Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

XP Security 2012 Stopped - Still Having Problems


  • Please log in to reply

#1
JustinLeeA25

JustinLeeA25

    Member

  • Member
  • PipPip
  • 25 posts
I'm posting in regard to an issue my girlfriend is having on her computer. I've helped her 3 times now to remove XP Security 2012 and Windows Security 2011 from her computer using the rkill, mbam, tdsskill, etc resources. After each time, her computer works fine and goes several days without issue until it slowly begins to stop her McAfee from scanning and then turns it completely off, begins redirecting her to other sites, does not allow her to scan anything with mbam unless she is in safe mode and rkill has been run, and ultimately resurfaces in pop ups for some bogus security scanner. There's obviously some underlying problem we're not getting rid of. Any help with this issue would be greatly appreciated. Below is her OldTimer log.

OTL logfile created on: 12/26/2011 10:24:39 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HELEN\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 256.53 Mb Available Physical Memory | 25.10% Memory free
2.41 Gb Paging File | 1.63 Gb Available in Paging File | 67.71% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 108.59 Gb Total Space | 48.43 Gb Free Space | 44.60% Space Free | Partition Type: NTFS
Drive D: | 36.59 Gb Total Space | 36.51 Gb Free Space | 99.79% Space Free | Partition Type: NTFS

Computer Name: HELEN | User Name: HELEN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/26 22:23:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
PRC - [2011/12/26 22:21:28 | 000,273,912 | ---- | M] () -- C:\Program Files\InstallBrainService\InstallBrainService.exe
PRC - [2011/12/11 17:38:01 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/11/23 23:05:44 | 006,497,592 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2011/11/12 16:32:30 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/10/18 17:00:02 | 000,308,392 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\VirusScan\McVsShld.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/09/20 10:15:26 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.229\SSScheduler.exe
PRC - [2011/09/16 18:38:10 | 001,318,552 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/08/10 11:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/03/07 17:35:48 | 000,165,488 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\VirusScan\McVsMap.exe
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/09/14 04:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 04:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/02/23 07:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005/10/05 02:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2004/05/21 19:11:22 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE


========== Modules (No Company Name) ==========

MOD - [2011/12/26 22:21:28 | 000,273,912 | ---- | M] () -- C:\Program Files\InstallBrainService\InstallBrainService.exe
MOD - [2011/11/23 23:05:40 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/11/23 23:05:26 | 000,078,336 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\pcre.dll
MOD - [2011/11/12 16:32:29 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2005/10/05 02:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/12/26 22:21:28 | 000,273,912 | ---- | M] () [Auto | Running] -- C:\Program Files\InstallBrainService\InstallBrainService.exe -- (InstallBrainService)
SRV - [2011/10/18 16:59:54 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/09/20 10:15:26 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.229\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/10 11:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/09/14 04:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 04:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2011/11/20 13:33:34 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/03/30 11:51:44 | 000,034,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2011/03/30 11:51:42 | 000,040,648 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/09/14 04:46:26 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2010/09/14 04:46:22 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2010/09/14 04:46:20 | 000,209,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2010/09/14 04:46:14 | 000,581,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2009/09/05 11:23:34 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/06/19 20:31:34 | 000,456,384 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005/05/20 14:01:32 | 000,025,600 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2005/05/20 14:01:26 | 000,068,352 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMOUKE.sys -- (LMouKE)
DRV - [2005/05/20 14:00:48 | 000,054,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou)
DRV - [2005/05/20 14:00:36 | 000,013,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.SYS -- (L8042Kbd)
DRV - [2004/09/17 13:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/05/27 09:50:50 | 000,201,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - [2004/05/27 09:47:16 | 000,019,968 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2003/11/17 20:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 20:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 20:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...q={searchTerms}
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.facebook.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 52061
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\HELEN\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/24 16:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/12/24 18:23:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2011/12/26 22:21:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/11 17:27:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/24 16:38:51 | 000,000,000 | ---D | M]

[2008/08/27 13:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Extensions
[2011/12/24 18:22:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions
[2010/07/20 19:15:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/01/31 19:14:02 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2011/12/24 18:22:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/28 17:33:21 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}
[2009/04/07 18:01:50 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2010/05/05 17:29:31 | 000,000,000 | ---D | M] (Veoh Video Compass) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\[email protected]
[2009/11/05 19:36:40 | 000,002,171 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\searchplugins\bing.xml
[2011/11/12 16:32:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/12 16:32:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2008/11/18 15:15:06 | 000,106,128 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npstrlnk.dll
[2008/07/19 18:36:01 | 000,159,744 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2011/09/30 18:53:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/16 19:23:54 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011/11/12 16:32:30 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/11/27 19:02:22 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111215183901.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.229\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DriveConfiguration = [Binary data over 100 bytes]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\nwprovau.dll File not found
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://messenger.zon...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.209.36 97.64.168.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86F6CAAC-6FC7-4715-80C2-071C21097587}: DhcpNameServer = 97.64.209.36 97.64.168.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E39B74E-EE5B-4123-AD6E-B9800506D5C3}: DhcpNameServer = 192.168.2.1 97.64.209.36 97.64.168.13
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/26 22:23:56 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
[2011/12/26 22:23:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Application Data\PerformerSoft
[2011/12/26 22:23:03 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2011/12/26 22:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/12/26 22:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\InstallBrainService
[2011/12/26 22:18:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HELEN\Recent
[2011/12/26 21:32:07 | 009,851,496 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup.exe
[2011/12/26 21:29:05 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HELEN\Desktop\1234.com.exe
[2011/12/25 20:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/12/24 19:56:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/12/24 18:22:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2011/12/24 18:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/24 18:21:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/24 18:20:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus
[2011/12/24 18:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011/12/24 18:20:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/12/24 18:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Search Protection
[2011/12/24 18:20:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2011/12/24 18:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Start Menu\Programs\BrowserPlus
[2011/12/24 18:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Local Settings\Application Data\Yahoo!
[2011/12/24 18:18:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood(2)
[2011/12/24 17:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Napster Shared
[2011/12/24 16:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/12/24 16:38:53 | 000,000,000 | -H-D | C] -- C:\Program Files\Creative Installation Information
[2011/12/24 16:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative
[2011/12/24 16:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/12/17 16:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\McAfee
[2011/12/16 19:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(5)
[2011/12/16 19:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion(2)
[2011/12/16 12:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(4)
[2011/12/16 09:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Online Backup(2)
[2011/12/16 09:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Online Backup(2)
[2011/12/16 09:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee(3).com
[2011/12/16 08:53:37 | 000,000,000 | ---D | C] -- C:\20111216085337-378490387
[2011/12/16 08:53:05 | 000,000,000 | ---D | C] -- C:\Archive
[2011/12/15 22:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(3)
[2011/12/15 18:38:57 | 000,009,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2011/12/15 18:37:23 | 000,150,856 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe
[2011/12/15 18:37:08 | 000,089,792 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2011/12/15 18:37:06 | 000,087,656 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2011/12/15 18:37:06 | 000,083,856 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2011/12/15 18:37:05 | 000,464,176 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2011/12/15 18:37:04 | 000,338,176 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2011/12/15 18:37:02 | 000,180,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2011/12/15 18:37:02 | 000,059,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2011/12/15 18:37:01 | 000,121,256 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys
[2011/12/15 18:37:00 | 000,057,600 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2011/12/14 19:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2011/12/14 19:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2011/12/11 20:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Application Data\ElevatedDiagnostics
[2011/12/11 20:10:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/11/27 18:12:43 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HELEN\Desktop\Tdsskiller.exe
[2003/12/09 13:16:52 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\comintfs.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/26 22:24:10 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/26 22:24:10 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1912649743-2128827580-1748673051-1006.job
[2011/12/26 22:24:10 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1912649743-2128827580-1748673051-1006.job
[2011/12/26 22:23:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
[2011/12/26 22:23:29 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
[2011/12/26 22:22:54 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2011/12/26 22:21:28 | 000,273,912 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\PCPerformer_GN.exe
[2011/12/26 22:16:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/26 22:16:12 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/26 21:33:41 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/12/26 21:33:41 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/26 21:32:52 | 009,851,496 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup.exe
[2011/12/26 21:29:15 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HELEN\Desktop\1234.com.exe
[2011/12/26 21:28:34 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HELEN\Desktop\Tdsskiller.exe
[2011/12/26 21:24:31 | 001,008,141 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\iExplore.exe
[2011/12/26 21:19:59 | 000,001,205 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\FixNCR.reg
[2011/12/26 21:18:45 | 000,011,384 | -HS- | M] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\dd36rm417bn1dh83kl0kjq27l5kl3207o3jv40n0318j3
[2011/12/26 21:18:45 | 000,011,384 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\dd36rm417bn1dh83kl0kjq27l5kl3207o3jv40n0318j3
[2011/12/25 20:42:31 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/12/24 19:56:42 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/24 19:56:42 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/24 18:30:06 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/12/24 18:25:51 | 000,260,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/24 15:11:42 | 000,468,524 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/24 15:11:42 | 000,083,400 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/24 15:07:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/15 22:12:18 | 000,015,128 | -HS- | M] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\55e6e430f8vdv6s64q6nq
[2011/12/15 22:12:18 | 000,015,128 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\55e6e430f8vdv6s64q6nq
[2011/12/12 06:13:42 | 000,001,807 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/12/12 06:13:42 | 000,001,801 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/12/11 20:14:38 | 000,983,040 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit50777.msi
[2011/12/11 17:47:43 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/12/09 19:46:50 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_runescape_preferences2.dat
[2011/12/09 19:45:05 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_runescape_preferences.dat
[2011/12/09 19:45:03 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_cl_runescape_LIVE.dat
[2011/12/02 18:04:22 | 000,017,464 | ---- | M] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2011/12/02 17:45:41 | 000,012,306 | -HS- | M] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\7a87b43w6j3k431082gc372r53u4r48p28gym
[2011/12/02 17:45:41 | 000,012,306 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\7a87b43w6j3k431082gc372r53u4r48p28gym
[2011/11/27 19:02:22 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/11/27 18:16:19 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\rk-proxy.reg
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,011,168 | -H-- | C] () -- C:\WINDOWS\System32\nazojabo
[2011/12/26 22:23:28 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
[2011/12/26 22:21:26 | 000,273,912 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\PCPerformer_GN.exe
[2011/12/26 22:16:12 | 1071,697,920 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/26 21:33:41 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/12/26 21:33:41 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/26 21:19:59 | 000,001,205 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\FixNCR.reg
[2011/12/26 21:11:16 | 000,011,384 | -HS- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\dd36rm417bn1dh83kl0kjq27l5kl3207o3jv40n0318j3
[2011/12/26 21:11:16 | 000,011,384 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\dd36rm417bn1dh83kl0kjq27l5kl3207o3jv40n0318j3
[2011/12/24 19:56:42 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/24 19:56:42 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/24 18:31:31 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2011/12/24 18:30:06 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/12/15 22:05:40 | 000,015,128 | -HS- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\55e6e430f8vdv6s64q6nq
[2011/12/15 22:05:40 | 000,015,128 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\55e6e430f8vdv6s64q6nq
[2011/12/11 20:14:36 | 000,983,040 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit50777.msi
[2011/12/09 19:45:03 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\HELEN\jagex_cl_runescape_LIVE.dat
[2011/12/08 20:31:36 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/03 13:48:56 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/12/02 17:29:47 | 000,012,306 | -HS- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\7a87b43w6j3k431082gc372r53u4r48p28gym
[2011/12/02 17:29:47 | 000,012,306 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\7a87b43w6j3k431082gc372r53u4r48p28gym
[2011/11/12 15:32:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/28 17:36:52 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\cb71c138
[2011/09/28 17:33:01 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\2bac3ec7
[2010/07/11 13:00:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/04/28 14:16:45 | 000,260,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/11 11:50:51 | 000,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/11 11:50:51 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/10/11 11:50:51 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/10/11 11:50:51 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/30 16:51:58 | 000,577,568 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/02/19 20:18:18 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/12/30 18:48:51 | 000,005,943 | ---- | C] () -- C:\WINDOWS\System32\ipxskgnb.dll
[2008/12/30 18:42:48 | 000,005,944 | ---- | C] () -- C:\WINDOWS\System32\sjjvtjaq.dll
[2008/12/30 10:00:21 | 000,005,944 | ---- | C] () -- C:\WINDOWS\System32\gkbtoqtp.dll
[2008/12/30 09:54:21 | 000,005,943 | ---- | C] () -- C:\WINDOWS\System32\plqynkqt.dll
[2008/12/06 11:23:35 | 000,476,752 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
[2008/11/02 18:29:25 | 000,000,086 | ---- | C] () -- C:\WINDOWS\epro.ini
[2008/08/28 22:27:39 | 000,030,976 | ---- | C] () -- C:\WINDOWS\rascntrl.dll
[2008/08/28 22:27:39 | 000,023,104 | ---- | C] () -- C:\WINDOWS\System32\svcprmpt.dll
[2008/03/10 19:05:32 | 000,000,023 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2008/03/10 19:05:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2008/02/04 20:19:55 | 000,000,184 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/02/03 23:04:11 | 000,000,022 | ---- | C] () -- C:\WINDOWS\msnmsgr.exe.ini
[2007/12/16 18:47:18 | 000,000,715 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2007/12/12 22:45:07 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/11/25 19:30:15 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/11/22 16:37:58 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\sdfixwcs.dll
[2007/06/30 22:02:54 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/05/01 21:03:50 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
[2006/11/11 22:25:09 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\fusioncache.dat
[2006/11/05 13:59:45 | 000,003,184 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/11/05 10:18:17 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/10/26 23:13:51 | 000,011,520 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\wklnhst.dat
[2006/10/20 01:10:20 | 000,000,168 | RHS- | C] () -- C:\WINDOWS\System32\1564C9D959.sys
[2006/10/20 01:10:19 | 000,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/10/18 19:28:19 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2006/10/18 19:28:11 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVUSBSta.sys
[2006/10/18 19:28:11 | 000,005,993 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/10/18 19:28:10 | 000,201,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\LV302AV.SYS
[2006/10/18 19:27:48 | 000,000,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2006/10/18 19:27:31 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
[2006/10/18 19:00:43 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/10/17 05:57:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/17 05:50:01 | 000,000,283 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/10/17 05:48:20 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/17 05:43:58 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/10/17 05:42:07 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/10/17 05:39:05 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/17 05:14:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/10/17 05:14:28 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/10/17 05:14:24 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 07:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/14 12:51:16 | 000,007,990 | ---- | C] () -- C:\WINDOWS\System32\drwatson.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,468,524 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,083,400 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2010/11/29 18:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2008/11/03 20:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc
[2009/04/14 16:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2009/04/14 16:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2008/11/01 18:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2008/07/02 21:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2008/11/03 20:05:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Launcher
[2009/02/19 20:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/07/26 18:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2008/10/02 21:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2008/02/20 23:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/02/11 18:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2008/09/01 00:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/02/16 17:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/10/11 11:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/08/12 23:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2011/12/24 18:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2007/11/07 21:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/03/28 17:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/08/28 13:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ULOPRYVFYG
[2007/02/08 21:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/09/17 15:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2007/03/28 15:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2011/11/20 23:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\5C243
[2011/11/05 16:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\7D520
[2008/12/24 20:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\7Wonders
[2011/11/20 13:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\ArllONNtxPuc
[2008/08/28 13:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\AweSEM
[2011/12/11 20:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\ElevatedDiagnostics
[2008/02/21 21:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Eyeblaster
[2006/10/18 19:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\FotoWire
[2008/09/03 01:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\funkitron
[2009/03/31 17:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\GameHouse
[2009/09/16 15:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\GetRightToGo
[2008/06/22 18:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Hasbro
[2007/11/22 16:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\IDS_COMPANY
[2008/06/22 19:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\iWin
[2008/06/22 18:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\iWinArcade
[2011/11/20 13:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\JTXXwjjUClIB
[2011/11/21 18:05:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\kGG44amH6sWKfE
[2007/02/11 19:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Leadertech
[2009/10/03 08:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\OpenOffice.org
[2010/06/20 17:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Opera
[2011/11/21 18:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\OvvDD2onF4am5sJ
[2011/11/21 18:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\PellIIBtzPN
[2011/12/26 22:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\PerformerSoft
[2009/02/16 17:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\PlayFirst
[2008/08/20 23:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Pogo Games
[2008/08/28 12:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\PogoChessBuddy
[2011/11/20 13:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\q88ffRL9h
[2011/11/20 13:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\rZqqjYYCkIVz
[2008/11/07 18:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\SecondLife
[2010/11/29 18:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\simppulltoolbar
[2011/12/19 18:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\SoftGrid Client
[2007/11/07 18:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Template
[2010/09/14 18:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\TP
[2011/11/21 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\ulllOBttzPycSiD
[2007/02/08 21:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Viewpoint

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5EC637CB
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:54CB420C
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BF079216
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:588B60C7
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1A6AFE3D
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C46995DA
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A12F2B3C
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DBFC5C5E
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BBE01348
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0C0B833D
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:86FB3865
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:34BCB6A9
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52067872
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:061FEEDF
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:32FA3B00
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6972373C
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1B0EE21A
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E65BB25A
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1044BAFC
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3E39C6A
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5782349A
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D09AEE3D
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4EFDF5FB
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:46AA8FE7
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3660B1DF
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:02C1CB6D
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BA33ABBC
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6122E243

< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

Do the following:
Start -> Run
type diskmgmt.msc
Click "OK"

Disk Management will open.

Click and hold the right side of the Disk Management Window and drag it to the right until you can see all the columns.

Take a screen Shot of the Disk Management Window and attach the screen shot to your reply.
http://graphicssoft....nscreenshot.htm Save the file as a .jpg or the forum won't allow it.

Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:OTL
[2011/12/26 21:11:16 | 000,011,384 | -HS- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\dd36rm417bn1dh83kl0kjq27l5kl3207o3jv40n0318j3
[2011/12/26 21:11:16 | 000,011,384 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\dd36rm417bn1dh83kl0kjq27l5kl3207o3jv40n0318j3
[2011/12/15 22:05:40 | 000,015,128 | -HS- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\55e6e430f8vdv6s64q6nq
[2011/12/15 22:05:40 | 000,015,128 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\55e6e430f8vdv6s64q6nq
[2011/12/02 17:29:47 | 000,012,306 | -HS- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\7a87b43w6j3k431082gc372r53u4r48p28gym
[2011/12/02 17:29:47 | 000,012,306 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\7a87b43w6j3k431082gc372r53u4r48p28gym
[2011/09/28 17:36:52 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\cb71c138
[2011/09/28 17:33:01 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\2bac3ec7
[2008/12/30 18:48:51 | 000,005,943 | ---- | C] () -- C:\WINDOWS\System32\ipxskgnb.dll
[2008/12/30 18:42:48 | 000,005,944 | ---- | C] () -- C:\WINDOWS\System32\sjjvtjaq.dll
[2008/12/30 10:00:21 | 000,005,944 | ---- | C] () -- C:\WINDOWS\System32\gkbtoqtp.dll
[2008/12/30 09:54:21 | 000,005,943 | ---- | C] () -- C:\WINDOWS\System32\plqynkqt.dll

:files
C:\Documents and Settings\Ryan LaShomb\Local Settings\Application Data\*.exe
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinSock2\Parameters %userprofile%\Desktop\windsock2.reg /c

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
     
:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Ron
  • 0

#3
JustinLeeA25

JustinLeeA25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Thanks for your quick reply. I am going to respond in a different post with each of the logs, but I've gone ahead and attached the disk management screenshot to this one. Thanks again and any further help and information is greatly appreciated.

Combo Fix:

