36 . 2011-08-22 23:48 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2011-12-15 17:36 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2011-12-15 17:36 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2011-12-15 17:36 . 2011-08-22 23:48 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2011-12-15 17:36 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2011-10-13 16:18 . 2011-06-23 18:36 916480 c:\windows\ie8updates\KB2586448-IE8\wininet.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 105984 c:\windows\ie8updates\KB2586448-IE8\url.dll
+ 2011-10-13 16:18 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe
+ 2011-10-13 16:18 . 2011-06-23 18:36 206848 c:\windows\ie8updates\KB2586448-IE8\occache.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 611840 c:\windows\ie8updates\KB2586448-IE8\mstime.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 602112 c:\windows\ie8updates\KB2586448-IE8\msfeeds.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 247808 c:\windows\ie8updates\KB2586448-IE8\ieproxy.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 184320 c:\windows\ie8updates\KB2586448-IE8\iepeers.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 743424 c:\windows\ie8updates\KB2586448-IE8\iedvtool.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 387584 c:\windows\ie8updates\KB2586448-IE8\iedkcs32.dll
+ 2011-10-13 16:18 . 2011-06-23 12:05 173568 c:\windows\ie8updates\KB2586448-IE8\ie4uinit.exe
+ 2011-08-11 19:08 . 2011-04-25 16:11 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll
+ 2011-08-11 19:08 . 2009-03-08 11:34 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll
+ 2011-08-11 19:08 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
+ 2011-08-11 19:08 . 2011-04-25 16:11 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
+ 2011-08-11 19:08 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
+ 2011-06-15 22:49 . 2009-03-08 11:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
+ 2011-06-15 22:49 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2011-06-15 22:49 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2011-06-15 22:54 . 2011-02-22 23:06 916480 c:\windows\ie8updates\KB2530548-IE8\wininet.dll
+ 2011-06-15 22:54 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2530548-IE8\spuninst\updspapi.dll
+ 2011-06-15 22:54 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2530548-IE8\spuninst\spuninst.exe
+ 2011-06-15 22:54 . 2011-02-22 23:06 206848 c:\windows\ie8updates\KB2530548-IE8\occache.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 611840 c:\windows\ie8updates\KB2530548-IE8\mstime.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 602112 c:\windows\ie8updates\KB2530548-IE8\msfeeds.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 247808 c:\windows\ie8updates\KB2530548-IE8\ieproxy.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 184320 c:\windows\ie8updates\KB2530548-IE8\iepeers.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 743424 c:\windows\ie8updates\KB2530548-IE8\iedvtool.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 387584 c:\windows\ie8updates\KB2530548-IE8\iedkcs32.dll
+ 2011-06-15 22:54 . 2011-02-18 11:49 173568 c:\windows\ie8updates\KB2530548-IE8\ie4uinit.exe
+ 2008-11-12 16:53 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-11-23 11:02 . 2011-11-23 11:02 427904 c:\windows\assembly\tmp\GH6F0TEZ\Microsoft.Office.BusinessApplications.Tools.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 153008 c:\windows\assembly\tmp\CLIFC9AV\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 169856 c:\windows\assembly\tmp\CLAFCHE3\Microsoft.Office.BusinessApplications.Tools.Intl.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 567168 c:\windows\assembly\tmp\8L67CDYV\Microsoft.Office.BusinessApplications.Runtime.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 193472 c:\windows\assembly\tmp\8HA70LYN\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 363936 c:\windows\assembly\tmp\496B45AV\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_88d1ae09\System.Drawing.dll
+ 2011-10-13 16:17 . 2011-10-13 16:17 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_73e0a697\System.Drawing.Design.dll
+ 2011-10-13 16:17 . 2011-10-13 16:17 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_17a1f08e\CustomMarshalers.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe
+ 2011-10-13 16:23 . 2011-10-13 16:23 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a2c1bb3c5b1447b398e72c56091ca571\WindowsFormsIntegration.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f102afdffdbe2565bcedb7fa0626b865\UIAutomationTypes.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\ba55240b7753047f8d1b03ef473bf74e\UIAutomationClient.ni.dll
+ 2011-10-13 17:09 . 2011-10-13 17:09 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3533d614ebecd4344efbee619dd11a74\System.Web.Routing.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d93514a764a83b18f6f3547b59cc8ae9\System.Web.Extensions.Design.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\93b5d1b77a74b76ac73cbf51ec871c01\System.Web.Entity.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d06a7d5872bbe85795f947f6c75d38c6\System.Web.Entity.Design.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ad0851438a18bf730d974c9b2f5f776a\System.Web.DynamicData.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\b2a84980f206431821d85d5155d5916f\System.Net.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\f36eded354122da9555a6c7cdbdb5431\System.Management.Instrumentation.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 160256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\5d6a0e02b8e1cff94d07d2507667edc7\System.Management.Automation.resources.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca06e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11cdd1c0d65428cd3505d3813d36638c\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3f179f373f31817a914b639a56cc0497\System.Data.Services.Design.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\fee1a48b769a8c4beb335ee5ce006091\System.Data.Entity.Design.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\b9d9ff5d03e90ede1116794f2c7dd6da\System.Data.DataSetExtensions.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3048737e9e3bf5173121a084337256bc\System.AddIn.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe
+ 2011-10-13 16:44 . 2011-10-13 16:44 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe
+ 2011-10-13 16:22 . 2011-10-13 16:22 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c2ebcc8d60422f224b4088f3d7a2ac1f\PresentationFramework.Luna.ni.dll
+ 2011-10-13 16:22 . 2011-10-13 16:22 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94cfc00ad448575bfb0e67c53b514cd5\PresentationFramework.Aero.ni.dll
+ 2011-10-13 16:22 . 2011-10-13 16:22 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\478d57d96f3d8d5fc15c7ac635a4a6a1\PresentationFramework.Classic.ni.dll
+ 2011-10-13 16:22 . 2011-10-13 16:22 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\23c5852ff8ed973ff9b63ce9ba7f91f0\PresentationFramework.Royale.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe
+ 2011-10-13 17:07 . 2011-10-13 17:07 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f8aff594f6f2921bd947927d24f12488\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f75a86591a5b9148185ff7f29cc92d1b\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 192000 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e0cc26f71d063854a76df30827fbd51e\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 337920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e018f495298c7e932a777009a4c70e79\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 365056 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bd6a0a542d90b9f0dee78153e214e774\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 664064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b93f2154d61a824040fc489dc0a61cbb\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a5868910ebb3469dd54b790121793a30\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 179200 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\93490d6bc508d17aa8ac99afdf1eeb6e\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 363008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\90d44357dfac528001940ec21ecf429b\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\7e757cf7a6824a225965d264c7521d59\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 112128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6eb568dffe76c0790c45056530aaa500\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 161792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6c50f04d344395f23a8bc4fd7d41e4c4\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 650240 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\689501ffa5b1f1d2a4025b73751b0953\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4c72441bb51ba9ba4c2af469bcd27ba2\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 622080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4566c7477fb3c01050267737da059f19\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3b8073fe91eadf2a670f83009d663c67\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 134144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2c884ec4c9a28f5bb8d2fe04202cff60\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 196608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\27618bde97993879ad4ff80eb912e671\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 617472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\20c49b2254e64ac71858e752a86a3066\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 303104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\20bfe9361e7d7f64c8d531c8760ea096\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1880ca8ad0f132cb8e0a683c54b0e66f\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 183808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\052598e95e8dec76d3e954cc5d8f044f\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fb17fceaa5465d6eeb15034a4bea2687\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9963fdc4d47bf168d55ffca06288c0b6\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\43b77700ad8d984224b12472318e02ec\Microsoft.PowerShell.Security.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1e71552b14add6b28ac6ad7897f3969d\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-10-13 16:45 . 2011-10-13 16:45 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\94fee35dec99cd25aed3668e7be2bc8f\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2011-10-13 16:45 . 2011-10-13 16:45 815616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\82cb865cd1da4f31fab81db2b2ab7fef\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\68ed4302550f9a73a35efaa184d5694d\Microsoft.Office.Tools.v9.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\54fa844b02cc606a4c25c7ef2411f5c2\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2011-10-13 16:45 . 2011-10-13 16:45 375808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\fc131a2a34e764b964ebf75a1c7cd536\Microsoft.Office.Interop.InfoPath.ni.dll
+ 2011-10-13 16:45 . 2011-10-13 16:45 206848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\af97a63f9934f2f16550edda7b06fc30\Microsoft.Office.InfoPath.Client.Internal.Host.Interop.ni.dll
+ 2011-10-13 16:45 . 2011-10-13 16:45 114688 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\9651efa72fdb37d4ae245feec649a85b\Microsoft.Office.InfoPath.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 268800 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\c4b36597480eb30b5eaf7d4920e5cdcb\Microsoft.Office.BusinessApplications.Diagnostics.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 343040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\6ffbd1eac4fb533e28e5808df3b1b2ef\Microsoft.BusinessData.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\47ff0720cb80a0fc0bbd15ddc3d12adc\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\dc278e1123086ae32fec8f7e9751db14\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe
+ 2011-10-13 16:44 . 2011-10-13 16:44 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-06-15 23:01 . 2011-10-13 16:20 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-10-07 19:05 . 2011-04-14 20:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 363936 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 193472 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 153008 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 427904 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.dll
- 2010-07-16 01:16 . 2010-07-16 01:16 427904 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 169856 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.Intl.dll
- 2010-07-16 01:17 . 2010-07-16 01:17 169856 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.Intl.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 567168 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Runtime.dll
- 2010-07-16 01:16 . 2010-07-16 01:16 567168 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Runtime.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-07-16 01:16 . 2010-07-16 01:16 518016 c:\windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\14.0.0.0__71e9bce111e9429c\Microsoft.SharePoint.BusinessData.Administration.Client.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 518016 c:\windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\14.0.0.0__71e9bce111e9429c\Microsoft.SharePoint.BusinessData.Administration.Client.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 964480 c:\windows\assembly\GAC_32\Microsoft.Office.BusinessData\14.0.0.0__71e9bce111e9429c\microsoft.office.businessdata.dll
+ 2011-11-11 08:22 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2641690$\spuninst\updspapi.dll
+ 2011-11-11 08:22 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2641690$\spuninst\spuninst.exe
+ 2011-11-11 08:22 . 2011-09-09 09:12 599040 c:\windows\$NtUninstallKB2641690$\crypt32.dll
+ 2011-09-15 18:21 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2616676$\spuninst\updspapi.dll
+ 2011-09-15 18:21 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2616676$\spuninst\spuninst.exe
+ 2011-09-15 18:21 . 2011-09-03 10:17 599040 c:\windows\$NtUninstallKB2616676$\crypt32.dll
+ 2011-09-06 22:01 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2607712$\spuninst\updspapi.dll
+ 2011-09-06 22:01 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2607712$\spuninst\spuninst.exe
+ 2011-09-06 22:01 . 2008-04-14 00:11 599040 c:\windows\$NtUninstallKB2607712$\crypt32.dll
+ 2011-10-13 16:18 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2592799$\spuninst\updspapi.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2592799$\spuninst\spuninst.exe
+ 2011-10-13 16:18 . 2011-02-16 13:22 138496 c:\windows\$NtUninstallKB2592799$\afd.sys
+ 2011-09-15 18:17 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570947$\spuninst\updspapi.dll
+ 2011-09-15 18:17 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570947$\spuninst\spuninst.exe
+ 2011-08-24 23:38 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570791$\spuninst\updspapi.dll
+ 2011-08-24 23:38 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570791$\spuninst\spuninst.exe
+ 2011-08-11 19:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570222$\spuninst\updspapi.dll
+ 2011-08-11 19:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570222$\spuninst\spuninst.exe
+ 2011-08-11 19:10 . 2008-04-14 00:13 139656 c:\windows\$NtUninstallKB2570222$\rdpwd.sys
+ 2011-08-11 19:11 . 2011-04-26 11:07 293376 c:\windows\$NtUninstallKB2567680$\winsrv.dll
+ 2011-08-11 19:11 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2567680$\spuninst\updspapi.dll
+ 2011-08-11 19:11 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2567680$\spuninst\spuninst.exe
+ 2011-10-13 16:18 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2567053$\spuninst\updspapi.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2567053$\spuninst\spuninst.exe
+ 2011-08-11 19:08 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2566454$\spuninst\updspapi.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2566454$\spuninst\spuninst.exe
+ 2011-10-13 16:21 . 2009-10-08 22:57 611328 c:\windows\$NtUninstallKB2564958$\uiautomationcore.dll
+ 2011-10-13 16:21 . 2011-08-12 20:51 382840 c:\windows\$NtUninstallKB2564958$\spuninst\updspapi.dll
+ 2011-10-13 16:21 . 2011-08-12 20:51 231288 c:\windows\$NtUninstallKB2564958$\spuninst\spuninst.exe
+ 2011-10-13 16:21 . 2009-10-08 22:57 220160 c:\windows\$NtUninstallKB2564958$\oleacc.dll
+ 2011-08-11 19:08 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2562937$\spuninst\updspapi.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2562937$\spuninst\spuninst.exe
+ 2011-07-13 17:23 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2555917$\spuninst\updspapi.dll
+ 2011-07-13 17:23 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2555917$\spuninst\spuninst.exe
+ 2011-06-15 22:51 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2544893$\spuninst\updspapi.dll
+ 2011-06-15 22:51 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2544893$\spuninst\spuninst.exe
+ 2011-06-15 22:51 . 2011-03-07 05:33 692736 c:\windows\$NtUninstallKB2544893$\inetcomm.dll
+ 2011-11-09 17:26 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2544893-v2$\spuninst\updspapi.dll
+ 2011-11-09 17:26 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe
+ 2011-11-09 17:26 . 2011-05-02 15:31 692736 c:\windows\$NtUninstallKB2544893-v2$\inetcomm.dll
+ 2011-06-30 16:39 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2541763$\spuninst\updspapi.dll
+ 2011-06-30 16:39 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2541763$\spuninst\spuninst.exe
+ 2011-06-30 16:39 . 2010-06-30 12:31 149504 c:\windows\$NtUninstallKB2541763$\schannel.dll
+ 2011-06-15 22:54 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2536276$\spuninst\updspapi.dll
+ 2011-06-15 22:54 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2536276$\spuninst\spuninst.exe
+ 2011-06-15 22:54 . 2011-02-17 13:18 455936 c:\windows\$NtUninstallKB2536276$\mrxsmb.sys
+ 2011-08-11 19:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2536276-v2$\spuninst\updspapi.dll
+ 2011-08-11 19:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe
+ 2011-08-11 19:10 . 2011-04-29 16:19 456320 c:\windows\$NtUninstallKB2536276-v2$\mrxsmb.sys
+ 2011-06-15 22:55 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2535512$\spuninst\updspapi.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2535512$\spuninst\spuninst.exe
+ 2011-06-15 22:55 . 2008-04-13 19:17 105344 c:\windows\$NtUninstallKB2535512$\mup.sys
+ 2011-07-13 17:25 . 2010-06-18 17:45 293376 c:\windows\$NtUninstallKB2507938$\winsrv.dll
+ 2011-07-13 17:25 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2507938$\spuninst\updspapi.dll
+ 2011-07-13 17:25 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2507938$\spuninst\spuninst.exe
+ 2011-06-15 22:55 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2503665$\spuninst\updspapi.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2503665$\spuninst\spuninst.exe
+ 2011-06-15 22:55 . 2008-10-16 14:43 138496 c:\windows\$NtUninstallKB2503665$\afd.sys
+ 2011-06-15 22:55 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2476490$\spuninst\updspapi.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2476490$\spuninst\spuninst.exe
+ 2011-06-15 22:55 . 2008-04-14 00:12 551936 c:\windows\$NtUninstallKB2476490$\oleaut32.dll
+ 2011-11-11 08:22 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2641690\update\updspapi.dll
+ 2011-11-11 08:22 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2641690\update\update.exe
+ 2011-11-11 08:22 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2641690\spuninst.exe