ComboFix 11-12-28.03 - HELEN 12/28/2011 16:01:30.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.693 [GMT -6:00]
Running from: c:\documents and settings\HELEN\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
AV: Trend Micro Internet Security *Disabled/Outdated* {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
FW: Trend Micro Personal Firewall *Disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qn210x1a.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}
c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qn210x1a.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\chrome.manifest
c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qn210x1a.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\chrome\xulcache.jar
c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qn210x1a.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\defaults\preferences\xulcache.js
c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qn210x1a.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\install.rdf
c:\documents and settings\All Users\Application Data\pswi_preloaded.exe
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\DFC5A2B2.TMP
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\k1xglbf6.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\k1xglbf6.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\chrome.manifest
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\k1xglbf6.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\chrome\xulcache.jar
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\k1xglbf6.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\defaults\preferences\xulcache.js
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\k1xglbf6.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\install.rdf
c:\documents and settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}
c:\documents and settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\chrome.manifest
c:\documents and settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\chrome\xulcache.jar
c:\documents and settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\defaults\preferences\xulcache.js
c:\documents and settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{8ec8afa5-15af-42c4-a3af-c327c73006df}\install.rdf
c:\documents and settings\HELEN\My Documents\Downloads\PowerPointViewer.exe
c:\program files\LP
c:\program files\LP\51B7\1.tmp
c:\program files\LP\51B7\10.tmp
c:\program files\LP\51B7\11.tmp
c:\program files\LP\51B7\12.tmp
c:\program files\LP\51B7\13.tmp
c:\program files\LP\51B7\14.tmp
c:\program files\LP\51B7\15.tmp
c:\program files\LP\51B7\16.tmp
c:\program files\LP\51B7\17.tmp
c:\program files\LP\51B7\18.tmp
c:\program files\LP\51B7\19.tmp
c:\program files\LP\51B7\1A.tmp
c:\program files\LP\51B7\1B.tmp
c:\program files\LP\51B7\1C.tmp
c:\program files\LP\51B7\1D.tmp
c:\program files\LP\51B7\1E.tmp
c:\program files\LP\51B7\1F.tmp
c:\program files\LP\51B7\2.tmp
c:\program files\LP\51B7\20.tmp
c:\program files\LP\51B7\21.tmp
c:\program files\LP\51B7\22.tmp
c:\program files\LP\51B7\24.tmp
c:\program files\LP\51B7\3.tmp
c:\program files\LP\51B7\3A.tmp
c:\program files\LP\51B7\4.tmp
c:\program files\LP\51B7\5.tmp
c:\program files\LP\51B7\53.tmp
c:\program files\LP\51B7\6.tmp
c:\program files\LP\51B7\6A.tmp
c:\program files\LP\51B7\7.tmp
c:\program files\LP\51B7\8.tmp
c:\program files\LP\51B7\83.tmp
c:\program files\LP\51B7\9.tmp
c:\program files\LP\51B7\A.tmp
c:\program files\LP\51B7\B.tmp
c:\program files\LP\51B7\C.tmp
c:\program files\LP\51B7\D.tmp
c:\program files\LP\51B7\E.tmp
c:\program files\LP\51B7\F.tmp
c:\program files\LP\D7C5\1.tmp
c:\program files\LP\D7C5\10.tmp
c:\program files\LP\D7C5\11.tmp
c:\program files\LP\D7C5\12.tmp
c:\program files\LP\D7C5\13.tmp
c:\program files\LP\D7C5\14.tmp
c:\program files\LP\D7C5\15.tmp
c:\program files\LP\D7C5\16.tmp
c:\program files\LP\D7C5\17.tmp
c:\program files\LP\D7C5\18.tmp
c:\program files\LP\D7C5\19.tmp
c:\program files\LP\D7C5\1A.tmp
c:\program files\LP\D7C5\1B.tmp
c:\program files\LP\D7C5\1C.tmp
c:\program files\LP\D7C5\1D.tmp
c:\program files\LP\D7C5\1DC.tmp
c:\program files\LP\D7C5\1DE.tmp
c:\program files\LP\D7C5\1DF.tmp
c:\program files\LP\D7C5\1E.tmp
c:\program files\LP\D7C5\1E7.tmp
c:\program files\LP\D7C5\1E8.tmp
c:\program files\LP\D7C5\1F.tmp
c:\program files\LP\D7C5\2.tmp
c:\program files\LP\D7C5\20.tmp
c:\program files\LP\D7C5\200.tmp
c:\program files\LP\D7C5\201.tmp
c:\program files\LP\D7C5\202.tmp
c:\program files\LP\D7C5\203.tmp
c:\program files\LP\D7C5\204.tmp
c:\program files\LP\D7C5\205.tmp
c:\program files\LP\D7C5\206.tmp
c:\program files\LP\D7C5\21.tmp
c:\program files\LP\D7C5\22.tmp
c:\program files\LP\D7C5\22A.tmp
c:\program files\LP\D7C5\22B.tmp
c:\program files\LP\D7C5\22C.tmp
c:\program files\LP\D7C5\23.tmp
c:\program files\LP\D7C5\24.tmp
c:\program files\LP\D7C5\25.tmp
c:\program files\LP\D7C5\2B.tmp
c:\program files\LP\D7C5\2C.tmp
c:\program files\LP\D7C5\2CA.tmp
c:\program files\LP\D7C5\2D.tmp
c:\program files\LP\D7C5\2E.tmp
c:\program files\LP\D7C5\2F.tmp
c:\program files\LP\D7C5\3.tmp
c:\program files\LP\D7C5\37.tmp
c:\program files\LP\D7C5\38.tmp
c:\program files\LP\D7C5\39.tmp
c:\program files\LP\D7C5\4.tmp
c:\program files\LP\D7C5\5.tmp
c:\program files\LP\D7C5\592.tmp
c:\program files\LP\D7C5\6.tmp
c:\program files\LP\D7C5\611.tmp
c:\program files\LP\D7C5\61D.tmp
c:\program files\LP\D7C5\7.tmp
c:\program files\LP\D7C5\8.tmp
c:\program files\LP\D7C5\8D.tmp
c:\program files\LP\D7C5\9.tmp
c:\program files\LP\D7C5\93.tmp
c:\program files\LP\D7C5\A.tmp
c:\program files\LP\D7C5\A5D.tmp
c:\program files\LP\D7C5\B.tmp
c:\program files\LP\D7C5\B76.tmp
c:\program files\LP\D7C5\C.tmp
c:\program files\LP\D7C5\C71.tmp
c:\program files\LP\D7C5\D.tmp
c:\program files\LP\D7C5\E.tmp
c:\program files\LP\D7C5\F.tmp
c:\program files\LP\D7C7\1DB.tmp
c:\program files\LP\D7C7\3E.tmp
c:\program files\LP\D7C7\3F.tmp
c:\program files\LP\D7C7\B0.tmp
c:\windows\$NtUninstallKB22455$
c:\windows\$NtUninstallKB22455$\1499368940
c:\windows\$NtUninstallKB22455$\73028589\@
c:\windows\$NtUninstallKB22455$\73028589\bckfg.tmp
c:\windows\$NtUninstallKB22455$\73028589\cfg.ini
c:\windows\$NtUninstallKB22455$\73028589\Desktop.ini
c:\windows\$NtUninstallKB22455$\73028589\kwrd.dll
c:\windows\$NtUninstallKB22455$\73028589\L\odetmngk
c:\windows\$NtUninstallKB22455$\73028589\U\[email protected]
c:\windows\$NtUninstallKB22455$\73028589\U\[email protected]
c:\windows\$NtUninstallKB22455$\73028589\U\[email protected]
c:\windows\$NtUninstallKB22455$\73028589\U\[email protected]
c:\windows\$NtUninstallKB22455$\73028589\U\[email protected]
c:\windows\$NtUninstallKB22455$\73028589\U\[email protected]
c:\windows\bwUnin-6.1.4.68-8876480L.exe
c:\windows\bwUnin-7.2.0.137-8876480SL.exe
c:\windows\bwUnin-8.1.1.50-8876480SL.exe
c:\windows\system32\CF24966.exe
c:\windows\system32\drivers\hosts
c:\windows\system32\Packet.dll
c:\windows\system32\service
c:\windows\system32\service\04012009_TIS17_SfFniAU.log
c:\windows\system32\service\29012009_TIS17_SfFniAU.log
c:\windows\system32\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-28 )))))))))))))))))))))))))))))))
.
.
2011-12-27 15:25 . 2011-11-10 11:54 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-12-27 15:25 . 2011-11-10 11:54 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-27 04:23 . 2011-12-27 04:30 -------- d-----w- c:\documents and settings\HELEN\Application Data\PerformerSoft
2011-12-27 04:23 . 2011-12-03 00:04 17464 ----a-w- c:\windows\system32\roboot.exe
2011-12-25 00:24 . 2011-12-25 00:24 -------- d-----w- c:\windows\system32\wbem\Repository
2011-12-25 00:21 . 2011-12-27 03:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-25 00:20 . 2011-12-25 00:20 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-12-25 00:20 . 2011-12-25 01:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2011-12-25 00:20 . 2011-12-25 00:20 -------- d-----w- c:\documents and settings\HELEN\Local Settings\Application Data\Yahoo!
2011-12-25 00:18 . 2011-12-25 00:18 -------- d-----w- c:\windows\LastGood(2)
2011-12-24 22:38 . 2011-12-24 22:38 -------- d--h--w- c:\program files\Creative Installation Information
2011-12-24 22:38 . 2011-12-24 22:38 -------- d-----w- c:\program files\Common Files\Creative
2011-12-24 21:11 . 2011-12-24 21:11 4796 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-12-17 22:30 . 2011-12-17 22:30 -------- d-----w- c:\documents and settings\NetworkService\Application Data\McAfee
2011-12-16 15:49 . 2011-12-25 00:19 -------- d-----w- c:\program files\McAfee Online Backup(2)
2011-12-16 15:47 . 2011-12-25 00:19 -------- d-----w- c:\program files\McAfee(3).com
2011-12-16 14:53 . 2011-12-16 14:55 -------- d-----w- C:\20111216085337-378490387
2011-12-16 14:53 . 2011-12-16 14:53 -------- d-----w- C:\Archive
2011-12-16 00:38 . 2011-10-15 19:16 9608 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-12-16 00:37 . 2011-10-18 20:32 150856 ----a-w- c:\windows\system32\mfevtps.exe
2011-12-16 00:37 . 2011-10-15 19:16 89792 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2011-12-16 00:37 . 2011-10-15 19:16 87656 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-12-16 00:37 . 2011-10-15 19:16 83856 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2011-12-16 00:37 . 2011-10-15 19:16 464176 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-12-16 00:37 . 2011-10-15 19:16 338176 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-12-16 00:37 . 2011-10-15 19:16 59456 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-12-16 00:37 . 2011-10-15 19:16 180816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-12-16 00:37 . 2011-10-15 19:16 121256 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-12-16 00:37 . 2011-10-15 19:16 57600 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-12-15 01:20 . 2011-12-25 00:23 -------- d-----w- c:\program files\Common Files\McAfee
2011-12-15 01:20 . 2011-12-25 00:41 -------- d-----w- c:\program files\McAfee.com
2011-12-12 02:11 . 2011-12-12 02:11 -------- d-----w- c:\documents and settings\HELEN\Application Data\ElevatedDiagnostics
2011-12-11 23:39 . 2011-12-11 23:39 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-12-11 23:38 . 2011-12-11 23:38 150696 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-12-11 23:38 . 2011-12-11 23:38 108544 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-28 00:59 . 2011-06-26 06:53 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-06 23:22 . 2011-09-16 00:26 28760 ----a-w- C:\ScriptFF.dll
2011-12-02 23:40 . 2004-08-10 17:51 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2011-11-23 13:25 . 2004-08-10 17:51 1859584 ----a-w- c:\windows\system32\win32k(2)(2).sys
2011-11-20 19:33 . 2011-11-20 19:33 50704 ----a-w- c:\windows\system32\drivers\npf.sys
2011-11-10 09:27 . 2009-04-07 23:01 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-01 16:07 . 2004-08-10 17:51 1288704 ----a-w- c:\windows\system32\ole32(3)(3).dll
2011-10-28 05:31 . 2004-08-10 17:50 33280 ----a-w- c:\windows\system32\csrsrv(2)(2).dll
2011-11-12 22:32 . 2011-09-19 22:29 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-04-14 19:01 . 2010-05-18 23:46 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
((((((((((((((((((((((((((((( [email protected]_18.00.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-14 01:17 . 2011-05-14 01:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
+ 2011-01-11 04:03 . 2011-01-11 04:03 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_189d6662\vcomp.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80KOR.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80JPN.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ITA.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80FRA.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ESP.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ENU.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80DEU.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHT.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHS.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2011-05-14 06:06 . 2011-05-14 06:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-14 06:23 . 2011-05-14 06:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
+ 2011-01-11 09:05 . 2011-01-11 09:05 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80u.dll
+ 2011-01-11 09:23 . 2011-01-11 09:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2011-05-13 23:37 . 2011-05-13 23:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2011-01-11 02:21 . 2011-01-11 02:21 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_7837863c\ATL80.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2011-12-28 22:21 . 2011-12-28 22:21 16384 c:\windows\temp\Perflib_Perfdata_f8.dat
+ 2005-05-26 09:16 . 2009-08-07 01:24 44768 c:\windows\system32\wups2.dll
+ 2004-08-10 18:02 . 2009-08-07 01:24 35552 c:\windows\system32\wups.dll
+ 2004-08-10 18:02 . 2009-08-07 01:24 53472 c:\windows\system32\wuauclt.exe
+ 2011-12-12 02:10 . 2007-11-01 04:48 20992 c:\windows\system32\windowspowershell\v1.0\pwrshsip.dll
+ 2007-01-29 08:58 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
- 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2004-08-10 17:51 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 75776 c:\windows\system32\strmfilt.dll
+ 2004-08-10 17:51 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2009-11-13 00:02 . 2009-09-05 17:23 47416 c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
+ 2010-09-15 00:23 . 2010-03-30 01:26 54656 c:\windows\system32\spool\drivers\w32x86\SendToOneNoteUI.dll
+ 2010-09-15 00:23 . 2010-03-30 01:26 94088 c:\windows\system32\spool\drivers\w32x86\SendToOneNoteFilter.dll
+ 2009-11-13 00:02 . 2009-09-05 17:23 52536 c:\windows\system32\spool\drivers\w32x86\LMIprinterui.dll
+ 2009-11-13 00:02 . 2009-09-05 17:23 52536 c:\windows\system32\spool\drivers\w32x86\LMIprinterdat.dll
+ 2009-11-13 00:02 . 2009-09-05 17:23 40248 c:\windows\system32\spool\drivers\w32x86\LMIprinter.dll
+ 2010-09-15 00:23 . 2010-03-30 01:26 54656 c:\windows\system32\spool\drivers\w32x86\3\SendToOneNoteUI.dll
+ 2010-09-15 00:23 . 2010-03-30 01:26 94088 c:\windows\system32\spool\drivers\w32x86\3\SendToOneNoteFilter.dll
+ 2009-11-13 00:02 . 2009-09-05 17:23 52536 c:\windows\system32\spool\drivers\w32x86\3\LMIprinterui.dll
+ 2009-11-13 00:02 . 2009-09-05 17:23 52536 c:\windows\system32\spool\drivers\w32x86\3\LMIprinterdat.dll
+ 2009-11-13 00:02 . 2009-09-05 17:23 40248 c:\windows\system32\spool\drivers\w32x86\3\LMIprinter.dll
+ 2007-04-19 02:04 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
+ 2009-11-03 21:24 . 2009-08-07 01:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-11-03 21:24 . 2009-08-07 01:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2004-08-10 17:51 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 79872 c:\windows\system32\raschap.dll
+ 2007-07-26 20:22 . 2010-08-12 04:07 68592 c:\windows\system32\pxinsa64.exe
+ 2008-03-04 00:01 . 2010-08-12 04:07 72176 c:\windows\system32\pxhpinst.exe
+ 2010-03-31 05:16 . 2010-03-31 05:16 99176 c:\windows\system32\PresentationHostProxy.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-10 17:51 . 2011-12-24 21:11 83400 c:\windows\system32\perfc009.dat
+ 2009-11-07 06:07 . 2009-11-07 06:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2004-08-04 05:56 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2004-08-10 17:51 . 2009-11-27 16:07 28672 c:\windows\system32\msvidc32.dll
+ 2004-08-10 17:51 . 2009-11-27 16:07 11264 c:\windows\system32\msrle32.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 11264 c:\windows\system32\msrle32.dll
+ 2007-08-14 00:54 . 2011-08-17 21:32 52224 c:\windows\system32\msfeedsbs.dll
- 2007-08-14 00:54 . 2009-06-29 16:12 52224 c:\windows\system32\msfeedsbs.dll
+ 2004-08-10 17:51 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll
+ 2009-11-13 00:02 . 2009-09-05 17:23 83288 c:\windows\system32\LMIRfsClientNP.dll
+ 2009-11-13 00:02 . 2009-09-05 17:23 28984 c:\windows\system32\LMIport.dll
+ 2008-08-11 18:40 . 2008-08-11 18:40 11552 c:\windows\system32\lmimirr2.dll
+ 2008-08-11 18:40 . 2008-08-11 18:40 25248 c:\windows\system32\lmimirr.dll
+ 2009-11-13 00:02 . 2009-09-05 17:23 87352 c:\windows\system32\LMIinit.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 27648 c:\windows\system32\jsproxy.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-04 05:56 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll
- 2007-08-14 00:39 . 2009-06-29 11:07 13824 c:\windows\system32\ieudinit.exe
+ 2007-08-14 00:39 . 2011-08-17 12:21 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-10 17:51 . 2011-08-17 21:32 44544 c:\windows\system32\iernonce.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 44544 c:\windows\system32\iernonce.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 78336 c:\windows\system32\ieencode.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 78336 c:\windows\system32\ieencode.dll
- 2004-08-10 17:51 . 2009-06-29 11:07 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-10 17:51 . 2011-08-17 12:21 70656 c:\windows\system32\ie4uinit.exe
- 2004-08-10 17:51 . 2008-04-14 00:11 80384 c:\windows\system32\iccvid.dll
+ 2004-08-10 17:51 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
- 2007-08-14 00:36 . 2009-06-29 16:12 63488 c:\windows\system32\icardie.dll
+ 2007-08-14 00:36 . 2011-08-17 21:32 63488 c:\windows\system32\icardie.dll
+ 2004-08-10 17:51 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll
+ 2004-08-10 17:51 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
- 2004-08-10 17:51 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll
+ 2009-12-03 03:23 . 2010-09-14 10:46 18280 c:\windows\system32\drivers\Sftvolxp.sys
+ 2009-12-03 03:23 . 2010-09-14 10:46 20584 c:\windows\system32\drivers\Sftredirxp.sys
+ 2007-07-26 09:00 . 2010-08-12 04:07 45648 c:\windows\system32\drivers\pxhelp20.sys
+ 2004-08-10 17:51 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
+ 2004-08-10 17:51 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
+ 2011-11-24 14:03 . 2011-03-30 17:51 40648 c:\windows\system32\drivers\mfesmfk.sys
+ 2011-11-24 13:54 . 2011-03-30 17:51 34376 c:\windows\system32\drivers\mferkdk.sys
+ 2011-11-22 00:52 . 2011-08-31 23:00 22216 c:\windows\system32\drivers\mbam.sys
+ 2009-11-13 00:02 . 2008-08-11 18:41 47640 c:\windows\system32\drivers\LMIRfsDriver.sys
+ 2008-08-11 18:40 . 2008-08-11 18:40 10144 c:\windows\system32\drivers\lmimirr.sys
+ 2011-06-02 17:53 . 2011-06-02 17:53 94208 c:\windows\system32\dpl100.dll
- 2004-08-10 17:50 . 2008-04-14 00:11 45568 c:\windows\system32\dnsrslvr.dll
+ 2004-08-10 17:50 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
+ 2004-08-04 05:56 . 2008-04-14 00:12 52736 c:\windows\system32\dllcache\wzcsapi.dll
+ 2004-08-10 18:02 . 2009-08-07 01:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2004-08-10 18:02 . 2009-08-07 01:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 18432 c:\windows\system32\dllcache\wtsapi32.dll
+ 2006-10-19 01:33 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 22528 c:\windows\system32\dllcache\wsock32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 19456 c:\windows\system32\dllcache\wshtcpip.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
+ 2004-08-10 17:51 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 19968 c:\windows\system32\dllcache\ws2help.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\ws2_32.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 95232 c:\windows\system32\dllcache\wmiutils.dll
+ 2004-08-10 18:01 . 2004-08-04 10:00 45568 c:\windows\system32\dllcache\wmi2xml.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 53760 c:\windows\system32\dllcache\winsta.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\winshfhc.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 16896 c:\windows\system32\dllcache\winrnr.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 32256 c:\windows\system32\dllcache\winipsec.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 75776 c:\windows\system32\dllcache\wiascr.dll
+ 2004-08-04 05:56 . 2008-04-14 00:12 23552 c:\windows\system32\dllcache\wdmaud.drv
+ 2004-08-10 18:01 . 2008-04-14 00:12 43520 c:\windows\system32\dllcache\wbemsvc.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\wbemprox.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 43008 c:\windows\system32\dllcache\wbemperf.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 71680 c:\windows\system32\dllcache\wbemcons.dll
+ 2009-04-04 16:48 . 2008-04-13 16:34 25471 c:\windows\system32\dllcache\watv10nt.sys
+ 2009-04-04 16:48 . 2008-04-13 16:34 22271 c:\windows\system32\dllcache\watv06nt.sys
+ 2009-04-04 16:48 . 2008-04-13 16:34 11935 c:\windows\system32\dllcache\wadv11nt.sys
+ 2009-04-04 16:48 . 2008-04-13 16:34 11871 c:\windows\system32\dllcache\wadv09nt.sys
+ 2009-04-04 16:48 . 2008-04-13 16:34 11295 c:\windows\system32\dllcache\wadv08nt.sys
+ 2009-04-04 16:48 . 2008-04-13 16:34 11807 c:\windows\system32\dllcache\wadv07nt.sys
+ 2009-04-04 16:48 . 2008-04-13 18:43 14208 c:\windows\system32\dllcache\wacompen.sys
+ 2004-08-10 18:02 . 2008-04-14 00:12 32768 c:\windows\system32\dllcache\wabfind.dll
+ 2004-08-10 18:02 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
+ 2004-08-10 17:51 . 2008-04-13 18:41 52352 c:\windows\system32\dllcache\volsnap.sys
+ 2004-08-10 18:24 . 2008-04-13 18:36 42240 c:\windows\system32\dllcache\viaagp.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\version.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\vdmdbg.dll
+ 2009-04-04 16:48 . 2008-04-14 00:12 11325 c:\windows\system32\dllcache\vchnt5.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\userinit.exe
+ 2008-06-08 04:59 . 2008-04-13 18:45 26368 c:\windows\system32\dllcache\usbstor.sys
+ 2008-11-09 21:21 . 2008-04-13 18:47 25856 c:\windows\system32\dllcache\usbprint.sys
+ 2004-08-04 04:08 . 2008-04-13 18:45 15872 c:\windows\system32\dllcache\usbintel.sys
+ 2001-08-17 19:03 . 2008-04-13 18:45 25728 c:\windows\system32\dllcache\usbcamd2.sys
+ 2001-08-17 19:03 . 2008-04-13 18:45 25600 c:\windows\system32\dllcache\usbcamd.sys
+ 2008-12-17 23:26 . 2008-04-13 18:45 60032 c:\windows\system32\dllcache\usbaudio.sys
+ 2009-04-04 16:48 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023x.sys
+ 2004-08-10 17:51 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 18432 c:\windows\system32\dllcache\ups.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\uniplat.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 74240 c:\windows\system32\dllcache\unimdmat.dll
+ 2004-08-10 17:51 . 2004-08-04 10:00 13312 c:\windows\system32\dllcache\umdmxfrm.dll
+ 2004-08-10 17:51 . 2008-04-13 18:32 66048 c:\windows\system32\dllcache\udfs.sys
+ 2009-04-04 16:48 . 2008-04-13 18:36 44672 c:\windows\system32\dllcache\uagp35.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\twext.dll
+ 2004-08-04 04:03 . 2008-04-13 18:56 12288 c:\windows\system32\dllcache\tunmp.sys
+ 2004-08-10 18:01 . 2008-04-14 00:13 21896 c:\windows\system32\dllcache\tdtcp.sys
+ 2004-08-10 18:01 . 2008-04-14 00:13 12040 c:\windows\system32\dllcache\tdpipe.sys
+ 2004-08-10 17:51 . 2008-04-13 18:40 14976 c:\windows\system32\dllcache\tape.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\svchost.exe
+ 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2006-10-19 01:33 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 68096 c:\windows\system32\dllcache\sti.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\ssstars.scr
+ 2004-08-10 17:51 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\ssmyst.scr
+ 2004-08-10 17:51 . 2008-04-14 00:12 47104 c:\windows\system32\dllcache\ssmypics.scr
+ 2004-08-10 17:51 . 2008-04-14 00:12 20992 c:\windows\system32\dllcache\ssmarque.scr
+ 2004-08-10 17:51 . 2008-04-14 00:12 34816 c:\windows\system32\dllcache\ssdpapi.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 19968 c:\windows\system32\dllcache\ssbezier.scr
+ 2004-08-10 18:02 . 2008-04-13 18:36 73472 c:\windows\system32\dllcache\sr.sys
+ 2004-08-10 17:51 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2004-08-04 04:09 . 2008-04-13 18:46 25344 c:\windows\system32\dllcache\sonydcam.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 50688 c:\windows\system32\dllcache\smss.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 89600 c:\windows\system32\dllcache\smlogsvc.exe
+ 2009-04-04 16:47 . 2004-08-04 03:41 13240 c:\windows\system32\dllcache\slwdmsup.sys
+ 2009-04-04 16:47 . 2004-08-04 03:41 95424 c:\windows\system32\dllcache\slnthal.sys
+ 2006-10-19 01:33 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\slayerxp.dll
+ 2004-08-10 18:22 . 2008-04-13 18:36 40960 c:\windows\system32\dllcache\sisagp.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 27648 c:\windows\system32\dllcache\shscrap.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 45056 c:\windows\system32\dllcache\shmgrate.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 65024 c:\windows\system32\dllcache\shimeng.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 68096 c:\windows\system32\dllcache\shgina.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\shfolder.dll
+ 2004-08-04 03:59 . 2008-04-13 18:40 11008 c:\windows\system32\dllcache\sffp_sd.sys
+ 2004-08-04 03:59 . 2008-04-13 18:40 11904 c:\windows\system32\dllcache\sffdisk.sys
+ 2004-08-10 18:02 . 2008-04-14 00:12 73216 c:\windows\system32\dllcache\setup50.exe
+ 2004-08-10 17:51 . 2004-08-04 10:00 14848 c:\windows\system32\dllcache\serwvdrv.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 39424 c:\windows\system32\dllcache\sens.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 54784 c:\windows\system32\dllcache\sendmail.dll
+ 2004-08-10 17:51 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
- 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-04 04:07 . 2008-04-13 18:36 79232 c:\windows\system32\dllcache\sdbus.sys
+ 2004-08-04 03:59 . 2008-04-13 18:40 96384 c:\windows\system32\dllcache\scsiport.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\sclgntfy.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 95744 c:\windows\system32\dllcache\scardsvr.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 64000 c:\windows\system32\dllcache\samlib.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\rundll32.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 44032 c:\windows\system32\dllcache\rtutils.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 92672 c:\windows\system32\dllcache\rsvpsp.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 39936 c:\windows\system32\dllcache\rshx32.dll
+ 2009-04-04 16:47 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismpx.sys
+ 2004-08-10 17:51 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismp.sys
+ 2009-04-04 16:47 . 2008-04-13 18:46 59136 c:\windows\system32\dllcache\rfcomm.sys
+ 2004-08-10 18:01 . 2008-04-14 00:12 60416 c:\windows\system32\dllcache\remotepg.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 11776 c:\windows\system32\dllcache\regsvr32.exe
+ 2009-04-04 16:47 . 2004-08-04 03:41 13776 c:\windows\system32\dllcache\recagent.sys
+ 2004-08-10 18:01 . 2008-04-14 00:12 62976 c:\windows\system32\dllcache\rdpclip.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 58368 c:\windows\system32\dllcache\rastapi.dll
+ 2009-04-04 16:47 . 2008-04-14 00:12 61952 c:\windows\system32\dllcache\rasqec.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 61440 c:\windows\system32\dllcache\rasman.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\rasauto.dll
+ 2009-04-04 16:46 . 2008-04-14 00:12 76800 c:\windows\system32\dllcache\qutil.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\qmgrprxy.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 23040 c:\windows\system32\dllcache\psapi.dll
+ 2004-08-04 03:59 . 2008-04-13 18:31 35840 c:\windows\system32\dllcache\processr.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\powrprof.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2006-10-17 11:34 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-10 17:51 . 2008-04-13 18:35 24064 c:\windows\system32\dllcache\pidgen.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 34816 c:\windows\system32\dllcache\perfproc.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\perfos.dll
+ 2004-08-04 03:59 . 2008-04-13 18:40 24960 c:\windows\system32\dllcache\pciidex.sys
+ 2004-08-04 04:07 . 2008-04-13 18:36 68224 c:\windows\system32\dllcache\pci.sys
+ 2004-08-10 17:51 . 2008-04-13 18:40 19712 c:\windows\system32\dllcache\partmgr.sys
+ 2004-08-04 03:59 . 2008-04-13 18:31 42752 c:\windows\system32\dllcache\p3.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 84992 c:\windows\system32\dllcache\olepro32.dll
+ 2004-08-10 17:51 . 2008-04-13 17:26 94208 c:\windows\system32\dllcache\odbcint.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\ocmsn.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 67584 c:\windows\system32\dllcache\ocmanage.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\ocgen.dll
+ 2004-08-10 17:51 . 2008-04-13 18:56 88320 c:\windows\system32\dllcache\nwlnkipx.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 62976 c:\windows\system32\dllcache\ntoc.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 44032 c:\windows\system32\dllcache\ntlanman.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 67072 c:\windows\system32\dllcache\ntdsapi.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 69120 c:\windows\system32\dllcache\notepad.exe
+ 2004-08-10 17:51 . 2008-04-13 18:53 40320 c:\windows\system32\dllcache\nmnt.sys
+ 2004-08-04 03:58 . 2008-04-13 18:51 61824 c:\windows\system32\dllcache\nic1394.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 80896 c:\windows\system32\dllcache\netui0.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 11776 c:\windows\system32\dllcache\netrap.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 77312 c:\windows\system32\dllcache\netoc.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 42496 c:\windows\system32\dllcache\net.exe
+ 2011-10-07 21:38 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
+ 2011-10-07 21:55 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
+ 2006-10-19 01:33 . 2008-04-13 18:46 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2004-08-10 18:01 . 2008-04-14 00:12 47104 c:\windows\system32\dllcache\ncprov.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 36352 c:\windows\system32\dllcache\ncobjapi.dll
+ 2006-10-19 01:33 . 2008-04-13 18:46 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 90624 c:\windows\system32\dllcache\mydocs.dll
+ 2009-04-04 16:46 . 2008-04-13 18:43 12672 c:\windows\system32\dllcache\mutohpen.sys
+ 2004-08-04 05:56 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2004-08-10 17:51 . 2004-08-04 10:00 44032 c:\windows\system32\dllcache\msxml3r.dll
+ 2004-08-10 17:51 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2004-08-10 17:51 . 2008-04-13 18:30 61440 c:\windows\system32\dllcache\msvcrt40.dll
+ 2004-08-04 04:07 . 2008-04-13 18:36 15488 c:\windows\system32\dllcache\mssmbios.sys
+ 2004-08-10 17:51 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 29696 c:\windows\system32\dllcache\mspatcha.dll
+ 2006-10-17 11:13 . 2008-04-14 00:11 15360 c:\windows\system32\dllcache\msisip.dll
+ 2006-10-17 11:13 . 2008-04-14 00:12 78848 c:\windows\system32\dllcache\msiexec.exe
+ 2004-08-10 17:51 . 2008-04-14 00:11 33792 c:\windows\system32\dllcache\msgsvc.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 15360 c:\windows\system32\dllcache\msgrocm.dll
+ 2007-11-29 02:48 . 2011-08-17 21:32 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-11-29 02:48 . 2009-06-29 16:12 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 90112 c:\windows\system32\dllcache\msdtcstp.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 14336 c:\windows\system32\dllcache\msdmo.dll
- 2008-06-24 16:43 . 2008-06-24 16:43 74240 c:\windows\system32\dllcache\mscms.dll
+ 2004-08-10 17:51 . 2008-06-24 16:43 74240 c:\windows\system32\dllcache\mscms.dll
+ 2004-08-10 17:51 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 86016 c:\windows\system32\dllcache\msapsspc.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 71680 c:\windows\system32\dllcache\msacm32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 53248 c:\windows\system32\dllcache\mprdim.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 87040 c:\windows\system32\dllcache\mprapi.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 59904 c:\windows\system32\dllcache\mpr.dll
+ 2004-08-10 17:51 . 2008-04-13 18:39 42368 c:\windows\system32\dllcache\mountmgr.sys
+ 2004-08-04 04:08 . 2008-04-13 19:00 30080 c:\windows\system32\dllcache\modem.sys
+ 2004-08-10 18:02 . 2008-04-14 00:12 32768 c:\windows\system32\dllcache\mnmsrvc.exe
+ 2004-08-10 17:51 . 2008-04-14 00:11 61440 c:\windows\system32\dllcache\mmcshext.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 18944 c:\windows\system32\dllcache\midimap.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 22528 c:\windows\system32\dllcache\mfcsubs.dll
+ 2004-08-04 04:07 . 2008-04-13 18:36 63744 c:\windows\system32\dllcache\mf.sys
+ 2004-08-10 17:51 . 2004-08-04 10:00 17408 c:\windows\system32\dllcache\mcicda.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\lsass.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 75264 c:\windows\system32\dllcache\locator.exe
+ 2004-08-10 17:51 . 2008-04-14 00:11 19968 c:\windows\system32\dllcache\linkinfo.dll
+ 2004-08-10 18:01 . 2008-04-14 00:11 58880 c:\windows\system32\dllcache\licwmi.dll
- 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2004-08-10 17:51 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2009-04-04 16:46 . 2008-04-14 00:11 61440 c:\windows\system32\dllcache\kmsvc.dll
- 2006-10-17 11:34 . 2009-06-29 16:12 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-10-17 11:34 . 2011-08-17 21:32 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 05:56 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2001-08-17 18:58 . 2008-04-13 18:36 37248 c:\windows\system32\dllcache\isapnp.sys
+ 2004-08-10 17:57 . 2008-04-13 18:54 11264 c:\windows\system32\dllcache\irenum.sys
+ 2004-08-10 17:51 . 2008-04-13 18:57 20864 c:\windows\system32\dllcache\ipinip.sys
+ 2004-08-10 17:51 . 2008-04-14 00:11 94720 c:\windows\system32\dllcache\iphlpapi.dll
+ 2004-08-10 17:51 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\ip6fw.sys
+ 2004-08-10 18:02 . 2008-04-13 16:22 48128 c:\windows\system32\dllcache\inetres.dll
- 2007-08-14 00:36 . 2007-08-14 00:36 36352 c:\windows\system32\dllcache\imgutil.dll
+ 2004-08-10 17:51 . 2007-08-14 00:36 36352 c:\windows\system32\dllcache\imgutil.dll
- 2007-11-29 02:48 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-11-29 02:48 . 2011-08-17 12:21 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2004-08-10 17:51 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 78336 c:\windows\system32\dllcache\ieencode.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-10 17:51 . 2011-08-17 12:21 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-14 00:39 . 2009-06-29 11:07 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-10 18:02 . 2004-08-04 10:00 61440 c:\windows\system32\dllcache\icwres.dll
+ 2007-11-29 02:48 . 2011-08-17 21:32 63488 c:\windows\system32\dllcache\icardie.dll
- 2007-11-29 02:48 . 2009-06-29 16:12 63488 c:\windows\system32\dllcache\icardie.dll
+ 2004-08-10 18:01 . 2008-04-14 00:11 11264 c:\windows\system32\dllcache\icaapi.dll
+ 2004-08-10 18:30 . 2008-04-13 18:41 18560 c:\windows\system32\dllcache\i2omp.sys
+ 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 72704 c:\windows\system32\dllcache\hlink.dll
+ 2009-04-04 16:46 . 2008-04-13 18:45 19200 c:\windows\system32\dllcache\hidir.sys
+ 2009-04-04 16:46 . 2008-04-13 18:46 25600 c:\windows\system32\dllcache\hidbth.sys
+ 2004-08-04 05:56 . 2008-04-14 00:11 20992 c:\windows\system32\dllcache\hid.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 41472 c:\windows\system32\dllcache\hhsetup.dll
+ 2009-04-04 16:46 . 2008-04-13 18:36 46464 c:\windows\system32\dllcache\gagp30kx.sys
+ 2004-08-10 17:51 . 2008-04-14 00:11 32828 c:\windows\system32\dllcache\fp40ext.dll
+ 2004-08-10 17:51 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll
- 2004-08-10 17:51 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2004-08-04 03:59 . 2008-04-13 18:40 20480 c:\windows\system32\dllcache\flpydisk.sys
+ 2004-08-10 17:51 . 2008-04-14 00:11 21504 c:\windows\system32\dllcache\feclient.dll
+ 2004-08-04 03:59 . 2008-04-13 18:40 27392 c:\windows\system32\dllcache\fdc.sys
+ 2004-08-10 17:51 . 2008-04-14 00:11 80384 c:\windows\system32\dllcache\faultrep.dll
+ 2009-04-04 16:46 . 2008-04-14 00:11 33792 c:\windows\system32\dllcache\eapsvc.dll
+ 2009-04-04 16:46 . 2008-04-14 00:11 40960 c:\windows\system32\dllcache\eappprxy.dll
+ 2009-04-04 16:46 . 2008-04-14 00:11 30720 c:\windows\system32\dllcache\eapolqec.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 10752 c:\windows\system32\dllcache\dumprep.exe
+ 2004-08-10 17:51 . 2008-04-14 00:11 51200 c:\windows\system32\dllcache\dssec.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 92672 c:\windows\system32\dllcache\dskquota.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 14336 c:\windows\system32\dllcache\drprov.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 60928 c:\windows\system32\dllcache\dpnhupnp.dll
+ 2009-04-04 16:46 . 2008-04-14 00:11 26112 c:\windows\system32\dllcache\dot3api.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 48128 c:\windows\system32\dllcache\docprop2.dll
+ 2004-08-10 17:50 . 2004-08-04 10:00 46080 c:\windows\system32\dllcache\docprop.dll