+ 2011-09-28 07:05 . 2011-09-28 07:05 599552 c:\windows\$hf_mig$\KB2641690\SP3QFE\crypt32.dll
+ 2011-09-15 18:21 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2616676\update\updspapi.dll
+ 2011-09-15 18:21 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2616676\update\update.exe
+ 2011-09-15 18:21 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2616676\spuninst.exe
+ 2011-09-09 09:11 . 2011-09-09 09:11 599552 c:\windows\$hf_mig$\KB2616676\SP3QFE\crypt32.dll
+ 2011-09-06 22:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2607712\update\updspapi.dll
+ 2011-09-06 22:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2607712\update\update.exe
+ 2011-09-06 22:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2607712\spuninst.exe
+ 2011-09-03 10:16 . 2011-09-03 10:16 599552 c:\windows\$hf_mig$\KB2607712\SP3QFE\crypt32.dll
+ 2011-10-13 16:18 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2592799\update\updspapi.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2592799\update\update.exe
+ 2011-10-13 16:18 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2592799\spuninst.exe
+ 2011-10-12 16:07 . 2011-08-17 13:41 138496 c:\windows\$hf_mig$\KB2592799\SP3QFE\afd.sys
+ 2011-10-13 16:18 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2586448-IE8\update\updspapi.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2586448-IE8\update\update.exe
+ 2011-10-13 16:18 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2586448-IE8\spuninst.exe
+ 2011-10-12 16:07 . 2011-08-22 23:47 919552 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 105984 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\url.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 206848 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\occache.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 611840 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mstime.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 602112 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\msfeeds.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 247808 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieproxy.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 184320 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iepeers.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 743424 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iedvtool.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 387584 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iedkcs32.dll
+ 2011-10-12 16:07 . 2011-08-22 11:52 174080 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ie4uinit.exe
+ 2011-09-15 18:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570947\update\updspapi.dll
+ 2011-09-15 18:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570947\update\update.exe
+ 2011-09-15 18:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570947\spuninst.exe
+ 2011-08-11 19:10 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570222\update\updspapi.dll
+ 2011-08-11 19:10 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570222\update\update.exe
+ 2011-08-11 19:10 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570222\spuninst.exe
+ 2011-08-11 17:10 . 2011-06-24 14:09 139656 c:\windows\$hf_mig$\KB2570222\SP3QFE\rdpwd.sys
+ 2011-08-11 19:11 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567680\update\updspapi.dll
+ 2011-08-11 19:11 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567680\update\update.exe
+ 2011-08-11 19:11 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567680\spuninst.exe
+ 2011-06-20 17:43 . 2011-06-20 17:43 293376 c:\windows\$hf_mig$\KB2567680\SP3QFE\winsrv.dll
+ 2011-10-13 16:18 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567053\update\updspapi.dll
+ 2011-10-13 16:18 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567053\update\update.exe
+ 2011-10-13 16:18 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567053\spuninst.exe
+ 2011-08-11 19:08 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2566454\update\updspapi.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2566454\update\update.exe
+ 2011-08-11 19:08 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2566454\spuninst.exe
+ 2011-08-11 19:08 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2562937\update\updspapi.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2562937\update\update.exe
+ 2011-08-11 19:08 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2562937\spuninst.exe
+ 2011-08-11 19:08 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2559049-IE8\update\updspapi.dll
+ 2011-08-11 19:08 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2559049-IE8\update\update.exe
+ 2011-08-11 19:08 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2559049-IE8\spuninst.exe
+ 2011-08-11 17:10 . 2011-06-23 18:33 919552 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 105984 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\url.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 206848 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\occache.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 611840 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mstime.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 602112 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeeds.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 247808 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieproxy.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 184320 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iepeers.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 743424 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedvtool.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 387584 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedkcs32.dll
+ 2011-08-11 17:10 . 2011-06-23 12:19 173568 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ie4uinit.exe
+ 2011-07-13 17:23 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll
+ 2011-07-13 17:23 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2555917\update\update.exe
+ 2011-07-13 17:23 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2555917\spuninst.exe
+ 2011-06-15 22:51 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893\update\updspapi.dll
+ 2011-06-15 22:51 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893\update\update.exe
+ 2011-06-15 22:51 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893\spuninst.exe
+ 2011-06-15 21:58 . 2011-05-02 15:30 692736 c:\windows\$hf_mig$\KB2544893\SP3QFE\inetcomm.dll
+ 2011-11-09 17:26 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893-v2\update\updspapi.dll
+ 2011-11-09 17:26 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893-v2\update\update.exe
+ 2011-11-09 17:26 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893-v2\spuninst.exe
+ 2011-10-10 14:21 . 2011-10-10 14:21 692736 c:\windows\$hf_mig$\KB2544893-v2\SP3QFE\inetcomm.dll
+ 2011-06-15 22:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544521-IE8\update\updspapi.dll
+ 2011-06-15 22:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544521-IE8\update\update.exe
+ 2011-06-15 22:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544521-IE8\spuninst.exe
+ 2011-06-15 21:58 . 2011-04-30 02:59 758784 c:\windows\$hf_mig$\KB2544521-IE8\SP3QFE\vgx.dll
+ 2011-06-30 16:39 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2541763\update\updspapi.dll
+ 2011-06-30 16:39 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2541763\update\update.exe
+ 2011-06-30 16:39 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2541763\spuninst.exe
+ 2011-04-29 17:23 . 2011-04-29 17:23 151552 c:\windows\$hf_mig$\KB2541763\SP3QFE\schannel.dll
+ 2011-06-15 22:54 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276\update\updspapi.dll
+ 2011-06-15 22:54 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276\update\update.exe
+ 2011-06-15 22:54 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276\spuninst.exe
+ 2011-06-15 21:59 . 2011-04-29 16:47 457856 c:\windows\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys
+ 2011-08-11 19:10 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276-v2\update\updspapi.dll
+ 2011-08-11 19:10 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276-v2\update\update.exe
+ 2011-08-11 19:10 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276-v2\spuninst.exe
+ 2011-08-11 17:10 . 2011-07-15 13:29 457856 c:\windows\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys
+ 2011-06-15 22:55 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2535512\update\updspapi.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2535512\update\update.exe
+ 2011-06-15 22:55 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2535512\spuninst.exe
+ 2011-06-15 22:00 . 2011-04-21 13:52 105472 c:\windows\$hf_mig$\KB2535512\SP3QFE\mup.sys
+ 2011-06-15 22:54 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2530548-IE8\update\updspapi.dll
+ 2011-06-15 22:54 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2530548-IE8\update\update.exe
+ 2011-06-15 22:54 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2530548-IE8\spuninst.exe
+ 2011-06-15 21:59 . 2011-04-25 16:09 919552 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 206848 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\occache.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 611840 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mstime.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 602112 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeeds.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 247808 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieproxy.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 184320 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iepeers.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 743424 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedvtool.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 387584 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedkcs32.dll
+ 2011-06-15 21:59 . 2011-04-25 11:37 173568 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ie4uinit.exe
+ 2011-07-13 17:25 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll
+ 2011-07-13 17:25 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507938\update\update.exe
+ 2011-07-13 17:25 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507938\spuninst.exe
+ 2011-04-26 11:02 . 2011-04-26 11:02 293376 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
+ 2011-06-15 22:55 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503665\update\updspapi.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503665\update\update.exe
+ 2011-06-15 22:55 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503665\spuninst.exe
+ 2011-06-15 22:00 . 2011-02-16 13:25 138496 c:\windows\$hf_mig$\KB2503665\SP3QFE\afd.sys
+ 2011-06-15 22:55 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
+ 2011-06-15 22:55 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
+ 2011-06-15 22:55 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
+ 2010-12-20 17:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 3780936 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfc90u.dll
+ 2011-01-11 17:59 . 2011-01-11 17:59 3766088 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfc90.dll
+ 2011-05-14 03:04 . 2011-05-14 03:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
+ 2011-05-14 03:04 . 2011-05-14 03:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
+ 2005-09-23 08:16 . 2005-09-23 08:16 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
- 2005-09-23 09:16 . 2005-09-23 09:16 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
- 2005-09-23 09:16 . 2005-09-23 09:16 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2005-09-23 08:16 . 2005-09-23 08:16 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 1212416 c:\windows\system32\urlmon.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 5978112 c:\windows\system32\mshtml.dll
+ 2007-08-14 01:34 . 2011-11-04 19:20 2000384 c:\windows\system32\iertutil.dll
+ 2010-10-20 20:44 . 2010-10-20 20:44 1207656 c:\windows\system32\FM20.DLL
+ 2008-10-17 13:56 . 2011-11-23 13:25 1859584 c:\windows\system32\dllcache\win32k.sys
+ 2006-02-28 12:00 . 2011-11-04 19:20 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2010-07-16 12:05 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
- 2008-10-17 13:56 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-17 13:56 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-17 13:56 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-10-17 13:56 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-17 13:56 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-10-17 13:56 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-17 13:56 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2008-10-17 13:56 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2006-02-28 12:00 . 2011-11-04 19:20 5978112 c:\windows\system32\dllcache\mshtml.dll
+ 2007-10-24 06:29 . 2011-11-04 19:20 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-11-11 07:09 . 2008-05-30 22:11 3850760 c:\windows\system32\D3DX9_38.dll
+ 2011-03-25 13:15 . 2011-03-25 13:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2008-07-25 18:17 . 2008-07-25 18:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-04-29 04:50 . 2011-04-29 04:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2010-03-23 12:32 . 2010-03-23 12:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-01-18 11:39 . 2011-01-18 11:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-07-08 20:59 . 2011-07-08 20:59 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-07-08 20:59 . 2011-07-08 20:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 19:02 . 2011-07-07 19:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 19:02 . 2011-07-07 19:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-07-08 20:59 . 2011-07-08 20:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-03-18 02:20 . 2011-03-18 02:20 1961984 c:\windows\Installer\8f00b5.msp
+ 2011-01-19 06:36 . 2011-01-19 06:36 2687488 c:\windows\Installer\8f0073.msp
+ 2011-05-02 07:06 . 2011-05-02 07:06 2705920 c:\windows\Installer\6fd294.msp
+ 2011-07-26 23:58 . 2011-07-26 23:58 3462144 c:\windows\Installer\6fd28c.msp
+ 2011-10-16 22:45 . 2011-10-16 22:45 4966912 c:\windows\Installer\3630c.msp
+ 2011-10-16 22:28 . 2011-10-16 22:28 1138688 c:\windows\Installer\362f5.msp
+ 2011-12-02 00:16 . 2011-12-02 00:16 3464704 c:\windows\Installer\362dd.msp
+ 2011-10-27 06:46 . 2011-10-27 06:46 1833472 c:\windows\Installer\362ad.msp
+ 2011-07-21 19:34 . 2011-07-21 19:34 3456000 c:\windows\Installer\2cfe7.msp
+ 2011-07-21 19:51 . 2011-07-21 19:51 9623040 c:\windows\Installer\2cfd0.msp
+ 2011-07-21 19:45 . 2011-07-21 19:45 3809792 c:\windows\Installer\2cfa0.msp
+ 2011-08-16 06:56 . 2011-08-16 06:56 3460096 c:\windows\Installer\2cf89.msp
+ 2011-07-21 19:41 . 2011-07-21 19:41 8413696 c:\windows\Installer\2cf72.msp
+ 2011-08-22 06:18 . 2011-08-22 06:18 1585152 c:\windows\Installer\2cf53.msp
+ 2011-10-22 23:21 . 2011-10-22 23:21 3463168 c:\windows\Installer\277a0.msp
+ 2011-10-27 06:45 . 2011-10-27 06:45 9177600 c:\windows\Installer\27789.msp
+ 2011-10-27 07:23 . 2011-10-27 07:23 8821760 c:\windows\Installer\266b5.msp
+ 2011-04-28 19:23 . 2011-04-28 19:23 9607680 c:\windows\Installer\1b941e.msp
+ 2011-04-29 04:26 . 2011-04-29 04:26 3994624 c:\windows\Installer\1620c39.msp
+ 2011-08-31 05:33 . 2011-08-31 05:33 3550208 c:\windows\Installer\11e285.msp
+ 2011-10-04 17:37 . 2011-10-04 17:37 4272128 c:\windows\Installer\11e209.msi
+ 2010-07-16 01:19 . 2011-12-15 21:56 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-07-16 01:19 . 2011-12-15 21:56 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe
- 2010-07-16 01:19 . 2011-04-14 20:08 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-05-27 15:22 . 2011-05-27 15:22 1953792 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\rt3d.dll
+ 2010-10-20 20:35 . 2010-10-20 20:35 1479520 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\XLICONS.EXE
+ 2010-10-20 20:45 . 2010-10-20 20:45 1199008 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\WKCONV.EXE
+ 2011-02-04 21:41 . 2011-02-04 21:41 2672456 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\VBE7.DLL
+ 2010-10-20 21:35 . 2010-10-20 21:35 3792736 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\PPTICO.EXE
+ 2011-04-07 05:09 . 2011-04-07 05:09 9701736 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\PPCORE.DLL
+ 2010-10-22 22:55 . 2010-10-22 22:55 2162024 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\POWERPNT.EXE
+ 2010-02-18 04:56 . 2010-02-18 04:56 1199008 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\WKCONV.EXE
+ 2010-02-25 18:07 . 2010-02-25 18:07 2672456 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VBE7.DLL
+ 2010-02-28 09:55 . 2010-02-28 09:55 1040736 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\UMOUTLOOKADDIN.DLL
+ 2010-03-01 12:07 . 2010-03-01 12:07 2831768 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\STSLIST.DLL
+ 2010-03-11 07:44 . 2010-03-11 07:44 1100664 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\SETUP.EXE
+ 2010-03-09 16:57 . 2010-03-09 16:57 2162024 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\POWERPNT.EXE
+ 2010-03-11 07:44 . 2010-03-11 07:44 5789544 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OSETUP.DLL
+ 2010-03-30 15:29 . 2010-03-30 15:29 1177968 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ONFILTER.DLL
+ 2010-03-30 15:29 . 2010-03-30 15:29 1676128 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ONENOTE.EXE
+ 2010-03-23 17:57 . 2010-03-23 17:57 3189120 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OLMAPI32.DLL
+ 2010-01-10 04:24 . 2010-01-10 04:24 3483000 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OIMG.DLL
+ 2010-01-11 02:48 . 2010-01-11 02:48 1647984 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OGL.DLL
+ 2010-02-28 09:19 . 2010-02-28 09:19 7277440 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OFFOWC.DLL
+ 2010-03-30 04:48 . 2010-03-30 04:48 6629808 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\NL7MODELS0011.DLL
+ 2010-03-30 04:48 . 2010-03-30 04:48 2460080 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\NL7LEXICONS0011.DLL
+ 2010-03-30 04:47 . 2010-03-30 04:47 7467440 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\NL7DATA0011.DLL
+ 2010-07-16 01:16 . 2010-07-16 01:16 1689472 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\LOBISYNC.DLL
+ 2010-03-30 15:36 . 2010-03-30 15:36 5496688 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\IPEDITOR.DLL
+ 2010-03-30 15:36 . 2010-03-30 15:36 5867896 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\IPDESIGN.DLL
+ 2010-03-30 15:36 . 2010-03-30 15:36 1734000 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\INFOPATH.EXE
+ 2010-03-13 05:45 . 2010-03-13 05:45 4299648 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\GRAPH.EXE
+ 2010-03-01 12:08 . 2010-03-01 12:08 1746280 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\GFX.DLL
+ 2010-02-21 00:20 . 2010-02-21 00:20 1207144 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FM20.DLL
+ 2010-01-19 03:59 . 2010-01-19 03:59 2182040 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ASSAPIFE.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 3049376 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACEWDAT.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 2193800 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACECORE.DLL
+ 2010-03-25 03:28 . 2010-03-25 03:28 1449312 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACCICONS.EXE
+ 2010-07-16 01:17 . 2010-07-16 01:17 1857400 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\ACCESS.DLL
+ 2011-12-15 17:36 . 2011-08-22 23:48 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2011-12-15 17:36 . 2011-10-03 08:35 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2011-12-15 17:36 . 2011-08-22 23:48 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 1212416 c:\windows\ie8updates\KB2586448-IE8\urlmon.dll
+ 2011-10-13 16:18 . 2011-07-25 15:17 5969920 c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 1991680 c:\windows\ie8updates\KB2586448-IE8\iertutil.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-08-11 19:08 . 2011-05-30 22:19 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
+ 2011-08-11 19:08 . 2011-04-25 16:11 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 1210880 c:\windows\ie8updates\KB2530548-IE8\urlmon.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 5962240 c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 1991680 c:\windows\ie8updates\KB2530548-IE8\iertutil.dll
- 2008-10-17 13:56 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-17 13:56 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-17 13:56 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-10-17 13:56 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-17 13:56 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-10-17 13:56 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-10-17 13:56 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-10-17 13:56 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-11-23 11:02 . 2011-11-23 11:02 1857400 c:\windows\assembly\tmp\8TEJOTQN\Microsoft.Office.Interop.Access.dll
+ 2011-11-23 11:02 . 2011-11-23 11:02 1689472 c:\windows\assembly\tmp\05A3WXUJ\Microsoft.Office.BusinessApplications.SyncServices.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_fa2a2d7c\System.dll
+ 2011-10-13 16:17 . 2011-10-13 16:17 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_9dd5bba2\System.dll
+ 2011-10-13 16:17 . 2011-10-13 16:17 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_857bd840\System.Xml.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_28935f16\System.Xml.dll
+ 2011-10-13 16:17 . 2011-10-13 16:17 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_c8ae3316\System.Windows.Forms.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_c5708a75\System.Windows.Forms.dll
+ 2011-10-13 16:17 . 2011-10-13 16:17 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_343977a8\System.Drawing.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_3f5c2bb1\System.Design.dll
+ 2011-10-13 16:17 . 2011-10-13 16:17 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_11d8142f\System.Design.dll
+ 2011-10-13 16:17 . 2011-10-13 16:17 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b91c7cc9\mscorlib.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_402212ae\mscorlib.dll
+ 2011-10-13 16:21 . 2011-10-13 16:21 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\55d4813580b1e5d268ff0564942cee9c\UIAutomationClientsideProviders.ni.dll
+ 2011-10-13 16:21 . 2011-10-13 16:21 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
+ 2011-10-13 17:09 . 2011-10-13 17:09 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\17902fdb0e0d3bc8b49bce693415fe7e\System.WorkflowServices.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f72c5f649951b0403e62bfab6c453e6f\System.Workflow.Runtime.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0aa4f4174204c93cc5181df4a6b2fb09\System.Workflow.ComponentModel.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\921629dc69a5a895101097c88ae67897\System.Workflow.Activities.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ccaf6bdd256a9b5079fedadcc8993327\System.Web.Extensions.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\10d7daa3d1e62a0e40587cdc707be93f\System.Speech.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9ec7da53380a754b4ad97709df0dd7e7\System.ServiceModel.Web.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\0f8e14bfdb27645fb1a92ce26f9bf521\System.Printing.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 4949504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\1a32e7ce68fa086773b235fc8b525476\System.Management.Automation.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\541142d8742e6e88f1e729fafee04e71\System.Data.Services.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\d96a94076acb8e0c5a96a1b2de4b3a7a\System.Data.Linq.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\a3ce22c2a84fdcb008d72d230ee0b2c0\System.Data.Entity.ni.dll
+ 2011-10-13 16:22 . 2011-10-13 16:22 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll
+ 2011-10-13 16:22 . 2011-10-13 16:22 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\714e9504255565bd9076fe13628e104a\ReachFramework.ni.dll
+ 2011-10-13 16:22 . 2011-10-13 16:22 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7dc6ee14234b0686182ced75f7dae990\PresentationUI.ni.dll
+ 2011-10-13 16:21 . 2011-10-13 16:21 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b42ad515bb20ec1f1250c040371c6730\PresentationBuildTasks.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 1301504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\50e6ba25e8216c9738c5af2ac2bc6006\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
+ 2011-10-13 17:07 . 2011-10-13 17:07 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll
+ 2011-10-13 16:45 . 2011-10-13 16:45 1354240 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\3f098d1aefafe2995b06e052e4ae0bf5\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2011-10-13 16:45 . 2011-10-13 16:45 1787904 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\9fb012663a6d7c785ce28d96d106ad3c\Microsoft.Office.InfoPath.Client.Internal.Host.ni.dll
+ 2011-10-13 16:45 . 2011-10-13 16:45 1184256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\38e276a5c5ee1173b699a299d7cf425d\Microsoft.Office.Interop.InfoPath.SemiTrust.ni.dll
+ 2011-11-23 11:09 . 2011-11-23 11:09 4751872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\f3f8a29e0265fd62f98d6269343545e3\Microsoft.Office.BusinessApplications.SyncServices.ni.dll
+ 2011-11-23 11:09 . 2011-11-23 11:09 1564160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\eb4823b5f807949356f553a17a51e98d\Microsoft.Office.BusinessApplications.Runtime.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 2091008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\e2d22f21f4bcd5c8c5c1ea4237fc1a5b\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 1563136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\a79a1e05738f15394641f779845c5c43\Microsoft.Office.BusinessApplications.Runtime.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 4751360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\8ace6f86e1a162db0e56614ad84d7599\Microsoft.Office.BusinessApplications.SyncServices.ni.dll
+ 2011-11-23 11:11 . 2011-11-23 11:11 2091008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\872a0a6bac838aeea5bd94f6c1b12e95\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll
+ 2011-10-13 16:45 . 2011-10-13 16:45 3235840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\443addf4f4e64dbb694f43212b490328\Microsoft.Office.BusinessData.ni.dll
+ 2011-11-23 11:09 . 2011-11-23 11:09 3237376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\38a5d1accb82cd2ef2318711798eb996\Microsoft.Office.BusinessData.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\8ad32b72258899177c07dc5912b5b748\Microsoft.JScript.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\415cef6abab5bb959f200f6c537bc289\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-07-16 01:17 . 2010-07-16 01:17 1857400 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 1857400 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
- 2010-07-16 01:16 . 2010-07-16 01:16 1689472 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.SyncServices\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.SyncServices.dll
+ 2011-11-23 11:07 . 2011-11-23 11:07 1689472 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.SyncServices\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.SyncServices.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-04-14 20:06 . 2011-04-14 20:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-10-13 16:20 . 2011-10-13 16:20 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-06-15 23:01 . 2011-10-13 16:20 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-10-07 19:05 . 2011-04-14 20:06 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2010-10-07 19:03 . 2010-10-07 19:03 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-10-13 16:16 . 2011-10-13 16:16 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-07 19:03 . 2010-10-07 19:03 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-10-13 16:18 . 2011-06-02 14:02 1858944 c:\windows\$NtUninstallKB2567053$\win32k.sys
+ 2011-07-13 17:23 . 2011-03-03 13:21 1857920 c:\windows\$NtUninstallKB2555917$\win32k.sys
+ 2011-10-12 16:07 . 2011-08-22 23:47 1214464 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\urlmon.dll
+ 2011-10-12 16:07 . 2011-10-03 08:34 5972992 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 2001408 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iertutil.dll
+ 2011-09-06 13:25 . 2011-09-06 13:25 1867904 c:\windows\$hf_mig$\KB2567053\SP3QFE\win32k.sys
+ 2011-08-11 17:10 . 2011-06-23 18:33 1214464 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\urlmon.dll
+ 2011-08-11 17:10 . 2011-07-25 15:15 5971456 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
+ 2011-08-11 17:10 . 2011-06-23 18:33 1992192 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iertutil.dll
+ 2011-06-02 14:07 . 2011-06-02 14:07 1867904 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys
+ 2011-06-15 21:59 . 2011-04-25 16:09 1213952 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\urlmon.dll
+ 2011-06-15 21:59 . 2011-05-30 22:17 5967360 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 1992192 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iertutil.dll
+ 2007-10-24 06:26 . 2011-12-15 17:33 52988224 c:\windows\system32\MRT.exe
+ 2007-08-14 01:54 . 2011-11-04 19:20 11081728 c:\windows\system32\ieframe.dll
+ 2007-10-24 06:29 . 2011-11-04 19:20 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-07-13 05:49 . 2011-07-13 05:49 11459584 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp
+ 2011-03-28 10:27 . 2011-03-28 10:27 15456256 c:\windows\Installer\8f00dd.msp
+ 2011-04-28 02:21 . 2011-04-28 02:21 17515520 c:\windows\Installer\8f00d0.msp
+ 2011-06-15 22:55 . 2011-06-15 22:55 20333056 c:\windows\Installer\8f0097.msp
+ 2011-03-18 02:15 . 2011-03-18 02:15 44327424 c:\windows\Installer\8f008b.msp
+ 2011-10-27 06:47 . 2011-10-27 06:47 10328064 c:\windows\Installer\36295.msp
+ 2011-10-27 06:49 . 2011-10-27 06:49 16245760 c:\windows\Installer\3628a.msp
+ 2011-10-27 06:49 . 2011-10-27 06:49 10427392 c:\windows\Installer\36281.msp
+ 2011-10-13 16:21 . 2011-10-13 16:21 20333568 c:\windows\Installer\31a8c.msp
+ 2011-07-12 03:43 . 2011-07-12 03:43 11641344 c:\windows\Installer\31a80.msp
+ 2011-07-12 22:50 . 2011-07-12 22:50 17555968 c:\windows\Installer\31a76.msp
+ 2011-07-21 19:36 . 2011-07-21 19:36 66808320 c:\windows\Installer\2d000.msp
+ 2011-06-20 06:28 . 2011-06-20 06:28 18457088 c:\windows\Installer\2cfb9.msp
+ 2011-04-29 07:28 . 2011-04-29 07:28 16972800 c:\windows\Installer\2a9c8.msp
+ 2011-04-29 07:28 . 2011-04-29 07:28 11056128 c:\windows\Installer\2a9b3.msp
+ 2011-04-29 04:34 . 2011-04-29 04:34 11155456 c:\windows\Installer\2a9a0.msp
+ 2011-10-27 06:46 . 2011-10-27 06:46 11580928 c:\windows\Installer\26695.msp
+ 2011-10-27 06:45 . 2011-10-27 06:45 66426368 c:\windows\Installer\24dc5d.msp
+ 2011-10-22 23:21 . 2011-10-22 23:21 21515264 c:\windows\Installer\22fb1.msp
+ 2011-04-29 07:28 . 2011-04-29 07:28 16972800 c:\windows\Installer\22d37.msp
+ 2011-04-29 07:28 . 2011-04-29 07:28 16972800 c:\windows\Installer\22d18.msp
+ 2011-10-27 06:51 . 2011-10-27 06:51 16885760 c:\windows\Installer\20358d.msp
+ 2011-10-22 23:21 . 2011-10-22 23:21 21515264 c:\windows\Installer\20356c.msp
+ 2011-05-11 18:01 . 2011-05-11 18:01 20314624 c:\windows\Installer\1b93f9.msp
+ 2011-04-29 04:27 . 2011-04-29 04:27 14467072 c:\windows\Installer\1620c4e.msp
+ 2011-05-27 21:29 . 2011-05-27 21:29 13338040 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A0300000030\8.3.0\AcroRd32.dll
+ 2010-03-23 17:57 . 2010-03-23 17:57 15889248 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OUTLOOK.EXE
+ 2010-03-13 07:05 . 2010-03-13 07:05 11121528 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OARTCONV.DLL
+ 2010-03-13 22:08 . 2010-03-13 22:08 20516712 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\OART.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 72521600 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSORES.DLL
+ 2010-03-01 12:09 . 2010-03-01 12:09 13988704 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSACCESS.EXE
+ 2010-03-25 17:25 . 2010-03-25 17:25 30969208 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\GROOVE.EXE
+ 2011-12-15 17:36 . 2011-08-24 00:48 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2011-10-13 16:18 . 2011-06-23 18:36 11081728 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll
+ 2011-08-11 19:08 . 2011-04-26 17:11 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-06-15 22:54 . 2011-02-22 23:06 11080704 c:\windows\ie8updates\KB2530548-IE8\ieframe.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
+ 2011-10-13 17:08 . 2011-10-13 17:08 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
+ 2011-10-13 16:44 . 2011-10-13 16:44 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll
+ 2011-10-13 16:23 . 2011-10-13 16:23 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b7e3e46b32176f76558\System.Design.ni.dll
+ 2011-10-13 16:22 . 2011-10-13 16:22 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll
+ 2011-10-13 16:22 . 2011-10-13 16:22 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll
+ 2011-10-13 16:21 . 2011-10-13 16:21 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
+ 2011-10-12 16:07 . 2011-08-22 23:47 11084288 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieframe.dll
+ 2011-06-25 08:03 . 2011-06-25 08:03 11083776 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieframe.dll
+ 2011-06-15 21:59 . 2011-04-25 16:09 11083776 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll
+ 2011-10-16 22:38 . 2011-10-16 22:38 100966912 c:\windows\Installer\41241.msp
+ 2011-10-16 22:38 . 2011-10-16 22:38 100966912 c:\windows\Installer\4122c.msp
+ 2011-10-16 22:38 . 2011-10-16 22:38 100966912 c:\windows\Installer\36278.msp
+ 2011-04-29 04:33 . 2011-04-29 04:33 425345024 c:\windows\Installer\2a986.msp
+ 2011-10-16 22:38 . 2011-10-16 22:38 100966912 c:\windows\Installer\228bc.msp
+ 2011-04-29 04:33 . 2011-04-29 04:33 425345024 c:\windows\Installer\1620c8a.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280]
"Ai Nap"="c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-04-09 1423360]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-03 24576]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" [2007-11-29 583048]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-15 565008]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-08 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-02-16 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^officejet 6100.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\officejet 6100.lnk
backup=c:\windows\pss\officejet 6100.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDDMStatus.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk
backup=c:\windows\pss\WDDMStatus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDSmartWare.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk
backup=c:\windows\pss\WDSmartWare.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-08-31 01:57 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 21:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-18 01:06 1848648 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-12-12 01:31 722256 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HLBackupScheduler]
2010-12-08 09:24 5247624 ----a-w- c:\program files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
2007-05-21 08:37 124512 ----a-w- c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-29 08:00 28672 ----a-w- c:\program files\Creative\SBLive\Program\ADGJDet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2008-08-15 01:15 2407184 ----a-w- c:\program files\Logitech\QuickCam\Quickcam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-02-16 01:50 417792 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-11 23:21 246504 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56978:TCP"= 56978:TCP:Pando Media Booster
"56978:UDP"= 56978:UDP:Pando Media Booster
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1302000.00A\symds.sys [11/20/2011 9:29 AM 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1302000.00A\symefa.sys [11/20/2011 9:29 AM 897656]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111221.003\BHDrvx86.sys [12/21/2011 5:03 PM 819320]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1302000.00A\ccsetx86.sys [11/20/2011 9:29 AM 132744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1302000.00A\ironx86.sys [11/20/2011 9:29 AM 149624]
R2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [9/7/2010 8:47 AM 202048]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe [11/20/2011 9:28 AM 138760]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10/14/2009 1:31 PM 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [6/16/2009 8:58 AM 20480]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [10/23/2007 9:23 PM 38656]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12/19/2011 10:24 AM 106104]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111221.001\IDSXpx86.sys [12/21/2011 5:03 PM 356280]
S0 kabubh;kabubh;c:\windows\system32\drivers\eerfbocj.sys --> c:\windows\system32\drivers\eerfbocj.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/9/2010 10:38 AM 135664]
S3 EraserUtilDrv11120;EraserUtilDrv11120;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11120.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11120.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/9/2010 10:38 AM 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 10:15 AM 31125880]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [7/15/2010 4:12 PM 11520]
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-09 18:38]
.
2011-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-09 18:38]
.
2007-10-24 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 23:52]
.
2011-11-25 c:\windows\Tasks\MotoHelper MUM.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2010-09-07 16:47]
.
2011-12-22 c:\windows\Tasks\MotoHelper Routing.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2010-09-07 16:47]
.
2011-12-14 c:\windows\Tasks\MotoHelper Update.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2010-09-07 16:47]
.
2011-12-22 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 23:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-22 13:41
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.2.0.10\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(9100)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~3\Office14\1033\GrooveIntlResource.dll
c:\windows\system32\ctagent.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Motorola\MotoHelper\MotoHelperAgent.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\CTHELPER.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Completion time: 2011-12-22 13:45:37 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-22 21:45
ComboFix2.txt 2011-05-10 18:36
.
Pre-Run: 20,009,742,336 bytes free
Post-Run: 20,034,367,488 bytes free
.
- - End Of File - - 06C1BDF0FD83D3238D88DD2A400713BC