+ 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2004-08-10 17:50 . 2008-04-13 18:40 14208 c:\windows\system32\dllcache\diskdump.sys
+ 2004-08-04 03:59 . 2008-04-13 18:40 36352 c:\windows\system32\dllcache\disk.sys
+ 2004-08-10 17:50 . 2008-04-14 00:11 68608 c:\windows\system32\dllcache\digest.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 28672 c:\windows\system32\dllcache\dfsshlex.dll
+ 2004-08-10 17:50 . 2004-08-04 10:00 51200 c:\windows\system32\dllcache\dfrgres.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 59904 c:\windows\system32\dllcache\devenum.dll
+ 2004-08-10 17:50 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\defrag.exe
+ 2004-08-10 17:50 . 2008-04-14 00:11 27136 c:\windows\system32\dllcache\ddrawex.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 25088 c:\windows\system32\dllcache\davclnt.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\ctfmon.exe
+ 2009-12-14 07:08 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 64512 c:\windows\system32\dllcache\cryptnet.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 53760 c:\windows\system32\dllcache\cryptext.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 33280 c:\windows\system32\dllcache\cryptdll.dll
+ 2004-08-04 03:59 . 2008-04-13 18:31 36736 c:\windows\system32\dllcache\crusoe.sys
- 2004-08-10 17:50 . 2009-06-29 16:12 17408 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-10 17:50 . 2011-08-17 21:32 17408 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 58368 c:\windows\system32\dllcache\clusapi.dll
+ 2004-08-10 17:50 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\clipsrv.exe
+ 2004-08-10 17:50 . 2008-04-14 00:12 64000 c:\windows\system32\dllcache\cleanmgr.exe
+ 2004-08-10 17:50 . 2008-04-13 19:16 49536 c:\windows\system32\dllcache\classpnp.sys
+ 2009-04-04 16:45 . 2008-04-14 00:11 15423 c:\windows\system32\dllcache\ch7xxnt5.dll
+ 2004-08-10 17:50 . 2008-04-14 00:09 16896 c:\windows\system32\dllcache\cfgmgr32.dll
+ 2004-08-10 17:50 . 2009-08-07 01:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2006-10-19 01:33 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2004-08-10 17:50 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 60416 c:\windows\system32\dllcache\cabinet.dll
+ 2009-04-04 16:45 . 2008-04-13 18:46 18944 c:\windows\system32\dllcache\bthusb.sys
+ 2009-04-04 16:45 . 2008-04-13 18:46 36480 c:\windows\system32\dllcache\bthprint.sys
+ 2009-04-04 16:45 . 2008-04-13 18:46 37888 c:\windows\system32\dllcache\bthmodem.sys
+ 2009-04-04 16:45 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\bthenum.sys
+ 2004-08-10 17:50 . 2008-04-13 17:03 63488 c:\windows\system32\dllcache\browselc.dll
+ 2004-08-10 17:50 . 2008-04-13 18:53 71552 c:\windows\system32\dllcache\bridge.sys
+ 2004-08-10 17:50 . 2008-04-14 00:11 29184 c:\windows\system32\dllcache\batmeter.dll
+ 2004-08-10 17:50 . 2009-11-27 16:07 84992 c:\windows\system32\dllcache\avifil32.dll
- 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2004-08-10 17:50 . 2004-08-04 10:00 64000 c:\windows\system32\dllcache\avicap32.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 62464 c:\windows\system32\dllcache\authz.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 17279 c:\windows\system32\dllcache\atv10nt5.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 14143 c:\windows\system32\dllcache\atv06nt5.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 25471 c:\windows\system32\dllcache\atv04nt5.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 11359 c:\windows\system32\dllcache\atv02nt5.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 21183 c:\windows\system32\dllcache\atv01nt5.dll
+ 2004-08-10 17:50 . 2008-04-13 18:51 55808 c:\windows\system32\dllcache\atmlane.sys
+ 2004-08-10 17:50 . 2008-04-13 18:51 59904 c:\windows\system32\dllcache\atmarpc.sys
+ 2004-08-10 17:50 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
- 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
+ 2009-04-04 16:45 . 2008-04-13 16:34 63488 c:\windows\system32\dllcache\atinxsxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 31744 c:\windows\system32\dllcache\atinxbxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 73216 c:\windows\system32\dllcache\atintuxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 13824 c:\windows\system32\dllcache\atinttxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 28672 c:\windows\system32\dllcache\atinsnxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 52224 c:\windows\system32\dllcache\atinraxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 14336 c:\windows\system32\dllcache\atinpdxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 13824 c:\windows\system32\dllcache\atinmdxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 57856 c:\windows\system32\dllcache\atinbtxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 34735 c:\windows\system32\dllcache\ati1xsxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 29455 c:\windows\system32\dllcache\ati1xbxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 36463 c:\windows\system32\dllcache\ati1tuxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 21343 c:\windows\system32\dllcache\ati1ttxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 26367 c:\windows\system32\dllcache\ati1snxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 63663 c:\windows\system32\dllcache\ati1rvxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 30671 c:\windows\system32\dllcache\ati1raxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 12047 c:\windows\system32\dllcache\ati1pdxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 11615 c:\windows\system32\dllcache\ati1mdxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 56623 c:\windows\system32\dllcache\ati1btxx.sys
+ 2004-08-10 17:50 . 2008-04-13 18:57 14336 c:\windows\system32\dllcache\asyncmac.sys
+ 2004-08-10 17:50 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-04 03:58 . 2008-04-13 18:51 60800 c:\windows\system32\dllcache\arp1394.sys
+ 2004-08-04 03:59 . 2008-04-13 18:31 37760 c:\windows\system32\dllcache\amdk7.sys
+ 2004-08-04 03:59 . 2008-04-13 18:31 37376 c:\windows\system32\dllcache\amdk6.sys
+ 2004-08-10 18:16 . 2008-04-13 18:36 43008 c:\windows\system32\dllcache\amdagp.sys
+ 2004-08-10 17:50 . 2008-04-14 00:11 17408 c:\windows\system32\dllcache\alrsvc.dll
+ 2004-08-10 18:16 . 2008-04-13 18:36 42752 c:\windows\system32\dllcache\alim1541.sys
+ 2004-08-10 17:50 . 2008-04-14 00:12 44544 c:\windows\system32\dllcache\alg.exe
+ 2004-08-10 18:22 . 2008-04-13 18:36 44928 c:\windows\system32\dllcache\agpcpq.sys
+ 2004-08-10 17:58 . 2008-04-13 18:36 42368 c:\windows\system32\dllcache\agp440.sys
+ 2004-08-10 17:50 . 2008-04-14 00:11 24064 c:\windows\system32\dllcache\agentpsh.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 98304 c:\windows\system32\dllcache\actxprxy.dll
+ 2004-08-10 17:50 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll
+ 2004-08-10 17:50 . 2011-08-17 21:32 17408 c:\windows\system32\corpol.dll
- 2004-08-10 17:50 . 2009-06-29 16:12 17408 c:\windows\system32\corpol.dll
+ 2006-10-19 00:42 . 2011-12-28 22:05 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2006-10-19 00:42 . 2009-10-11 15:00 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2006-10-19 00:42 . 2011-12-28 22:05 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-10-19 00:42 . 2009-10-11 15:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-12-22 02:08 . 2009-10-11 15:00 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-10-11 23:43 . 2011-12-28 22:05 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2004-08-10 17:50 . 2009-08-07 01:24 96480 c:\windows\system32\cdm.dll
+ 2004-08-10 17:50 . 2010-01-13 14:01 86016 c:\windows\system32\cabview.dll
+ 2004-08-10 17:50 . 2009-11-27 16:07 84992 c:\windows\system32\avifil32.dll
- 2004-08-10 17:50 . 2009-06-10 14:13 84992 c:\windows\system32\avifil32.dll
+ 2004-08-10 17:50 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
+ 2010-04-08 04:48 . 2010-04-08 04:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2008-07-30 00:16 . 2008-07-30 00:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Web.RegularExpressions.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Drawing.Design.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Configuration.Install.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.Vsa.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.VisualBasic.Vsa.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.Build.Utilities.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.Build.Framework.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\ISymWrapper.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\IEHost.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\CustomMarshalers.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\cscompmgd.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Accessibility.dll
+ 2010-09-22 14:43 . 2010-09-22 14:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2009-06-25 00:56 . 2009-06-25 00:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2011-07-08 19:00 . 2011-07-08 19:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2007-04-14 01:58 . 2007-04-14 01:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-07-07 17:04 . 2011-07-07 17:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-07-07 17:04 . 2011-07-07 17:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-14 01:57 . 2007-04-14 01:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-07-07 17:03 . 2011-07-07 17:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-14 01:57 . 2007-04-14 01:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-07-07 18:09 . 2011-07-07 18:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-14 02:30 . 2007-04-14 02:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-07-07 18:09 . 2011-07-07 18:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2003-02-21 00:19 . 2003-02-21 00:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2011-12-09 02:31 . 2011-12-09 02:31 22016 c:\windows\Installer\84b4bc.msi
+ 2011-12-11 23:38 . 2011-12-11 23:38 18944 c:\windows\Installer\5cf41.msi
+ 2011-12-11 23:37 . 2011-12-11 23:37 92672 c:\windows\Installer\5cf34.msi
+ 2010-12-17 23:18 . 2010-12-17 23:18 38400 c:\windows\Installer\5ce295c.msi
+ 2009-11-25 13:23 . 2009-11-25 13:23 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2011-11-23 09:02 . 2011-11-23 09:02 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
+ 2011-10-07 22:10 . 2011-10-07 22:10 89952 c:\windows\Installer\{90140000-006D-0409-0000-0000000FF1CE}\cvhicon.exe
+ 2010-12-17 23:19 . 2011-10-07 22:23 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2006-10-17 11:47 . 2009-12-10 13:03 17534 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\gtngstrtd.exe
- 2006-10-17 11:47 . 2009-06-12 12:09 17534 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\gtngstrtd.exe
+ 2006-10-17 11:47 . 2009-12-10 13:03 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_B8B1511D9331_467C_9B1B_E8204012E95B.exe
- 2006-10-17 11:47 . 2009-06-12 12:09 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_B8B1511D9331_467C_9B1B_E8204012E95B.exe
- 2006-10-17 11:47 . 2009-06-12 12:09 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_630CEEA9B210_4765_A2B1_FC24596048D7.exe
+ 2006-10-17 11:47 . 2009-12-10 13:03 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_630CEEA9B210_4765_A2B1_FC24596048D7.exe
- 2006-10-17 11:47 . 2009-06-12 12:09 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_4E403E143BE9_4CD1_B8DF_8012EBBE9E82.exe
+ 2006-10-17 11:47 . 2009-12-10 13:03 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_4E403E143BE9_4CD1_B8DF_8012EBBE9E82.exe
+ 2009-11-06 00:00 . 2009-11-06 00:00 58945 c:\windows\Installer\{6412CECE-8172-4BE5-935B-6CECACD2CA87}\wlmail.exe
+ 2009-11-07 03:38 . 2009-11-07 03:38 29926 c:\windows\Installer\{508CE775-4BA4-4748-82DF-FE28DA9F03B0}\MsblIco.Exe
- 2009-04-18 08:59 . 2009-04-18 08:59 29926 c:\windows\Installer\{508CE775-4BA4-4748-82DF-FE28DA9F03B0}\MsblIco.Exe
+ 2010-09-23 10:47 . 2010-09-23 10:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\reader_sl.exe
+ 2010-09-23 09:03 . 2010-09-23 09:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\eula.exe
+ 2010-09-21 05:07 . 2010-09-21 05:07 70584 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\adobeextractfiles.dll
+ 2010-09-23 08:52 . 2010-09-23 08:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrotextextractor.exe
+ 2010-09-23 00:12 . 2010-09-23 00:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32Info.exe
+ 2006-10-27 02:07 . 2006-10-27 02:07 17680 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\PXBPROXY.DLL
+ 2006-10-27 02:07 . 2006-10-27 02:07 67920 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\PXBCOM.EXE
+ 2006-10-26 19:03 . 2006-10-26 19:03 78648 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\INTLDATE.DLL
+ 2010-07-18 02:29 . 2010-01-05 10:00 44544 c:\windows\ie7updates\KB982381-IE7\pngfilt.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 52224 c:\windows\ie7updates\KB982381-IE7\msfeedsbs.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 27648 c:\windows\ie7updates\KB982381-IE7\jsproxy.dll
+ 2010-07-18 02:29 . 2009-12-31 15:33 13824 c:\windows\ie7updates\KB982381-IE7\ieudinit.exe
+ 2010-07-18 02:29 . 2010-01-05 10:00 44544 c:\windows\ie7updates\KB982381-IE7\iernonce.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 78336 c:\windows\ie7updates\KB982381-IE7\ieencode.dll
+ 2010-07-18 02:29 . 2009-12-31 15:33 70656 c:\windows\ie7updates\KB982381-IE7\ie4uinit.exe
+ 2010-07-18 02:29 . 2010-01-05 10:00 63488 c:\windows\ie7updates\KB982381-IE7\icardie.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 17408 c:\windows\ie7updates\KB982381-IE7\corpol.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 44544 c:\windows\ie7updates\KB978207-IE7\pngfilt.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 52224 c:\windows\ie7updates\KB978207-IE7\msfeedsbs.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 27648 c:\windows\ie7updates\KB978207-IE7\jsproxy.dll
+ 2010-01-22 00:26 . 2009-10-28 14:36 13824 c:\windows\ie7updates\KB978207-IE7\ieudinit.exe
+ 2010-01-22 00:26 . 2009-10-29 07:46 44544 c:\windows\ie7updates\KB978207-IE7\iernonce.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 78336 c:\windows\ie7updates\KB978207-IE7\ieencode.dll
+ 2010-01-22 00:26 . 2009-10-28 14:36 70656 c:\windows\ie7updates\KB978207-IE7\ie4uinit.exe
+ 2010-01-22 00:26 . 2009-10-29 07:46 63488 c:\windows\ie7updates\KB978207-IE7\icardie.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 17408 c:\windows\ie7updates\KB978207-IE7\corpol.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 44544 c:\windows\ie7updates\KB976325-IE7\pngfilt.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 52224 c:\windows\ie7updates\KB976325-IE7\msfeedsbs.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 27648 c:\windows\ie7updates\KB976325-IE7\jsproxy.dll
+ 2009-12-10 13:03 . 2009-08-28 10:28 13824 c:\windows\ie7updates\KB976325-IE7\ieudinit.exe
+ 2009-12-10 13:03 . 2009-08-29 07:36 44544 c:\windows\ie7updates\KB976325-IE7\iernonce.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 78336 c:\windows\ie7updates\KB976325-IE7\ieencode.dll
+ 2009-12-10 13:03 . 2009-08-28 10:28 70656 c:\windows\ie7updates\KB976325-IE7\ie4uinit.exe
+ 2009-12-10 13:03 . 2009-08-29 07:36 63488 c:\windows\ie7updates\KB976325-IE7\icardie.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 17408 c:\windows\ie7updates\KB976325-IE7\corpol.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB974455-IE7\pngfilt.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 52224 c:\windows\ie7updates\KB974455-IE7\msfeedsbs.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 27648 c:\windows\ie7updates\KB974455-IE7\jsproxy.dll
+ 2009-10-14 11:58 . 2009-06-29 11:07 13824 c:\windows\ie7updates\KB974455-IE7\ieudinit.exe
+ 2009-10-14 11:58 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB974455-IE7\iernonce.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 78336 c:\windows\ie7updates\KB974455-IE7\ieencode.dll
+ 2009-10-14 11:58 . 2009-06-29 11:07 70656 c:\windows\ie7updates\KB974455-IE7\ie4uinit.exe
+ 2009-10-14 11:58 . 2009-06-29 16:12 63488 c:\windows\ie7updates\KB974455-IE7\icardie.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 17408 c:\windows\ie7updates\KB974455-IE7\corpol.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 44544 c:\windows\ie7updates\KB2586448-IE7\pngfilt.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 52224 c:\windows\ie7updates\KB2586448-IE7\msfeedsbs.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 27648 c:\windows\ie7updates\KB2586448-IE7\jsproxy.dll
+ 2011-10-13 08:05 . 2011-06-21 11:46 13824 c:\windows\ie7updates\KB2586448-IE7\ieudinit.exe
+ 2011-10-13 08:05 . 2011-06-21 18:45 44544 c:\windows\ie7updates\KB2586448-IE7\iernonce.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 78336 c:\windows\ie7updates\KB2586448-IE7\ieencode.dll
+ 2011-10-13 08:05 . 2011-06-21 11:46 70656 c:\windows\ie7updates\KB2586448-IE7\ie4uinit.exe
+ 2011-10-13 08:05 . 2011-06-21 18:45 63488 c:\windows\ie7updates\KB2586448-IE7\icardie.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 17408 c:\windows\ie7updates\KB2586448-IE7\corpol.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 44544 c:\windows\ie7updates\KB2559049-IE7\pngfilt.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 52224 c:\windows\ie7updates\KB2559049-IE7\msfeedsbs.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 27648 c:\windows\ie7updates\KB2559049-IE7\jsproxy.dll
+ 2011-10-07 22:21 . 2010-05-04 12:39 13824 c:\windows\ie7updates\KB2559049-IE7\ieudinit.exe
+ 2011-10-07 22:21 . 2010-05-04 17:20 44544 c:\windows\ie7updates\KB2559049-IE7\iernonce.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 78336 c:\windows\ie7updates\KB2559049-IE7\ieencode.dll
+ 2011-10-07 22:21 . 2010-05-04 12:39 70656 c:\windows\ie7updates\KB2559049-IE7\ie4uinit.exe
+ 2011-10-07 22:21 . 2010-05-04 17:20 63488 c:\windows\ie7updates\KB2559049-IE7\icardie.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 17408 c:\windows\ie7updates\KB2559049-IE7\corpol.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2011-10-13 08:02 . 2011-10-13 08:02 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fa729ba3\System.Drawing.Design.dll
+ 2011-10-13 08:01 . 2011-10-13 08:01 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_c33bca75\CustomMarshalers.dll
+ 2011-10-11 08:13 . 2011-10-11 08:13 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\368187bcb570d202a019fc7c53b1df4c\UIAutomationProvider.ni.dll
+ 2011-10-11 08:22 . 2011-10-11 08:22 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3f621b90371e67197bd4d0b86aa6f21d\System.Windows.Presentation.ni.dll
+ 2011-10-11 08:21 . 2011-10-11 08:21 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\577b049541803541e6b00e2c36c00852\System.Web.DynamicData.Design.ni.dll
+ 2011-10-11 08:18 . 2011-10-11 08:18 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\636ed65b7e5481320e3010b78a5e6cfa\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-11 08:18 . 2011-10-11 08:18 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f83b1e8dd8c90490c8d924826c8b107d\System.AddIn.Contract.ni.dll
+ 2011-10-11 08:09 . 2011-10-11 08:09 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2740ba673b1040f1995f13c6044da64c\PresentationFontCache.ni.exe
+ 2011-10-11 08:06 . 2011-10-11 08:06 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8514e7de63d46b6f8232ef70d93a1650\PresentationCFFRasterizer.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\108426b4dc654100c9a99bfa71f69886\Microsoft.Vsa.ni.dll
+ 2011-12-12 02:32 . 2011-12-12 02:32 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c6cc8a84d50514bde3c7267b1729be25\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2011-12-12 02:33 . 2011-12-12 02:33 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a5c76a6d3f09064d9c19d03b7c8ef02f\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2011-12-12 02:33 . 2011-12-12 02:33 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9be007e563b5d2bc470c3f114a766fd7\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2011-12-12 02:33 . 2011-12-12 02:33 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\98c65d013ab621e80b5e43a83ab2c79e\Microsoft.PowerShell.Security.resources.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8905268997c77a27c7f9c54aeba37f24\Microsoft.Build.Framework.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\11bb8ef375848eb1c074da1afd5cecdc\Microsoft.Build.Framework.ni.dll
+ 2011-10-11 08:16 . 2011-10-11 08:16 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\6d74b9308a1517bfe959e597c3dd2427\dfsvc.ni.exe
+ 2011-10-11 08:14 . 2011-10-11 08:14 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fdf7f1404f4a5c7f5a0463d8e7a442e4\Accessibility.ni.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-07-18 04:29 . 2010-07-18 04:29 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-08-21 12:07 . 2009-08-21 12:07 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-10-11 08:04 . 2011-10-11 08:04 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-12-12 02:11 . 2011-12-12 02:11 65536 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll
+ 2011-12-12 02:11 . 2011-12-12 02:11 36864 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.resources.dll
+ 2011-12-12 02:11 . 2011-12-12 02:11 32768 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.resources.dll
+ 2011-12-12 02:11 . 2011-12-12 02:11 11264 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.resources.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-13 08:01 . 2011-10-13 08:01 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-10-17 22:18 . 2009-10-17 22:18 20480 c:\windows\assembly\GAC\ArbusApplicationController\1.0.3093.38280__da57d5d39b1d6dd8\ArbusApplicationController.dll
- 2009-10-10 14:47 . 2009-10-10 14:47 20480 c:\windows\assembly\GAC\ArbusApplicationController\1.0.3093.38280__da57d5d39b1d6dd8\ArbusApplicationController.dll
+ 2009-10-17 22:18 . 2009-10-17 22:18 20480 c:\windows\assembly\GAC\Arbus.Interfacing.Library\1.0.4.0__2be3a081d8c94867\Arbus.Interfacing.Library.dll
- 2009-10-10 14:47 . 2009-10-10 14:47 20480 c:\windows\assembly\GAC\Arbus.Interfacing.Library\1.0.4.0__2be3a081d8c94867\Arbus.Interfacing.Library.dll
+ 2010-05-21 14:39 . 2011-12-10 01:45 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
- 2009-05-24 22:34 . 2009-10-04 19:55 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
+ 2010-05-21 14:39 . 2011-12-10 01:45 96256 c:\windows\.jagex_cache_32\runescape\jaggl.dll
+ 2010-05-21 14:39 . 2011-12-10 01:45 80896 c:\windows\.jagex_cache_32\runescape\jagdx.dll
+ 2010-05-21 14:39 . 2011-12-10 01:45 81920 c:\windows\.jagex_cache_32\runescape\hw3d.dll
+ 2010-08-22 16:19 . 2010-08-22 16:19 86016 c:\windows\.jagex_cache_32\aceofskies\jaggl.dll
+ 2011-10-07 22:01 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll
+ 2011-10-07 22:01 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982665\spmsg.dll
+ 2010-06-17 14:02 . 2010-06-17 14:02 80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll
+ 2010-07-18 02:29 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB982381-IE7\update\spcustom.dll
+ 2010-07-18 02:29 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB982381-IE7\spmsg.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 44544 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\pngfilt.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 52224 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msfeedsbs.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 27648 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\jsproxy.dll
+ 2010-05-04 13:19 . 2010-05-04 13:19 13824 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieudinit.exe
+ 2010-05-04 17:20 . 2010-05-04 17:20 44544 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iernonce.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 78336 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieencode.dll
+ 2010-05-04 13:19 . 2010-05-04 13:19 70656 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ie4uinit.exe
+ 2010-05-04 17:20 . 2010-05-04 17:20 63488 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\icardie.dll
+ 2010-05-04 17:19 . 2010-05-04 17:19 17408 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\corpol.dll
+ 2011-10-07 22:24 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982132\update\spcustom.dll
+ 2011-10-07 22:24 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB982132\spmsg.dll
+ 2011-10-07 22:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll
+ 2011-10-07 22:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981997\spmsg.dll
+ 2011-10-07 22:11 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll
+ 2011-10-07 22:11 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981322\spmsg.dll
+ 2011-10-07 22:12 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll
+ 2011-10-07 22:12 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980436\spmsg.dll
+ 2011-10-07 22:17 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979687\update\spcustom.dll
+ 2011-10-07 22:17 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB979687\spmsg.dll
+ 2010-07-18 13:33 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979559\update\spcustom.dll
+ 2010-07-18 13:33 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB979559\spmsg.dll
+ 2010-07-18 04:44 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll
+ 2010-07-18 04:44 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB979482\spmsg.dll
+ 2010-03-05 14:52 . 2010-03-05 14:52 65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll
+ 2010-07-17 21:15 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB979309\update\spcustom.dll
+ 2010-07-17 21:15 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB979309\spmsg.dll
+ 2010-01-13 13:48 . 2010-01-13 13:48 86016 c:\windows\$hf_mig$\KB979309\SP3QFE\cabview.dll
+ 2010-07-18 04:42 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978706\update\spcustom.dll
+ 2010-07-18 04:42 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978706\spmsg.dll
+ 2010-07-17 21:19 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB978601\update\spcustom.dll
+ 2010-07-17 21:19 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB978601\spmsg.dll
+ 2010-07-18 04:45 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-07-18 04:45 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978542\spmsg.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978338\update\spcustom.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978338\spmsg.dll
+ 2010-01-22 00:26 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978207-IE7\update\spcustom.dll
+ 2010-01-22 00:26 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978207-IE7\spmsg.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 44544 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\pngfilt.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 52224 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msfeedsbs.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 27648 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\jsproxy.dll
+ 2010-01-01 06:55 . 2010-01-01 06:55 13824 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieudinit.exe
+ 2010-01-05 09:57 . 2010-01-05 09:57 44544 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iernonce.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 78336 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieencode.dll
+ 2010-01-01 06:55 . 2010-01-01 06:55 70656 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ie4uinit.exe
+ 2010-01-05 09:57 . 2010-01-05 09:57 63488 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\icardie.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 17408 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\corpol.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978037\update\spcustom.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978037\spmsg.dll
+ 2009-12-14 07:10 . 2009-12-14 07:10 33280 c:\windows\$hf_mig$\KB978037\SP3QFE\csrsrv.dll
+ 2010-07-18 04:47 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977914\update\spcustom.dll
+ 2010-07-18 04:47 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB977914\spmsg.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 28672 c:\windows\$hf_mig$\KB977914\SP3QFE\msvidc32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 11264 c:\windows\$hf_mig$\KB977914\SP3QFE\msrle32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 48128 c:\windows\$hf_mig$\KB977914\SP3QFE\iyuv_32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 84992 c:\windows\$hf_mig$\KB977914\SP3QFE\avifil32.dll
+ 2010-07-18 13:34 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977816\update\spcustom.dll
+ 2010-07-18 13:34 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB977816\spmsg.dll
+ 2009-11-05 12:58 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB976749-IE7\update\spcustom.dll
+ 2009-11-05 12:58 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB976749-IE7\spmsg.dll
+ 2009-12-10 13:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB976325-IE7\update\spcustom.dll
+ 2009-12-10 13:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB976325-IE7\spmsg.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 44544 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\pngfilt.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 52224 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\msfeedsbs.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 27648 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\jsproxy.dll
+ 2009-10-28 14:05 . 2009-10-28 14:05 13824 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieudinit.exe
+ 2009-10-29 07:45 . 2009-10-29 07:45 44544 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iernonce.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 78336 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieencode.dll
+ 2009-10-28 14:05 . 2009-10-28 14:05 70656 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ie4uinit.exe
+ 2009-10-29 07:45 . 2009-10-29 07:45 63488 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\icardie.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 17408 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\corpol.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975713\update\spcustom.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975713\spmsg.dll
+ 2010-07-18 04:40 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll
+ 2010-07-18 04:40 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975562\spmsg.dll
+ 2010-07-18 13:35 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975561\update\spcustom.dll
+ 2010-07-18 13:35 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975561\spmsg.dll
+ 2010-07-18 13:34 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975560\update\spcustom.dll
+ 2010-07-18 13:34 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975560\spmsg.dll
+ 2009-11-27 17:23 . 2009-11-27 17:23 17920 c:\windows\$hf_mig$\KB975560\SP3QFE\msyuv.dll
+ 2009-10-14 11:55 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975467\update\spcustom.dll
+ 2009-10-14 11:55 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975467\spmsg.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975025\update\spcustom.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975025\spmsg.dll
+ 2009-10-14 11:57 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974571\update\spcustom.dll
+ 2009-10-14 11:57 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974571\spmsg.dll
+ 2009-09-04 20:57 . 2009-09-04 20:57 58880 c:\windows\$hf_mig$\KB974571\SP3QFE\msasn1.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974455-IE7\update\spcustom.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974455-IE7\spmsg.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 44544 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\pngfilt.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 52224 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\msfeedsbs.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 27648 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\jsproxy.dll
+ 2009-08-28 10:01 . 2009-08-28 10:01 13824 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieudinit.exe
+ 2009-08-29 07:31 . 2009-08-29 07:31 44544 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\iernonce.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 78336 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieencode.dll
+ 2009-08-28 10:01 . 2009-08-28 10:01 70656 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ie4uinit.exe
+ 2009-08-29 07:31 . 2009-08-29 07:31 63488 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\icardie.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 17408 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\corpol.dll
+ 2009-12-10 13:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974392\update\spcustom.dll
+ 2009-12-10 13:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974392\spmsg.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974318\update\spcustom.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974318\spmsg.dll
+ 2009-10-12 13:28 . 2009-10-12 13:28 79872 c:\windows\$hf_mig$\KB974318\SP3QFE\raschap.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974112\update\spcustom.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974112\spmsg.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973904\update\spcustom.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973904\spmsg.dll
+ 2009-11-25 13:24 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973687\update\spcustom.dll
+ 2009-11-25 13:24 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973687\spmsg.dll
+ 2009-10-14 11:55 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973525\update\spcustom.dll
+ 2009-10-14 11:55 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973525\spmsg.dll
+ 2010-01-13 13:05 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB972270\update\spcustom.dll
+ 2010-01-13 13:05 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB972270\spmsg.dll
+ 2010-01-13 01:20 . 2009-10-15 16:39 81920 c:\windows\$hf_mig$\KB972270\SP3QFE\fontsub.dll
+ 2009-12-10 13:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971737\update\spcustom.dll
+ 2009-12-10 13:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971737\spmsg.dll
+ 2009-10-14 11:55 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB971486\update\spcustom.dll
+ 2009-10-14 11:55 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB971486\spmsg.dll
+ 2011-10-07 22:09 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2011-10-07 22:09 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB970430\update\spcustom.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB970430\spmsg.dll
+ 2009-10-21 05:40 . 2009-10-21 05:40 75776 c:\windows\$hf_mig$\KB970430\SP3QFE\strmfilt.dll
+ 2009-10-21 05:40 . 2009-10-21 05:40 25088 c:\windows\$hf_mig$\KB970430\SP3QFE\httpapi.dll
+ 2009-11-12 14:01 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB969947\update\spcustom.dll
+ 2009-11-12 14:01 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB969947\spmsg.dll
+ 2009-10-14 11:59 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB969059\update\spcustom.dll
+ 2009-10-14 11:59 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB969059\spmsg.dll
+ 2009-11-07 14:08 . 2007-11-30 12:39 26488 c:\windows\$hf_mig$\KB961503\update\spcustom.dll
+ 2009-11-07 14:08 . 2007-11-30 12:39 17272 c:\windows\$hf_mig$\KB961503\spmsg.dll
+ 2010-01-13 13:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB955759\update\spcustom.dll
+ 2010-01-13 13:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB955759\spmsg.dll
+ 2011-11-11 09:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2641690\update\spcustom.dll
+ 2011-11-11 09:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2641690\spmsg.dll
+ 2011-10-07 22:20 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2616676-v2\update\spcustom.dll
+ 2011-10-07 22:20 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2616676-v2\spmsg.dll
+ 2011-10-13 08:06 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2592799\update\spcustom.dll
+ 2011-10-13 08:06 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2592799\spmsg.dll
+ 2011-10-13 08:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2586448-IE7\update\spcustom.dll
+ 2011-10-13 08:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2586448-IE7\spmsg.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 44544 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\pngfilt.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 52224 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\msfeedsbs.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 27648 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\jsproxy.dll
+ 2011-08-17 12:33 . 2011-08-17 12:33 13824 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\ieudinit.exe
+ 2011-08-17 21:30 . 2011-08-17 21:30 44544 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\iernonce.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 78336 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\ieencode.dll
+ 2011-08-17 12:33 . 2011-08-17 12:33 70656 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\ie4uinit.exe
+ 2011-08-17 21:30 . 2011-08-17 21:30 63488 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\icardie.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 17408 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\corpol.dll
+ 2011-10-07 22:12 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570947\update\spcustom.dll