By the way...this morning when I started my computer, the antivirus was off again. I happens about every 2 weeks. In other words, still happening. We'll see if ComboFix "fixes" it!

WWhermit

#10
Nedklaw

Posted 24 December 2011 - 12:55 PM

Trusted Helper

Malware Removal
1,652 posts

Hi.

Merry Christmas!!!

1. Close any open browsers.

2. Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

File:: 
c:\windows\system32\drivers\eerfbocj.sys

Driver::
kabubh
 
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"="1"

Save this as CFScript.txt, in the same location as ComboFix.exe.

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe.

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Things I want to see in your next reply

ComboFix.txt

#11
WWhermit

Posted 24 December 2011 - 01:59 PM

Member

Topic Starter
Member
35 posts

NedKlaw, I did as you instructed, and will post the resulting log below. However, something happened immediately after ComboFix posted the log document. My Norton Antivirus popped up and was removing a "malicious file". It was called Bloodhound.MalPE. The log from Norton is here:

Category: Unresolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
2011-12-24 11:49:17,High,lvprcinj01.dll (Bloodhound.MalPE) detected by Auto-Protect,Restart Required,You must restart your computer.,c:\windows\temp\logishrd\lvprcinj01.dll

Now I don't know if this was triggered by ComboFix, or if ComboFix exposed this file that Norton could grab, or if the two were totally unrelated, but the timing was very auspicious. Thought you should know.

Now, on to the ComboFix file.

ComboFix 11-12-24.07 - Tim 12/24/2011 11:37:34.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1293 [GMT -8:00]
Running from: c:\documents and settings\Tim\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Tim\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
FILE ::
"c:\windows\system32\drivers\eerfbocj.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_kabubh
.
.
((((((((((((((((((((((((( Files Created from 2011-11-24 to 2011-12-24 )))))))))))))))))))))))))))))))
.
.
2011-12-20 17:18 . 2011-12-20 17:18 -------- d-----w- C:\_OTL
2011-12-15 17:19 . 2011-12-15 17:19 -------- d-----w- C:\found.000
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:25 . 2006-02-28 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 17:18 . 2010-12-09 00:00 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-11-20 17:18 . 2010-12-09 00:00 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-11-16 17:27 . 2011-05-17 17:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:20 . 2006-02-28 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2006-02-28 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2006-02-28 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2006-02-28 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2006-02-28 12:00 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2006-02-28 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2006-02-28 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-03 22:59 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2006-02-28 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2007-10-24 05:04 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2006-02-28 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-27 00:38 . 2011-11-20 17:29 897656 ----a-w- c:\windows\system32\drivers\NIS\1302000.00A\symefa.sys
2011-09-26 18:41 . 2008-07-30 02:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41 . 2006-02-28 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41 . 2006-02-28 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-12-22_21.41.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-24 19:43 . 2011-12-24 19:43 16384 c:\windows\Temp\Perflib_Perfdata_6f8.dat
+ 2011-12-24 19:26 . 2011-12-24 19:26 16384 c:\windows\Temp\Perflib_Perfdata_428.dat
+ 2011-12-22 00:09 . 2011-12-23 18:16 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2011-12-22 00:09 . 2011-12-22 08:17 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2007-10-24 05:09 . 2011-12-23 18:16 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2007-10-24 05:09 . 2011-12-22 08:17 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-12-23 00:24 . 2011-12-23 18:16 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2011-07-19 18:09 . 2011-12-22 08:17 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280]
"Ai Nap"="c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-04-09 1423360]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-03 24576]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" [2007-11-29 583048]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-15 565008]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-08 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-02-16 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^officejet 6100.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\officejet 6100.lnk
backup=c:\windows\pss\officejet 6100.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDDMStatus.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk
backup=c:\windows\pss\WDDMStatus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDSmartWare.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk
backup=c:\windows\pss\WDSmartWare.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-08-31 01:57 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 21:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-18 01:06 1848648 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-12-12 01:31 722256 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HLBackupScheduler]
2010-12-08 09:24 5247624 ----a-w- c:\program files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
2007-05-21 08:37 124512 ----a-w- c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-29 08:00 28672 ----a-w- c:\program files\Creative\SBLive\Program\ADGJDet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2008-08-15 01:15 2407184 ----a-w- c:\program files\Logitech\QuickCam\Quickcam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-02-16 01:50 417792 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-11 23:21 246504 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56978:TCP"= 56978:TCP:Pando Media Booster
"56978:UDP"= 56978:UDP:Pando Media Booster
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1302000.00A\symds.sys [11/20/2011 9:29 AM 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1302000.00A\symefa.sys [11/20/2011 9:29 AM 897656]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111221.003\BHDrvx86.sys [12/21/2011 5:03 PM 819320]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1302000.00A\ccsetx86.sys [11/20/2011 9:29 AM 132744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1302000.00A\ironx86.sys [11/20/2011 9:29 AM 149624]
R2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [9/7/2010 8:47 AM 202048]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe [11/20/2011 9:28 AM 138760]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10/14/2009 1:31 PM 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [6/16/2009 8:58 AM 20480]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [10/23/2007 9:23 PM 38656]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12/19/2011 10:24 AM 106104]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111222.001\IDSXpx86.sys [12/22/2011 5:23 PM 356280]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/9/2010 10:38 AM 135664]
S3 EraserUtilDrv11120;EraserUtilDrv11120;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11120.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11120.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/9/2010 10:38 AM 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 10:15 AM 31125880]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [7/15/2010 4:12 PM 11520]
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-09 18:38]
.
2011-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-09 18:38]
.
2007-10-24 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 23:52]
.
2011-12-23 c:\windows\Tasks\MotoHelper MUM.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2010-09-07 16:47]
.
2011-12-23 c:\windows\Tasks\MotoHelper Routing.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2010-09-07 16:47]
.
2011-12-14 c:\windows\Tasks\MotoHelper Update.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2010-09-07 16:47]
.
2011-12-24 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 23:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-24 11:44
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.2.0.10\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(9092)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~3\Office14\1033\GrooveIntlResource.dll
c:\windows\system32\ctagent.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Motorola\MotoHelper\MotoHelperAgent.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\CTHELPER.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Completion time: 2011-12-24 11:47:33 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-24 19:47
ComboFix2.txt 2011-12-22 21:45
ComboFix3.txt 2011-05-10 18:36
.
Pre-Run: 20,117,274,624 bytes free
Post-Run: 19,998,519,296 bytes free
.
- - End Of File - - 9227BE2B0A6E40A7930254F8E03A813F

And a Merry Christmas to you and your family as well.

WWhermit

#12
Nedklaw

Posted 24 December 2011 - 04:53 PM

Trusted Helper

Malware Removal
1,652 posts

Hi.

Download the latest version of TDSSKiller from here and save it to your Desktop.

Double-click on TDSSKiller.exe to run the application, then click on Change Parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer 3 options.
Ensure Cure is selected, then click Continue --> Reboot Computer to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

#13
WWhermit

Posted 25 December 2011 - 02:12 PM

Member

Topic Starter
Member
35 posts

12:08:03.0296 0460 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
12:08:03.0890 0460 ============================================================
12:08:03.0890 0460 Current date / time: 2011/12/25 12:08:03.0890
12:08:03.0890 0460 SystemInfo:
12:08:03.0890 0460
12:08:03.0906 0460 OS Version: 5.1.2600 ServicePack: 3.0
12:08:03.0906 0460 Product type: Workstation
12:08:03.0906 0460 ComputerName: SYLVIA
12:08:03.0906 0460 UserName: Tim
12:08:03.0906 0460 Windows directory: C:\WINDOWS
12:08:03.0906 0460 System windows directory: C:\WINDOWS
12:08:03.0906 0460 Processor architecture: Intel x86
12:08:03.0906 0460 Number of processors: 2
12:08:03.0906 0460 Page size: 0x1000
12:08:03.0906 0460 Boot type: Normal boot
12:08:03.0906 0460 ============================================================
12:08:05.0234 0460 Initialize success
12:08:10.0593 2112 ============================================================
12:08:10.0593 2112 Scan started
12:08:10.0593 2112 Mode: Manual; SigCheck; TDLFS;
12:08:10.0593 2112 ============================================================
12:08:11.0687 2112 Abiosdsk - ok
12:08:11.0703 2112 abp480n5 - ok
12:08:11.0734 2112 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:08:13.0593 2112 ACPI - ok
12:08:13.0671 2112 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:08:13.0812 2112 ACPIEC - ok
12:08:13.0828 2112 adpu160m - ok
12:08:13.0843 2112 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:08:13.0937 2112 aec - ok
12:08:13.0968 2112 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:08:14.0015 2112 AFD - ok
12:08:14.0046 2112 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys
12:08:14.0093 2112 AFS2K - ok
12:08:14.0109 2112 Aha154x - ok
12:08:14.0109 2112 aic78u2 - ok
12:08:14.0125 2112 aic78xx - ok
12:08:14.0125 2112 AliIde - ok
12:08:14.0125 2112 amsint - ok
12:08:14.0156 2112 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:08:14.0234 2112 Arp1394 - ok
12:08:14.0234 2112 asc - ok
12:08:14.0234 2112 asc3350p - ok
12:08:14.0250 2112 asc3550 - ok
12:08:14.0281 2112 AsIO (663f2fb92608073824ee3106886120f3) C:\WINDOWS\system32\drivers\AsIO.sys
12:08:14.0312 2112 AsIO - ok
12:08:14.0343 2112 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:08:14.0421 2112 AsyncMac - ok
12:08:14.0453 2112 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:08:14.0531 2112 atapi - ok
12:08:14.0562 2112 AtcL001 (19f277bc4ce5689f20f347a6b8aa8c42) C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
12:08:14.0625 2112 AtcL001 - ok
12:08:14.0625 2112 Atdisk - ok
12:08:14.0671 2112 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:08:14.0750 2112 Atmarpc - ok
12:08:14.0796 2112 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:08:14.0875 2112 audstub - ok
12:08:14.0906 2112 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:08:14.0984 2112 Beep - ok
12:08:15.0125 2112 BHDrvx86 (9d14d76e4e7b9b2ead17149011db2b11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
12:08:15.0156 2112 BHDrvx86 - ok
12:08:15.0234 2112 catchme - ok
12:08:15.0265 2112 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:08:15.0343 2112 cbidf2k - ok
12:08:15.0375 2112 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:08:15.0437 2112 CCDECODE - ok
12:08:15.0500 2112 ccSet_NIS (2b2f9b4a08190334a9c36446b208bae9) C:\WINDOWS\system32\drivers\NIS\1302000.00A\ccSetx86.sys
12:08:15.0500 2112 ccSet_NIS - ok
12:08:15.0500 2112 cd20xrnt - ok
12:08:15.0546 2112 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:08:15.0625 2112 Cdaudio - ok
12:08:15.0656 2112 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:08:15.0734 2112 Cdfs - ok
12:08:15.0765 2112 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:08:15.0828 2112 Cdrom - ok
12:08:15.0843 2112 Changer - ok
12:08:15.0843 2112 CmdIde - ok
12:08:15.0859 2112 Cpqarray - ok
12:08:15.0890 2112 ctac32k (4b6096745f72b4fd36514617e2ea5d37) C:\WINDOWS\system32\drivers\ctac32k.sys
12:08:15.0906 2112 ctac32k - ok
12:08:15.0953 2112 ctaud2k (3576ec792347ed15699f6d830e0f5437) C:\WINDOWS\system32\drivers\ctaud2k.sys
12:08:15.0984 2112 ctaud2k - ok
12:08:16.0015 2112 ctljystk (71007bd2e1e26927fe3e4eb00c0beedf) C:\WINDOWS\system32\DRIVERS\ctljystk.sys
12:08:16.0109 2112 ctljystk - ok
12:08:16.0109 2112 ctprxy2k (097d42574e3c6d98cd5a2ee7647fa6bf) C:\WINDOWS\system32\drivers\ctprxy2k.sys
12:08:16.0125 2112 ctprxy2k - ok
12:08:16.0156 2112 ctsfm2k (c58a2507ef62b20b9bd670c666088b50) C:\WINDOWS\system32\drivers\ctsfm2k.sys
12:08:16.0171 2112 ctsfm2k - ok
12:08:16.0187 2112 dac2w2k - ok
12:08:16.0187 2112 dac960nt - ok
12:08:16.0218 2112 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:08:16.0296 2112 Disk - ok
12:08:16.0343 2112 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:08:16.0437 2112 dmboot - ok
12:08:16.0453 2112 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:08:16.0531 2112 dmio - ok
12:08:16.0531 2112 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:08:16.0625 2112 dmload - ok
12:08:16.0640 2112 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:08:16.0718 2112 DMusic - ok
12:08:16.0734 2112 dpti2o - ok
12:08:16.0750 2112 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:08:16.0828 2112 drmkaud - ok
12:08:16.0890 2112 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:08:16.0906 2112 eeCtrl - ok
12:08:16.0953 2112 emupia (a9d94b89372f3f9609a1a5eec631a260) C:\WINDOWS\system32\drivers\emupia2k.sys
12:08:16.0968 2112 emupia - ok
12:08:16.0968 2112 EraserUtilDrv11120 - ok
12:08:16.0984 2112 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:08:17.0000 2112 EraserUtilRebootDrv - ok
12:08:17.0046 2112 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:08:17.0125 2112 Fastfat - ok
12:08:17.0171 2112 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:08:17.0250 2112 Fdc - ok
12:08:17.0281 2112 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:08:17.0359 2112 Fips - ok
12:08:17.0375 2112 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:08:17.0453 2112 Flpydisk - ok
12:08:17.0484 2112 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:08:17.0578 2112 FltMgr - ok
12:08:17.0625 2112 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:08:17.0718 2112 Fs_Rec - ok
12:08:17.0734 2112 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:08:17.0828 2112 Ftdisk - ok
12:08:17.0843 2112 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
12:08:17.0921 2112 gameenum - ok
12:08:17.0953 2112 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:08:18.0031 2112 Gpc - ok
12:08:18.0078 2112 ha10kx2k (dc9847cdc43665ed4cc780947516209c) C:\WINDOWS\system32\drivers\ha10kx2k.sys
12:08:18.0140 2112 ha10kx2k - ok
12:08:18.0156 2112 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:08:18.0250 2112 HDAudBus - ok
12:08:18.0265 2112 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:08:18.0343 2112 hidusb - ok
12:08:18.0359 2112 hpn - ok
12:08:18.0390 2112 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:08:18.0437 2112 HPZid412 - ok
12:08:18.0453 2112 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:08:18.0500 2112 HPZipr12 - ok
12:08:18.0531 2112 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:08:18.0593 2112 HPZius12 - ok
12:08:18.0625 2112 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:08:18.0671 2112 HTTP - ok
12:08:18.0671 2112 i2omgmt - ok
12:08:18.0671 2112 i2omp - ok
12:08:18.0718 2112 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:08:18.0796 2112 i8042prt - ok
12:08:18.0937 2112 IDSxpx86 (e72d3894d42355e9cd5fd77e1e4fea11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111223.001\IDSxpx86.sys
12:08:18.0953 2112 IDSxpx86 - ok
12:08:18.0953 2112 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:08:19.0031 2112 Imapi - ok
12:08:19.0046 2112 ini910u - ok
12:08:19.0046 2112 IntcAzAudAddService - ok
12:08:19.0062 2112 IntelIde - ok
12:08:19.0078 2112 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:08:19.0156 2112 intelppm - ok
12:08:19.0171 2112 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:08:19.0250 2112 Ip6Fw - ok
12:08:19.0281 2112 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:08:19.0375 2112 IpFilterDriver - ok
12:08:19.0406 2112 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:08:19.0484 2112 IpInIp - ok
12:08:19.0500 2112 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:08:19.0593 2112 IpNat - ok
12:08:19.0609 2112 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:08:19.0687 2112 IPSec - ok
12:08:19.0718 2112 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:08:19.0796 2112 IRENUM - ok
12:08:19.0812 2112 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:08:19.0890 2112 isapnp - ok
12:08:19.0906 2112 JGOGO (c995c0e8b4503fac38793bb0236ad246) C:\WINDOWS\system32\DRIVERS\JGOGO.sys
12:08:19.0937 2112 JGOGO - ok
12:08:19.0937 2112 JRAID (8f55efd8b7d99465c16d06b345d50ca9) C:\WINDOWS\system32\DRIVERS\jraid.sys
12:08:19.0984 2112 JRAID - ok
12:08:20.0000 2112 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:08:20.0078 2112 Kbdclass - ok
12:08:20.0109 2112 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:08:20.0187 2112 kmixer - ok
12:08:20.0187 2112 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:08:20.0281 2112 KSecDD - ok
12:08:20.0312 2112 L8042Kbd (58759156a6918913edd368f995be3e53) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
12:08:20.0312 2112 L8042Kbd - ok
12:08:20.0328 2112 lbrtfdc - ok
12:08:20.0359 2112 LVPr2Mon (a6919138f29ae45e90e99fa94737e04c) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
12:08:20.0359 2112 LVPr2Mon - ok
12:08:20.0406 2112 LVRS (b895839b8743e400d7c7dae156f74e7e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
12:08:20.0421 2112 LVRS - ok
12:08:20.0468 2112 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\WINDOWS\system32\drivers\LVUSBSta.sys
12:08:20.0468 2112 LVUSBSta - ok
12:08:20.0484 2112 MBAMSwissArmy - ok
12:08:20.0484 2112 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:08:20.0578 2112 mnmdd - ok
12:08:20.0609 2112 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:08:20.0687 2112 Modem - ok
12:08:20.0703 2112 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:08:20.0781 2112 Mouclass - ok
12:08:20.0812 2112 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:08:20.0890 2112 mouhid - ok
12:08:20.0906 2112 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:08:21.0000 2112 MountMgr - ok
12:08:21.0000 2112 mraid35x - ok
12:08:21.0031 2112 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:08:21.0109 2112 MRxDAV - ok
12:08:21.0140 2112 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:08:21.0203 2112 MRxSmb - ok
12:08:21.0218 2112 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:08:21.0281 2112 Msfs - ok
12:08:21.0312 2112 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:08:21.0390 2112 MSKSSRV - ok
12:08:21.0406 2112 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:08:21.0484 2112 MSPCLOCK - ok
12:08:21.0515 2112 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:08:21.0593 2112 MSPQM - ok
12:08:21.0625 2112 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:08:21.0703 2112 mssmbios - ok
12:08:21.0718 2112 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:08:21.0796 2112 MSTEE - ok
12:08:21.0828 2112 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
12:08:21.0859 2112 MTsensor - ok
12:08:21.0875 2112 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:08:21.0906 2112 Mup - ok
12:08:21.0921 2112 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:08:22.0000 2112 NABTSFEC - ok
12:08:22.0187 2112 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111224.017\NAVENG.SYS
12:08:22.0187 2112 NAVENG - ok
12:08:22.0250 2112 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111224.017\NAVEX15.SYS
12:08:22.0296 2112 NAVEX15 - ok
12:08:22.0343 2112 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:08:22.0421 2112 NDIS - ok
12:08:22.0453 2112 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:08:22.0515 2112 NdisIP - ok
12:08:22.0546 2112 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:08:22.0593 2112 NdisTapi - ok
12:08:22.0625 2112 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:08:22.0703 2112 Ndisuio - ok
12:08:22.0718 2112 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:08:22.0781 2112 NdisWan - ok
12:08:22.0828 2112 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:08:22.0875 2112 NDProxy - ok
12:08:22.0921 2112 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:08:22.0984 2112 NetBIOS - ok
12:08:23.0015 2112 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:08:23.0078 2112 NetBT - ok
12:08:23.0203 2112 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:08:23.0343 2112 NIC1394 - ok
12:08:23.0343 2112 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:08:23.0421 2112 Npfs - ok
12:08:23.0468 2112 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:08:23.0546 2112 Ntfs - ok
12:08:23.0562 2112 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:08:23.0640 2112 Null - ok
12:08:23.0859 2112 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:08:24.0296 2112 nv - ok
12:08:24.0328 2112 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:08:24.0421 2112 NwlnkFlt - ok
12:08:24.0437 2112 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:08:24.0515 2112 NwlnkFwd - ok
12:08:24.0546 2112 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:08:24.0609 2112 ohci1394 - ok
12:08:24.0656 2112 ossrv (f29184bdc81c398b6027a67ff6a19895) C:\WINDOWS\system32\drivers\ctoss2k.sys
12:08:24.0671 2112 ossrv - ok
12:08:24.0718 2112 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
12:08:24.0796 2112 Parport - ok
12:08:24.0812 2112 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:08:24.0890 2112 PartMgr - ok
12:08:24.0906 2112 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:08:24.0984 2112 ParVdm - ok
12:08:25.0000 2112 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
12:08:25.0062 2112 PCI - ok
12:08:25.0078 2112 PCIDump - ok
12:08:25.0078 2112 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:08:25.0156 2112 PCIIde - ok
12:08:25.0187 2112 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:08:25.0265 2112 Pcmcia - ok
12:08:25.0281 2112 PDCOMP - ok
12:08:25.0281 2112 PDFRAME - ok
12:08:25.0281 2112 PDRELI - ok
12:08:25.0312 2112 PDRFRAME - ok
12:08:25.0343 2112 pepifilter (a05f0d7419cf4680eedd5736e6549e7b) C:\WINDOWS\system32\DRIVERS\lv302af.sys
12:08:25.0343 2112 pepifilter - ok
12:08:25.0359 2112 perc2 - ok
12:08:25.0359 2112 perc2hib - ok
12:08:25.0437 2112 PID_PEPI (4bb5ac2dd485b8eefccb977ee66a68ad) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
12:08:25.0515 2112 PID_PEPI - ok
12:08:25.0562 2112 Point32 (dcdf0421a1c14f2923e298a30fd7636d) C:\WINDOWS\system32\DRIVERS\point32.sys
12:08:25.0593 2112 Point32 - ok
12:08:25.0671 2112 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:08:25.0750 2112 PptpMiniport - ok
12:08:25.0750 2112 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:08:25.0828 2112 PSched - ok
12:08:25.0859 2112 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:08:25.0937 2112 Ptilink - ok
12:08:25.0937 2112 ql1080 - ok
12:08:25.0953 2112 Ql10wnt - ok
12:08:25.0953 2112 ql12160 - ok
12:08:25.0968 2112 ql1240 - ok
12:08:25.0968 2112 ql1280 - ok
12:08:26.0000 2112 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:08:26.0078 2112 RasAcd - ok
12:08:26.0093 2112 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:08:26.0171 2112 Rasl2tp - ok
12:08:26.0187 2112 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:08:26.0265 2112 RasPppoe - ok
12:08:26.0265 2112 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:08:26.0343 2112 Raspti - ok
12:08:26.0359 2112 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:08:26.0437 2112 Rdbss - ok
12:08:26.0468 2112 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:08:26.0531 2112 RDPCDD - ok
12:08:26.0562 2112 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:08:26.0640 2112 rdpdr - ok
12:08:26.0687 2112 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:08:26.0718 2112 RDPWD - ok
12:08:26.0734 2112 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:08:26.0812 2112 redbook - ok
12:08:26.0843 2112 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:08:26.0921 2112 Secdrv - ok
12:08:26.0953 2112 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:08:27.0031 2112 serenum - ok
12:08:27.0046 2112 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:08:27.0125 2112 Serial - ok
12:08:27.0171 2112 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:08:27.0250 2112 Sfloppy - ok
12:08:27.0250 2112 Simbad - ok
12:08:27.0281 2112 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:08:27.0343 2112 SLIP - ok
12:08:27.0359 2112 Sparrow - ok
12:08:27.0375 2112 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:08:27.0453 2112 splitter - ok
12:08:27.0484 2112 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:08:27.0562 2112 sr - ok
12:08:27.0625 2112 SRTSP (2c5fbf6a00a4a3dcf643e46e8acb20c2) C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SRTSP.SYS
12:08:27.0640 2112 SRTSP - ok
12:08:27.0671 2112 SRTSPX (9034ea58552b55f370e5293a7175c5ac) C:\WINDOWS\system32\drivers\NIS\1302000.00A\SRTSPX.SYS
12:08:27.0687 2112 SRTSPX - ok
12:08:27.0718 2112 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:08:27.0781 2112 Srv - ok
12:08:27.0812 2112 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
12:08:27.0875 2112 StillCam - ok
12:08:27.0906 2112 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:08:27.0984 2112 streamip - ok
12:08:28.0015 2112 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:08:28.0093 2112 swenum - ok
12:08:28.0125 2112 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:08:28.0203 2112 swmidi - ok
12:08:28.0203 2112 symc810 - ok
12:08:28.0218 2112 symc8xx - ok
12:08:28.0265 2112 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMDS.SYS
12:08:28.0281 2112 SymDS - ok
12:08:28.0343 2112 SymEFA (fc6d4a81b3611693f4e14e75908b6767) C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMEFA.SYS
12:08:28.0390 2112 SymEFA - ok
12:08:28.0421 2112 SymEvent (98d28d08e68145fb550ee7670b43baf2) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
12:08:28.0437 2112 SymEvent - ok
12:08:28.0468 2112 SymIRON (39c35ddbb570e9f334f239248e4de34d) C:\WINDOWS\system32\drivers\NIS\1302000.00A\Ironx86.SYS
12:08:28.0468 2112 SymIRON - ok
12:08:28.0515 2112 SYMTDI (aaae36e8235dab7da8a64bd10de281e5) C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS
12:08:28.0531 2112 SYMTDI - ok
12:08:28.0531 2112 sym_hi - ok
12:08:28.0531 2112 sym_u3 - ok
12:08:28.0562 2112 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:08:28.0640 2112 sysaudio - ok
12:08:28.0687 2112 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:08:28.0781 2112 Tcpip - ok
12:08:28.0812 2112 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:08:28.0921 2112 TDPIPE - ok
12:08:28.0937 2112 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:08:29.0015 2112 TDTCP - ok
12:08:29.0031 2112 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:08:29.0109 2112 TermDD - ok
12:08:29.0109 2112 TosIde - ok
12:08:29.0140 2112 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
12:08:29.0156 2112 TVICHW32 ( UnsignedFile.Multi.Generic ) - warning
12:08:29.0156 2112 TVICHW32 - detected UnsignedFile.Multi.Generic (1)
12:08:29.0171 2112 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:08:29.0234 2112 Udfs - ok
12:08:29.0250 2112 ultra - ok
12:08:29.0281 2112 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:08:29.0359 2112 Update - ok
12:08:29.0390 2112 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:08:29.0453 2112 usbaudio - ok
12:08:29.0484 2112 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:08:29.0562 2112 usbccgp - ok
12:08:29.0578 2112 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:08:29.0656 2112 usbehci - ok
12:08:29.0671 2112 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:08:29.0734 2112 usbhub - ok
12:08:29.0750 2112 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:08:29.0828 2112 usbprint - ok
12:08:29.0859 2112 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:08:29.0921 2112 usbscan - ok
12:08:29.0937 2112 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:08:30.0015 2112 USBSTOR - ok
12:08:30.0046 2112 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:08:30.0109 2112 usbuhci - ok
12:08:30.0140 2112 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:08:30.0203 2112 VgaSave - ok
12:08:30.0218 2112 ViaIde - ok
12:08:30.0234 2112 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:08:30.0296 2112 VolSnap - ok
12:08:30.0328 2112 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:08:30.0390 2112 Wanarp - ok
12:08:30.0421 2112 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
12:08:30.0468 2112 WDC_SAM - ok
12:08:30.0468 2112 WDICA - ok
12:08:30.0500 2112 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:08:30.0578 2112 wdmaud - ok
12:08:30.0625 2112 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:08:30.0703 2112 WSTCODEC - ok
12:08:30.0734 2112 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:08:30.0765 2112 WudfPf - ok
12:08:30.0781 2112 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:08:30.0812 2112 WudfRd - ok
12:08:30.0843 2112 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:08:31.0000 2112 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:08:31.0000 2112 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:08:31.0000 2112 Boot (0x1200) (db8c376a95396e73043718a46e60de43) \Device\Harddisk0\DR0\Partition0
12:08:31.0000 2112 \Device\Harddisk0\DR0\Partition0 - ok
12:08:31.0015 2112 Boot (0x1200) (bacd9d18b7b9f7162344ca8270f16043) \Device\Harddisk0\DR0\Partition1