+ 2011-10-07 22:12 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570947\spmsg.dll
+ 2011-10-07 22:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570222\update\spcustom.dll
+ 2011-10-07 22:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570222\spmsg.dll
+ 2011-10-13 08:06 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2567053\update\spcustom.dll
+ 2011-10-13 08:06 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2567053\spmsg.dll
+ 2011-10-07 22:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2566454\update\spcustom.dll
+ 2011-10-07 22:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2566454\spmsg.dll
+ 2011-10-07 21:55 . 2011-07-08 13:51 10496 c:\windows\$hf_mig$\KB2566454\SP3QFE\ndistapi.sys
+ 2011-10-07 21:39 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2562937\update\spcustom.dll
+ 2011-10-07 21:39 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2562937\spmsg.dll
+ 2011-10-07 22:21 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2559049-IE7\update\spcustom.dll
+ 2011-10-07 22:21 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2559049-IE7\spmsg.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 44544 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\pngfilt.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 52224 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\msfeedsbs.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 27648 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\jsproxy.dll
+ 2011-06-21 12:08 . 2011-06-21 12:08 13824 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\ieudinit.exe
+ 2011-06-21 18:43 . 2011-06-21 18:43 44544 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\iernonce.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 78336 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\ieencode.dll
+ 2011-06-21 12:08 . 2011-06-21 12:08 70656 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\ie4uinit.exe
+ 2011-06-21 18:43 . 2011-06-21 18:43 63488 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\icardie.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 17408 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\corpol.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2555917\update\spcustom.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2555917\spmsg.dll
+ 2011-10-07 21:43 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893\update\spcustom.dll
+ 2011-10-07 21:43 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893\spmsg.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2541763\update\spcustom.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2541763\spmsg.dll
+ 2011-11-23 09:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276-v2\update\spcustom.dll
+ 2011-11-23 09:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276-v2\spmsg.dll
+ 2011-10-07 22:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2535512\update\spcustom.dll
+ 2011-10-07 22:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2535512\spmsg.dll
+ 2011-10-07 22:19 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2510581\update\spcustom.dll
+ 2011-10-07 22:19 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2510581\spmsg.dll
+ 2011-10-07 22:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2509553\update\spcustom.dll
+ 2011-10-07 22:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2509553\spmsg.dll
+ 2009-04-20 17:06 . 2009-04-20 17:06 45568 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsrslvr.dll
+ 2011-10-07 22:11 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2508429\update\spcustom.dll
+ 2011-10-07 22:11 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2508429\spmsg.dll
+ 2011-10-07 22:20 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll
+ 2011-10-07 22:20 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507938\spmsg.dll
+ 2011-04-26 11:02 . 2011-04-26 11:02 33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll
+ 2011-10-07 22:11 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507618\update\spcustom.dll
+ 2011-10-07 22:11 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507618\spmsg.dll
+ 2011-10-07 22:08 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2506212\update\spcustom.dll
+ 2011-10-07 22:08 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2506212\spmsg.dll
+ 2011-10-07 22:19 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2503665\update\spcustom.dll
+ 2011-10-07 22:19 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2503665\spmsg.dll
+ 2011-10-07 22:25 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485663\update\spcustom.dll
+ 2011-10-07 22:25 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485663\spmsg.dll
+ 2011-10-07 22:18 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2483185\update\spcustom.dll
+ 2011-10-07 22:18 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2483185\spmsg.dll
+ 2011-10-07 22:25 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
+ 2011-10-07 22:25 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2481109\spmsg.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
+ 2011-11-23 09:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-11-23 09:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478960\update\spcustom.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478960\spmsg.dll
+ 2011-10-07 22:19 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll
+ 2011-10-07 22:19 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476490\spmsg.dll
+ 2011-10-07 22:24 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2440591\update\spcustom.dll
+ 2011-10-07 22:24 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2440591\spmsg.dll
+ 2011-10-07 21:38 . 2010-11-03 05:55 40960 c:\windows\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys
+ 2011-10-07 21:39 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2423089\update\spcustom.dll
+ 2011-10-07 21:39 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2423089\spmsg.dll
+ 2011-10-07 21:25 . 2010-10-11 14:55 45568 c:\windows\$hf_mig$\KB2423089\SP3QFE\wab.exe
+ 2011-10-07 22:11 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2419632\update\spcustom.dll
+ 2011-10-07 22:11 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2419632\spmsg.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2393802\update\spcustom.dll
+ 2011-10-07 21:55 . 2010-12-09 15:15 16896 c:\windows\$hf_mig$\KB2393802\update\mpsyschk.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2393802\spmsg.dll
+ 2011-10-07 21:38 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2360937\update\spcustom.dll
+ 2011-10-07 21:38 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2360937\spmsg.dll
+ 2011-10-07 22:19 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll
+ 2011-10-07 22:19 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2347290\spmsg.dll
+ 2010-08-17 13:19 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
+ 2011-10-07 22:18 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll
+ 2011-10-07 22:18 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2079403\spmsg.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-04-15 06:12 . 2011-02-17 12:32 5120 c:\windows\system32\xpsp4res.dll
+ 2011-12-12 02:10 . 2007-06-30 18:49 4608 c:\windows\system32\windowspowershell\v1.0\pwrshmsg.dll
+ 2001-08-18 03:36 . 2009-11-27 16:07 8704 c:\windows\system32\tsbyuv.dll
+ 2006-10-17 11:39 . 2011-12-11 23:38 5632 c:\windows\system32\pndx5032.dll
- 2006-10-17 11:39 . 2008-01-30 02:28 5632 c:\windows\system32\pndx5032.dll
+ 2006-10-17 11:39 . 2011-12-11 23:38 6656 c:\windows\system32\pndx5016.dll
- 2006-10-17 11:39 . 2008-01-30 02:28 6656 c:\windows\system32\pndx5016.dll
+ 2004-08-10 17:51 . 2004-08-04 10:00 8261 c:\windows\system32\dllcache\zoneoc.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 5632 c:\windows\system32\dllcache\wmi.dll
+ 2004-08-10 18:36 . 2008-04-13 18:40 5376 c:\windows\system32\dllcache\viaide.sys
+ 2001-08-18 03:36 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2009-04-04 16:47 . 2008-04-13 18:36 5888 c:\windows\system32\dllcache\smbali.sys
+ 2009-04-04 16:47 . 2008-04-14 00:12 3901 c:\windows\system32\dllcache\siint5.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 7168 c:\windows\system32\dllcache\sensapi.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 5632 c:\windows\system32\dllcache\security.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 9216 c:\windows\system32\dllcache\scrnsave.scr
+ 2004-08-10 17:51 . 2004-08-04 10:00 3584 c:\windows\system32\dllcache\riched32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 7680 c:\windows\system32\dllcache\rasadhlp.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 8192 c:\windows\system32\dllcache\ntlsapi.dll
+ 2006-10-19 01:34 . 2008-04-13 18:39 5504 c:\windows\system32\dllcache\mstee.sys
+ 2006-10-17 11:23 . 2008-04-13 18:39 7552 c:\windows\system32\dllcache\mskssrv.sys
+ 2004-08-10 17:51 . 2008-04-14 00:11 4608 c:\windows\system32\dllcache\msimg32.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 6144 c:\windows\system32\dllcache\msdtc.exe
+ 2004-08-10 17:51 . 2004-08-04 10:00 2560 c:\windows\system32\dllcache\lz32.dll
+ 2006-10-17 11:23 . 2008-04-14 00:11 4096 c:\windows\system32\dllcache\ksuser.dll
+ 2004-08-10 17:51 . 2004-08-04 10:00 5632 c:\windows\system32\dllcache\kbdus.dll
+ 2004-08-10 17:58 . 2008-04-13 18:40 5504 c:\windows\system32\dllcache\intelide.sys
+ 2004-08-10 17:51 . 2008-04-14 00:09 3584 c:\windows\system32\dllcache\icmp.dll
+ 2004-08-10 18:02 . 2004-08-04 10:00 6656 c:\windows\system32\dllcache\hcappres.dll
+ 2009-04-04 16:46 . 2008-04-14 00:11 9216 c:\windows\system32\dllcache\dot3dlg.dll
+ 2004-08-10 17:50 . 2008-04-14 00:12 5120 c:\windows\system32\dllcache\dllhost.exe
+ 2004-08-10 17:50 . 2008-04-14 00:11 8704 c:\windows\system32\dllcache\dciman32.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 8192 c:\windows\system32\dllcache\d3d8thk.dll
+ 2004-08-10 17:50 . 2008-04-14 00:12 6144 c:\windows\system32\dllcache\csrss.exe
+ 2004-08-10 17:50 . 2008-04-14 00:12 5632 c:\windows\system32\dllcache\cisvc.exe
+ 2009-04-04 16:45 . 2008-04-14 00:11 3775 c:\windows\system32\dllcache\adv11nt5.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 3711 c:\windows\system32\dllcache\adv09nt5.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 3135 c:\windows\system32\dllcache\adv08nt5.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 3647 c:\windows\system32\dllcache\adv07nt5.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 3615 c:\windows\system32\dllcache\adv05nt5.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 3967 c:\windows\system32\dllcache\adv02nt5.dll
+ 2009-04-04 16:45 . 2008-04-14 00:11 4255 c:\windows\system32\dllcache\adv01nt5.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft_VsaVb.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.VisualC.Dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\IIEHost.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\IEExecRemote.dll
- 2006-10-17 11:47 . 2009-06-12 12:09 4710 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\WSBico.exe
+ 2006-10-17 11:47 . 2009-12-10 13:03 4710 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\WSBico.exe
- 2006-10-17 11:47 . 2009-06-12 12:09 4710 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\Win2Kico.exe
+ 2006-10-17 11:47 . 2009-12-10 13:03 4710 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\Win2Kico.exe
+ 2009-11-27 16:07 . 2009-11-27 16:07 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2010-07-18 02:32 . 2010-07-18 02:32 6656 c:\windows\assembly\tmp\V28EKQW2\IIEHost.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-11 08:04 . 2011-10-11 08:04 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-12-12 02:11 . 2011-12-12 02:11 8704 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.resources.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-07-12 12:53 . 2010-07-12 12:53 5120 c:\windows\$hf_mig$\KB979687\SP3QFE\xpsp4res.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 8704 c:\windows\$hf_mig$\KB977914\SP3QFE\tsbyuv.dll
+ 2011-02-17 12:32 . 2011-02-17 12:32 5120 c:\windows\$hf_mig$\KB2508429\SP3QFE\xpsp4res.dll
+ 2011-10-07 21:25 . 2010-08-13 12:53 5120 c:\windows\$hf_mig$\KB2360937\SP3QFE\xpsp4res.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-12 06:02 . 2009-07-12 06:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-12 06:02 . 2009-07-12 06:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-12 06:05 . 2009-07-12 06:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2011-05-14 06:17 . 2011-05-14 06:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 06:12 . 2011-05-14 06:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 06:11 . 2011-05-14 06:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
+ 2011-01-11 09:27 . 2011-01-11 09:27 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcr80.dll
+ 2011-01-11 09:24 . 2011-01-11 09:24 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcp80.dll
+ 2011-01-11 09:08 . 2011-01-11 09:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcm80.dll
+ 2004-08-10 18:02 . 2009-08-07 01:24 209632 c:\windows\system32\wuweb.dll
+ 2004-08-10 18:02 . 2009-08-07 01:24 327896 c:\windows\system32\wucltui.dll
+ 2004-08-10 18:02 . 2009-08-07 01:23 575704 c:\windows\system32\wuapi.dll
+ 2004-08-10 17:51 . 2009-04-02 04:02 604160 c:\windows\system32\wmspdmod.dll
+ 2004-08-04 12:56 . 2004-08-04 12:56 293376 c:\windows\system32\WISPTIS.EXE
+ 2004-08-10 17:51 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 293376 c:\windows\system32\winsrv.dll
+ 2004-08-10 17:51 . 2011-04-26 11:07 293376 c:\windows\system32\winsrv.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 832512 c:\windows\system32\wininet.dll
+ 2004-08-10 17:51 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll
+ 2011-12-12 02:10 . 2007-10-30 09:15 330240 c:\windows\system32\windowspowershell\v1.0\powershell.exe
+ 2006-08-13 16:06 . 2008-07-11 08:55 347648 c:\windows\system32\windowscodecsext.dll
- 2006-08-13 16:06 . 2008-04-14 00:12 712704 c:\windows\system32\windowscodecs.dll
+ 2006-08-13 16:06 . 2008-07-11 08:55 712704 c:\windows\system32\windowscodecs.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 233472 c:\windows\system32\webcheck.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 233472 c:\windows\system32\webcheck.dll
+ 2005-08-12 06:00 . 2010-08-12 04:07 100848 c:\windows\system32\VXBLOCK.dll
+ 2004-08-10 17:51 . 2011-03-04 06:45 434176 c:\windows\system32\vbscript.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 406016 c:\windows\system32\usp10.dll
+ 2004-08-10 17:51 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 106496 c:\windows\system32\url.dll
+ 2004-08-10 17:51 . 2010-08-27 08:02 119808 c:\windows\system32\t2embed.dll
- 2004-08-10 17:51 . 2009-06-16 14:36 119808 c:\windows\system32\t2embed.dll
+ 2004-08-10 17:51 . 2009-08-26 08:00 247326 c:\windows\system32\strmdll.dll
- 2004-08-10 17:51 . 2008-10-03 10:15 247326 c:\windows\system32\strmdll.dll
+ 2010-09-15 00:23 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\unires.dll
+ 2010-09-15 00:23 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\unidrvui.dll
+ 2010-09-15 00:23 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\unidrv.dll
+ 2010-09-15 00:23 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\mxdwdrv.dll
+ 2004-08-10 17:51 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 135168 c:\windows\system32\shsvcs.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 474112 c:\windows\system32\shlwapi.dll
+ 2004-08-10 17:51 . 2009-12-08 09:23 474112 c:\windows\system32\shlwapi.dll
+ 2004-08-10 17:51 . 2011-01-21 14:44 439296 c:\windows\system32\shimgvw.dll
+ 2004-08-10 17:51 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll
+ 2004-08-10 17:51 . 2011-02-09 13:53 270848 c:\windows\system32\sbe.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 270848 c:\windows\system32\sbe.dll
+ 2004-08-10 17:51 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll
+ 2006-10-17 11:39 . 2011-12-11 23:38 198832 c:\windows\system32\rmoc3260.dll
+ 2004-08-10 17:51 . 2009-10-12 13:38 149504 c:\windows\system32\rastls.dll
+ 2005-05-05 18:48 . 2010-08-12 04:07 440816 c:\windows\system32\pxwave.dll
+ 2005-05-05 18:49 . 2010-08-12 04:07 219632 c:\windows\system32\pxmas.dll
+ 2007-07-26 20:22 . 2010-08-12 04:07 126448 c:\windows\system32\pxinsi64.exe
+ 2005-10-31 06:01 . 2010-08-12 04:07 567792 c:\windows\system32\pxdrv.dll
+ 2008-03-04 00:01 . 2010-08-12 04:07 133616 c:\windows\system32\pxafs.dll
+ 2005-05-05 18:50 . 2010-08-12 04:07 698864 c:\windows\system32\px.dll
+ 2010-03-31 05:10 . 2010-03-31 05:10 295264 c:\windows\system32\PresentationHost.exe
+ 2004-08-10 17:51 . 2011-12-24 21:11 468524 c:\windows\system32\perfh009.dat
+ 2004-08-10 17:51 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll
+ 2004-08-10 17:51 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 249856 c:\windows\system32\odbc32.dll
+ 2004-08-10 17:51 . 2009-10-13 10:30 270336 c:\windows\system32\oakley.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 270336 c:\windows\system32\oakley.dll
+ 2004-08-10 17:51 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll
+ 2008-07-26 07:03 . 2009-08-07 01:23 215920 c:\windows\system32\muweb.dll
+ 2008-07-26 07:03 . 2009-08-07 01:23 274288 c:\windows\system32\mucltui.dll
- 2004-08-10 17:51 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2004-08-10 17:51 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
- 2004-08-10 17:51 . 2009-06-25 08:25 136192 c:\windows\system32\msv1_0.dll
+ 2004-08-10 17:51 . 2009-09-11 14:18 136192 c:\windows\system32\msv1_0.dll
- 2004-08-10 18:01 . 2008-04-14 00:12 677888 c:\windows\system32\mstsc.exe
+ 2004-08-10 18:01 . 2011-01-27 11:57 677888 c:\windows\system32\mstsc.exe
+ 2004-08-10 17:51 . 2011-08-17 21:32 671232 c:\windows\system32\mstime.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 671232 c:\windows\system32\mstime.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 193024 c:\windows\system32\msrating.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 193024 c:\windows\system32\msrating.dll
+ 2004-08-10 18:01 . 2009-12-16 18:43 343040 c:\windows\system32\mspaint.exe
- 2004-08-10 18:01 . 2008-04-14 00:12 343040 c:\windows\system32\mspaint.exe
+ 2004-08-10 17:51 . 2011-08-17 21:32 478720 c:\windows\system32\mshtmled.dll
+ 2007-08-14 00:54 . 2011-08-17 21:32 468480 c:\windows\system32\msfeeds.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 297808 c:\windows\system32\mscoree.dll
+ 2004-08-10 17:51 . 2011-02-08 13:33 974848 c:\windows\system32\mfc42u.dll
+ 2004-08-10 17:51 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll
+ 2011-12-28 00:59 . 2011-12-28 00:59 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe
+ 2011-12-25 01:57 . 2011-12-25 01:57 247968 c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe
+ 2011-12-25 01:57 . 2011-12-25 01:57 335520 c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.dll
- 2004-08-10 17:51 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2004-08-10 17:51 . 2010-12-20 17:26 730112 c:\windows\system32\lsasrv.dll
- 2004-08-10 17:51 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
+ 2004-08-10 17:51 . 2011-03-04 06:45 512000 c:\windows\system32\jscript.dll
+ 2011-12-27 15:25 . 2011-11-10 11:54 157472 c:\windows\system32\javaws.exe
+ 2011-12-27 15:25 . 2011-11-10 11:54 149280 c:\windows\system32\javaw.exe
+ 2011-12-27 15:25 . 2011-11-10 11:54 149280 c:\windows\system32\java.exe
+ 2004-08-04 12:56 . 2004-08-04 12:56 207360 c:\windows\system32\INKED.DLL
+ 2004-08-10 18:02 . 2011-05-02 15:31 692736 c:\windows\system32\inetcomm.dll
- 2007-08-14 00:34 . 2009-06-29 16:12 268288 c:\windows\system32\iertutil.dll
+ 2007-08-14 00:34 . 2011-08-17 21:32 268288 c:\windows\system32\iertutil.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 192512 c:\windows\system32\iepeers.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 384512 c:\windows\system32\iedkcs32.dll
- 2007-07-11 18:27 . 2009-06-29 16:12 380928 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 18:27 . 2011-08-17 21:32 380928 c:\windows\system32\ieapfltr.dll
- 2004-08-10 17:51 . 2009-06-29 08:33 161792 c:\windows\system32\ieakui.dll
+ 2004-08-10 17:51 . 2011-08-17 11:00 161792 c:\windows\system32\ieakui.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 230400 c:\windows\system32\ieaksie.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 153088 c:\windows\system32\ieakeng.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 153088 c:\windows\system32\ieakeng.dll
+ 2010-04-28 20:16 . 2011-12-25 00:25 260640 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-10 17:51 . 2011-08-17 21:32 133120 c:\windows\system32\extmgr.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 133120 c:\windows\system32\extmgr.dll
- 2004-08-10 17:51 . 2008-04-14 00:11 186880 c:\windows\system32\encdec.dll
+ 2004-08-10 17:51 . 2011-02-09 13:53 186880 c:\windows\system32\encdec.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 214528 c:\windows\system32\dxtrans.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 214528 c:\windows\system32\dxtrans.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-10 17:51 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2004-08-10 17:51 . 2011-02-17 13:18 357888 c:\windows\system32\drivers\srv.sys
+ 2009-12-03 03:23 . 2010-09-14 10:46 209640 c:\windows\system32\drivers\Sftplayxp.sys
+ 2009-12-03 03:23 . 2010-09-14 10:46 581480 c:\windows\system32\drivers\Sftfsxp.sys
+ 2004-08-10 18:01 . 2011-06-24 14:10 139656 c:\windows\system32\drivers\rdpwd.sys
- 2004-08-10 18:01 . 2008-04-14 00:13 139656 c:\windows\system32\drivers\rdpwd.sys
+ 2004-08-10 17:51 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
+ 2006-10-17 11:13 . 2011-07-15 13:29 456320 c:\windows\system32\drivers\mrxsmb.sys
+ 2004-08-04 04:00 . 2009-10-20 16:20 265728 c:\windows\system32\drivers\http.sys
- 2004-08-10 17:50 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-10 17:50 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-10 17:50 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 338432 c:\windows\system32\dllcache\zipfldr.dll
+ 2006-10-17 11:31 . 2008-04-13 17:39 689152 c:\windows\system32\dllcache\xpsp3res.dll
+ 2004-08-10 17:51 . 2008-04-13 17:39 187392 c:\windows\system32\dllcache\xpsp1res.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 129024 c:\windows\system32\dllcache\xmlprov.dll
+ 2004-08-04 05:56 . 2008-04-14 00:12 483840 c:\windows\system32\dllcache\wzcsvc.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 383488 c:\windows\system32\dllcache\wzcdlg.dll
+ 2004-08-10 18:02 . 2009-08-07 01:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2004-08-10 18:02 . 2009-08-07 01:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2004-08-10 18:02 . 2009-08-07 01:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2004-08-10 18:01 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe
+ 2004-08-10 17:51 . 2009-04-02 04:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
- 2009-04-15 06:14 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2004-08-10 18:01 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2004-08-10 18:01 . 2008-04-14 00:12 156672 c:\windows\system32\dllcache\wmipcima.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 126464 c:\windows\system32\dllcache\wmiapsrv.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 172032 c:\windows\system32\dllcache\wldap32.dll
+ 2004-08-10 17:51 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2011-04-26 11:07 . 2011-04-26 11:07 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 146432 c:\windows\system32\dllcache\winspool.drv
- 2004-08-10 17:57 . 2008-04-14 00:12 146432 c:\windows\system32\dllcache\winspool.drv
+ 2004-08-10 17:51 . 2008-04-14 00:12 176128 c:\windows\system32\dllcache\winmm.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 507904 c:\windows\system32\dllcache\winlogon.exe
+ 2004-08-10 17:51 . 2011-08-17 21:32 832512 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-10 17:51 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 589312 c:\windows\system32\dllcache\wiashext.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 233472 c:\windows\system32\dllcache\webcheck.dll
- 2007-08-14 00:54 . 2009-06-29 16:12 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 273920 c:\windows\system32\dllcache\wbemess.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 214528 c:\windows\system32\dllcache\wbemcomn.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 175104 c:\windows\system32\dllcache\w32time.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 289792 c:\windows\system32\dllcache\vssvc.exe
+ 2004-08-10 17:51 . 2011-03-04 06:45 434176 c:\windows\system32\dllcache\vbscript.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 218624 c:\windows\system32\dllcache\uxtheme.dll
+ 2004-08-10 17:51 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 727040 c:\windows\system32\dllcache\userenv.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 578560 c:\windows\system32\dllcache\user32.dll
+ 2009-04-04 16:48 . 2008-04-13 18:46 121984 c:\windows\system32\dllcache\usbvideo.sys
+ 2004-08-10 17:51 . 2011-08-17 21:32 106496 c:\windows\system32\dllcache\url.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 185856 c:\windows\system32\dllcache\upnphost.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 133632 c:\windows\system32\dllcache\upnp.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 275456 c:\windows\system32\dllcache\ulib.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 130048 c:\windows\system32\dllcache\tsoc.dll
+ 2004-08-10 17:50 . 2008-04-14 00:12 347136 c:\windows\system32\dllcache\tourstrt.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 385536 c:\windows\system32\dllcache\themeui.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 295424 c:\windows\system32\dllcache\termsrv.dll
+ 2004-08-10 17:51 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 135680 c:\windows\system32\dllcache\taskmgr.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 249856 c:\windows\system32\dllcache\tapisrv.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 181760 c:\windows\system32\dllcache\tapi32.dll
- 2004-08-10 17:51 . 2009-06-16 14:36 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2004-08-10 17:51 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 990208 c:\windows\system32\dllcache\syssetup.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 191488 c:\windows\system32\dllcache\syncui.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 713216 c:\windows\system32\dllcache\sxs.dll
+ 2004-08-10 17:51 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
- 2004-08-10 17:51 . 2008-10-03 10:15 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 121856 c:\windows\system32\dllcache\stobject.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 136704 c:\windows\system32\dllcache\sti_ci.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 679936 c:\windows\system32\dllcache\sstext3d.scr
+ 2004-08-10 17:51 . 2008-04-14 00:12 610304 c:\windows\system32\dllcache\sspipes.scr
+ 2004-08-10 17:51 . 2008-04-14 00:12 393216 c:\windows\system32\dllcache\ssflwbox.scr
+ 2004-08-10 17:51 . 2008-04-14 00:12 704512 c:\windows\system32\dllcache\ss3dfo.scr
+ 2009-04-18 09:01 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 250368 c:\windows\system32\dllcache\sptip.dll
+ 2009-04-04 16:47 . 2004-08-04 03:41 404990 c:\windows\system32\dllcache\slntamr.sys
+ 2009-04-04 16:47 . 2004-08-04 03:41 129535 c:\windows\system32\dllcache\slnt7554.sys
+ 2004-08-10 17:51 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 152064 c:\windows\system32\dllcache\shmedia.dll
+ 2004-08-10 17:51 . 2009-12-08 09:23 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2004-08-10 17:51 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
+ 2004-08-10 17:51 . 2008-04-13 17:03 549376 c:\windows\system32\dllcache\shdoclc.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 140288 c:\windows\system32\dllcache\sfc_os.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 101376 c:\windows\system32\dllcache\setupqry.dll
+ 2004-08-10 17:51 . 2008-04-14 10:42 985088 c:\windows\system32\dllcache\setupapi.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 141312 c:\windows\system32\dllcache\sessmgr.exe
+ 2004-08-10 17:51 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\services.exe
- 2009-04-15 06:14 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\services.exe
+ 2004-08-10 17:51 . 2008-05-09 10:53 172032 c:\windows\system32\dllcache\scrrun.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 172032 c:\windows\system32\dllcache\scrrun.dll
+ 2004-08-10 17:51 . 2008-05-09 10:53 180224 c:\windows\system32\dllcache\scrobj.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 180224 c:\windows\system32\dllcache\scrobj.dll
+ 2004-08-10 17:51 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 270848 c:\windows\system32\dllcache\sbe.dll
+ 2004-08-10 17:51 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
+ 2009-04-04 16:47 . 2008-04-13 16:34 166912 c:\windows\system32\dllcache\s3gnbm.sys
+ 2004-08-10 18:01 . 2004-08-04 10:00 753236 c:\windows\system32\dllcache\rvseres.dll
+ 2004-08-10 17:51 . 2004-08-04 10:00 132608 c:\windows\system32\dllcache\rsvp.exe
+ 2004-08-10 18:02 . 2008-04-14 00:12 380416 c:\windows\system32\dllcache\rstrui.exe
+ 2004-08-10 17:51 . 2008-04-13 17:37 208384 c:\windows\system32\dllcache\rsaenh.dll
+ 2004-08-10 17:51 . 2009-02-09 12:10 401408 c:\windows\system32\dllcache\rpcss.dll
- 2009-04-15 06:14 . 2009-02-09 12:10 401408 c:\windows\system32\dllcache\rpcss.dll
+ 2004-08-10 17:51 . 2010-08-16 08:45 590848 c:\windows\system32\dllcache\rpcrt4.dll
- 2009-04-18 09:01 . 2008-05-08 14:02 203136 c:\windows\system32\dllcache\rmcast.sys
+ 2004-08-10 17:51 . 2008-05-08 14:02 203136 c:\windows\system32\dllcache\rmcast.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 433664 c:\windows\system32\dllcache\riched20.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 146432 c:\windows\system32\dllcache\regedit.exe
+ 2004-08-10 18:01 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys
+ 2004-08-10 18:01 . 2008-04-13 18:32 196224 c:\windows\system32\dllcache\rdpdr.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 102400 c:\windows\system32\dllcache\rcbdyctl.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38 149504 c:\windows\system32\dllcache\rastls.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 210944 c:\windows\system32\dllcache\rasppp.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 186368 c:\windows\system32\dllcache\rasmans.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 658432 c:\windows\system32\dllcache\rasdlg.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 237056 c:\windows\system32\dllcache\rasapi32.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 409088 c:\windows\system32\dllcache\qmgr.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 192512 c:\windows\system32\dllcache\qcap.dll
+ 2009-04-04 16:46 . 2008-04-14 00:12 291328 c:\windows\system32\dllcache\qagentrt.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 109568 c:\windows\system32\dllcache\progman.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 176128 c:\windows\system32\dllcache\photowiz.dll
+ 2004-08-10 17:51 . 2009-03-06 14:22 284160 c:\windows\system32\dllcache\pdh.dll
- 2009-04-15 06:14 . 2009-03-06 14:22 284160 c:\windows\system32\dllcache\pdh.dll
+ 2004-08-04 04:07 . 2008-04-13 18:36 120192 c:\windows\system32\dllcache\pcmcia.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 215552 c:\windows\system32\dllcache\osk.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 713728 c:\windows\system32\dllcache\opengl32.dll
+ 2009-04-04 16:46 . 2008-04-14 00:12 144384 c:\windows\system32\dllcache\onex.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 122880 c:\windows\system32\dllcache\oledlg.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 487424 c:\windows\system32\dllcache\oledb32.dll
+ 2004-08-10 17:51 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2004-08-10 17:51 . 2004-08-04 10:00 163328 c:\windows\system32\dllcache\oleacc.dll
+ 2004-08-10 17:51 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2011-06-21 18:45 . 2011-08-17 21:32 102912 c:\windows\system32\dllcache\occache.dll
- 2009-03-29 17:16 . 2009-06-29 16:12 102912 c:\windows\system32\dllcache\occache.dll
+ 2009-10-13 10:30 . 2009-10-13 10:30 270336 c:\windows\system32\dllcache\oakley.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 142336 c:\windows\system32\dllcache\nwprovau.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 143360 c:\windows\system32\dllcache\ntshrui.dll
+ 2009-04-04 16:46 . 2004-08-04 03:41 180360 c:\windows\system32\dllcache\ntmtlfax.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 435200 c:\windows\system32\dllcache\ntmssvc.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 118784 c:\windows\system32\dllcache\ntmarta.dll
+ 2004-08-10 17:51 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 364544 c:\windows\system32\dllcache\npdsplay.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 188416 c:\windows\system32\dllcache\nmwb.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 247808 c:\windows\system32\dllcache\newdev.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 245760 c:\windows\system32\dllcache\netui1.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 875008 c:\windows\system32\dllcache\netplwiz.dll
+ 2004-08-10 17:51 . 2004-08-04 10:00 171008 c:\windows\system32\dllcache\netmsg.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 198144 c:\windows\system32\dllcache\netman.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 111104 c:\windows\system32\dllcache\netdde.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 622592 c:\windows\system32\dllcache\netcfgx.dll
- 2009-04-18 13:04 . 2008-10-15 16:34 337408 c:\windows\system32\dllcache\netapi32.dll
+ 2006-10-17 11:13 . 2008-10-15 16:34 337408 c:\windows\system32\dllcache\netapi32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 124928 c:\windows\system32\dllcache\net1.exe
+ 2004-08-10 17:51 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\ndis.sys
+ 2004-08-10 17:51 . 2011-04-21 13:37 105472 c:\windows\system32\dllcache\mup.sys
+ 2009-04-04 16:46 . 2008-04-13 16:34 452736 c:\windows\system32\dllcache\mtxparhm.sys
+ 2009-04-04 16:46 . 2004-08-04 03:41 126686 c:\windows\system32\dllcache\mtlmnt5.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 506368 c:\windows\system32\dllcache\msxml.dll
- 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2004-08-10 17:51 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 121344 c:\windows\system32\dllcache\msvfw32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 343040 c:\windows\system32\dllcache\msvcrt.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 413696 c:\windows\system32\dllcache\msvcp60.dll
+ 2004-08-10 17:51 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 195072 c:\windows\system32\dllcache\msutb.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 274944 c:\windows\system32\dllcache\mstask.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-10 18:01 . 2009-12-16 18:43 343040 c:\windows\system32\dllcache\mspaint.exe
+ 2004-08-10 18:02 . 2008-04-14 00:12 105984 c:\windows\system32\dllcache\msoert2.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 290816 c:\windows\system32\dllcache\msnsspc.dll
+ 2004-08-10 17:51 . 2007-08-14 00:54 156160 c:\windows\system32\dllcache\msls31.dll
- 2007-08-14 00:54 . 2007-08-14 00:54 156160 c:\windows\system32\dllcache\msls31.dll
- 2004-08-10 18:02 . 2008-04-14 00:12 102400 c:\windows\system32\dllcache\msjro.dll
+ 2004-08-10 18:02 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
+ 2004-08-10 18:02 . 2008-04-14 00:11 376832 c:\windows\system32\dllcache\msinfo.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 159232 c:\windows\system32\dllcache\msimtf.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 248832 c:\windows\system32\dllcache\msieftp.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 478720 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-10 18:01 . 2004-08-04 10:00 126976 c:\windows\system32\dllcache\mshearts.exe
+ 2004-08-10 17:51 . 2008-04-14 00:11 997376 c:\windows\system32\dllcache\msgina.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 539136 c:\windows\system32\dllcache\msftedit.dll
+ 2007-11-29 02:48 . 2011-08-17 21:32 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 297984 c:\windows\system32\dllcache\msctf.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 169984 c:\windows\system32\dllcache\msconfig.exe
+ 2004-08-10 18:02 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
- 2004-08-10 18:02 . 2008-04-14 00:11 200704 c:\windows\system32\dllcache\msadox.dll
+ 2004-08-10 18:02 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
- 2004-08-10 18:02 . 2008-04-14 00:11 180224 c:\windows\system32\dllcache\msadomd.dll
- 2004-08-10 18:02 . 2008-04-14 00:11 536576 c:\windows\system32\dllcache\msado15.dll
+ 2004-08-10 18:02 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
- 2004-08-10 18:02 . 2008-04-14 00:11 143360 c:\windows\system32\dllcache\msadco.dll
+ 2004-08-10 18:02 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
+ 2009-04-18 13:05 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2004-08-10 17:51 . 2008-04-13 16:45 216064 c:\windows\system32\dllcache\moricons.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 153600 c:\windows\system32\dllcache\modemui.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 163328 c:\windows\system32\dllcache\mmcbase.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 586240 c:\windows\system32\dllcache\mlang.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 245248 c:\windows\system32\dllcache\migwiz.exe