12:08:31.0015 2112 \Device\Harddisk0\DR0\Partition1 - ok
12:08:31.0015 2112 ============================================================
12:08:31.0015 2112 Scan finished
12:08:31.0015 2112 ============================================================
12:08:31.0140 2128 Detected object count: 2
12:08:31.0140 2128 Actual detected object count: 2
12:08:34.0687 2128 TVICHW32 ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:34.0687 2128 TVICHW32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:34.0687 2128 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:08:34.0687 2128 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:09:30.0578 3056 ============================================================
12:09:30.0578 3056 Scan started
12:09:30.0578 3056 Mode: Manual; SigCheck; TDLFS;
12:09:30.0578 3056 ============================================================
12:09:30.0781 3056 Abiosdsk - ok
12:09:30.0796 3056 abp480n5 - ok
12:09:30.0828 3056 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:09:30.0921 3056 ACPI - ok
12:09:30.0953 3056 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:09:31.0031 3056 ACPIEC - ok
12:09:31.0046 3056 adpu160m - ok
12:09:31.0078 3056 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:09:31.0156 3056 aec - ok
12:09:31.0187 3056 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:09:31.0203 3056 AFD - ok
12:09:31.0218 3056 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys
12:09:31.0234 3056 AFS2K - ok
12:09:31.0250 3056 Aha154x - ok
12:09:31.0250 3056 aic78u2 - ok
12:09:31.0250 3056 aic78xx - ok
12:09:31.0265 3056 AliIde - ok
12:09:31.0265 3056 amsint - ok
12:09:31.0296 3056 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:09:31.0375 3056 Arp1394 - ok
12:09:31.0375 3056 asc - ok
12:09:31.0375 3056 asc3350p - ok
12:09:31.0390 3056 asc3550 - ok
12:09:31.0390 3056 AsIO (663f2fb92608073824ee3106886120f3) C:\WINDOWS\system32\drivers\AsIO.sys
12:09:31.0406 3056 AsIO - ok
12:09:31.0421 3056 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:09:31.0500 3056 AsyncMac - ok
12:09:31.0531 3056 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:09:31.0593 3056 atapi - ok
12:09:31.0625 3056 AtcL001 (19f277bc4ce5689f20f347a6b8aa8c42) C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
12:09:31.0640 3056 AtcL001 - ok
12:09:31.0640 3056 Atdisk - ok
12:09:31.0671 3056 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:09:31.0734 3056 Atmarpc - ok
12:09:31.0781 3056 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:09:31.0859 3056 audstub - ok
12:09:31.0875 3056 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:09:31.0953 3056 Beep - ok
12:09:32.0078 3056 BHDrvx86 (9d14d76e4e7b9b2ead17149011db2b11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
12:09:32.0109 3056 BHDrvx86 - ok
12:09:32.0187 3056 catchme - ok
12:09:32.0218 3056 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:09:32.0281 3056 cbidf2k - ok
12:09:32.0312 3056 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:09:32.0390 3056 CCDECODE - ok
12:09:32.0437 3056 ccSet_NIS (2b2f9b4a08190334a9c36446b208bae9) C:\WINDOWS\system32\drivers\NIS\1302000.00A\ccSetx86.sys
12:09:32.0437 3056 ccSet_NIS - ok
12:09:32.0453 3056 cd20xrnt - ok
12:09:32.0484 3056 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:09:32.0562 3056 Cdaudio - ok
12:09:32.0593 3056 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:09:32.0671 3056 Cdfs - ok
12:09:32.0703 3056 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:09:32.0765 3056 Cdrom - ok
12:09:32.0765 3056 Changer - ok
12:09:32.0781 3056 CmdIde - ok
12:09:32.0781 3056 Cpqarray - ok
12:09:32.0812 3056 ctac32k (4b6096745f72b4fd36514617e2ea5d37) C:\WINDOWS\system32\drivers\ctac32k.sys
12:09:32.0828 3056 ctac32k - ok
12:09:32.0843 3056 ctaud2k (3576ec792347ed15699f6d830e0f5437) C:\WINDOWS\system32\drivers\ctaud2k.sys
12:09:32.0875 3056 ctaud2k - ok
12:09:32.0906 3056 ctljystk (71007bd2e1e26927fe3e4eb00c0beedf) C:\WINDOWS\system32\DRIVERS\ctljystk.sys
12:09:32.0984 3056 ctljystk - ok
12:09:32.0984 3056 ctprxy2k (097d42574e3c6d98cd5a2ee7647fa6bf) C:\WINDOWS\system32\drivers\ctprxy2k.sys
12:09:33.0000 3056 ctprxy2k - ok
12:09:33.0015 3056 ctsfm2k (c58a2507ef62b20b9bd670c666088b50) C:\WINDOWS\system32\drivers\ctsfm2k.sys
12:09:33.0031 3056 ctsfm2k - ok
12:09:33.0031 3056 dac2w2k - ok
12:09:33.0046 3056 dac960nt - ok
12:09:33.0046 3056 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:09:33.0109 3056 Disk - ok
12:09:33.0156 3056 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:09:33.0234 3056 dmboot - ok
12:09:33.0250 3056 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:09:33.0343 3056 dmio - ok
12:09:33.0343 3056 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:09:33.0437 3056 dmload - ok
12:09:33.0453 3056 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:09:33.0546 3056 DMusic - ok
12:09:33.0562 3056 dpti2o - ok
12:09:33.0562 3056 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:09:33.0656 3056 drmkaud - ok
12:09:33.0734 3056 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:09:33.0750 3056 eeCtrl - ok
12:09:33.0796 3056 emupia (a9d94b89372f3f9609a1a5eec631a260) C:\WINDOWS\system32\drivers\emupia2k.sys
12:09:33.0812 3056 emupia - ok
12:09:33.0828 3056 EraserUtilDrv11120 - ok
12:09:33.0828 3056 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:09:33.0843 3056 EraserUtilRebootDrv - ok
12:09:33.0875 3056 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:09:33.0953 3056 Fastfat - ok
12:09:34.0000 3056 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:09:34.0078 3056 Fdc - ok
12:09:34.0109 3056 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:09:34.0187 3056 Fips - ok
12:09:34.0203 3056 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:09:34.0265 3056 Flpydisk - ok
12:09:34.0296 3056 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:09:34.0375 3056 FltMgr - ok
12:09:34.0406 3056 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:09:34.0484 3056 Fs_Rec - ok
12:09:34.0500 3056 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:09:34.0562 3056 Ftdisk - ok
12:09:34.0578 3056 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
12:09:34.0656 3056 gameenum - ok
12:09:34.0687 3056 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:09:34.0765 3056 Gpc - ok
12:09:34.0828 3056 ha10kx2k (dc9847cdc43665ed4cc780947516209c) C:\WINDOWS\system32\drivers\ha10kx2k.sys
12:09:34.0875 3056 ha10kx2k - ok
12:09:34.0906 3056 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:09:34.0984 3056 HDAudBus - ok
12:09:35.0000 3056 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:09:35.0078 3056 hidusb - ok
12:09:35.0078 3056 hpn - ok
12:09:35.0109 3056 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:09:35.0109 3056 HPZid412 - ok
12:09:35.0125 3056 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:09:35.0140 3056 HPZipr12 - ok
12:09:35.0156 3056 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:09:35.0171 3056 HPZius12 - ok
12:09:35.0218 3056 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:09:35.0234 3056 HTTP - ok
12:09:35.0250 3056 i2omgmt - ok
12:09:35.0250 3056 i2omp - ok
12:09:35.0281 3056 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:09:35.0343 3056 i8042prt - ok
12:09:35.0484 3056 IDSxpx86 (e72d3894d42355e9cd5fd77e1e4fea11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111223.001\IDSxpx86.sys
12:09:35.0500 3056 IDSxpx86 - ok
12:09:35.0500 3056 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:09:35.0578 3056 Imapi - ok
12:09:35.0593 3056 ini910u - ok
12:09:35.0593 3056 IntcAzAudAddService - ok
12:09:35.0593 3056 IntelIde - ok
12:09:35.0625 3056 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:09:35.0687 3056 intelppm - ok
12:09:35.0718 3056 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:09:35.0796 3056 Ip6Fw - ok
12:09:35.0828 3056 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:09:35.0906 3056 IpFilterDriver - ok
12:09:35.0937 3056 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:09:36.0000 3056 IpInIp - ok
12:09:36.0031 3056 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:09:36.0109 3056 IpNat - ok
12:09:36.0125 3056 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:09:36.0203 3056 IPSec - ok
12:09:36.0234 3056 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:09:36.0296 3056 IRENUM - ok
12:09:36.0328 3056 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:09:36.0390 3056 isapnp - ok
12:09:36.0406 3056 JGOGO (c995c0e8b4503fac38793bb0236ad246) C:\WINDOWS\system32\DRIVERS\JGOGO.sys
12:09:36.0421 3056 JGOGO - ok
12:09:36.0421 3056 JRAID (8f55efd8b7d99465c16d06b345d50ca9) C:\WINDOWS\system32\DRIVERS\jraid.sys
12:09:36.0437 3056 JRAID - ok
12:09:36.0468 3056 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:09:36.0546 3056 Kbdclass - ok
12:09:36.0562 3056 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:09:36.0640 3056 kmixer - ok
12:09:36.0656 3056 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:09:36.0687 3056 KSecDD - ok
12:09:36.0703 3056 L8042Kbd (58759156a6918913edd368f995be3e53) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
12:09:36.0718 3056 L8042Kbd - ok
12:09:36.0718 3056 lbrtfdc - ok
12:09:36.0750 3056 LVPr2Mon (a6919138f29ae45e90e99fa94737e04c) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
12:09:36.0765 3056 LVPr2Mon - ok
12:09:36.0812 3056 LVRS (b895839b8743e400d7c7dae156f74e7e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
12:09:36.0828 3056 LVRS - ok
12:09:36.0859 3056 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\WINDOWS\system32\drivers\LVUSBSta.sys
12:09:36.0875 3056 LVUSBSta - ok
12:09:36.0875 3056 MBAMSwissArmy - ok
12:09:36.0890 3056 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:09:36.0968 3056 mnmdd - ok
12:09:37.0000 3056 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:09:37.0078 3056 Modem - ok
12:09:37.0093 3056 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:09:37.0171 3056 Mouclass - ok
12:09:37.0203 3056 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:09:37.0265 3056 mouhid - ok
12:09:37.0296 3056 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:09:37.0375 3056 MountMgr - ok
12:09:37.0375 3056 mraid35x - ok
12:09:37.0390 3056 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:09:37.0468 3056 MRxDAV - ok
12:09:37.0515 3056 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:09:37.0531 3056 MRxSmb - ok
12:09:37.0531 3056 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:09:37.0609 3056 Msfs - ok
12:09:37.0625 3056 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:09:37.0703 3056 MSKSSRV - ok
12:09:37.0718 3056 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:09:37.0796 3056 MSPCLOCK - ok
12:09:37.0828 3056 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:09:37.0906 3056 MSPQM - ok
12:09:37.0937 3056 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:09:38.0015 3056 mssmbios - ok
12:09:38.0031 3056 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:09:38.0109 3056 MSTEE - ok
12:09:38.0140 3056 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
12:09:38.0156 3056 MTsensor - ok
12:09:38.0171 3056 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:09:38.0187 3056 Mup - ok
12:09:38.0218 3056 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:09:38.0296 3056 NABTSFEC - ok
12:09:38.0468 3056 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111224.017\NAVENG.SYS
12:09:38.0468 3056 NAVENG - ok
12:09:38.0531 3056 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111224.017\NAVEX15.SYS
12:09:38.0578 3056 NAVEX15 - ok
12:09:38.0609 3056 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:09:38.0687 3056 NDIS - ok
12:09:38.0718 3056 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:09:38.0781 3056 NdisIP - ok
12:09:38.0812 3056 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:09:38.0828 3056 NdisTapi - ok
12:09:38.0859 3056 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:09:38.0937 3056 Ndisuio - ok
12:09:38.0937 3056 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:09:39.0015 3056 NdisWan - ok
12:09:39.0031 3056 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:09:39.0062 3056 NDProxy - ok
12:09:39.0093 3056 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:09:39.0171 3056 NetBIOS - ok
12:09:39.0187 3056 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:09:39.0250 3056 NetBT - ok
12:09:39.0281 3056 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:09:39.0343 3056 NIC1394 - ok
12:09:39.0375 3056 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:09:39.0437 3056 Npfs - ok
12:09:39.0484 3056 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:09:39.0546 3056 Ntfs - ok
12:09:39.0578 3056 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:09:39.0640 3056 Null - ok
12:09:39.0859 3056 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:09:40.0093 3056 nv - ok
12:09:40.0125 3056 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:09:40.0187 3056 NwlnkFlt - ok
12:09:40.0203 3056 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:09:40.0281 3056 NwlnkFwd - ok
12:09:40.0296 3056 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:09:40.0375 3056 ohci1394 - ok
12:09:40.0421 3056 ossrv (f29184bdc81c398b6027a67ff6a19895) C:\WINDOWS\system32\drivers\ctoss2k.sys
12:09:40.0437 3056 ossrv - ok
12:09:40.0468 3056 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
12:09:40.0546 3056 Parport - ok
12:09:40.0562 3056 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:09:40.0640 3056 PartMgr - ok
12:09:40.0656 3056 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:09:40.0718 3056 ParVdm - ok
12:09:40.0734 3056 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
12:09:40.0796 3056 PCI - ok
12:09:40.0796 3056 PCIDump - ok
12:09:40.0812 3056 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:09:40.0875 3056 PCIIde - ok
12:09:40.0906 3056 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:09:40.0984 3056 Pcmcia - ok
12:09:40.0984 3056 PDCOMP - ok
12:09:41.0000 3056 PDFRAME - ok
12:09:41.0000 3056 PDRELI - ok
12:09:41.0015 3056 PDRFRAME - ok
12:09:41.0031 3056 pepifilter (a05f0d7419cf4680eedd5736e6549e7b) C:\WINDOWS\system32\DRIVERS\lv302af.sys
12:09:41.0046 3056 pepifilter - ok
12:09:41.0046 3056 perc2 - ok
12:09:41.0046 3056 perc2hib - ok
12:09:41.0140 3056 PID_PEPI (4bb5ac2dd485b8eefccb977ee66a68ad) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
12:09:41.0218 3056 PID_PEPI - ok
12:09:41.0250 3056 Point32 (dcdf0421a1c14f2923e298a30fd7636d) C:\WINDOWS\system32\DRIVERS\point32.sys
12:09:41.0265 3056 Point32 - ok
12:09:41.0281 3056 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:09:41.0343 3056 PptpMiniport - ok
12:09:41.0343 3056 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:09:41.0421 3056 PSched - ok
12:09:41.0453 3056 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:09:41.0531 3056 Ptilink - ok
12:09:41.0531 3056 ql1080 - ok
12:09:41.0531 3056 Ql10wnt - ok
12:09:41.0546 3056 ql12160 - ok
12:09:41.0546 3056 ql1240 - ok
12:09:41.0562 3056 ql1280 - ok
12:09:41.0593 3056 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:09:41.0671 3056 RasAcd - ok
12:09:41.0703 3056 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:09:41.0781 3056 Rasl2tp - ok
12:09:41.0781 3056 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:09:41.0859 3056 RasPppoe - ok
12:09:41.0859 3056 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:09:41.0937 3056 Raspti - ok
12:09:41.0968 3056 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:09:42.0031 3056 Rdbss - ok
12:09:42.0062 3056 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:09:42.0140 3056 RDPCDD - ok
12:09:42.0140 3056 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:09:42.0218 3056 rdpdr - ok
12:09:42.0250 3056 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:09:42.0265 3056 RDPWD - ok
12:09:42.0281 3056 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:09:42.0343 3056 redbook - ok
12:09:42.0375 3056 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:09:42.0453 3056 Secdrv - ok
12:09:42.0468 3056 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:09:42.0546 3056 serenum - ok
12:09:42.0562 3056 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:09:42.0640 3056 Serial - ok
12:09:42.0656 3056 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:09:42.0734 3056 Sfloppy - ok
12:09:42.0734 3056 Simbad - ok
12:09:42.0781 3056 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:09:42.0859 3056 SLIP - ok
12:09:42.0859 3056 Sparrow - ok
12:09:42.0875 3056 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:09:42.0953 3056 splitter - ok
12:09:42.0968 3056 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:09:43.0062 3056 sr - ok
12:09:43.0109 3056 SRTSP (2c5fbf6a00a4a3dcf643e46e8acb20c2) C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SRTSP.SYS
12:09:43.0125 3056 SRTSP - ok
12:09:43.0171 3056 SRTSPX (9034ea58552b55f370e5293a7175c5ac) C:\WINDOWS\system32\drivers\NIS\1302000.00A\SRTSPX.SYS
12:09:43.0171 3056 SRTSPX - ok
12:09:43.0203 3056 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:09:43.0234 3056 Srv - ok
12:09:43.0265 3056 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
12:09:43.0343 3056 StillCam - ok
12:09:43.0359 3056 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:09:43.0437 3056 streamip - ok
12:09:43.0468 3056 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:09:43.0546 3056 swenum - ok
12:09:43.0562 3056 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:09:43.0640 3056 swmidi - ok
12:09:43.0640 3056 symc810 - ok
12:09:43.0656 3056 symc8xx - ok
12:09:43.0703 3056 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMDS.SYS
12:09:43.0718 3056 SymDS - ok
12:09:43.0765 3056 SymEFA (fc6d4a81b3611693f4e14e75908b6767) C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMEFA.SYS
12:09:43.0781 3056 SymEFA - ok
12:09:43.0828 3056 SymEvent (98d28d08e68145fb550ee7670b43baf2) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
12:09:43.0828 3056 SymEvent - ok
12:09:43.0859 3056 SymIRON (39c35ddbb570e9f334f239248e4de34d) C:\WINDOWS\system32\drivers\NIS\1302000.00A\Ironx86.SYS
12:09:43.0875 3056 SymIRON - ok
12:09:43.0906 3056 SYMTDI (aaae36e8235dab7da8a64bd10de281e5) C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS
12:09:43.0921 3056 SYMTDI - ok
12:09:43.0937 3056 sym_hi - ok
12:09:43.0937 3056 sym_u3 - ok
12:09:43.0968 3056 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:09:44.0046 3056 sysaudio - ok
12:09:44.0093 3056 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:09:44.0109 3056 Tcpip - ok
12:09:44.0140 3056 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:09:44.0218 3056 TDPIPE - ok
12:09:44.0234 3056 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:09:44.0312 3056 TDTCP - ok
12:09:44.0328 3056 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:09:44.0406 3056 TermDD - ok
12:09:44.0421 3056 TosIde - ok
12:09:44.0437 3056 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
12:09:44.0453 3056 TVICHW32 ( UnsignedFile.Multi.Generic ) - warning
12:09:44.0453 3056 TVICHW32 - detected UnsignedFile.Multi.Generic (1)
12:09:44.0468 3056 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:09:44.0531 3056 Udfs - ok
12:09:44.0531 3056 ultra - ok
12:09:44.0578 3056 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:09:44.0640 3056 Update - ok
12:09:44.0671 3056 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:09:44.0734 3056 usbaudio - ok
12:09:44.0765 3056 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:09:44.0843 3056 usbccgp - ok
12:09:44.0859 3056 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:09:44.0937 3056 usbehci - ok
12:09:44.0937 3056 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:09:45.0015 3056 usbhub - ok
12:09:45.0031 3056 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:09:45.0109 3056 usbprint - ok
12:09:45.0125 3056 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:09:45.0187 3056 usbscan - ok
12:09:45.0203 3056 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:09:45.0281 3056 USBSTOR - ok
12:09:45.0296 3056 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:09:45.0375 3056 usbuhci - ok
12:09:45.0390 3056 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:09:45.0468 3056 VgaSave - ok
12:09:45.0468 3056 ViaIde - ok
12:09:45.0484 3056 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:09:45.0546 3056 VolSnap - ok
12:09:45.0578 3056 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:09:45.0640 3056 Wanarp - ok
12:09:45.0671 3056 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
12:09:45.0703 3056 WDC_SAM - ok
12:09:45.0703 3056 WDICA - ok
12:09:45.0718 3056 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:09:45.0796 3056 wdmaud - ok
12:09:45.0828 3056 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:09:45.0906 3056 WSTCODEC - ok
12:09:45.0921 3056 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:09:45.0953 3056 WudfPf - ok
12:09:45.0968 3056 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:09:45.0984 3056 WudfRd - ok
12:09:45.0984 3056 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:09:46.0140 3056 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:09:46.0140 3056 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:09:46.0156 3056 Boot (0x1200) (db8c376a95396e73043718a46e60de43) \Device\Harddisk0\DR0\Partition0
12:09:46.0156 3056 \Device\Harddisk0\DR0\Partition0 - ok
12:09:46.0171 3056 Boot (0x1200) (bacd9d18b7b9f7162344ca8270f16043) \Device\Harddisk0\DR0\Partition1
12:09:46.0171 3056 \Device\Harddisk0\DR0\Partition1 - ok
12:09:46.0171 3056 ============================================================
12:09:46.0171 3056 Scan finished
12:09:46.0171 3056 ============================================================
12:09:46.0171 3036 Detected object count: 2
12:09:46.0171 3036 Actual detected object count: 2