+ 2004-08-10 17:51 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2004-08-10 17:51 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2009-04-15 06:14 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
- 2009-04-15 06:14 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 220672 c:\windows\system32\dllcache\logon.scr
+ 2004-08-10 17:51 . 2008-04-14 10:41 423936 c:\windows\system32\dllcache\licdll.dll
+ 2004-08-10 18:01 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
- 2009-03-21 14:06 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\kernel32.dll
+ 2004-08-10 17:51 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\kernel32.dll
- 2008-05-09 10:53 . 2009-08-13 15:16 512000 c:\windows\system32\dllcache\jscript.dll
+ 2004-08-10 17:51 . 2011-03-04 06:45 512000 c:\windows\system32\dllcache\jscript.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 138240 c:\windows\system32\dllcache\itss.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 331264 c:\windows\system32\dllcache\ipnathlp.dll
+ 2004-08-10 17:51 . 2008-04-13 18:57 152832 c:\windows\system32\dllcache\ipnat.sys
+ 2004-08-10 18:02 . 2011-05-02 15:31 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 123392 c:\windows\system32\dllcache\imsinsnt.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 110080 c:\windows\system32\dllcache\imm32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 150528 c:\windows\system32\dllcache\imapi.exe
+ 2004-08-10 17:51 . 2008-04-14 00:11 144384 c:\windows\system32\dllcache\imagehlp.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 505344 c:\windows\system32\dllcache\iis.dll
+ 2004-08-10 18:02 . 2011-08-17 11:01 634632 c:\windows\system32\dllcache\iexplore.exe
- 2007-08-14 00:43 . 2009-06-29 08:35 634632 c:\windows\system32\dllcache\iexplore.exe
+ 2007-11-29 02:48 . 2011-08-17 21:32 268288 c:\windows\system32\dllcache\iertutil.dll
- 2007-11-29 02:48 . 2009-06-29 16:12 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-11-29 02:48 . 2011-08-17 21:32 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2007-11-29 02:48 . 2009-06-29 16:12 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2004-08-10 17:51 . 2009-06-29 08:33 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-10 17:51 . 2011-08-17 11:00 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-10 17:51 . 2009-06-29 16:12 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 254976 c:\windows\system32\dllcache\icm32.dll
+ 2004-08-04 04:00 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2009-04-04 16:46 . 2004-08-04 03:41 685056 c:\windows\system32\dllcache\hsfcxts2.sys
+ 2009-04-04 16:46 . 2004-08-04 03:41 220032 c:\windows\system32\dllcache\hsfbs2s2.sys
+ 2004-08-10 17:51 . 2008-04-14 00:11 330752 c:\windows\system32\dllcache\hnetwiz.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 344064 c:\windows\system32\dllcache\hnetcfg.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 769024 c:\windows\system32\dllcache\helpctr.exe
+ 2004-08-10 17:51 . 2008-04-14 00:11 122880 c:\windows\system32\dllcache\glu32.dll
- 2008-10-23 12:36 . 2008-10-23 12:36 286720 c:\windows\system32\dllcache\gdi32.dll
+ 2004-08-10 17:51 . 2008-10-23 12:36 286720 c:\windows\system32\dllcache\gdi32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 132608 c:\windows\system32\dllcache\fxsocm.dll
+ 2004-08-10 18:01 . 2008-04-14 00:11 185344 c:\windows\system32\dllcache\framedyn.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 382976 c:\windows\system32\dllcache\fontext.dll
+ 2004-08-10 18:02 . 2008-04-13 18:32 129792 c:\windows\system32\dllcache\fltmgr.sys
- 2009-04-15 06:14 . 2009-02-09 12:10 473600 c:\windows\system32\dllcache\fastprox.dll
+ 2004-08-10 18:01 . 2009-02-09 12:10 473600 c:\windows\system32\dllcache\fastprox.dll
+ 2004-08-10 17:51 . 2008-04-13 19:14 143744 c:\windows\system32\dllcache\fastfat.sys
+ 2004-08-10 17:51 . 2008-04-14 00:11 125952 c:\windows\system32\dllcache\exts.dll
- 2006-10-17 11:34 . 2009-06-29 16:12 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 133120 c:\windows\system32\dllcache\extmgr.dll
- 2008-07-07 20:26 . 2008-07-07 20:26 253952 c:\windows\system32\dllcache\es.dll
+ 2004-08-10 17:51 . 2008-07-07 20:26 253952 c:\windows\system32\dllcache\es.dll
- 2004-08-10 17:51 . 2008-04-14 00:11 186880 c:\windows\system32\dllcache\encdec.dll
+ 2004-08-10 17:51 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2009-04-04 16:46 . 2008-04-14 00:11 126976 c:\windows\system32\dllcache\eappcfg.dll
- 2006-10-17 11:34 . 2009-06-29 16:12 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-10 17:51 . 2011-08-17 21:32 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2006-10-17 11:34 . 2009-06-29 16:12 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 180224 c:\windows\system32\dllcache\dwwin.exe
+ 2004-08-10 17:51 . 2008-04-14 00:11 304128 c:\windows\system32\dllcache\duser.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 113152 c:\windows\system32\dllcache\dsuiext.dll
+ 2004-08-10 17:51 . 2008-04-13 17:37 138752 c:\windows\system32\dllcache\dssenh.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 239104 c:\windows\system32\dllcache\dsquery.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 367616 c:\windows\system32\dllcache\dsound.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 155648 c:\windows\system32\dllcache\dskquoui.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 181248 c:\windows\system32\dllcache\dsdmo.dll
+ 2004-08-10 17:50 . 2008-04-13 21:00 103424 c:\windows\system32\dllcache\dpcdll.dll
+ 2009-04-04 16:46 . 2008-04-14 00:11 132096 c:\windows\system32\dllcache\dot3svc.dll
+ 2004-08-10 17:50 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2004-08-10 17:50 . 2008-04-13 18:44 153344 c:\windows\system32\dllcache\dmio.sys
+ 2004-08-10 17:50 . 2008-04-13 18:44 799744 c:\windows\system32\dllcache\dmboot.sys
+ 2004-08-10 17:50 . 2008-04-14 00:12 224768 c:\windows\system32\dllcache\dmadmin.exe
+ 2004-08-10 17:50 . 2008-04-14 00:11 158720 c:\windows\system32\dllcache\dinput.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 126976 c:\windows\system32\dllcache\dhcpcsvc.dll
+ 2004-08-10 17:50 . 2008-04-14 00:12 105472 c:\windows\system32\dllcache\dfrgntfs.exe
+ 2004-08-10 17:50 . 2008-04-14 00:11 282624 c:\windows\system32\dllcache\devmgr.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 279552 c:\windows\system32\dllcache\ddraw.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 640000 c:\windows\system32\dllcache\dbghelp.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 824320 c:\windows\system32\dllcache\d3dim700.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 326656 c:\windows\system32\dllcache\cscui.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 101888 c:\windows\system32\dllcache\cscdll.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 512512 c:\windows\system32\dllcache\cryptui.dll
+ 2004-08-10 17:50 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 163840 c:\windows\system32\dllcache\credui.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 274944 c:\windows\system32\dllcache\comsetup.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 792064 c:\windows\system32\dllcache\comres.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 252928 c:\windows\system32\dllcache\compatui.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 276992 c:\windows\system32\dllcache\comdlg32.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2004-08-10 17:50 . 2008-04-14 00:12 389120 c:\windows\system32\dllcache\cmd.exe
+ 2004-08-10 18:01 . 2008-04-14 00:11 498688 c:\windows\system32\dllcache\clbcatq.dll
+ 2004-08-10 18:01 . 2004-08-04 10:00 780885 c:\windows\system32\dllcache\chkrres.dll
+ 2004-08-10 18:01 . 2008-04-14 00:11 625664 c:\windows\system32\dllcache\catsrvut.dll
+ 2004-08-10 18:01 . 2008-04-14 00:11 226304 c:\windows\system32\dllcache\catsrv.dll
- 2009-04-18 09:00 . 2008-06-13 11:05 272128 c:\windows\system32\dllcache\bthport.sys
+ 2008-06-12 15:46 . 2008-06-13 11:05 272128 c:\windows\system32\dllcache\bthport.sys
+ 2009-04-04 16:45 . 2008-04-13 18:51 101120 c:\windows\system32\dllcache\bthpan.sys
+ 2011-02-15 12:56 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2009-04-04 16:45 . 2008-04-13 16:34 104960 c:\windows\system32\dllcache\atinrvxx.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 701440 c:\windows\system32\dllcache\ati2mtag.sys
+ 2009-04-04 16:45 . 2008-04-13 16:34 327040 c:\windows\system32\dllcache\ati2mtaa.sys
+ 2004-08-10 17:50 . 2008-04-14 00:11 125952 c:\windows\system32\dllcache\apphelp.dll
+ 2008-06-20 11:40 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
- 2007-08-14 00:39 . 2009-06-29 16:12 124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-10 17:50 . 2011-08-17 21:32 124928 c:\windows\system32\dllcache\advpack.dll
- 2009-04-15 06:14 . 2009-02-09 12:10 617472 c:\windows\system32\dllcache\advapi32.dll
+ 2004-08-10 17:50 . 2009-02-09 12:10 617472 c:\windows\system32\dllcache\advapi32.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 143360 c:\windows\system32\dllcache\adsldpc.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 193536 c:\windows\system32\dllcache\activeds.dll
+ 2004-08-04 04:07 . 2008-04-13 18:36 187776 c:\windows\system32\dllcache\acpi.sys
+ 2004-08-10 17:50 . 2008-04-14 00:11 115712 c:\windows\system32\dllcache\aclui.dll
+ 2004-08-10 17:50 . 2009-11-21 15:51 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 184320 c:\windows\system32\dllcache\accwiz.exe
+ 2004-08-10 17:50 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 843776 c:\windows\system32\divx_xx16.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 839680 c:\windows\system32\divx_xx11.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 856064 c:\windows\system32\divx_xx0c.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 847872 c:\windows\system32\divx_xx0a.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 856064 c:\windows\system32\divx_xx07.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 720384 c:\windows\system32\DivX.dll
- 2004-08-10 17:50 . 2008-04-14 00:11 599040 c:\windows\system32\crypt32.dll
+ 2004-08-10 17:50 . 2011-09-28 07:06 599040 c:\windows\system32\crypt32.dll
+ 2004-08-10 17:50 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll
+ 2004-08-10 17:50 . 2011-08-17 21:32 124928 c:\windows\system32\advpack.dll
- 2004-08-10 17:50 . 2009-06-29 16:12 124928 c:\windows\system32\advpack.dll
+ 2004-08-10 17:50 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll
+ 2010-03-31 05:16 . 2010-03-31 05:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-08 04:48 . 2010-04-08 04:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2010-04-08 04:48 . 2010-04-08 04:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
- 2008-07-30 00:16 . 2008-07-30 00:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-09-22 14:43 . 2010-09-22 14:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 17:22 . 2010-02-09 17:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2011-01-18 09:39 . 2011-01-18 09:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 09:39 . 2011-01-18 09:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-01-18 09:39 . 2011-01-18 09:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Web.Services.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Web.Mobile.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Transactions.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.ServiceProcess.dll
+ 2010-07-18 02:32 . 2010-02-09 17:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Security.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Runtime.Remoting.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Messaging.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Management.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.EnterpriseServices.Wrapper.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.EnterpriseServices.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Drawing.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.DirectoryServices.Protocols.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.DirectoryServices.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Deployment.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Data.SqlXml.dll
+ 2010-07-18 02:32 . 2008-11-25 09:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Data.OracleClient.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.configuration.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\sysglobl.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.VisualBasic.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.VisualBasic.Compatibility.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.JScript.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.Build.Tasks.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\Microsoft.Build.Engine.dll
+ 2010-07-18 02:32 . 2008-07-25 16:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\AspNetMMCExt.dll
- 2007-04-14 01:58 . 2007-04-14 01:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2011-07-07 17:04 . 2011-07-07 17:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-14 01:56 . 2007-04-14 01:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-07-07 17:01 . 2011-07-07 17:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-07-07 18:09 . 2011-07-07 18:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2007-04-14 02:30 . 2007-04-14 02:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-10-07 21:43 . 2011-10-07 21:43 467456 c:\windows\Installer\c144a.msi
+ 2011-12-27 15:28 . 2011-12-27 15:28 203776 c:\windows\Installer\bc2cd.msi
+ 2010-09-24 02:02 . 2010-09-24 02:02 798208 c:\windows\Installer\aac94.msp
+ 2010-09-26 16:34 . 2010-09-26 16:34 169472 c:\windows\Installer\9a2244c.msi
+ 2010-09-14 23:48 . 2010-09-14 23:48 360448 c:\windows\Installer\9345a2.msi
+ 2009-11-06 00:08 . 2009-11-06 00:08 549888 c:\windows\Installer\6cf6ee.msi
+ 2009-11-05 23:58 . 2009-11-05 23:58 155648 c:\windows\Installer\6cf658.msi
+ 2011-10-08 20:36 . 2011-10-08 20:36 459264 c:\windows\Installer\5455de.msi
+ 2009-11-25 13:23 . 2009-11-25 13:23 429568 c:\windows\Installer\3aea9cf.msi
+ 2010-02-25 05:14 . 2010-02-25 05:14 543232 c:\windows\Installer\1b2815.msp
+ 2006-10-17 11:47 . 2009-12-10 13:03 184320 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_9FA356B1395F_4530_8CB3_946ED0B3291E.exe
- 2006-10-17 11:47 . 2009-06-12 12:09 184320 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_9FA356B1395F_4530_8CB3_946ED0B3291E.exe
+ 2010-09-21 05:07 . 2010-09-21 05:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\readerupdater.exe
+ 2010-09-23 00:10 . 2010-09-23 00:10 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\nppdf32.dll
+ 2010-09-11 00:17 . 2010-09-11 00:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\JP2KLib.dll
+ 2010-09-23 02:41 . 2010-09-23 02:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AdobeCollabSync.exe
+ 2010-09-21 05:07 . 2010-09-21 05:07 932288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\adobearm.exe
+ 2010-09-23 10:47 . 2010-09-23 10:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.exe
+ 2010-09-23 00:04 . 2010-09-23 00:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroPDF.dll
+ 2010-09-23 01:39 . 2010-09-23 01:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrobroker.exe
+ 2010-09-21 05:07 . 2010-09-21 05:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrobatupdater.exe
+ 2010-09-23 00:50 . 2010-09-23 00:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\a3dutility.exe
+ 2010-02-28 07:33 . 2010-02-28 07:33 821664 c:\windows\Installer\$PatchCache$\Managed\00004109D60090400000000000F01FEC\14.0.4763\CVHSVC.EXE
+ 2010-07-18 02:29 . 2010-01-05 10:00 832512 c:\windows\ie7updates\KB982381-IE7\wininet.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 233472 c:\windows\ie7updates\KB982381-IE7\webcheck.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 105984 c:\windows\ie7updates\KB982381-IE7\url.dll
+ 2010-07-18 02:29 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB982381-IE7\spuninst\updspapi.dll
+ 2010-07-18 02:29 . 2008-07-08 13:02 231288 c:\windows\ie7updates\KB982381-IE7\spuninst\spuninst.exe
+ 2010-07-18 02:29 . 2010-01-05 10:00 671232 c:\windows\ie7updates\KB982381-IE7\mstime.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 193024 c:\windows\ie7updates\KB982381-IE7\msrating.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 477696 c:\windows\ie7updates\KB982381-IE7\mshtmled.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 459264 c:\windows\ie7updates\KB982381-IE7\msfeeds.dll
+ 2010-07-18 02:29 . 2009-12-18 13:05 634648 c:\windows\ie7updates\KB982381-IE7\iexplore.exe
+ 2010-07-18 02:29 . 2010-01-05 10:00 268288 c:\windows\ie7updates\KB982381-IE7\iertutil.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 192512 c:\windows\ie7updates\KB982381-IE7\iepeers.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 385024 c:\windows\ie7updates\KB982381-IE7\iedkcs32.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 380928 c:\windows\ie7updates\KB982381-IE7\ieapfltr.dll
+ 2010-07-18 02:29 . 2009-12-18 13:04 161792 c:\windows\ie7updates\KB982381-IE7\ieakui.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 230400 c:\windows\ie7updates\KB982381-IE7\ieaksie.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 153088 c:\windows\ie7updates\KB982381-IE7\ieakeng.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 133120 c:\windows\ie7updates\KB982381-IE7\extmgr.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 214528 c:\windows\ie7updates\KB982381-IE7\dxtrans.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 347136 c:\windows\ie7updates\KB982381-IE7\dxtmsft.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 124928 c:\windows\ie7updates\KB982381-IE7\advpack.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 832512 c:\windows\ie7updates\KB978207-IE7\wininet.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 233472 c:\windows\ie7updates\KB978207-IE7\webcheck.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 105984 c:\windows\ie7updates\KB978207-IE7\url.dll
+ 2010-01-22 00:26 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB978207-IE7\spuninst\updspapi.dll
+ 2010-01-22 00:26 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB978207-IE7\spuninst\spuninst.exe
+ 2010-01-22 00:26 . 2009-10-29 07:46 671232 c:\windows\ie7updates\KB978207-IE7\mstime.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 193024 c:\windows\ie7updates\KB978207-IE7\msrating.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 477696 c:\windows\ie7updates\KB978207-IE7\mshtmled.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 459264 c:\windows\ie7updates\KB978207-IE7\msfeeds.dll
+ 2010-01-22 00:26 . 2009-10-28 06:54 634632 c:\windows\ie7updates\KB978207-IE7\iexplore.exe
+ 2010-01-22 00:26 . 2009-10-29 07:46 268288 c:\windows\ie7updates\KB978207-IE7\iertutil.dll
+ 2010-01-22 00:26 . 2007-08-14 00:54 191488 c:\windows\ie7updates\KB978207-IE7\iepeers.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 385024 c:\windows\ie7updates\KB978207-IE7\iedkcs32.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 380928 c:\windows\ie7updates\KB978207-IE7\ieapfltr.dll
+ 2010-01-22 00:26 . 2009-10-28 06:52 161792 c:\windows\ie7updates\KB978207-IE7\ieakui.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 230400 c:\windows\ie7updates\KB978207-IE7\ieaksie.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 153088 c:\windows\ie7updates\KB978207-IE7\ieakeng.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 133120 c:\windows\ie7updates\KB978207-IE7\extmgr.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 214528 c:\windows\ie7updates\KB978207-IE7\dxtrans.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 347136 c:\windows\ie7updates\KB978207-IE7\dxtmsft.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 124928 c:\windows\ie7updates\KB978207-IE7\advpack.dll
+ 2009-11-05 12:58 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB976749-IE7\spuninst\updspapi.dll
+ 2009-11-05 12:58 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB976749-IE7\spuninst\spuninst.exe
+ 2009-12-10 13:03 . 2009-08-29 07:36 832512 c:\windows\ie7updates\KB976325-IE7\wininet.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 233472 c:\windows\ie7updates\KB976325-IE7\webcheck.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 105984 c:\windows\ie7updates\KB976325-IE7\url.dll
+ 2009-12-10 13:03 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB976325-IE7\spuninst\updspapi.dll
+ 2009-12-10 13:03 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB976325-IE7\spuninst\spuninst.exe
+ 2009-12-10 13:03 . 2009-08-29 07:36 102912 c:\windows\ie7updates\KB976325-IE7\occache.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 671232 c:\windows\ie7updates\KB976325-IE7\mstime.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 193024 c:\windows\ie7updates\KB976325-IE7\msrating.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 477696 c:\windows\ie7updates\KB976325-IE7\mshtmled.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 459264 c:\windows\ie7updates\KB976325-IE7\msfeeds.dll
+ 2009-12-10 13:03 . 2009-08-27 05:18 634648 c:\windows\ie7updates\KB976325-IE7\iexplore.exe
+ 2009-12-10 13:03 . 2009-08-29 07:36 268288 c:\windows\ie7updates\KB976325-IE7\iertutil.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 385024 c:\windows\ie7updates\KB976325-IE7\iedkcs32.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 380928 c:\windows\ie7updates\KB976325-IE7\ieapfltr.dll
+ 2009-12-10 13:03 . 2009-08-27 05:18 161792 c:\windows\ie7updates\KB976325-IE7\ieakui.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 230400 c:\windows\ie7updates\KB976325-IE7\ieaksie.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 153088 c:\windows\ie7updates\KB976325-IE7\ieakeng.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 133120 c:\windows\ie7updates\KB976325-IE7\extmgr.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 214528 c:\windows\ie7updates\KB976325-IE7\dxtrans.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 347136 c:\windows\ie7updates\KB976325-IE7\dxtmsft.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 124928 c:\windows\ie7updates\KB976325-IE7\advpack.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 827392 c:\windows\ie7updates\KB974455-IE7\wininet.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 233472 c:\windows\ie7updates\KB974455-IE7\webcheck.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 105984 c:\windows\ie7updates\KB974455-IE7\url.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB974455-IE7\spuninst\updspapi.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB974455-IE7\spuninst\spuninst.exe
+ 2009-10-14 11:58 . 2009-06-29 16:12 102912 c:\windows\ie7updates\KB974455-IE7\occache.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 671232 c:\windows\ie7updates\KB974455-IE7\mstime.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 193024 c:\windows\ie7updates\KB974455-IE7\msrating.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 477696 c:\windows\ie7updates\KB974455-IE7\mshtmled.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 459264 c:\windows\ie7updates\KB974455-IE7\msfeeds.dll
+ 2009-10-14 11:58 . 2009-06-29 08:35 634632 c:\windows\ie7updates\KB974455-IE7\iexplore.exe
+ 2009-10-14 11:58 . 2009-06-29 16:12 268288 c:\windows\ie7updates\KB974455-IE7\iertutil.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 385024 c:\windows\ie7updates\KB974455-IE7\iedkcs32.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 380928 c:\windows\ie7updates\KB974455-IE7\ieapfltr.dll
+ 2009-10-14 11:58 . 2009-06-29 08:33 161792 c:\windows\ie7updates\KB974455-IE7\ieakui.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 230400 c:\windows\ie7updates\KB974455-IE7\ieaksie.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 153088 c:\windows\ie7updates\KB974455-IE7\ieakeng.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 133120 c:\windows\ie7updates\KB974455-IE7\extmgr.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 214528 c:\windows\ie7updates\KB974455-IE7\dxtrans.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 347136 c:\windows\ie7updates\KB974455-IE7\dxtmsft.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 124928 c:\windows\ie7updates\KB974455-IE7\advpack.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 832512 c:\windows\ie7updates\KB2586448-IE7\wininet.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 233472 c:\windows\ie7updates\KB2586448-IE7\webcheck.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 106496 c:\windows\ie7updates\KB2586448-IE7\url.dll
+ 2011-10-13 08:05 . 2010-07-05 13:16 382840 c:\windows\ie7updates\KB2586448-IE7\spuninst\updspapi.dll
+ 2011-10-13 08:05 . 2010-07-05 13:15 231288 c:\windows\ie7updates\KB2586448-IE7\spuninst\spuninst.exe
+ 2011-10-13 08:05 . 2011-06-21 18:45 102912 c:\windows\ie7updates\KB2586448-IE7\occache.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 671232 c:\windows\ie7updates\KB2586448-IE7\mstime.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 193024 c:\windows\ie7updates\KB2586448-IE7\msrating.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 478720 c:\windows\ie7updates\KB2586448-IE7\mshtmled.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 468480 c:\windows\ie7updates\KB2586448-IE7\msfeeds.dll
+ 2011-10-13 08:05 . 2011-06-20 11:29 634648 c:\windows\ie7updates\KB2586448-IE7\iexplore.exe
+ 2011-10-13 08:05 . 2011-06-21 18:45 268288 c:\windows\ie7updates\KB2586448-IE7\iertutil.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 192512 c:\windows\ie7updates\KB2586448-IE7\iepeers.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 384512 c:\windows\ie7updates\KB2586448-IE7\iedkcs32.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 380928 c:\windows\ie7updates\KB2586448-IE7\ieapfltr.dll
+ 2011-10-13 08:05 . 2011-06-20 11:27 161792 c:\windows\ie7updates\KB2586448-IE7\ieakui.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 230400 c:\windows\ie7updates\KB2586448-IE7\ieaksie.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 153088 c:\windows\ie7updates\KB2586448-IE7\ieakeng.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 133120 c:\windows\ie7updates\KB2586448-IE7\extmgr.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 214528 c:\windows\ie7updates\KB2586448-IE7\dxtrans.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 347136 c:\windows\ie7updates\KB2586448-IE7\dxtmsft.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 124928 c:\windows\ie7updates\KB2586448-IE7\advpack.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 832512 c:\windows\ie7updates\KB2559049-IE7\wininet.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 233472 c:\windows\ie7updates\KB2559049-IE7\webcheck.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 105984 c:\windows\ie7updates\KB2559049-IE7\url.dll
+ 2011-10-07 22:21 . 2010-07-05 13:16 382840 c:\windows\ie7updates\KB2559049-IE7\spuninst\updspapi.dll
+ 2011-10-07 22:21 . 2010-07-05 13:15 231288 c:\windows\ie7updates\KB2559049-IE7\spuninst\spuninst.exe
+ 2011-10-07 22:21 . 2010-05-04 17:20 671232 c:\windows\ie7updates\KB2559049-IE7\mstime.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 193024 c:\windows\ie7updates\KB2559049-IE7\msrating.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 477696 c:\windows\ie7updates\KB2559049-IE7\mshtmled.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 459264 c:\windows\ie7updates\KB2559049-IE7\msfeeds.dll
+ 2011-10-07 22:21 . 2010-04-16 11:43 634656 c:\windows\ie7updates\KB2559049-IE7\iexplore.exe
+ 2011-10-07 22:21 . 2010-05-04 17:20 268288 c:\windows\ie7updates\KB2559049-IE7\iertutil.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 192512 c:\windows\ie7updates\KB2559049-IE7\iepeers.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 385024 c:\windows\ie7updates\KB2559049-IE7\iedkcs32.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 380928 c:\windows\ie7updates\KB2559049-IE7\ieapfltr.dll
+ 2011-10-07 22:21 . 2010-04-16 11:43 161792 c:\windows\ie7updates\KB2559049-IE7\ieakui.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 230400 c:\windows\ie7updates\KB2559049-IE7\ieaksie.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 153088 c:\windows\ie7updates\KB2559049-IE7\ieakeng.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 133120 c:\windows\ie7updates\KB2559049-IE7\extmgr.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 214528 c:\windows\ie7updates\KB2559049-IE7\dxtrans.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 347136 c:\windows\ie7updates\KB2559049-IE7\dxtmsft.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 124928 c:\windows\ie7updates\KB2559049-IE7\advpack.dll
+ 2011-11-22 23:51 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-10-13 08:02 . 2011-10-13 08:02 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_16e99821\System.Drawing.dll
+ 2011-10-13 08:03 . 2011-10-13 08:03 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_7f9bd379\System.Drawing.Design.dll
+ 2011-10-13 08:03 . 2011-10-13 08:03 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_757e1338\CustomMarshalers.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\95de80b860252231b46014f58226e473\WsatConfig.ni.exe
+ 2011-10-11 08:13 . 2011-10-11 08:13 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\715710f5a31a494ed5c0ec0874dafe3e\WindowsFormsIntegration.ni.dll
+ 2011-10-11 08:13 . 2011-10-11 08:13 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\017be0e6c5f1810f15a696157cd5e2c2\UIAutomationTypes.ni.dll
+ 2011-10-11 08:13 . 2011-10-11 08:13 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\bec5b0a93df12eb26c02c877a4eae678\UIAutomationClient.ni.dll
+ 2011-10-11 08:23 . 2011-10-11 08:23 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3d8f787002439f4942c33f376cfd8555\System.Xml.Linq.ni.dll
+ 2011-10-11 08:21 . 2011-10-11 08:21 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\4b746fea8062a10ccc6e5331914e7dad\System.Web.Routing.ni.dll
+ 2011-10-11 08:22 . 2011-10-11 08:22 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\103956fdb019bce8a173fe9cb9da3e02\System.Web.RegularExpressions.ni.dll
+ 2011-10-11 08:22 . 2011-10-11 08:22 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c0a156fbf46ad272ac262e45eaa998f4\System.Web.Extensions.Design.ni.dll
+ 2011-10-11 08:21 . 2011-10-11 08:21 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e3651e13567ce4e3fa7bb2fbab737d9a\System.Web.Entity.ni.dll
+ 2011-10-11 08:21 . 2011-10-11 08:21 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\834d7769f39e4d937eda1ad3707d4716\System.Web.Entity.Design.ni.dll
+ 2011-10-11 08:21 . 2011-10-11 08:21 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\032c96c6206b53bca122d1fbaf5f8ca2\System.Web.DynamicData.ni.dll
+ 2011-10-11 08:21 . 2011-10-11 08:21 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6ce0e4fb33afcfcce43c427e82b987db\System.Web.Abstractions.ni.dll
+ 2011-10-11 08:21 . 2011-10-11 08:21 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\990d96810a21e0fa95f916ffc66f3a94\System.Transactions.ni.dll
+ 2011-10-11 08:21 . 2011-10-11 08:21 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e0d56c0582316e9ecb4c18186e37217c\System.ServiceProcess.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\9e91cca51a5ed6fb13b67558109d2726\System.Security.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fa6a58394a1f162eecce4cd8af0875c3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\6194eb4bc1e0133d0183d086b747f512\System.Net.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d6ae8171ae6fd4fe83add34e6d70e5b5\System.Management.Instrumentation.ni.dll
+ 2011-12-12 02:34 . 2011-12-12 02:34 160256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\f72890d056774b1ebe1b3e84710e52e0\System.Management.Automation.resources.ni.dll
+ 2011-10-11 08:15 . 2011-10-11 08:15 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\abd5a61d39e474f12b30ccbbe6277667\System.IO.Log.ni.dll
+ 2011-10-11 08:15 . 2011-10-11 08:15 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\12c4dba6d4ff0278d208c283d9ed7670\System.IdentityModel.Selectors.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.Wrapper.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.ni.dll
+ 2011-10-11 08:12 . 2011-10-11 08:12 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e6b7128278d8c0e8382a5685f5b196c6\System.Drawing.Design.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ef56bf47fc2fc4204e0fcc1f32bab01\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\447d7b4a7d0add13f8d2086088bcc41c\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ce2afe8854ee9cdc834b6f392348c882\System.Data.Services.Design.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\03d4658290e300e437e745ef4a613b59\System.Data.Services.Client.ni.dll
+ 2011-10-11 08:19 . 2011-10-11 08:19 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\7ce21a2855bb7731de4dab797e69f3f6\System.Data.Entity.Design.ni.dll
+ 2011-10-11 08:18 . 2011-10-11 08:18 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ea57694aea47c05853516c9bb2ad54b4\System.Data.DataSetExtensions.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f312bb844670ebc7458fec9e6b2568b3\System.Configuration.Install.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\afd9595f07a8c68b26e81cf995957f56\System.AddIn.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\3a42b2fbafe93d7b9395e328bea35afa\SMSvcHost.ni.exe
+ 2011-10-11 08:16 . 2011-10-11 08:16 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\97ff96d3fc8d0b10ea294f320acf821e\SMDiagnostics.ni.dll
+ 2011-10-11 08:16 . 2011-10-11 08:16 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\28ed0e9efd938b05b4f53e0d90046701\ServiceModelReg.ni.exe
+ 2011-10-11 08:10 . 2011-10-11 08:10 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ffe13679e6b3e36e5cb6c47f8c4faf9c\PresentationFramework.Aero.ni.dll
+ 2011-10-11 08:10 . 2011-10-11 08:10 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbb40299379f2009c140ddadb04231b4\PresentationFramework.Classic.ni.dll
+ 2011-10-11 08:10 . 2011-10-11 08:10 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a34cd33cec1bdfebe4a3910bceb8723b\PresentationFramework.Royale.ni.dll
+ 2011-10-11 08:10 . 2011-10-11 08:10 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\689bb394bcb437ed085c22a43aba30c6\PresentationFramework.Luna.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5670e74887ef1025c6a8c056ffe86b38\MSBuild.ni.exe
+ 2011-10-11 08:16 . 2011-10-11 08:16 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\653732002ebf5c68f69150a60e145e6a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-12-12 02:33 . 2011-12-12 02:33 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\cf796cdf5985435d52d2a563142f5d90\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-12-12 02:33 . 2011-12-12 02:33 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4f0361f2c016f32d3c6a247cc6e78c0e\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-12-12 02:33 . 2011-12-12 02:33 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3b93bf8647b5865d79dddf7459423415\Microsoft.PowerShell.Security.ni.dll
+ 2011-12-12 02:32 . 2011-12-12 02:32 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3281b11e5633284f3f8c8c8e37efda27\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\cc62770393640302bd4d7e442b1e49a4\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\352bff1ee71ce114e225f849038dc48d\Microsoft.Build.Utilities.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\7345f4d2d7157bf49de4158e8f2b6847\Microsoft.Build.Engine.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\d7dba901ddd410ca1a0156d0f2a27533\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\010552e529d130ce914765b0801e2367\CustomMarshalers.ni.dll
+ 2011-10-11 08:16 . 2011-10-11 08:16 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\6861f639b13967e9b014b44bbb7c5d4c\ComSvcConfig.ni.exe
+ 2011-10-11 08:15 . 2011-10-11 08:15 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\800da7dec567fadf3392091e9f01ecb9\AspNetMMCExt.ni.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-07-18 04:28 . 2010-07-18 04:28 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-12-12 02:11 . 2011-12-12 02:11 163840 c:\windows\assembly\GAC_MSIL\System.Management.Automation.resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.resources.dll
+ 2010-07-18 04:28 . 2010-07-18 04:28 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-11 08:04 . 2011-10-11 08:04 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-11 08:04 . 2011-10-11 08:04 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-10-11 08:04 . 2011-10-11 08:04 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-10-11 08:04 . 2011-10-11 08:04 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-21 12:07 . 2009-08-21 12:07 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-07-18 04:28 . 2010-07-18 04:28 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-12-12 02:11 . 2011-12-12 02:11 200704 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll
+ 2011-12-12 02:11 . 2011-12-12 02:11 294912 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll
+ 2011-12-12 02:11 . 2011-12-12 02:11 139264 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-10-11 08:04 . 2011-10-11 08:04 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-10-17 22:18 . 2009-10-17 22:18 126976 c:\windows\assembly\GAC\Arbus.Common\2.2.4.3__14cac4d33a885ed2\Arbus.Common.dll
- 2009-10-10 14:47 . 2009-10-10 14:47 126976 c:\windows\assembly\GAC\Arbus.Common\2.2.4.3__14cac4d33a885ed2\Arbus.Common.dll
+ 2004-08-10 17:50 . 2009-11-21 15:51 471552 c:\windows\AppPatch\aclayers.dll
+ 2010-05-21 14:39 . 2011-12-10 01:45 144896 c:\windows\.jagex_cache_32\runescape\jaclib.dll
+ 2010-08-22 16:19 . 2010-08-22 16:19 102400 c:\windows\.jagex_cache_32\aceofskies\jaclib.dll
+ 2011-10-07 22:01 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982665\update\updspapi.dll
+ 2011-10-07 22:01 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982665\update\update.exe
+ 2011-10-07 22:01 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982665\spuninst.exe
+ 2010-07-18 02:29 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB982381-IE7\update\updspapi.dll
+ 2010-07-18 02:29 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB982381-IE7\update\update.exe
+ 2010-07-18 02:29 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB982381-IE7\spuninst.exe
+ 2010-05-04 17:20 . 2010-05-04 17:20 841216 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\wininet.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 233472 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\webcheck.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 105984 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\url.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 102912 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\occache.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 671232 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mstime.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 193024 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msrating.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 477696 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mshtmled.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 459264 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msfeeds.dll
+ 2010-04-16 11:08 . 2010-04-16 11:08 634648 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
+ 2010-05-04 17:20 . 2010-05-04 17:20 268288 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iertutil.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 193024 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iepeers.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 388608 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iedkcs32.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 380928 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieapfltr.dll
+ 2010-04-16 11:06 . 2010-04-16 11:06 161792 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieakui.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 230400 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieaksie.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 153088 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieakeng.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 132608 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\extmgr.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 214528 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\dxtrans.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 347136 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\dxtmsft.dll
+ 2010-05-04 17:19 . 2010-05-04 17:19 124928 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\advpack.dll
+ 2011-10-07 22:24 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB982132\update\updspapi.dll
+ 2011-10-07 22:24 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB982132\update\update.exe
+ 2011-10-07 22:24 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB982132\spuninst.exe
+ 2010-08-27 08:01 . 2010-08-27 08:01 119808 c:\windows\$hf_mig$\KB982132\SP3QFE\t2embed.dll
+ 2011-10-07 22:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981997\update\updspapi.dll
+ 2011-10-07 22:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981997\update\update.exe
+ 2011-10-07 22:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981997\spuninst.exe
+ 2011-10-07 22:11 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981322\update\updspapi.dll
+ 2011-10-07 22:11 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981322\update\update.exe
+ 2011-10-07 22:11 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981322\spuninst.exe
+ 2010-04-16 15:29 . 2010-04-16 15:29 406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
+ 2011-10-07 22:12 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980436\update\updspapi.dll
+ 2011-10-07 22:12 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980436\update\update.exe
+ 2011-10-07 22:12 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB980436\spuninst.exe
+ 2010-06-30 12:23 . 2010-06-30 12:23 149504 c:\windows\$hf_mig$\KB980436\SP3QFE\schannel.dll
+ 2011-10-07 22:17 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979687\update\updspapi.dll
+ 2011-10-07 22:17 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979687\update\update.exe
+ 2011-10-07 22:17 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB979687\spuninst.exe
+ 2010-07-12 13:02 . 2010-07-12 13:02 218112 c:\windows\$hf_mig$\KB979687\SP3QFE\wordpad.exe
+ 2010-07-18 13:33 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979559\update\updspapi.dll
+ 2010-07-18 13:33 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979559\update\update.exe
+ 2010-07-18 13:33 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB979559\spuninst.exe
+ 2010-07-18 04:44 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979482\update\updspapi.dll
+ 2010-07-18 04:44 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979482\update\update.exe
+ 2010-07-18 04:44 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB979482\spuninst.exe
+ 2010-07-17 21:15 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979309\update\updspapi.dll
+ 2010-07-17 21:15 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979309\update\update.exe
+ 2010-07-17 21:15 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB979309\spuninst.exe
+ 2010-07-18 04:42 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978706\update\updspapi.dll
+ 2010-07-18 04:42 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978706\update\update.exe
+ 2010-07-18 04:42 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978706\spuninst.exe
+ 2009-12-16 18:27 . 2009-12-16 18:27 343040 c:\windows\$hf_mig$\KB978706\SP3QFE\mspaint.exe
+ 2010-07-17 21:19 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978601\update\updspapi.dll
+ 2010-07-17 21:19 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978601\update\update.exe
+ 2010-07-17 21:19 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB978601\spuninst.exe
+ 2009-12-24 06:42 . 2009-12-24 06:42 178176 c:\windows\$hf_mig$\KB978601\SP3QFE\wintrust.dll
+ 2010-07-18 04:45 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-07-18 04:45 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-07-18 04:45 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-01-29 14:53 . 2010-01-29 14:53 691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978338\update\updspapi.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978338\update\update.exe
+ 2010-07-18 13:38 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978338\spuninst.exe
+ 2010-02-11 11:36 . 2010-02-11 11:36 226880 c:\windows\$hf_mig$\KB978338\SP3QFE\tcpip6.sys
+ 2010-02-12 04:27 . 2010-02-12 04:27 100864 c:\windows\$hf_mig$\KB978338\SP3QFE\6to4svc.dll
+ 2010-01-22 00:26 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978207-IE7\update\updspapi.dll
+ 2010-01-22 00:26 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978207-IE7\update\update.exe
+ 2010-01-22 00:26 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978207-IE7\spuninst.exe
+ 2010-01-05 09:57 . 2010-01-05 09:57 841216 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 233472 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\webcheck.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 105984 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\url.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 102912 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\occache.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 671232 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mstime.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 193024 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msrating.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 477696 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtmled.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 459264 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msfeeds.dll
+ 2009-12-18 07:00 . 2009-12-18 07:00 634632 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
+ 2010-01-05 09:57 . 2010-01-05 09:57 268288 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iertutil.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 193024 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iepeers.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 388608 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iedkcs32.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 380928 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieapfltr.dll
+ 2009-12-18 06:58 . 2009-12-18 06:58 161792 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieakui.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 230400 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieaksie.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 153088 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieakeng.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 132608 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\extmgr.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 214528 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\dxtrans.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 347136 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\dxtmsft.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 124928 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\advpack.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978037\update\updspapi.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978037\update\update.exe
+ 2010-07-18 13:38 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978037\spuninst.exe
+ 2010-07-18 04:47 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB977914\update\updspapi.dll
+ 2010-07-18 04:47 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB977914\update\update.exe
+ 2010-07-18 04:47 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB977914\spuninst.exe
+ 2010-07-18 13:34 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB977816\update\updspapi.dll
+ 2010-07-18 13:34 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB977816\update\update.exe
+ 2010-07-18 13:34 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB977816\spuninst.exe
+ 2009-11-05 12:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB976749-IE7\update\updspapi.dll
+ 2009-11-05 12:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB976749-IE7\update\update.exe
+ 2009-11-05 12:58 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB976749-IE7\spuninst.exe
+ 2009-12-10 13:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB976325-IE7\update\updspapi.dll
+ 2009-12-10 13:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB976325-IE7\update\update.exe
+ 2009-12-10 13:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB976325-IE7\spuninst.exe
+ 2009-10-29 07:45 . 2009-10-29 07:45 841216 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 233472 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\webcheck.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 105984 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\url.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 102912 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\occache.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 671232 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mstime.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 193024 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\msrating.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 477696 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtmled.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 459264 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\msfeeds.dll
+ 2009-10-28 06:54 . 2009-10-28 06:54 634632 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iexplore.exe
+ 2009-10-29 07:45 . 2009-10-29 07:45 268288 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iertutil.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 388608 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iedkcs32.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 380928 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieapfltr.dll
+ 2009-10-28 06:52 . 2009-10-28 06:52 161792 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieakui.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 230400 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieaksie.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 153088 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieakeng.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 132608 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\extmgr.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 214528 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\dxtrans.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 347136 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\dxtmsft.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 124928 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\advpack.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975713\update\updspapi.dll
+ 2010-07-18 13:38 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975713\update\update.exe
+ 2010-07-18 13:38 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975713\spuninst.exe
+ 2009-12-08 09:01 . 2009-12-08 09:01 474112 c:\windows\$hf_mig$\KB975713\SP3QFE\shlwapi.dll
+ 2010-07-18 04:40 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
+ 2010-07-18 04:40 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-07-18 04:40 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975562\spuninst.exe
+ 2010-07-18 13:35 . 2009-05-26 22:10 382840 c:\windows\$hf_mig$\KB975561\update\updspapi.dll
+ 2010-07-18 13:35 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB975561\update\update.exe
+ 2010-07-18 13:35 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975561\spuninst.exe
+ 2010-07-18 13:34 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
+ 2010-07-18 13:34 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975560\update\update.exe
+ 2010-07-18 13:34 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975560\spuninst.exe
+ 2009-10-14 11:55 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975467\update\updspapi.dll
+ 2009-10-14 11:55 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975467\update\update.exe
+ 2009-10-14 11:55 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975467\spuninst.exe
+ 2009-09-11 14:13 . 2009-09-11 14:13 136704 c:\windows\$hf_mig$\KB975467\SP3QFE\msv1_0.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975025\update\updspapi.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975025\update\update.exe
+ 2009-10-14 11:58 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975025\spuninst.exe
+ 2009-10-14 11:57 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974571\update\updspapi.dll
+ 2009-10-14 11:57 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974571\update\update.exe
+ 2009-10-14 11:57 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974571\spuninst.exe
+ 2009-10-14 11:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974455-IE7\update\updspapi.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974455-IE7\update\update.exe
+ 2009-10-14 11:58 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974455-IE7\spuninst.exe
+ 2009-08-29 07:31 . 2009-08-29 07:31 840704 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 233472 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\webcheck.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 105984 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\url.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 102912 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\occache.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 671232 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mstime.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 193024 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\msrating.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 477696 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mshtmled.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 459264 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\msfeeds.dll
+ 2009-08-27 05:18 . 2009-08-27 05:18 634648 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\iexplore.exe
+ 2009-08-29 07:31 . 2009-08-29 07:31 268288 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\iertutil.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 388608 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\iedkcs32.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 380928 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieapfltr.dll
+ 2009-08-27 05:18 . 2009-08-27 05:18 161792 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieakui.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 230400 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieaksie.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 153088 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieakeng.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 132608 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\extmgr.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 214528 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\dxtrans.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 347136 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\dxtmsft.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 124928 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\advpack.dll
+ 2009-12-10 13:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974392\update\updspapi.dll
+ 2009-12-10 13:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974392\update\update.exe
+ 2009-12-10 13:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974392\spuninst.exe
+ 2009-10-13 10:38 . 2009-10-13 10:38 270336 c:\windows\$hf_mig$\KB974392\SP3QFE\oakley.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974318\update\updspapi.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974318\update\update.exe
+ 2009-12-10 13:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974318\spuninst.exe
+ 2009-10-12 13:28 . 2009-10-12 13:28 150016 c:\windows\$hf_mig$\KB974318\SP3QFE\rastls.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974112\update\updspapi.dll
+ 2009-10-14 11:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974112\update\update.exe
+ 2009-10-14 11:58 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974112\spuninst.exe
+ 2009-08-26 08:03 . 2009-08-26 08:03 247326 c:\windows\$hf_mig$\KB974112\SP3QFE\strmdll.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973904\update\updspapi.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973904\update\update.exe
+ 2009-12-10 13:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973904\spuninst.exe
+ 2009-12-09 23:32 . 2009-07-29 14:01 119648 c:\windows\$hf_mig$\KB973904\SP3QFE\msconv97.dll
+ 2009-11-25 13:24 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973687\update\updspapi.dll
+ 2009-11-25 13:24 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973687\update\update.exe
+ 2009-11-25 13:24 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973687\spuninst.exe
+ 2009-10-14 11:55 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973525\update\updspapi.dll
+ 2009-10-14 11:55 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973525\update\update.exe
+ 2009-10-14 11:55 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973525\spuninst.exe
+ 2010-01-13 13:05 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB972270\update\updspapi.dll
+ 2010-01-13 13:05 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB972270\update\update.exe
+ 2010-01-13 13:05 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB972270\spuninst.exe
+ 2010-01-13 01:20 . 2009-10-15 16:39 119808 c:\windows\$hf_mig$\KB972270\SP3QFE\t2embed.dll
+ 2009-12-10 13:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971737\update\updspapi.dll
+ 2009-12-10 13:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971737\update\update.exe
+ 2009-12-10 13:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971737\spuninst.exe
+ 2009-08-25 09:27 . 2009-08-25 09:27 354816 c:\windows\$hf_mig$\KB971737\SP3QFE\winhttp.dll
+ 2009-10-14 11:55 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971486\update\updspapi.dll
+ 2009-10-14 11:55 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971486\update\update.exe
+ 2009-10-14 11:55 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB971486\spuninst.exe
+ 2011-10-07 22:09 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-10-07 22:09 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-10-07 22:09 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB970430\update\updspapi.dll
+ 2009-12-10 13:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB970430\update\update.exe
+ 2009-12-10 13:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB970430\spuninst.exe
+ 2009-10-20 15:21 . 2009-10-20 15:21 265728 c:\windows\$hf_mig$\KB970430\SP3QFE\http.sys
+ 2009-11-12 14:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969947\update\updspapi.dll
+ 2009-11-12 14:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB969947\update\update.exe
+ 2009-11-12 14:01 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB969947\spuninst.exe
+ 2009-10-14 11:59 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969059\update\updspapi.dll
+ 2009-10-14 11:59 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB969059\update\update.exe
+ 2009-10-14 11:59 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB969059\spuninst.exe
+ 2009-11-07 14:08 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB961503\update\updspapi.dll
+ 2009-11-07 14:08 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB961503\update\update.exe
+ 2009-11-07 14:08 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB961503\spuninst.exe
+ 2010-01-13 13:06 . 2009-05-26 23:10 382840 c:\windows\$hf_mig$\KB955759\update\updspapi.dll
+ 2010-01-13 13:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB955759\update\update.exe
+ 2010-01-13 13:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB955759\spuninst.exe
+ 2010-01-12 23:43 . 2009-11-21 15:40 471552 c:\windows\$hf_mig$\KB955759\SP3QFE\aclayers.dll
+ 2011-11-11 09:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2641690\update\updspapi.dll
+ 2011-11-11 09:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2641690\update\update.exe
+ 2011-11-11 09:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2641690\spuninst.exe
+ 2011-09-28 07:05 . 2011-09-28 07:05 599552 c:\windows\$hf_mig$\KB2641690\SP3QFE\crypt32.dll
+ 2011-10-07 22:20 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2616676-v2\update\updspapi.dll
+ 2011-10-07 22:20 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2616676-v2\update\update.exe
+ 2011-10-07 22:20 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2616676-v2\spuninst.exe
+ 2011-09-09 09:11 . 2011-09-09 09:11 599552 c:\windows\$hf_mig$\KB2616676-v2\SP3QFE\crypt32.dll
+ 2011-10-13 08:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2592799\update\updspapi.dll
+ 2011-10-13 08:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2592799\update\update.exe
+ 2011-10-13 08:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2592799\spuninst.exe
+ 2011-10-12 22:22 . 2011-08-17 13:41 138496 c:\windows\$hf_mig$\KB2592799\SP3QFE\afd.sys
+ 2011-10-13 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2586448-IE7\update\updspapi.dll
+ 2011-10-13 08:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2586448-IE7\update\update.exe
+ 2011-10-13 08:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2586448-IE7\spuninst.exe
+ 2011-08-17 21:30 . 2011-08-17 21:30 841216 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\wininet.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 233472 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\webcheck.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 106496 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\url.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 102912 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\occache.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 671232 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\mstime.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 193024 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\msrating.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 478720 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\mshtmled.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 468480 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\msfeeds.dll
+ 2011-08-17 10:34 . 2011-08-17 10:34 634632 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\iexplore.exe
+ 2011-08-17 21:30 . 2011-08-17 21:30 268288 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\iertutil.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 193024 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\iepeers.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 388608 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\iedkcs32.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 380928 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\ieapfltr.dll
+ 2011-08-17 10:33 . 2011-08-17 10:33 161792 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\ieakui.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 230400 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\ieaksie.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 153088 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\ieakeng.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 132608 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\extmgr.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 214528 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\dxtrans.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 347136 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\dxtmsft.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 124928 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\advpack.dll
+ 2011-10-07 22:12 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570947\update\updspapi.dll
+ 2011-10-07 22:12 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570947\update\update.exe
+ 2011-10-07 22:12 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570947\spuninst.exe
+ 2011-10-07 22:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570222\update\updspapi.dll
+ 2011-10-07 22:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570222\update\update.exe
+ 2011-10-07 22:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570222\spuninst.exe
+ 2011-10-07 21:36 . 2011-06-24 14:09 139656 c:\windows\$hf_mig$\KB2570222\SP3QFE\rdpwd.sys
+ 2011-10-13 08:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567053\update\updspapi.dll
+ 2011-10-13 08:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567053\update\update.exe
+ 2011-10-13 08:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567053\spuninst.exe
+ 2011-10-07 22:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2566454\update\updspapi.dll
+ 2011-10-07 22:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2566454\update\update.exe
+ 2011-10-07 22:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2566454\spuninst.exe
+ 2011-10-07 21:39 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2562937\update\updspapi.dll
+ 2011-10-07 21:39 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2562937\update\update.exe
+ 2011-10-07 21:39 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2562937\spuninst.exe
+ 2011-10-07 22:21 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2559049-IE7\update\updspapi.dll
+ 2011-10-07 22:21 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2559049-IE7\update\update.exe
+ 2011-10-07 22:21 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2559049-IE7\spuninst.exe
+ 2011-06-21 18:43 . 2011-06-21 18:43 841216 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\wininet.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 233472 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\webcheck.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 106496 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\url.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 102912 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\occache.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 671232 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\mstime.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 193024 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\msrating.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 478720 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\mshtmled.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 468480 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\msfeeds.dll
+ 2011-06-20 10:38 . 2011-06-20 10:38 634648 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\iexplore.exe
+ 2011-06-21 18:43 . 2011-06-21 18:43 268288 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\iertutil.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 193024 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\iepeers.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 388608 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\iedkcs32.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 380928 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\ieapfltr.dll
+ 2011-06-20 10:36 . 2011-06-20 10:36 161792 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\ieakui.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 230400 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\ieaksie.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 153088 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\ieakeng.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 132608 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\extmgr.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 214528 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\dxtrans.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 347136 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\dxtmsft.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 124928 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\advpack.dll
+ 2011-10-07 22:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2555917\update\update.exe
+ 2011-10-07 22:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2555917\spuninst.exe
+ 2011-10-07 21:43 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893\update\updspapi.dll
+ 2011-10-07 21:43 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893\update\update.exe
+ 2011-10-07 21:43 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893\spuninst.exe
+ 2011-10-07 21:34 . 2011-05-02 15:30 692736 c:\windows\$hf_mig$\KB2544893\SP3QFE\inetcomm.dll
+ 2011-10-07 22:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2541763\update\updspapi.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2541763\update\update.exe
+ 2011-10-07 22:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2541763\spuninst.exe
+ 2011-04-29 17:23 . 2011-04-29 17:23 151552 c:\windows\$hf_mig$\KB2541763\SP3QFE\schannel.dll
+ 2011-11-23 09:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276-v2\update\updspapi.dll
+ 2011-11-23 09:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276-v2\update\update.exe
+ 2011-11-23 09:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276-v2\spuninst.exe
+ 2011-11-22 23:51 . 2011-07-15 13:29 457856 c:\windows\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys
+ 2011-10-07 22:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2535512\update\updspapi.dll
+ 2011-10-07 22:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2535512\update\update.exe
+ 2011-10-07 22:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2535512\spuninst.exe
+ 2011-10-07 21:36 . 2011-04-21 13:52 105472 c:\windows\$hf_mig$\KB2535512\SP3QFE\mup.sys
+ 2011-10-07 22:19 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2510581\update\updspapi.dll
+ 2011-10-07 22:19 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2510581\update\update.exe
+ 2011-10-07 22:19 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2510581\spuninst.exe
+ 2011-03-04 06:42 . 2011-03-04 06:42 434176 c:\windows\$hf_mig$\KB2510581\SP3QFE\vbscript.dll
+ 2011-03-04 06:42 . 2011-03-04 06:42 512000 c:\windows\$hf_mig$\KB2510581\SP3QFE\jscript.dll
+ 2011-10-07 22:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2509553\update\updspapi.dll
+ 2011-10-07 22:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2509553\update\update.exe
+ 2011-10-07 22:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2509553\spuninst.exe
+ 2008-06-20 11:16 . 2008-06-20 11:16 225856 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys
+ 2008-06-20 11:59 . 2008-06-20 11:59 361600 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
+ 2008-06-20 17:43 . 2008-06-20 17:43 245248 c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
+ 2011-03-03 06:53 . 2011-03-03 06:53 149504 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsapi.dll
+ 2008-10-16 15:07 . 2008-10-16 15:07 138496 c:\windows\$hf_mig$\KB2509553\SP3QFE\afd.sys
+ 2011-10-07 22:11 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508429\update\updspapi.dll
+ 2011-10-07 22:11 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508429\update\update.exe
+ 2011-10-07 22:11 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508429\spuninst.exe
+ 2011-02-17 13:19 . 2011-02-17 13:19 357888 c:\windows\$hf_mig$\KB2508429\SP3QFE\srv.sys
+ 2011-10-07 22:20 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll
+ 2011-10-07 22:20 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507938\update\update.exe
+ 2011-10-07 22:20 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507938\spuninst.exe
+ 2011-04-26 11:02 . 2011-04-26 11:02 293376 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
+ 2011-10-07 22:11 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507618\update\updspapi.dll
+ 2011-10-07 22:11 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507618\update\update.exe
+ 2011-10-07 22:11 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507618\spuninst.exe
+ 2011-02-15 13:05 . 2011-02-15 13:05 290432 c:\windows\$hf_mig$\KB2507618\SP3QFE\atmfd.dll
+ 2011-10-07 22:08 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506212\update\updspapi.dll
+ 2011-10-07 22:08 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506212\update\update.exe
+ 2011-10-07 22:08 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506212\spuninst.exe
+ 2011-02-08 13:32 . 2011-02-08 13:32 974848 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42u.dll
+ 2011-02-08 13:32 . 2011-02-08 13:32 978944 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42.dll
+ 2011-10-07 22:19 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503665\update\updspapi.dll
+ 2011-10-07 22:19 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503665\update\update.exe
+ 2011-10-07 22:19 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503665\spuninst.exe
+ 2011-10-07 21:37 . 2011-02-16 13:25 138496 c:\windows\$hf_mig$\KB2503665\SP3QFE\afd.sys
+ 2011-10-07 22:25 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485663\update\updspapi.dll
+ 2011-10-07 22:25 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485663\update\update.exe
+ 2011-10-07 22:25 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485663\spuninst.exe
+ 2011-10-07 22:18 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2483185\update\updspapi.dll
+ 2011-10-07 22:18 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2483185\update\update.exe
+ 2011-10-07 22:18 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2483185\spuninst.exe
+ 2011-01-21 14:42 . 2011-01-21 14:42 439808 c:\windows\$hf_mig$\KB2483185\SP3QFE\shimgvw.dll
+ 2011-10-07 22:25 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-10-07 22:25 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-10-07 22:25 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-11-23 09:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-11-23 09:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-11-23 09:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-10-07 22:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478960\update\updspapi.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478960\update\update.exe
+ 2011-10-07 22:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478960\spuninst.exe
+ 2010-12-20 17:24 . 2010-12-20 17:24 730112 c:\windows\$hf_mig$\KB2478960\SP3QFE\lsasrv.dll
+ 2011-10-07 22:19 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
+ 2011-10-07 22:19 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
+ 2011-10-07 22:19 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
+ 2010-12-20 17:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
+ 2011-10-07 22:24 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2440591\update\updspapi.dll