#14
Nedklaw

Posted 27 December 2011 - 11:48 AM

Trusted Helper

Malware Removal
1,652 posts

Hi.

Step 1

Run TDSSKiller using the same instructions as before and when you get to the following screen, the TDSS File System needs to be changed from Skip to Delete. You must leave all of the other items as Skip and then click Continue to remove the TDSS File System.

Posted Image

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents in your next reply.

Step 2

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

Step 3

Does the random rebooting still occur?

Things I want to see in your next reply

TDSSKiller.[Version]_[Date]_[Time]_log.txt
MBRCheck Report
Answer to my question

#15
WWhermit

Posted 27 December 2011 - 12:39 PM

Member

Topic Starter
Member
35 posts

1) TDSSKiller log

10:25:46.0000 1792 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
10:25:46.0437 1792 ============================================================
10:25:46.0437 1792 Current date / time: 2011/12/27 10:25:46.0437
10:25:46.0437 1792 SystemInfo:
10:25:46.0437 1792
10:25:46.0437 1792 OS Version: 5.1.2600 ServicePack: 3.0
10:25:46.0437 1792 Product type: Workstation
10:25:46.0437 1792 ComputerName: SYLVIA
10:25:46.0437 1792 UserName: Tim
10:25:46.0437 1792 Windows directory: C:\WINDOWS
10:25:46.0437 1792 System windows directory: C:\WINDOWS
10:25:46.0437 1792 Processor architecture: Intel x86
10:25:46.0437 1792 Number of processors: 2
10:25:46.0437 1792 Page size: 0x1000
10:25:46.0437 1792 Boot type: Normal boot
10:25:46.0437 1792 ============================================================
10:25:47.0859 1792 Initialize success
10:25:53.0906 4076 ============================================================
10:25:53.0906 4076 Scan started
10:25:53.0906 4076 Mode: Manual; SigCheck; TDLFS;
10:25:53.0906 4076 ============================================================
10:25:54.0484 4076 Abiosdsk - ok
10:25:54.0500 4076 abp480n5 - ok
10:25:54.0546 4076 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:25:54.0765 4076 ACPI - ok
10:25:54.0781 4076 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:25:54.0859 4076 ACPIEC - ok
10:25:54.0875 4076 adpu160m - ok
10:25:54.0906 4076 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:25:54.0984 4076 aec - ok
10:25:55.0015 4076 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
10:25:55.0078 4076 AFD - ok
10:25:55.0093 4076 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys
10:25:55.0140 4076 AFS2K - ok
10:25:55.0156 4076 Aha154x - ok
10:25:55.0156 4076 aic78u2 - ok
10:25:55.0171 4076 aic78xx - ok
10:25:55.0171 4076 AliIde - ok
10:25:55.0187 4076 amsint - ok
10:25:55.0203 4076 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:25:55.0281 4076 Arp1394 - ok
10:25:55.0281 4076 asc - ok
10:25:55.0296 4076 asc3350p - ok
10:25:55.0296 4076 asc3550 - ok
10:25:55.0328 4076 AsIO (663f2fb92608073824ee3106886120f3) C:\WINDOWS\system32\drivers\AsIO.sys
10:25:55.0343 4076 AsIO - ok
10:25:55.0359 4076 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:25:55.0437 4076 AsyncMac - ok
10:25:55.0468 4076 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:25:55.0546 4076 atapi - ok
10:25:55.0593 4076 AtcL001 (19f277bc4ce5689f20f347a6b8aa8c42) C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
10:25:55.0625 4076 AtcL001 - ok
10:25:55.0625 4076 Atdisk - ok
10:25:55.0656 4076 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:25:55.0734 4076 Atmarpc - ok
10:25:55.0765 4076 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:25:55.0843 4076 audstub - ok
10:25:55.0875 4076 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:25:55.0968 4076 Beep - ok
10:25:56.0093 4076 BHDrvx86 (9d14d76e4e7b9b2ead17149011db2b11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
10:25:56.0109 4076 BHDrvx86 - ok
10:25:56.0187 4076 catchme - ok
10:25:56.0218 4076 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:25:56.0296 4076 cbidf2k - ok
10:25:56.0312 4076 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:25:56.0390 4076 CCDECODE - ok
10:25:56.0421 4076 ccSet_NIS (2b2f9b4a08190334a9c36446b208bae9) C:\WINDOWS\system32\drivers\NIS\1302000.00A\ccSetx86.sys
10:25:56.0437 4076 ccSet_NIS - ok
10:25:56.0437 4076 cd20xrnt - ok
10:25:56.0468 4076 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:25:56.0546 4076 Cdaudio - ok
10:25:56.0593 4076 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:25:56.0671 4076 Cdfs - ok
10:25:56.0718 4076 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:25:56.0796 4076 Cdrom - ok
10:25:56.0796 4076 Changer - ok
10:25:56.0812 4076 CmdIde - ok
10:25:56.0828 4076 Cpqarray - ok
10:25:56.0859 4076 ctac32k (4b6096745f72b4fd36514617e2ea5d37) C:\WINDOWS\system32\drivers\ctac32k.sys
10:25:56.0890 4076 ctac32k - ok
10:25:56.0921 4076 ctaud2k (3576ec792347ed15699f6d830e0f5437) C:\WINDOWS\system32\drivers\ctaud2k.sys
10:25:56.0953 4076 ctaud2k - ok
10:25:56.0984 4076 ctljystk (71007bd2e1e26927fe3e4eb00c0beedf) C:\WINDOWS\system32\DRIVERS\ctljystk.sys
10:25:57.0062 4076 ctljystk - ok
10:25:57.0062 4076 ctprxy2k (097d42574e3c6d98cd5a2ee7647fa6bf) C:\WINDOWS\system32\drivers\ctprxy2k.sys
10:25:57.0078 4076 ctprxy2k - ok
10:25:57.0109 4076 ctsfm2k (c58a2507ef62b20b9bd670c666088b50) C:\WINDOWS\system32\drivers\ctsfm2k.sys
10:25:57.0125 4076 ctsfm2k - ok
10:25:57.0125 4076 dac2w2k - ok
10:25:57.0140 4076 dac960nt - ok
10:25:57.0171 4076 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:25:57.0234 4076 Disk - ok
10:25:57.0281 4076 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
10:25:57.0375 4076 dmboot - ok
10:25:57.0390 4076 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
10:25:57.0468 4076 dmio - ok
10:25:57.0484 4076 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:25:57.0546 4076 dmload - ok
10:25:57.0578 4076 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:25:57.0656 4076 DMusic - ok
10:25:57.0671 4076 dpti2o - ok
10:25:57.0687 4076 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:25:57.0765 4076 drmkaud - ok
10:25:57.0859 4076 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
10:25:57.0875 4076 eeCtrl - ok
10:25:57.0921 4076 emupia (a9d94b89372f3f9609a1a5eec631a260) C:\WINDOWS\system32\drivers\emupia2k.sys
10:25:57.0937 4076 emupia - ok
10:25:57.0937 4076 EraserUtilDrv11120 - ok
10:25:57.0953 4076 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:25:57.0968 4076 EraserUtilRebootDrv - ok
10:25:57.0984 4076 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:25:58.0078 4076 Fastfat - ok
10:25:58.0109 4076 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
10:25:58.0187 4076 Fdc - ok
10:25:58.0218 4076 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
10:25:58.0296 4076 Fips - ok
10:25:58.0312 4076 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:25:58.0390 4076 Flpydisk - ok
10:25:58.0421 4076 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:25:58.0515 4076 FltMgr - ok
10:25:58.0546 4076 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:25:58.0625 4076 Fs_Rec - ok
10:25:58.0640 4076 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:25:58.0750 4076 Ftdisk - ok
10:25:58.0765 4076 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
10:25:58.0843 4076 gameenum - ok
10:25:58.0875 4076 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:25:58.0953 4076 Gpc - ok
10:25:59.0000 4076 ha10kx2k (dc9847cdc43665ed4cc780947516209c) C:\WINDOWS\system32\drivers\ha10kx2k.sys
10:25:59.0046 4076 ha10kx2k - ok
10:25:59.0078 4076 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:25:59.0156 4076 HDAudBus - ok
10:25:59.0187 4076 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:25:59.0265 4076 hidusb - ok
10:25:59.0281 4076 hpn - ok
10:25:59.0312 4076 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:25:59.0328 4076 HPZid412 - ok
10:25:59.0343 4076 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:25:59.0375 4076 HPZipr12 - ok
10:25:59.0390 4076 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:25:59.0437 4076 HPZius12 - ok
10:25:59.0468 4076 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:25:59.0500 4076 HTTP - ok
10:25:59.0515 4076 i2omgmt - ok
10:25:59.0515 4076 i2omp - ok
10:25:59.0562 4076 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:25:59.0640 4076 i8042prt - ok
10:25:59.0781 4076 IDSxpx86 (e72d3894d42355e9cd5fd77e1e4fea11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111226.001\IDSxpx86.sys
10:25:59.0796 4076 IDSxpx86 - ok
10:25:59.0812 4076 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
10:25:59.0890 4076 Imapi - ok
10:25:59.0906 4076 ini910u - ok
10:25:59.0906 4076 IntcAzAudAddService - ok
10:25:59.0921 4076 IntelIde - ok
10:25:59.0937 4076 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:26:00.0000 4076 intelppm - ok
10:26:00.0031 4076 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:26:00.0109 4076 Ip6Fw - ok
10:26:00.0140 4076 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:26:00.0218 4076 IpFilterDriver - ok
10:26:00.0250 4076 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:26:00.0328 4076 IpInIp - ok
10:26:00.0343 4076 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:26:00.0437 4076 IpNat - ok
10:26:00.0453 4076 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:26:00.0546 4076 IPSec - ok
10:26:00.0578 4076 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:26:00.0640 4076 IRENUM - ok
10:26:00.0671 4076 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:26:00.0750 4076 isapnp - ok
10:26:00.0765 4076 JGOGO (c995c0e8b4503fac38793bb0236ad246) C:\WINDOWS\system32\DRIVERS\JGOGO.sys
10:26:00.0781 4076 JGOGO - ok
10:26:00.0796 4076 JRAID (8f55efd8b7d99465c16d06b345d50ca9) C:\WINDOWS\system32\DRIVERS\jraid.sys
10:26:00.0812 4076 JRAID - ok
10:26:00.0843 4076 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:26:00.0921 4076 Kbdclass - ok
10:26:00.0937 4076 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:26:01.0015 4076 kmixer - ok
10:26:01.0031 4076 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:26:01.0093 4076 KSecDD - ok
10:26:01.0109 4076 L8042Kbd (58759156a6918913edd368f995be3e53) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
10:26:01.0125 4076 L8042Kbd - ok
10:26:01.0125 4076 lbrtfdc - ok
10:26:01.0156 4076 LVPr2Mon (a6919138f29ae45e90e99fa94737e04c) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
10:26:01.0171 4076 LVPr2Mon - ok
10:26:01.0218 4076 LVRS (b895839b8743e400d7c7dae156f74e7e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
10:26:01.0234 4076 LVRS - ok
10:26:01.0281 4076 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\WINDOWS\system32\drivers\LVUSBSta.sys
10:26:01.0281 4076 LVUSBSta - ok
10:26:01.0281 4076 MBAMSwissArmy - ok
10:26:01.0296 4076 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:26:01.0390 4076 mnmdd - ok
10:26:01.0406 4076 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
10:26:01.0484 4076 Modem - ok
10:26:01.0515 4076 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:26:01.0593 4076 Mouclass - ok
10:26:01.0609 4076 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:26:01.0687 4076 mouhid - ok
10:26:01.0703 4076 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:26:01.0781 4076 MountMgr - ok
10:26:01.0796 4076 mraid35x - ok
10:26:01.0828 4076 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:26:01.0906 4076 MRxDAV - ok
10:26:01.0937 4076 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:26:02.0000 4076 MRxSmb - ok
10:26:02.0015 4076 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:26:02.0078 4076 Msfs - ok
10:26:02.0109 4076 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:26:02.0187 4076 MSKSSRV - ok
10:26:02.0203 4076 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:26:02.0281 4076 MSPCLOCK - ok
10:26:02.0312 4076 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:26:02.0390 4076 MSPQM - ok
10:26:02.0421 4076 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:26:02.0500 4076 mssmbios - ok
10:26:02.0515 4076 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
10:26:02.0593 4076 MSTEE - ok
10:26:02.0625 4076 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
10:26:02.0671 4076 MTsensor - ok
10:26:02.0687 4076 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
10:26:02.0718 4076 Mup - ok
10:26:02.0750 4076 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:26:02.0828 4076 NABTSFEC - ok
10:26:03.0000 4076 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111227.002\NAVENG.SYS
10:26:03.0000 4076 NAVENG - ok
10:26:03.0046 4076 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111227.002\NAVEX15.SYS
10:26:03.0109 4076 NAVEX15 - ok
10:26:03.0203 4076 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:26:03.0281 4076 NDIS - ok
10:26:03.0312 4076 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:26:03.0375 4076 NdisIP - ok
10:26:03.0406 4076 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:26:03.0437 4076 NdisTapi - ok
10:26:03.0468 4076 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:26:03.0546 4076 Ndisuio - ok
10:26:03.0562 4076 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:26:03.0640 4076 NdisWan - ok
10:26:03.0687 4076 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
10:26:03.0734 4076 NDProxy - ok
10:26:03.0750 4076 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:26:03.0828 4076 NetBIOS - ok
10:26:03.0859 4076 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:26:03.0921 4076 NetBT - ok
10:26:03.0968 4076 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:26:04.0046 4076 NIC1394 - ok
10:26:04.0062 4076 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:26:04.0125 4076 Npfs - ok
10:26:04.0171 4076 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:26:04.0281 4076 Ntfs - ok
10:26:04.0296 4076 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:26:04.0375 4076 Null - ok
10:26:04.0578 4076 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:26:05.0000 4076 nv - ok
10:26:05.0046 4076 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:26:05.0125 4076 NwlnkFlt - ok
10:26:05.0140 4076 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:26:05.0218 4076 NwlnkFwd - ok
10:26:05.0234 4076 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:26:05.0312 4076 ohci1394 - ok
10:26:05.0359 4076 ossrv (f29184bdc81c398b6027a67ff6a19895) C:\WINDOWS\system32\drivers\ctoss2k.sys
10:26:05.0375 4076 ossrv - ok
10:26:05.0406 4076 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
10:26:05.0484 4076 Parport - ok
10:26:05.0484 4076 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:26:05.0546 4076 PartMgr - ok
10:26:05.0593 4076 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
10:26:05.0656 4076 ParVdm - ok
10:26:05.0671 4076 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
10:26:05.0734 4076 PCI - ok
10:26:05.0750 4076 PCIDump - ok
10:26:05.0750 4076 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:26:05.0828 4076 PCIIde - ok
10:26:05.0843 4076 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:26:05.0921 4076 Pcmcia - ok
10:26:05.0937 4076 PDCOMP - ok
10:26:05.0937 4076 PDFRAME - ok
10:26:05.0953 4076 PDRELI - ok
10:26:05.0953 4076 PDRFRAME - ok
10:26:06.0000 4076 pepifilter (a05f0d7419cf4680eedd5736e6549e7b) C:\WINDOWS\system32\DRIVERS\lv302af.sys
10:26:06.0000 4076 pepifilter - ok
10:26:06.0000 4076 perc2 - ok
10:26:06.0015 4076 perc2hib - ok
10:26:06.0093 4076 PID_PEPI (4bb5ac2dd485b8eefccb977ee66a68ad) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
10:26:06.0171 4076 PID_PEPI - ok
10:26:06.0203 4076 Point32 (dcdf0421a1c14f2923e298a30fd7636d) C:\WINDOWS\system32\DRIVERS\point32.sys
10:26:06.0234 4076 Point32 - ok
10:26:06.0265 4076 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:26:06.0328 4076 PptpMiniport - ok
10:26:06.0343 4076 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:26:06.0421 4076 PSched - ok
10:26:06.0437 4076 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:26:06.0515 4076 Ptilink - ok
10:26:06.0515 4076 ql1080 - ok
10:26:06.0531 4076 Ql10wnt - ok
10:26:06.0531 4076 ql12160 - ok
10:26:06.0531 4076 ql1240 - ok
10:26:06.0546 4076 ql1280 - ok
10:26:06.0578 4076 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:26:06.0656 4076 RasAcd - ok
10:26:06.0671 4076 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:26:06.0750 4076 Rasl2tp - ok
10:26:06.0765 4076 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:26:06.0828 4076 RasPppoe - ok
10:26:06.0843 4076 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:26:06.0906 4076 Raspti - ok
10:26:06.0937 4076 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:26:07.0015 4076 Rdbss - ok
10:26:07.0031 4076 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:26:07.0109 4076 RDPCDD - ok
10:26:07.0125 4076 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:26:07.0203 4076 rdpdr - ok
10:26:07.0234 4076 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
10:26:07.0265 4076 RDPWD - ok
10:26:07.0296 4076 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:26:07.0359 4076 redbook - ok
10:26:07.0390 4076 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:26:07.0453 4076 Secdrv - ok
10:26:07.0484 4076 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:26:07.0562 4076 serenum - ok
10:26:07.0578 4076 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
10:26:07.0656 4076 Serial - ok
10:26:07.0687 4076 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:26:07.0765 4076 Sfloppy - ok
10:26:07.0781 4076 Simbad - ok
10:26:07.0812 4076 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:26:07.0875 4076 SLIP - ok
10:26:07.0875 4076 Sparrow - ok
10:26:07.0906 4076 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:26:07.0984 4076 splitter - ok
10:26:08.0000 4076 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
10:26:08.0078 4076 sr - ok
10:26:08.0140 4076 SRTSP (2c5fbf6a00a4a3dcf643e46e8acb20c2) C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SRTSP.SYS
10:26:08.0156 4076 SRTSP - ok
10:26:08.0187 4076 SRTSPX (9034ea58552b55f370e5293a7175c5ac) C:\WINDOWS\system32\drivers\NIS\1302000.00A\SRTSPX.SYS
10:26:08.0203 4076 SRTSPX - ok
10:26:08.0234 4076 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
10:26:08.0281 4076 Srv - ok
10:26:08.0312 4076 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
10:26:08.0375 4076 StillCam - ok
10:26:08.0406 4076 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:26:08.0484 4076 streamip - ok
10:26:08.0515 4076 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:26:08.0593 4076 swenum - ok
10:26:08.0609 4076 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:26:08.0687 4076 swmidi - ok
10:26:08.0703 4076 symc810 - ok
10:26:08.0703 4076 symc8xx - ok
10:26:08.0781 4076 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMDS.SYS
10:26:08.0796 4076 SymDS - ok
10:26:08.0843 4076 SymEFA (fc6d4a81b3611693f4e14e75908b6767) C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMEFA.SYS
10:26:08.0875 4076 SymEFA - ok
10:26:08.0906 4076 SymEvent (98d28d08e68145fb550ee7670b43baf2) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
10:26:08.0921 4076 SymEvent - ok
10:26:08.0953 4076 SymIRON (39c35ddbb570e9f334f239248e4de34d) C:\WINDOWS\system32\drivers\NIS\1302000.00A\Ironx86.SYS
10:26:08.0953 4076 SymIRON - ok
10:26:09.0000 4076 SYMTDI (aaae36e8235dab7da8a64bd10de281e5) C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS
10:26:09.0015 4076 SYMTDI - ok
10:26:09.0015 4076 sym_hi - ok
10:26:09.0031 4076 sym_u3 - ok
10:26:09.0062 4076 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:26:09.0140 4076 sysaudio - ok
10:26:09.0171 4076 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:26:09.0250 4076 Tcpip - ok
10:26:09.0265 4076 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:26:09.0343 4076 TDPIPE - ok
10:26:09.0359 4076 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:26:09.0421 4076 TDTCP - ok
10:26:09.0453 4076 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:26:09.0515 4076 TermDD - ok
10:26:09.0531 4076 TosIde - ok
10:26:09.0546 4076 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
10:26:09.0562 4076 TVICHW32 ( UnsignedFile.Multi.Generic ) - warning
10:26:09.0562 4076 TVICHW32 - detected UnsignedFile.Multi.Generic (1)
10:26:09.0578 4076 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:26:09.0656 4076 Udfs - ok
10:26:09.0656 4076 ultra - ok
10:26:09.0703 4076 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:26:09.0765 4076 Update - ok
10:26:09.0796 4076 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
10:26:09.0875 4076 usbaudio - ok
10:26:09.0890 4076 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:26:09.0968 4076 usbccgp - ok
10:26:10.0000 4076 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:26:10.0078 4076 usbehci - ok
10:26:10.0078 4076 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:26:10.0140 4076 usbhub - ok
10:26:10.0156 4076 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:26:10.0234 4076 usbprint - ok
10:26:10.0250 4076 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:26:10.0312 4076 usbscan - ok
10:26:10.0328 4076 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:26:10.0406 4076 USBSTOR - ok
10:26:10.0421 4076 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:26:10.0500 4076 usbuhci - ok
10:26:10.0531 4076 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:26:10.0593 4076 VgaSave - ok
10:26:10.0609 4076 ViaIde - ok
10:26:10.0625 4076 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
10:26:10.0687 4076 VolSnap - ok
10:26:10.0718 4076 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:26:10.0781 4076 Wanarp - ok
10:26:10.0828 4076 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
10:26:10.0859 4076 WDC_SAM - ok
10:26:10.0859 4076 WDICA - ok
10:26:10.0890 4076 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:26:10.0968 4076 wdmaud - ok
10:26:11.0000 4076 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:26:11.0078 4076 WSTCODEC - ok
10:26:11.0093 4076 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:26:11.0140 4076 WudfPf - ok
10:26:11.0156 4076 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:26:11.0171 4076 WudfRd - ok
10:26:11.0187 4076 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:26:11.0343 4076 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:26:11.0343 4076 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:26:11.0343 4076 Boot (0x1200) (db8c376a95396e73043718a46e60de43) \Device\Harddisk0\DR0\Partition0
10:26:11.0359 4076 \Device\Harddisk0\DR0\Partition0 - ok
10:26:11.0375 4076 Boot (0x1200) (bacd9d18b7b9f7162344ca8270f16043) \Device\Harddisk0\DR0\Partition1
10:26:11.0375 4076 \Device\Harddisk0\DR0\Partition1 - ok
10:26:11.0375 4076 ============================================================
10:26:11.0375 4076 Scan finished
10:26:11.0375 4076 ============================================================
10:26:11.0484 1548 Detected object count: 2
10:26:11.0484 1548 Actual detected object count: 2
10:26:32.0531 1548 TVICHW32 ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:32.0531 1548 TVICHW32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:32.0531 1548 \Device\Harddisk0\DR0\TDLFS - deleted
10:26:32.0531 1548 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