+ 2011-10-07 22:24 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2440591\update\update.exe
+ 2011-10-07 22:24 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2440591\spuninst.exe
+ 2011-10-07 21:39 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2423089\update\updspapi.dll
+ 2011-10-07 21:39 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2423089\update\update.exe
+ 2011-10-07 21:39 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2423089\spuninst.exe
+ 2011-10-07 22:11 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2419632\update\updspapi.dll
+ 2011-10-07 22:11 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2419632\update\update.exe
+ 2011-10-07 22:11 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2419632\spuninst.exe
+ 2010-11-09 14:50 . 2010-11-09 14:50 253952 c:\windows\$hf_mig$\KB2419632\SP3QFE\odbc32.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 102400 c:\windows\$hf_mig$\KB2419632\SP3QFE\msjro.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 200704 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadox.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 180224 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadomd.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 565248 c:\windows\$hf_mig$\KB2419632\SP3QFE\msado15.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 143360 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadco.dll
+ 2011-10-07 22:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2393802\update\updspapi.dll
+ 2011-10-07 22:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2393802\update\update.exe
+ 2011-10-07 22:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2393802\spuninst.exe
+ 2011-10-07 21:55 . 2010-12-09 15:15 718336 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
+ 2011-10-07 21:38 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2360937\update\updspapi.dll
+ 2011-10-07 21:38 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2360937\update\update.exe
+ 2011-10-07 21:38 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2360937\spuninst.exe
+ 2011-10-07 21:25 . 2010-08-16 08:43 590848 c:\windows\$hf_mig$\KB2360937\SP3QFE\rpcrt4.dll
+ 2011-10-07 22:19 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll
+ 2011-10-07 22:19 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2347290\update\update.exe
+ 2011-10-07 22:19 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2347290\spuninst.exe
+ 2011-10-07 22:18 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2079403\update\updspapi.dll
+ 2011-10-07 22:18 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2079403\update\update.exe
+ 2011-10-07 22:18 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2079403\spuninst.exe
+ 2011-10-07 21:36 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2009-10-14 01:55 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2008-10-25 02:15 . 2008-10-25 02:15 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2011-05-14 01:04 . 2011-05-14 01:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
+ 2011-05-14 01:04 . 2011-05-14 01:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
+ 2011-01-11 03:50 . 2011-01-11 03:50 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80u.dll
+ 2011-01-11 03:50 . 2011-01-11 03:50 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 18:40 . 2006-10-26 18:40 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2009-07-21 06:03 . 2009-07-21 06:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2004-08-10 18:02 . 2009-08-07 01:23 1929952 c:\windows\system32\wuaueng.dll
+ 2004-08-10 17:51 . 2010-04-06 09:52 2462720 c:\windows\system32\WMVCore.dll
+ 2004-08-10 17:51 . 2011-09-06 13:20 1858944 c:\windows\system32\win32k.sys
+ 2004-08-10 17:51 . 2011-08-17 21:32 1168896 c:\windows\system32\urlmon.dll
+ 2010-09-15 00:23 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\XpsSvcs.dll
+ 2004-08-10 17:51 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
+ 2010-09-14 10:46 . 2010-09-14 10:46 1073000 c:\windows\system32\sftldr.dll
+ 2004-08-10 17:51 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 1435648 c:\windows\system32\query.dll
+ 2004-08-10 17:51 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll
+ 2008-03-04 00:01 . 2010-08-12 04:07 2120176 c:\windows\system32\pxsfs.dll
+ 2004-08-10 17:51 . 2010-07-16 12:05 1288192 c:\windows\system32\ole32.dll
+ 2004-08-10 17:51 . 2010-07-16 12:05 1288192 c:\windows\system32\ole32(4)(2).dll
+ 2004-08-10 17:51 . 2010-07-16 12:05 1288192 c:\windows\system32\ole32(2).dll
+ 2004-08-10 17:51 . 2010-12-09 13:38 2192768 c:\windows\system32\ntoskrnl.exe
+ 2004-08-04 03:59 . 2010-12-09 13:07 2069376 c:\windows\system32\ntkrnlpa.exe
+ 2009-04-04 16:46 . 2009-07-31 16:05 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-21 06:05 . 2009-07-21 06:05 1348432 c:\windows\system32\msxml4.dll
+ 2004-08-10 17:51 . 2010-06-14 07:41 1172480 c:\windows\system32\msxml3.dll
+ 2004-08-10 18:01 . 2011-02-02 07:58 2067456 c:\windows\system32\mstscax.dll
+ 2004-08-10 17:51 . 2011-09-05 07:48 3615744 c:\windows\system32\mshtml.dll
+ 2009-07-18 03:21 . 2011-12-28 00:59 8527008 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2007-08-14 00:54 . 2011-08-17 21:32 6076416 c:\windows\system32\ieframe.dll
+ 2004-08-10 17:51 . 2008-04-13 17:39 2897920 c:\windows\system32\dllcache\xpsp2res.dll
+ 2004-08-10 18:02 . 2009-08-07 01:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2004-08-10 17:51 . 2010-04-06 09:52 2462720 c:\windows\system32\dllcache\wmvcore.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 4256768 c:\windows\system32\dllcache\wmm2res.dll
+ 2004-08-10 17:51 . 2008-04-13 16:48 1647616 c:\windows\system32\dllcache\winbrand.dll
+ 2009-02-09 11:13 . 2011-09-06 13:20 1858944 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-10 17:51 . 2011-08-17 21:32 1168896 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-10 18:01 . 2004-08-04 10:00 2178131 c:\windows\system32\dllcache\shvlres.dll
+ 2004-08-10 17:51 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 1499136 c:\windows\system32\dllcache\shdocvw.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 1435648 c:\windows\system32\dllcache\query.dll
+ 2004-08-10 17:51 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2004-08-10 17:51 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2004-08-10 17:51 . 2010-07-16 12:05 1288192 c:\windows\system32\dllcache\ole32.dll
+ 2009-04-15 06:14 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-04-15 06:14 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-08 00:02 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-04-15 06:14 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 1703936 c:\windows\system32\dllcache\netshell.dll
+ 2009-04-04 16:46 . 2004-08-04 03:41 1309184 c:\windows\system32\dllcache\mtlstrm.sys
+ 2009-04-04 16:46 . 2009-07-31 16:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2004-08-10 17:51 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 1428992 c:\windows\system32\dllcache\msvidctl.dll
+ 2004-08-10 18:02 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-11 20:34 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2006-10-17 11:13 . 2008-04-14 00:11 2843136 c:\windows\system32\dllcache\msi.dll
+ 2004-08-10 17:51 . 2011-09-05 07:48 3615744 c:\windows\system32\dllcache\mshtml.dll
- 2004-08-10 18:02 . 2008-04-14 00:12 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2004-08-10 18:02 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2004-08-10 18:01 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2007-11-29 02:48 . 2011-08-17 21:32 6076416 c:\windows\system32\dllcache\ieframe.dll
+ 2009-04-04 16:46 . 2004-08-04 03:41 1041536 c:\windows\system32\dllcache\hsfdpsp2.sys
+ 2004-08-10 18:01 . 2004-08-04 10:00 1175635 c:\windows\system32\dllcache\hrtzres.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 1033728 c:\windows\system32\dllcache\explorer.exe
+ 2004-08-10 17:51 . 2008-04-14 00:11 1082368 c:\windows\system32\dllcache\esent.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 2113536 c:\windows\system32\dllcache\dxdiagn.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 1504256 c:\windows\system32\dllcache\diskcopy.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 1689088 c:\windows\system32\dllcache\d3d9.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 1179648 c:\windows\system32\dllcache\d3d8.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 1032192 c:\windows\system32\dllcache\conf.exe
+ 2004-08-10 18:01 . 2008-04-14 00:11 1358848 c:\windows\system32\dllcache\cimwin32.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2004-08-10 18:01 . 2004-08-04 10:00 1817687 c:\windows\system32\dllcache\bckgres.dll
+ 2004-08-10 17:50 . 2008-04-14 00:11 1852928 c:\windows\system32\dllcache\acgenral.dll
+ 2009-11-07 06:06 . 2009-11-07 06:06 1130824 c:\windows\system32\dfshim.dll
+ 2009-11-06 00:03 . 2006-11-29 19:06 3426072 c:\windows\system32\d3dx9_32.dll
+ 2010-04-08 04:48 . 2010-04-08 04:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2010-09-22 14:44 . 2010-09-22 14:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2008-11-25 09:59 . 2008-11-25 09:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 10:32 . 2010-03-23 10:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-01-18 09:39 . 2011-01-18 09:39 5813072 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-01-18 09:39 . 2011-01-18 09:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-07-18 02:32 . 2008-11-25 09:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.XML.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Windows.Forms.dll
+ 2010-07-18 02:32 . 2008-11-25 09:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Web.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Design.dll
+ 2010-07-18 02:32 . 2008-07-25 16:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\System.Data.dll
+ 2010-07-18 02:32 . 2009-08-08 04:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC39999\mscorlib.dll
+ 2011-07-08 18:59 . 2011-07-08 18:59 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 02:35 . 2007-04-14 02:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 02:35 . 2007-04-14 02:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-07-08 18:59 . 2011-07-08 18:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-14 01:57 . 2007-04-14 01:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 17:02 . 2011-07-07 17:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 17:02 . 2011-07-07 17:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-14 01:50 . 2007-04-14 01:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-07-08 18:59 . 2011-07-08 18:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-11-01 19:34 . 2011-11-01 19:34 2247168 c:\windows\Installer\d1de1.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 2531840 c:\windows\Installer\d1dd7.msp
+ 2010-09-23 12:39 . 2010-09-23 12:39 4265472 c:\windows\Installer\c1451.msp
+ 2010-09-23 12:39 . 2010-09-23 12:39 4265472 c:\windows\Installer\aac8b.msp
+ 2010-09-15 00:16 . 2010-09-15 00:16 4201984 c:\windows\Installer\aa44c8.msi
+ 2011-08-10 23:43 . 2011-08-10 23:43 3795968 c:\windows\Installer\629b3.msp
+ 2011-04-29 18:28 . 2011-04-29 18:28 1995264 c:\windows\Installer\629b1.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 2247168 c:\windows\Installer\574cc.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 2531840 c:\windows\Installer\574c2.msp
+ 2010-04-12 03:17 . 2010-04-12 03:17 2607104 c:\windows\Installer\5392c1.msp
+ 2010-04-12 03:17 . 2010-04-12 03:17 4210688 c:\windows\Installer\5392c0.msp
+ 2011-12-13 07:10 . 2011-12-13 07:10 4703232 c:\windows\Installer\423b0.msp
+ 2011-08-10 22:42 . 2011-08-10 22:42 7070208 c:\windows\Installer\3ff6b92.msp
+ 2009-07-27 09:31 . 2009-07-27 09:31 3738624 c:\windows\Installer\3ff6b88.msp
+ 2011-07-27 12:39 . 2011-07-27 12:39 9892352 c:\windows\Installer\3ff6b78.msp
+ 2010-11-21 04:33 . 2010-11-21 04:33 1980928 c:\windows\Installer\3ff6b6e.msp
+ 2011-04-29 17:30 . 2011-04-29 17:30 1197056 c:\windows\Installer\3ff6b64.msp
+ 2011-12-13 07:10 . 2011-12-13 07:10 4703232 c:\windows\Installer\3e7b2.msp
+ 2009-09-17 19:03 . 2009-09-17 19:03 4873216 c:\windows\Installer\35e3fc8.msp
+ 2011-12-13 07:10 . 2011-12-13 07:10 4703232 c:\windows\Installer\30cb5.msp
+ 2009-11-18 00:29 . 2009-11-18 00:29 4870656 c:\windows\Installer\2d4e29e.msp
+ 2011-09-07 23:36 . 2011-09-07 23:36 6069248 c:\windows\Installer\2987b3.msp
+ 2011-11-12 22:38 . 2011-11-12 22:38 3940864 c:\windows\Installer\2986fc.msi
+ 2011-08-10 23:43 . 2011-08-10 23:43 3795968 c:\windows\Installer\1f1da2a.msp
+ 2009-11-09 05:25 . 2009-11-09 05:25 1935360 c:\windows\Installer\1b2835.msp
+ 2010-04-12 03:17 . 2010-04-12 03:17 4210688 c:\windows\Installer\155cbd2.msp
+ 2010-04-12 03:17 . 2010-04-12 03:17 2607104 c:\windows\Installer\155cbd1.msp
+ 2010-09-23 00:05 . 2010-09-23 00:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\rt3d.dll
+ 2010-09-16 09:08 . 2010-09-16 09:08 6210560 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\authplay.dll
+ 2010-06-19 23:51 . 2010-06-19 23:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AGM.dll
+ 2010-02-28 07:33 . 2010-02-28 07:33 3207072 c:\windows\Installer\$PatchCache$\Managed\00004109D60090400000000000F01FEC\14.0.4763\CVH.EXE
+ 2010-02-28 07:33 . 2010-02-28 07:33 4817336 c:\windows\Installer\$PatchCache$\Managed\00004109D60090400000000000F01FEC\14.0.4763\CVH.DLL
+ 2009-04-02 19:35 . 2009-04-02 19:35 1787216 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\PPCNV.DLL
+ 2009-02-05 16:36 . 2009-02-05 16:36 1640800 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\OGL.DLL
+ 2009-04-03 23:21 . 2009-04-03 23:21 8543096 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\OARTCONV.DLL
+ 2006-10-27 02:08 . 2006-10-27 02:08 1764112 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\PPCNV.DLL
+ 2006-10-27 20:18 . 2006-10-27 20:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-27 01:42 . 2006-10-27 01:42 8423224 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2010-07-18 02:29 . 2010-01-05 10:00 1168384 c:\windows\ie7updates\KB982381-IE7\urlmon.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 3599360 c:\windows\ie7updates\KB982381-IE7\mshtml.dll
+ 2010-07-18 02:29 . 2010-01-05 10:00 6067200 c:\windows\ie7updates\KB982381-IE7\ieframe.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 1168384 c:\windows\ie7updates\KB978207-IE7\urlmon.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 3598336 c:\windows\ie7updates\KB978207-IE7\mshtml.dll
+ 2010-01-22 00:26 . 2009-10-29 07:46 6067200 c:\windows\ie7updates\KB978207-IE7\ieframe.dll
+ 2009-11-05 12:58 . 2009-08-29 07:36 3598336 c:\windows\ie7updates\KB976749-IE7\mshtml.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 1168384 c:\windows\ie7updates\KB976325-IE7\urlmon.dll
+ 2009-12-10 13:03 . 2009-10-21 04:08 3598336 c:\windows\ie7updates\KB976325-IE7\mshtml.dll
+ 2009-12-10 13:03 . 2009-08-29 07:36 6067200 c:\windows\ie7updates\KB976325-IE7\ieframe.dll
+ 2009-10-14 11:58 . 2009-06-29 16:12 1159680 c:\windows\ie7updates\KB974455-IE7\urlmon.dll
+ 2009-10-14 11:58 . 2009-07-19 13:33 3597824 c:\windows\ie7updates\KB974455-IE7\mshtml.dll
+ 2009-10-14 11:58 . 2009-07-19 13:32 6067200 c:\windows\ie7updates\KB974455-IE7\ieframe.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 1168896 c:\windows\ie7updates\KB2586448-IE7\urlmon.dll
+ 2011-10-13 08:05 . 2011-07-22 16:35 3613696 c:\windows\ie7updates\KB2586448-IE7\mshtml.dll
+ 2011-10-13 08:05 . 2011-06-21 18:45 6076416 c:\windows\ie7updates\KB2586448-IE7\ieframe.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 1168384 c:\windows\ie7updates\KB2559049-IE7\urlmon.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 3600384 c:\windows\ie7updates\KB2559049-IE7\mshtml.dll
+ 2011-10-07 22:21 . 2010-05-04 17:20 6067200 c:\windows\ie7updates\KB2559049-IE7\ieframe.dll
+ 2011-10-07 21:55 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2011-10-07 21:55 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2011-10-07 21:55 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2011-10-07 21:55 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-10-13 08:03 . 2011-10-13 08:03 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_7dc99be9\System.dll
+ 2011-10-13 08:01 . 2011-10-13 08:01 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_04aba64e\System.dll
+ 2011-10-13 08:03 . 2011-10-13 08:03 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_34cbc9f2\System.Xml.dll
+ 2011-10-13 08:02 . 2011-10-13 08:02 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_2579bc70\System.Xml.dll
+ 2011-10-13 08:03 . 2011-10-13 08:03 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f99e6f46\System.Windows.Forms.dll
+ 2011-10-13 08:02 . 2011-10-13 08:02 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_cd0bd427\System.Windows.Forms.dll
+ 2011-10-13 08:03 . 2011-10-13 08:03 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_2e27045b\System.Drawing.dll
+ 2011-10-13 08:03 . 2011-10-13 08:03 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7729daf6\System.Design.dll
+ 2011-10-13 08:02 . 2011-10-13 08:02 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_06d6529c\System.Design.dll
+ 2011-10-13 08:02 . 2011-10-13 08:02 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e5abc76c\mscorlib.dll
+ 2011-10-13 08:03 . 2011-10-13 08:03 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7003c0ce\mscorlib.dll
+ 2011-10-11 08:07 . 2011-10-11 08:07 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\76e431fde1b252312b331f7108259fda\WindowsBase.ni.dll
+ 2011-10-11 08:13 . 2011-10-11 08:13 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\9e022c95e79f2b6f383a501ad99f08a9\UIAutomationClientsideProviders.ni.dll
+ 2011-10-11 08:06 . 2011-10-11 08:06 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll
+ 2011-10-11 08:13 . 2011-10-11 08:13 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll
+ 2011-10-11 08:23 . 2011-10-11 08:23 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\6346221cecf631e5c0b754d842aad102\System.WorkflowServices.ni.dll
+ 2011-10-11 08:22 . 2011-10-11 08:22 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\1fbcd203ff8d77d561df8bf806417ab6\System.Workflow.Runtime.ni.dll
+ 2011-10-11 08:22 . 2011-10-11 08:22 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\efbaf3696c44fd7d4b3cd925e0437b36\System.Workflow.ComponentModel.ni.dll
+ 2011-10-11 08:22 . 2011-10-11 08:22 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\52a9bc5dd1fa497af7c7f4600bd8e6d1\System.Workflow.Activities.ni.dll
+ 2011-10-11 08:22 . 2011-10-11 08:22 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f5ebeeb0a8aaba9db15ec3df591339ba\System.Web.Services.ni.dll
+ 2011-10-11 08:22 . 2011-10-11 08:22 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\92d6b75e3b63b528d4069bf4ee01983a\System.Web.Mobile.ni.dll
+ 2011-10-11 08:21 . 2011-10-11 08:21 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\02d53154634c8000382942e0f43ead41\System.Web.Extensions.ni.dll
+ 2011-10-11 08:12 . 2011-10-11 08:12 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\dd128c8e21e7fa14c12b71df9892d046\System.Speech.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:21 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8b0bb430bb6af96c18b43e3c54cfafe8\System.ServiceModel.Web.ni.dll
+ 2011-10-11 08:15 . 2011-10-11 08:15 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\85090bd451617e204ffda625b8d9fc30\System.Runtime.Serialization.ni.dll
+ 2011-10-11 08:12 . 2011-10-11 08:12 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\85a7a7aace114e78fc6c9b219bcd5551\System.Printing.ni.dll
+ 2011-12-12 02:34 . 2011-12-12 02:34 4949504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\876db00ef234cf20a8fe6dd93dc0212a\System.Management.Automation.ni.dll
+ 2011-10-11 08:15 . 2011-10-11 08:15 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\86c59378e9a43bf101a10ad452a4bb8e\System.IdentityModel.ni.dll
+ 2011-10-11 08:12 . 2011-10-11 08:12 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c05d9332116964104c721e97f7ce1058\System.DirectoryServices.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0118c0c73ea5c77bda7b10b188102ab6\System.Deployment.ni.dll
+ 2011-10-11 08:11 . 2011-10-11 08:11 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\1337829e3df6888464a17aab78bb9b8f\System.Data.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ba3ca7a93e227c32ce7b50d0a7ba935f\System.Data.SqlXml.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de52be5da96059651b5bec800cb4605\System.Data.Services.ni.dll
+ 2011-10-11 08:11 . 2011-10-11 08:11 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\11f1306e0e311a0d0cbd139fb2fa4c36\System.Data.Linq.ni.dll
+ 2011-10-11 08:19 . 2011-10-11 08:19 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\c91e83e85c030bc914ecc302fa9b2c60\System.Data.Entity.ni.dll
+ 2011-10-11 08:11 . 2011-10-11 08:11 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\684fe21837d3cf3e5935bbd0a7f53141\System.Core.ni.dll
+ 2011-10-11 08:11 . 2011-10-11 08:11 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\12efddabe6fe35be21246c88ed9bf8ab\ReachFramework.ni.dll
+ 2011-10-11 08:10 . 2011-10-11 08:10 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\257c9327ba9cc5cd87f58de224aa2e0d\PresentationUI.ni.dll
+ 2011-10-11 08:06 . 2011-10-11 08:06 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b117bf63daa7e587f1bb2d975dccb4af\PresentationBuildTasks.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\269103939243ec6929739c8b9a645c0d\Microsoft.VisualBasic.ni.dll
+ 2011-10-11 08:16 . 2011-10-11 08:16 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\bf7bd26d2828e35156814018939ce4f6\Microsoft.Transactions.Bridge.ni.dll
+ 2011-10-11 08:20 . 2011-10-11 08:20 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\6594c17d7e112b0507b701d5b8a67bba\Microsoft.JScript.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f5eb1e42ccd0f67f7496b94a31949cd0\Microsoft.Build.Tasks.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cc7f05675a5cd8014222be1483d6beaf\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-10-11 08:17 . 2011-10-11 08:17 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\41cf95aa4ff5765b515d3252abc6353b\Microsoft.Build.Engine.ni.dll
+ 2010-07-17 21:24 . 2010-07-17 21:24 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2011-10-11 08:04 . 2011-10-11 08:04 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-11 08:04 . 2011-10-11 08:04 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-10-07 22:18 . 2011-10-07 22:18 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2009-08-21 12:13 . 2009-08-21 12:13 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-07-18 04:29 . 2010-07-18 04:29 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2011-12-12 02:11 . 2011-12-12 02:11 1564672 c:\windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-07-17 21:23 . 2010-07-17 21:23 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-10-11 08:04 . 2011-10-11 08:04 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-08-21 12:11 . 2009-08-21 12:11 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-07-17 21:23 . 2010-07-17 21:23 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2009-08-21 12:07 . 2009-08-21 12:07 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-10-11 08:03 . 2011-10-11 08:03 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-08-15 22:44 . 2007-08-15 22:44 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-10-13 08:01 . 2011-10-13 08:01 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-10-13 08:01 . 2011-10-13 08:01 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-08-15 22:44 . 2007-08-15 22:44 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-05-21 14:39 . 2011-12-10 01:45 1269760 c:\windows\.jagex_cache_32\runescape\sw3d.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 1171968 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\urlmon.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 3603456 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mshtml.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 6071296 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieframe.dll
+ 2010-07-17 21:11 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieapfltr.dat
+ 2011-10-07 21:56 . 2010-06-18 13:43 3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe
+ 2010-07-16 12:04 . 2010-07-16 12:04 1289216 c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
+ 2010-05-02 06:34 . 2010-05-02 06:34 1860352 c:\windows\$hf_mig$\KB979559\SP3QFE\win32k.sys
+ 2010-01-29 14:53 . 2010-01-29 14:53 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 1170944 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\urlmon.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 3602944 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
+ 2010-01-05 09:57 . 2010-01-05 09:57 6071296 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieframe.dll
+ 2010-01-21 21:25 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieapfltr.dat
+ 2009-10-21 03:59 . 2009-10-21 03:59 3602432 c:\windows\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 1170944 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\urlmon.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 3602432 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 6070784 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieframe.dll
+ 2009-12-10 00:51 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieapfltr.dat
+ 2010-02-05 18:29 . 2010-02-05 18:29 1291776 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll
+ 2010-07-17 21:09 . 2009-10-23 14:53 3558912 c:\windows\$hf_mig$\KB975561\SP3QFE\moviemk.exe
+ 2009-11-27 17:23 . 2009-11-27 17:23 1291776 c:\windows\$hf_mig$\KB975560\SP3QFE\quartz.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 1170944 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\urlmon.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 3600384 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mshtml.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 6070784 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieframe.dll
+ 2009-10-14 01:58 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieapfltr.dat
+ 2009-11-24 20:25 . 2009-07-31 04:24 1447424 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml6.dll
+ 2009-11-24 20:25 . 2009-07-31 04:24 1172480 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml3.dll
+ 2009-10-14 01:51 . 2009-08-04 13:56 2189312 c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
+ 2009-10-14 01:51 . 2009-08-04 13:17 2023936 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrpamp.exe
+ 2009-08-04 23:47 . 2009-08-04 23:47 2066176 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
+ 2009-10-14 01:51 . 2009-08-04 13:54 2145280 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlmp.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2009-08-14 12:19 . 2009-08-14 12:19 1859712 c:\windows\$hf_mig$\KB969947\SP3QFE\win32k.sys
+ 2009-07-17 16:01 . 2009-07-17 16:01 1435648 c:\windows\$hf_mig$\KB969059\SP3QFE\query.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 1172992 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\urlmon.dll
+ 2011-08-18 10:00 . 2011-08-18 10:00 3617792 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\mshtml.dll
+ 2011-08-17 21:30 . 2011-08-17 21:30 6080512 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\ieframe.dll
+ 2011-10-12 22:26 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\ieapfltr.dat
+ 2011-09-06 13:25 . 2011-09-06 13:25 1867904 c:\windows\$hf_mig$\KB2567053\SP3QFE\win32k.sys
+ 2011-06-21 18:43 . 2011-06-21 18:43 1172992 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\urlmon.dll
+ 2011-07-22 16:32 . 2011-07-22 16:32 3615744 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\mshtml.dll
+ 2011-06-21 18:43 . 2011-06-21 18:43 6081024 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\ieframe.dll
+ 2011-10-07 21:46 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\ieapfltr.dat
+ 2011-06-02 14:07 . 2011-06-02 14:07 1867904 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys
+ 2011-01-21 14:42 . 2011-01-21 14:42 8463360 c:\windows\$hf_mig$\KB2483185\SP3QFE\shell32.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2011-10-07 21:55 . 2010-12-09 13:43 2192768 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
+ 2011-10-07 21:55 . 2010-12-09 13:09 2027008 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe
+ 2010-12-09 23:39 . 2010-12-09 23:39 2069376 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
+ 2011-10-07 21:55 . 2010-12-09 13:47 2148864 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe
+ 2010-06-14 07:39 . 2010-06-14 07:39 1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll
+ 2007-08-15 20:17 . 2011-12-25 00:25 81946780 c:\windows\system32\Restore\rstrlog.dat
+ 2009-04-04 00:56 . 2011-10-28 04:04 50295240 c:\windows\system32\MRT.exe
+ 2004-08-10 17:51 . 2004-08-10 15:08 13107200 c:\windows\system32\dllcache\oembios.bin
+ 2011-07-13 03:49 . 2011-07-13 03:49 11459584 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp
+ 2009-04-04 12:35 . 2009-04-04 12:35 36977152 c:\windows\Installer\aacc2.msp
+ 2011-10-07 22:22 . 2011-10-07 22:22 20333056 c:\windows\Installer\aacab.msp
+ 2008-08-11 16:49 . 2008-08-11 16:49 22457344 c:\windows\Installer\aac9e.msp
+ 2011-08-22 04:14 . 2011-08-22 04:14 20647936 c:\windows\Installer\aac80.msp
+ 2010-09-24 12:08 . 2010-09-24 12:08 17518080 c:\windows\Installer\aac55.msp
+ 2010-12-17 23:19 . 2010-12-17 23:19 20304384 c:\windows\Installer\5ce2964.msp
+ 2010-04-12 03:17 . 2010-04-12 03:17 14599680 c:\windows\Installer\5392d0.msp
+ 2009-08-15 01:32 . 2009-08-15 01:32 11110912 c:\windows\Installer\35e3fe8.msp
+ 2009-08-10 19:09 . 2009-08-10 19:09 17254912 c:\windows\Installer\35e3fdf.msp
+ 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\2987b5.msp
+ 2011-06-08 04:39 . 2011-06-08 04:39 19798016 c:\windows\Installer\2987b4.msp
+ 2011-07-12 20:50 . 2011-07-12 20:50 17555968 c:\windows\Installer\2326ced.msp
+ 2011-02-12 01:47 . 2011-02-12 01:47 12028928 c:\windows\Installer\215b783.msp
+ 2010-03-31 06:23 . 2010-03-31 06:23 15638528 c:\windows\Installer\1b2842.msp
+ 2010-09-23 09:03 . 2010-09-23 09:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.dll
+ 2009-04-03 23:21 . 2009-04-03 23:21 16037736 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\OART.DLL
+ 2009-04-03 23:46 . 2009-04-03 23:46 17314688 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\MSO.DLL
+ 2006-10-27 20:14 . 2006-10-27 20:14 14151456 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-27 20:26 . 2006-10-27 20:26 16870712 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\MSO.DLL
+ 2011-10-11 08:13 . 2011-10-11 08:13 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll
+ 2011-10-11 08:21 . 2011-10-11 08:21 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d7b7ee04166212533ae21eaeb584fb0d\System.Web.ni.dll
+ 2011-10-11 08:16 . 2011-10-11 08:16 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b5f24d96334ea08b99350421450d3ba4\System.ServiceModel.ni.dll
+ 2011-10-11 08:12 . 2011-10-11 08:12 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\5aeadb9ff9a86f49130de5976a9f1744\System.Design.ni.dll
+ 2011-10-11 08:10 . 2011-10-11 08:10 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1a5d89d569e2e12842daf4d87c57361a\PresentationFramework.ni.dll
+ 2011-10-11 08:09 . 2011-10-11 08:09 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\46c57d845e55232a89e98101075cd455\PresentationCore.ni.dll
+ 2011-10-11 08:05 . 2011-10-11 08:05 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn1\yt.dll" [2011-12-09 1517368]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-11-24 6497592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-05-22 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-06 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-06-01 458752]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-10-17 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-12-11 296056]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1318816]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.229\SSScheduler.exe [2011-9-20 272528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-05 17:23 87352 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=fxscover.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^HELEN^Start Menu^Programs^Startup^MLB.TV NexDef Plug-in.lnk]
path=c:\documents and settings\HELEN\Start Menu\Programs\Startup\MLB.TV NexDef Plug-in.lnk
backup=c:\windows\pss\MLB.TV NexDef Plug-in.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
2011-12-20 21:41 2696512 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2007-11-06 22:34 67128 -c--a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
2004-06-01 10:46 196608 ------w- c:\program files\Logitech\Video\ManifestEngine.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2004-06-01 17:03 217088 -c----w- c:\program files\Logitech\Video\LogiTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2011-08-31 23:00 1047208 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2011-11-24 05:05 6497592 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-10-17 11:40 98304 -c--a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Tmntsrv"=2 (0x2)
"Symantec Core LC"=3 (0x3)
"PcCtlCom"=2 (0x2)
"ccSetMgr"=2 (0x2)
"ccPwdSvc"=3 (0x3)
"ccEvtMgr"=2 (0x2)
"aawservice"=2 (0x2)
"ZuneWlanCfgSvc"=3 (0x3)
"ZuneNetworkSvc"=3 (0x3)
"ZuneBusEnum"=2 (0x2)
"YahooAUService"=2 (0x2)
"TapiSrv"=3 (0x3)
"TermService"=3 (0x3)
"Schedule"=2 (0x2)
"mnmsrvc"=3 (0x3)
"LogMeIn"=2 (0x2)
"LMIMaint"=2 (0x2)
"wuauserv"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"53:UDP"= 53:UDP:Promo
.
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [12/15/2011 6:37 PM 89792]
R2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [10/20/2010 2:23 PM 821664]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11/21/2011 6:52 PM 366152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [12/14/2011 7:26 PM 94880]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [12/15/2011 6:39 PM 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [12/15/2011 6:39 PM 214904]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [12/15/2011 6:39 PM 160608]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [12/15/2011 6:37 PM 150856]
R2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [9/14/2010 4:46 AM 508264]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11/21/2011 6:52 PM 22216]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [12/15/2011 6:37 PM 338176]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [12/15/2011 6:37 PM 83856]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfsxp.sys [12/2/2009 9:23 PM 581480]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplayxp.sys [12/2/2009 9:23 PM 209640]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [12/2/2009 9:23 PM 20584]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolxp.sys [12/2/2009 9:23 PM 18280]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [9/14/2010 4:46 AM 219496]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/8/2011 8:31 PM 136176]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [12/15/2011 6:37 PM 57600]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/8/2011 8:31 PM 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.229\McCHSvc.exe [9/20/2011 10:15 AM 237008]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [12/15/2011 6:37 PM 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [12/15/2011 6:37 PM 87656]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 02:31]
.
2011-12-28 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1912649743-2128827580-1748673051-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 22:14]
.
2011-12-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1912649743-2128827580-1748673051-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 22:14]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 97.64.209.36 97.64.168.13
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.facebook.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mkg030&p=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 52061
FF - prefs.js: network.proxy.type - 4
pref(dom.disable_open_during_load, false);FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{E4E6BF2A-1667-11DF-A01F-1F9655D89593} - (no file)
SafeBoot-01810388.sys
SafeBoot-87285287.sys
MSConfigStartUp-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe
MSConfigStartUp-NapsterShell - c:\program files\Napster\napster.exe
MSConfigStartUp-Search Protection - c:\program files\Yahoo!\Search Protection\SearchProtection.exe
MSConfigStartUp-VeohPlugin - c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-28 16:22
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3160812A rev.3.ADH -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0xF7518864
user & kernel MBR OK
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\LMIinit.dll
.
- - - - - - - > 'Explorer.EXE'(1880)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
c:\windows\system32\PSIService.exe
c:\windows\system32\sessmgr.exe
c:\windows\system32\locator.exe
c:\windows\system32\rsvp.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Common Files\McAfee\SystemCore\mcshield.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2011-12-28 16:29:31 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-28 22:29
ComboFix2.txt 2009-10-11 19:25
ComboFix3.txt 2009-10-11 18:03
ComboFix4.txt 2009-04-07 23:45
.
Pre-Run: 71,694,782,464 bytes free
Post-Run: 71,597,776,896 bytes free
.
- - End Of File - - 5AB895AE106CC63D1A4C942570D643D0