2) MBRCheck Report

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000003d

Kernel Drivers (total 153):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E5000 \WINDOWS\system32\hal.dll
0xB85A8000 \WINDOWS\system32\KDCOM.DLL
0xB84B8000 \WINDOWS\system32\BOOTVID.dll
0xB7F79000 ACPI.sys
0xB85AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB7F68000 pci.sys
0xB80A8000 isapnp.sys
0xB80B8000 ohci1394.sys
0xB80C8000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xB8670000 pciide.sys
0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB80D8000 MountMgr.sys
0xB7F49000 ftdisk.sys
0xB85AC000 dmload.sys
0xB7F23000 dmio.sys
0xB8330000 PartMgr.sys
0xB80E8000 VolSnap.sys
0xB7F0B000 atapi.sys
0xB80F8000 jraid.sys
0xB7EF3000 \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
0xB8108000 disk.sys
0xB8118000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB7ED3000 fltmgr.sys
0xB7E7C000 SYMDS.SYS
0xB7E6A000 sr.sys
0xB7D89000 SYMEFA.SYS
0xB7D72000 KSecDD.sys
0xB7CE5000 Ntfs.sys
0xB7CB8000 NDIS.sys
0xB7C9E000 Mup.sys
0xB85AE000 JGOGO.sys
0xB8218000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB6453000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB643F000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB8438000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB641B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xB8440000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB63F3000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB8228000 \SystemRoot\System32\Drivers\AFS2K.SYS
0xB8238000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB8248000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB63D0000 \SystemRoot\system32\DRIVERS\ks.sys
0xB8258000 \SystemRoot\system32\DRIVERS\atl01_xp.sys
0xB6358000 \SystemRoot\system32\drivers\ctaud2k.sys
0xB6334000 \SystemRoot\system32\drivers\portcls.sys
0xB8278000 \SystemRoot\system32\drivers\drmk.sys
0xB631B000 \SystemRoot\system32\drivers\ctoss2k.sys
0xB85F4000 \SystemRoot\System32\drivers\ctprxy2k.sys
0xB85A4000 \SystemRoot\system32\DRIVERS\gameenum.sys
0xB8298000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xB8450000 \SystemRoot\system32\DRIVERS\fdc.sys
0xB85FA000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0xB82A8000 \SystemRoot\system32\DRIVERS\serial.sys
0xB7C7A000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB82B8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB7C76000 \SystemRoot\system32\DRIVERS\L8042Kbd.sys
0xB8458000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB82C8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB8701000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB81B8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB7C6A000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB6304000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB74FD000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB74ED000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB8468000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB62F3000 \SystemRoot\system32\DRIVERS\psched.sys
0xB74DD000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB8470000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB8478000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB62C3000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB74CD000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB8480000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB8612000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB6265000 \SystemRoot\system32\DRIVERS\update.sys
0xB8540000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB74BD000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB749D000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB8616000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB3F8F000 \SystemRoot\system32\drivers\ha10kx2k.sys
0xB3F7A000 \SystemRoot\System32\drivers\ctac32k.sys
0xB3F61000 \SystemRoot\System32\drivers\emupia2k.sys
0xB3F42000 \SystemRoot\System32\drivers\ctsfm2k.sys
0xB8490000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xB3F1E000 \SystemRoot\system32\drivers\NIS\1302000.00A\ccSetx86.sys
0xB3E8C000 \SystemRoot\System32\Drivers\NIS\1302000.00A\SRTSP.SYS
0xB3E65000 \SystemRoot\system32\drivers\NIS\1302000.00A\Ironx86.SYS
0xB8288000 \SystemRoot\system32\drivers\NIS\1302000.00A\SRTSPX.SYS
0xB3E3F000 \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
0xB8578000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB82D8000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB84A0000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB84B0000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB8580000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB8340000 \SystemRoot\system32\DRIVERS\point32.sys
0xB8308000 \SystemRoot\system32\drivers\LVUSBSta.sys
0xB3A39000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
0xB863E000 \SystemRoot\system32\DRIVERS\lv302af.sys
0xB8188000 \SystemRoot\system32\drivers\usbaudio.sys
0xB39A1000 \SystemRoot\system32\DRIVERS\lvrs.sys
0xB8646000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB86F5000 \SystemRoot\System32\Drivers\Null.SYS
0xB8648000 \SystemRoot\System32\Drivers\Beep.SYS
0xB8398000 \SystemRoot\System32\drivers\vga.sys
0xB864A000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB864C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB83A0000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB83A8000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB8590000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB396E000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB3915000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB38C7000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB386A000 \SystemRoot\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS
0xB8318000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB412D000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xB37E7000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB37C5000 \SystemRoot\System32\drivers\afd.sys
0xB411D000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB379A000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB372A000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB410D000 \SystemRoot\System32\Drivers\Fips.SYS
0xB36CC000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0xB36AE000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0xB35E2000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
0xB864E000 \SystemRoot\system32\drivers\AsIO.sys
0xB40ED000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB3502000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB865C000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB4045000 \SystemRoot\System32\drivers\Dxapi.sys
0xB83E0000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB869A000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xBD62C000 \SystemRoot\System32\ATMFD.DLL
0xB288C000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB2637000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB24C7000 \SystemRoot\system32\DRIVERS\srv.sys
0xB8380000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xB1E4A000 \SystemRoot\system32\drivers\wdmaud.sys
0xB1E8F000 \SystemRoot\system32\drivers\sysaudio.sys
0xB8626000 \SystemRoot\system32\drivers\splitter.sys
0xB1E27000 \SystemRoot\system32\drivers\aec.sys
0xB1FA7000 \SystemRoot\system32\drivers\swmidi.sys
0xB1F87000 \SystemRoot\system32\drivers\DMusic.sys
0xB1DFC000 \SystemRoot\system32\drivers\kmixer.sys
0xB879E000 \SystemRoot\system32\drivers\drmkaud.sys
0xB19CB000 \SystemRoot\System32\Drivers\HTTP.sys
0xB13C3000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111227.002\NAVEX15.SYS
0xB13AF000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111227.002\NAVENG.SYS
0xB1354000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111226.001\IDSxpx86.sys
0xB1218000 \SystemRoot\System32\Drivers\Fastfat.SYS
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 45):
0 System Idle Process
4 System
636 C:\WINDOWS\system32\smss.exe
716 csrss.exe
744 C:\WINDOWS\system32\winlogon.exe
788 C:\WINDOWS\system32\services.exe
800 C:\WINDOWS\system32\lsass.exe
972 C:\WINDOWS\system32\nvsvc32.exe
1048 C:\WINDOWS\system32\svchost.exe
1116 svchost.exe
1212 C:\WINDOWS\system32\svchost.exe
1304 svchost.exe
1444 svchost.exe
1568 C:\WINDOWS\system32\spoolsv.exe
2040 svchost.exe
244 C:\Program Files\Canon\IJPLM\ijplmsvc.exe
276 C:\Program Files\Java\jre6\bin\jqs.exe
324 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
348 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
440 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
656 C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
384 C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe
1032 C:\WINDOWS\system32\svchost.exe
1192 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
1392 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
508 C:\WINDOWS\system32\searchindexer.exe
2136 alg.exe
3780 C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe
2116 C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
2604 C:\WINDOWS\explorer.exe
3428 C:\Program Files\Microsoft IntelliPoint\ipoint.exe
3576 C:\WINDOWS\system32\svchost.exe
3612 C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
3636 C:\WINDOWS\system32\CTHELPER.EXE
860 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
3712 C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
3804 C:\WINDOWS\system32\rundll32.exe
3892 C:\WINDOWS\system32\ctfmon.exe
3944 C:\Program Files\Windows Desktop Search\WindowsSearch.exe
1712 C:\Program Files\Internet Explorer\iexplore.exe
128 C:\Program Files\Internet Explorer\iexplore.exe
908 C:\WINDOWS\system32\searchprotocolhost.exe
1920 searchfilterhost.exe
2644 C:\Program Files\Internet Explorer\iexplore.exe
120 C:\Documents and Settings\Tim\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000000e`29054200 (NTFS)

PhysicalDrive0 Model Number: WDCWD1600AAJS-08PSA0, Rev: 05.06H05

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A

Done!

3) Does the computer still randomly reboot? As of yesterday, yes. It still seems to do the same problem. Today I was not here to observe, but I will let repost to say yes or no within 24 hours.WWhermit