Attached Thumbnails

  • diskmgt1.jpg

  • 0

#4
JustinLeeA25

JustinLeeA25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Here are the two TDSSKiller Logs:

17:06:57.0484 1160 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
17:06:57.0890 1160 ============================================================
17:06:57.0890 1160 Current date / time: 2011/12/28 17:06:57.0890
17:06:57.0890 1160 SystemInfo:
17:06:57.0890 1160
17:06:57.0890 1160 OS Version: 5.1.2600 ServicePack: 3.0
17:06:57.0890 1160 Product type: Workstation
17:06:57.0890 1160 ComputerName: HELEN
17:06:57.0890 1160 UserName: HELEN
17:06:57.0890 1160 Windows directory: C:\WINDOWS
17:06:57.0890 1160 System windows directory: C:\WINDOWS
17:06:57.0890 1160 Processor architecture: Intel x86
17:06:57.0890 1160 Number of processors: 1
17:06:57.0890 1160 Page size: 0x1000
17:06:57.0890 1160 Boot type: Normal boot
17:06:57.0890 1160 ============================================================
17:06:59.0453 1160 Initialize success
17:07:01.0546 0908 ============================================================
17:07:01.0546 0908 Scan started
17:07:01.0546 0908 Mode: Manual;
17:07:01.0546 0908 ============================================================
17:07:03.0546 0908 Abiosdsk - ok
17:07:03.0609 0908 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:07:03.0625 0908 abp480n5 - ok
17:07:03.0687 0908 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:07:03.0703 0908 ACPI - ok
17:07:03.0765 0908 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:07:03.0765 0908 ACPIEC - ok
17:07:03.0843 0908 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:07:03.0843 0908 adpu160m - ok
17:07:03.0937 0908 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:07:03.0937 0908 aec - ok
17:07:04.0000 0908 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:07:04.0000 0908 AFD - ok
17:07:04.0062 0908 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:07:04.0062 0908 agp440 - ok
17:07:04.0390 0908 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:07:04.0390 0908 agpCPQ - ok
17:07:04.0484 0908 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:07:04.0484 0908 Aha154x - ok
17:07:04.0562 0908 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:07:04.0578 0908 aic78u2 - ok
17:07:04.0625 0908 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:07:04.0625 0908 aic78xx - ok
17:07:04.0687 0908 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:07:04.0687 0908 AliIde - ok
17:07:04.0765 0908 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:07:04.0765 0908 alim1541 - ok
17:07:04.0828 0908 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:07:04.0859 0908 amdagp - ok
17:07:04.0937 0908 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:07:04.0937 0908 amsint - ok
17:07:05.0046 0908 AR5211 (f6f31f142a2ff302b8d1ecda9fe14a6b) C:\WINDOWS\system32\DRIVERS\ar5211.sys
17:07:05.0062 0908 AR5211 - ok
17:07:05.0140 0908 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:07:05.0140 0908 asc - ok
17:07:05.0265 0908 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:07:05.0265 0908 asc3350p - ok
17:07:05.0328 0908 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:07:05.0328 0908 asc3550 - ok
17:07:05.0437 0908 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:07:05.0437 0908 AsyncMac - ok
17:07:05.0515 0908 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:07:05.0515 0908 atapi - ok
17:07:05.0531 0908 Atdisk - ok
17:07:05.0593 0908 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:07:05.0593 0908 Atmarpc - ok
17:07:05.0703 0908 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:07:05.0703 0908 audstub - ok
17:07:05.0781 0908 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:07:05.0781 0908 Beep - ok
17:07:05.0875 0908 bvrp_pci - ok
17:07:05.0875 0908 catchme - ok
17:07:05.0968 0908 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:07:05.0968 0908 cbidf - ok
17:07:06.0046 0908 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:07:06.0046 0908 cbidf2k - ok
17:07:06.0109 0908 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:07:06.0109 0908 CCDECODE - ok
17:07:06.0171 0908 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:07:06.0171 0908 cd20xrnt - ok
17:07:06.0265 0908 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:07:06.0265 0908 Cdaudio - ok
17:07:06.0359 0908 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:07:06.0359 0908 Cdfs - ok
17:07:06.0437 0908 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:07:06.0453 0908 Cdrom - ok
17:07:06.0531 0908 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys
17:07:06.0546 0908 cfwids - ok
17:07:06.0593 0908 Changer - ok
17:07:06.0671 0908 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:07:06.0671 0908 CmdIde - ok
17:07:06.0765 0908 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:07:06.0781 0908 Cpqarray - ok
17:07:06.0890 0908 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:07:06.0906 0908 dac2w2k - ok
17:07:06.0984 0908 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:07:06.0984 0908 dac960nt - ok
17:07:07.0078 0908 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:07:07.0093 0908 Disk - ok
17:07:07.0140 0908 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:07:07.0156 0908 dmboot - ok
17:07:07.0234 0908 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:07:07.0234 0908 dmio - ok
17:07:07.0312 0908 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:07:07.0312 0908 dmload - ok
17:07:07.0437 0908 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:07:07.0437 0908 DMusic - ok
17:07:07.0500 0908 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:07:07.0500 0908 dpti2o - ok
17:07:07.0546 0908 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:07:07.0562 0908 drmkaud - ok
17:07:07.0609 0908 DSproct - ok
17:07:07.0671 0908 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:07:07.0687 0908 E100B - ok
17:07:07.0765 0908 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:07:07.0765 0908 Fastfat - ok
17:07:07.0875 0908 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:07:07.0890 0908 Fdc - ok
17:07:07.0937 0908 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:07:07.0937 0908 Fips - ok
17:07:08.0000 0908 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:07:08.0015 0908 Flpydisk - ok
17:07:08.0109 0908 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:07:08.0109 0908 FltMgr - ok
17:07:08.0187 0908 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:07:08.0187 0908 Fs_Rec - ok
17:07:08.0218 0908 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:07:08.0234 0908 Ftdisk - ok
17:07:08.0296 0908 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:07:08.0296 0908 Gpc - ok
17:07:08.0359 0908 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:07:08.0359 0908 HidUsb - ok
17:07:08.0437 0908 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:07:08.0437 0908 hpn - ok
17:07:08.0484 0908 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
17:07:08.0500 0908 HSFHWBS2 - ok
17:07:08.0546 0908 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
17:07:08.0578 0908 HSF_DP - ok
17:07:08.0687 0908 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:07:08.0687 0908 HTTP - ok
17:07:08.0765 0908 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:07:08.0765 0908 i2omgmt - ok
17:07:08.0828 0908 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:07:08.0843 0908 i2omp - ok
17:07:08.0890 0908 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:07:08.0890 0908 i8042prt - ok
17:07:08.0984 0908 ialm (0294a30b302ca71a2c26e582dda93486) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:07:09.0000 0908 ialm - ok
17:07:09.0140 0908 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:07:09.0140 0908 Imapi - ok
17:07:09.0187 0908 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:07:09.0187 0908 ini910u - ok
17:07:09.0250 0908 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:07:09.0250 0908 IntelIde - ok
17:07:09.0312 0908 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:07:09.0312 0908 intelppm - ok
17:07:09.0359 0908 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:07:09.0359 0908 Ip6Fw - ok
17:07:09.0406 0908 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:07:09.0406 0908 IpFilterDriver - ok
17:07:09.0515 0908 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:07:09.0515 0908 IpInIp - ok
17:07:09.0562 0908 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:07:09.0578 0908 IpNat - ok
17:07:09.0625 0908 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:07:09.0625 0908 IPSec - ok
17:07:09.0687 0908 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:07:09.0687 0908 IRENUM - ok
17:07:09.0781 0908 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:07:09.0781 0908 isapnp - ok
17:07:09.0843 0908 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:07:09.0843 0908 Kbdclass - ok
17:07:09.0906 0908 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:07:09.0906 0908 kbdhid - ok
17:07:10.0000 0908 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:07:10.0000 0908 kmixer - ok
17:07:10.0078 0908 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:07:10.0078 0908 KSecDD - ok
17:07:10.0171 0908 L8042Kbd (5a11400ea1f0a106fe7edb28c270f7b8) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
17:07:10.0171 0908 L8042Kbd - ok
17:07:10.0265 0908 L8042mou (20c919b52897b72ebcb2ad2fc29d8ef0) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
17:07:10.0265 0908 L8042mou - ok
17:07:10.0343 0908 lbrtfdc - ok
17:07:10.0421 0908 LHidKe (31b582394da3290dff300f10952e9a4d) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
17:07:10.0421 0908 LHidKe - ok
17:07:10.0515 0908 LMIInfo - ok
17:07:10.0562 0908 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:07:10.0562 0908 lmimirr - ok
17:07:10.0593 0908 LMIRfsClientNP - ok
17:07:10.0671 0908 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
17:07:10.0671 0908 LMIRfsDriver - ok
17:07:10.0734 0908 LMouKE (90a794d0a0bf3531c4ba1c0510449629) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
17:07:10.0734 0908 LMouKE - ok
17:07:10.0812 0908 LVUSBSta (a9abad5fcb7011114082933b01e13fce) C:\WINDOWS\system32\drivers\lvusbsta.sys
17:07:10.0812 0908 LVUSBSta - ok
17:07:10.0906 0908 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
17:07:10.0937 0908 MBAMProtector - ok
17:07:11.0109 0908 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:07:11.0109 0908 mdmxsdk - ok
17:07:11.0203 0908 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys
17:07:11.0218 0908 mfeapfk - ok
17:07:11.0296 0908 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys
17:07:11.0312 0908 mfeavfk - ok
17:07:11.0343 0908 mfeavfk01 - ok
17:07:11.0406 0908 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys
17:07:11.0421 0908 mfebopk - ok
17:07:11.0500 0908 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys
17:07:11.0515 0908 mfefirek - ok
17:07:11.0609 0908 mfehidk (56d330981866a72f061dd16cc5004513) C:\WINDOWS\system32\drivers\mfehidk.sys
17:07:11.0625 0908 mfehidk - ok
17:07:11.0671 0908 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
17:07:11.0671 0908 mfendisk - ok
17:07:11.0703 0908 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
17:07:11.0703 0908 mfendiskmp - ok
17:07:11.0781 0908 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\WINDOWS\system32\drivers\mferkdet.sys
17:07:11.0781 0908 mferkdet - ok
17:07:11.0859 0908 mferkdk (c2ec40b1fd35cae0aa749ed318ecc571) C:\WINDOWS\system32\drivers\mferkdk.sys
17:07:11.0875 0908 mferkdk - ok
17:07:11.0953 0908 mfesmfk (257f236a8d97fb109790b31e6c94d39b) C:\WINDOWS\system32\drivers\mfesmfk.sys
17:07:11.0953 0908 mfesmfk - ok
17:07:12.0046 0908 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys
17:07:12.0046 0908 mfetdi2k - ok
17:07:12.0156 0908 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:07:12.0156 0908 mnmdd - ok
17:07:12.0218 0908 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:07:12.0218 0908 Modem - ok
17:07:12.0250 0908 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
17:07:12.0250 0908 MODEMCSA - ok
17:07:12.0281 0908 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:07:12.0281 0908 Mouclass - ok
17:07:12.0343 0908 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:07:12.0343 0908 mouhid - ok
17:07:12.0390 0908 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:07:12.0406 0908 MountMgr - ok
17:07:12.0453 0908 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:07:12.0453 0908 mraid35x - ok
17:07:12.0484 0908 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:07:12.0484 0908 MRxDAV - ok
17:07:12.0546 0908 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:07:12.0562 0908 MRxSmb - ok
17:07:12.0656 0908 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:07:12.0656 0908 Msfs - ok
17:07:12.0734 0908 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:07:12.0734 0908 MSKSSRV - ok
17:07:12.0812 0908 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:07:12.0828 0908 MSPCLOCK - ok
17:07:12.0890 0908 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:07:12.0890 0908 MSPQM - ok
17:07:12.0968 0908 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:07:12.0968 0908 mssmbios - ok
17:07:13.0031 0908 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:07:13.0031 0908 MSTEE - ok
17:07:13.0125 0908 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:07:13.0125 0908 Mup - ok
17:07:13.0187 0908 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:07:13.0187 0908 NABTSFEC - ok
17:07:13.0296 0908 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:07:13.0296 0908 NDIS - ok
17:07:13.0390 0908 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:07:13.0390 0908 NdisIP - ok
17:07:13.0468 0908 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:07:13.0468 0908 NdisTapi - ok
17:07:13.0546 0908 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:07:13.0546 0908 Ndisuio - ok
17:07:13.0578 0908 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:07:13.0593 0908 NdisWan - ok
17:07:13.0687 0908 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:07:13.0687 0908 NDProxy - ok
17:07:13.0750 0908 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:07:13.0750 0908 NetBIOS - ok
17:07:13.0812 0908 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:07:13.0812 0908 NetBT - ok
17:07:13.0953 0908 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:07:13.0953 0908 Npfs - ok
17:07:14.0000 0908 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:07:14.0015 0908 Ntfs - ok
17:07:14.0109 0908 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:07:14.0109 0908 Null - ok
17:07:14.0250 0908 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:07:14.0328 0908 nv - ok
17:07:14.0421 0908 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:07:14.0421 0908 NwlnkFlt - ok
17:07:14.0484 0908 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:07:14.0484 0908 NwlnkFwd - ok
17:07:14.0578 0908 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:07:14.0578 0908 Parport - ok
17:07:14.0640 0908 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:07:14.0640 0908 PartMgr - ok
17:07:14.0703 0908 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:07:14.0718 0908 ParVdm - ok
17:07:14.0781 0908 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:07:14.0796 0908 PCI - ok
17:07:14.0843 0908 PCIDump - ok
17:07:14.0937 0908 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:07:14.0937 0908 PCIIde - ok
17:07:15.0015 0908 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:07:15.0015 0908 Pcmcia - ok
17:07:15.0046 0908 PDCOMP - ok
17:07:15.0078 0908 PDFRAME - ok
17:07:15.0093 0908 PDRELI - ok
17:07:15.0125 0908 PDRFRAME - ok
17:07:15.0156 0908 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:07:15.0171 0908 perc2 - ok
17:07:15.0218 0908 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:07:15.0218 0908 perc2hib - ok
17:07:15.0296 0908 PID_08A0 (9070ed08873a70da3b1ba0b281363a79) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
17:07:15.0312 0908 PID_08A0 - ok
17:07:15.0390 0908 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:07:15.0390 0908 PptpMiniport - ok
17:07:15.0515 0908 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:07:15.0531 0908 PSched - ok
17:07:15.0562 0908 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:07:15.0562 0908 Ptilink - ok
17:07:15.0703 0908 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:07:15.0703 0908 PxHelp20 - ok
17:07:15.0750 0908 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:07:15.0765 0908 ql1080 - ok
17:07:15.0796 0908 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:07:15.0796 0908 Ql10wnt - ok
17:07:15.0843 0908 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:07:15.0843 0908 ql12160 - ok
17:07:15.0890 0908 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:07:15.0890 0908 ql1240 - ok
17:07:15.0937 0908 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:07:15.0953 0908 ql1280 - ok
17:07:16.0000 0908 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:07:16.0000 0908 RasAcd - ok
17:07:16.0062 0908 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:07:16.0062 0908 Rasl2tp - ok
17:07:16.0093 0908 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:07:16.0109 0908 RasPppoe - ok
17:07:16.0125 0908 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:07:16.0125 0908 Raspti - ok
17:07:16.0156 0908 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:07:16.0171 0908 Rdbss - ok
17:07:16.0203 0908 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:07:16.0203 0908 RDPCDD - ok
17:07:16.0281 0908 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:07:16.0296 0908 rdpdr - ok
17:07:16.0390 0908 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
17:07:16.0390 0908 RDPWD - ok
17:07:16.0468 0908 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:07:16.0468 0908 redbook - ok
17:07:16.0593 0908 SABProcEnum - ok
17:07:16.0765 0908 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:07:16.0765 0908 Secdrv - ok
17:07:16.0875 0908 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
17:07:16.0937 0908 senfilt - ok
17:07:17.0000 0908 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:07:17.0000 0908 serenum - ok
17:07:17.0031 0908 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:07:17.0031 0908 Serial - ok
17:07:17.0140 0908 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
17:07:17.0140 0908 Sfloppy - ok
17:07:17.0218 0908 Sftfs (44d20201a6c3fe4a634a559f8105f5b4) C:\WINDOWS\system32\DRIVERS\Sftfsxp.sys
17:07:17.0234 0908 Sftfs - ok
17:07:17.0296 0908 Sftplay (0e108d75f8db551669e5eb37cbf5bc02) C:\WINDOWS\system32\DRIVERS\Sftplayxp.sys
17:07:17.0312 0908 Sftplay - ok
17:07:17.0375 0908 Sftredir (65b31b4ba9efeace4dd95ed94051139f) C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys
17:07:17.0375 0908 Sftredir - ok
17:07:17.0421 0908 Sftvol (97604f605310f50dc49a2994c3264a42) C:\WINDOWS\system32\DRIVERS\Sftvolxp.sys
17:07:17.0421 0908 Sftvol - ok
17:07:17.0484 0908 Simbad - ok
17:07:17.0562 0908 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:07:17.0562 0908 sisagp - ok
17:07:17.0640 0908 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:07:17.0640 0908 SLIP - ok
17:07:17.0718 0908 smwdm (0066ff77aeb4ae70066f7e94d5a6d866) C:\WINDOWS\system32\drivers\smwdm.sys
17:07:17.0718 0908 smwdm - ok
17:07:17.0796 0908 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:07:17.0796 0908 Sparrow - ok
17:07:17.0890 0908 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:07:17.0890 0908 splitter - ok
17:07:18.0000 0908 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:07:18.0015 0908 sr - ok
17:07:18.0109 0908 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:07:18.0125 0908 Srv - ok
17:07:18.0218 0908 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:07:18.0234 0908 streamip - ok
17:07:18.0250 0908 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:07:18.0265 0908 swenum - ok
17:07:18.0328 0908 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:07:18.0359 0908 swmidi - ok
17:07:18.0421 0908 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:07:18.0421 0908 symc810 - ok
17:07:18.0468 0908 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:07:18.0468 0908 symc8xx - ok
17:07:18.0531 0908 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:07:18.0531 0908 sym_hi - ok
17:07:18.0609 0908 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:07:18.0609 0908 sym_u3 - ok
17:07:18.0687 0908 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:07:18.0703 0908 sysaudio - ok
17:07:18.0796 0908 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:07:18.0796 0908 Tcpip - ok
17:07:18.0859 0908 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:07:18.0859 0908 TDPIPE - ok
17:07:18.0937 0908 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:07:18.0953 0908 TDTCP - ok
17:07:19.0015 0908 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:07:19.0031 0908 TermDD - ok
17:07:19.0140 0908 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:07:19.0140 0908 TosIde - ok
17:07:19.0265 0908 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:07:19.0265 0908 Udfs - ok
17:07:19.0328 0908 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:07:19.0343 0908 ultra - ok
17:07:19.0421 0908 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:07:19.0453 0908 Update - ok
17:07:19.0562 0908 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:07:19.0562 0908 usbaudio - ok
17:07:19.0625 0908 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:07:19.0625 0908 usbccgp - ok
17:07:19.0687 0908 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:07:19.0687 0908 usbehci - ok
17:07:19.0750 0908 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:07:19.0750 0908 usbhub - ok
17:07:19.0828 0908 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:07:19.0828 0908 usbprint - ok
17:07:19.0906 0908 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:07:19.0921 0908 usbscan - ok
17:07:20.0000 0908 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:07:20.0000 0908 USBSTOR - ok
17:07:20.0062 0908 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:07:20.0078 0908 usbuhci - ok
17:07:20.0171 0908 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:07:20.0171 0908 VgaSave - ok
17:07:20.0234 0908 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:07:20.0250 0908 viaagp - ok
17:07:20.0328 0908 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:07:20.0328 0908 ViaIde - ok
17:07:20.0421 0908 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:07:20.0421 0908 VolSnap - ok
17:07:20.0546 0908 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:07:20.0546 0908 Wanarp - ok
17:07:20.0609 0908 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
17:07:20.0609 0908 wanatw - ok
17:07:20.0703 0908 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:07:20.0734 0908 Wdf01000 - ok
17:07:20.0765 0908 WDICA - ok
17:07:20.0843 0908 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:07:20.0843 0908 wdmaud - ok
17:07:20.0953 0908 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
17:07:20.0968 0908 winachsf - ok
17:07:21.0125 0908 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
17:07:21.0125 0908 WinUSB - ok
17:07:21.0250 0908 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:07:21.0250 0908 WpdUsb - ok
17:07:21.0359 0908 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:07:21.0359 0908 WSTCODEC - ok
17:07:21.0437 0908 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:07:21.0437 0908 WudfPf - ok
17:07:21.0500 0908 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:07:21.0515 0908 WudfRd - ok
17:07:21.0609 0908 zumbus - ok
17:07:21.0671 0908 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
17:07:21.0750 0908 \Device\Harddisk0\DR0 - ok
17:07:21.0828 0908 Boot (0x1200) (e6171d549e1a2bfc651450dae5a063b1) \Device\Harddisk0\DR0\Partition0
17:07:21.0843 0908 \Device\Harddisk0\DR0\Partition0 - ok
17:07:21.0906 0908 Boot (0x1200) (4dbdb77374f17bc41d8971b32c2d06b7) \Device\Harddisk0\DR0\Partition1
17:07:21.0906 0908 \Device\Harddisk0\DR0\Partition1 - ok
17:07:21.0906 0908 ============================================================
17:07:21.0906 0908 Scan finished
17:07:21.0906 0908 ============================================================
17:07:21.0937 2280 Detected object count: 0
17:07:21.0937 2280 Actual detected object count: 0
17:07:50.0015 1368 Deinitialize success








TDSSKiller Log #2

17:10:33.0000 2440 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
17:10:33.0375 2440 ============================================================
17:10:33.0375 2440 Current date / time: 2011/12/28 17:10:33.0375
17:10:33.0375 2440 SystemInfo:
17:10:33.0375 2440
17:10:33.0375 2440 OS Version: 5.1.2600 ServicePack: 3.0
17:10:33.0375 2440 Product type: Workstation
17:10:33.0375 2440 ComputerName: HELEN
17:10:33.0375 2440 UserName: HELEN
17:10:33.0375 2440 Windows directory: C:\WINDOWS
17:10:33.0375 2440 System windows directory: C:\WINDOWS
17:10:33.0375 2440 Processor architecture: Intel x86
17:10:33.0375 2440 Number of processors: 1
17:10:33.0375 2440 Page size: 0x1000
17:10:33.0375 2440 Boot type: Normal boot
17:10:33.0375 2440 ============================================================
17:10:34.0796 2440 Initialize success
17:11:17.0031 3980 ============================================================
17:11:17.0031 3980 Scan started
17:11:17.0031 3980 Mode: Manual; SigCheck; TDLFS;
17:11:17.0031 3980 ============================================================
17:11:17.0468 3980 Abiosdsk - ok
17:11:17.0531 3980 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:11:17.0953 3980 abp480n5 - ok
17:11:18.0093 3980 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:11:18.0343 3980 ACPI - ok
17:11:18.0421 3980 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:11:18.0640 3980 ACPIEC - ok
17:11:18.0765 3980 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:11:19.0000 3980 adpu160m - ok
17:11:19.0140 3980 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:11:19.0375 3980 aec - ok
17:11:19.0468 3980 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:11:19.0593 3980 AFD - ok
17:11:19.0718 3980 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:11:19.0968 3980 agp440 - ok
17:11:19.0984 3980 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:11:20.0218 3980 agpCPQ - ok
17:11:20.0312 3980 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:11:20.0406 3980 Aha154x - ok
17:11:20.0546 3980 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:11:20.0765 3980 aic78u2 - ok
17:11:20.0859 3980 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:11:21.0062 3980 aic78xx - ok
17:11:21.0156 3980 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:11:21.0375 3980 AliIde - ok
17:11:21.0468 3980 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:11:21.0734 3980 alim1541 - ok
17:11:21.0812 3980 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:11:22.0062 3980 amdagp - ok
17:11:22.0156 3980 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:11:22.0265 3980 amsint - ok
17:11:22.0406 3980 AR5211 (f6f31f142a2ff302b8d1ecda9fe14a6b) C:\WINDOWS\system32\DRIVERS\ar5211.sys
17:11:22.0453 3980 AR5211 ( UnsignedFile.Multi.Generic ) - warning
17:11:22.0453 3980 AR5211 - detected UnsignedFile.Multi.Generic (1)
17:11:22.0500 3980 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:11:22.0750 3980 asc - ok
17:11:22.0781 3980 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:11:22.0921 3980 asc3350p - ok
17:11:23.0000 3980 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:11:23.0218 3980 asc3550 - ok
17:11:23.0343 3980 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:11:23.0578 3980 AsyncMac - ok
17:11:23.0687 3980 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:11:23.0921 3980 atapi - ok
17:11:23.0984 3980 Atdisk - ok
17:11:24.0031 3980 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:11:24.0296 3980 Atmarpc - ok
17:11:24.0375 3980 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:11:24.0640 3980 audstub - ok
17:11:24.0765 3980 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:11:25.0015 3980 Beep - ok
17:11:25.0062 3980 bvrp_pci - ok
17:11:25.0078 3980 catchme - ok
17:11:25.0140 3980 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:11:25.0390 3980 cbidf - ok
17:11:25.0453 3980 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:11:25.0687 3980 cbidf2k - ok
17:11:25.0812 3980 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:11:26.0062 3980 CCDECODE - ok
17:11:26.0156 3980 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:11:26.0265 3980 cd20xrnt - ok
17:11:26.0359 3980 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:11:26.0593 3980 Cdaudio - ok
17:11:26.0671 3980 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:11:26.0937 3980 Cdfs - ok
17:11:27.0046 3980 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:11:27.0171 3980 Cdrom - ok
17:11:27.0296 3980 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys
17:11:27.0375 3980 cfwids - ok
17:11:27.0406 3980 Changer - ok
17:11:27.0468 3980 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:11:27.0718 3980 CmdIde - ok
17:11:27.0812 3980 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:11:28.0046 3980 Cpqarray - ok
17:11:28.0156 3980 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:11:28.0375 3980 dac2w2k - ok
17:11:28.0453 3980 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:11:28.0703 3980 dac960nt - ok
17:11:28.0796 3980 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:11:29.0031 3980 Disk - ok
17:11:29.0125 3980 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:11:29.0406 3980 dmboot - ok
17:11:29.0484 3980 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:11:29.0812 3980 dmio - ok
17:11:29.0937 3980 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:11:30.0171 3980 dmload - ok
17:11:30.0281 3980 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:11:30.0531 3980 DMusic - ok
17:11:30.0640 3980 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:11:30.0875 3980 dpti2o - ok
17:11:30.0953 3980 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:11:31.0203 3980 drmkaud - ok
17:11:31.0250 3980 DSproct - ok
17:11:31.0343 3980 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:11:31.0437 3980 E100B - ok
17:11:31.0593 3980 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:11:31.0843 3980 Fastfat - ok
17:11:31.0921 3980 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:11:32.0187 3980 Fdc - ok
17:11:32.0234 3980 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:11:32.0500 3980 Fips - ok
17:11:32.0578 3980 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:11:32.0828 3980 Flpydisk - ok
17:11:32.0890 3980 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:11:33.0125 3980 FltMgr - ok
17:11:33.0187 3980 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:11:33.0437 3980 Fs_Rec - ok
17:11:33.0531 3980 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:11:33.0781 3980 Ftdisk - ok
17:11:33.0859 3980 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:11:34.0125 3980 Gpc - ok
17:11:34.0218 3980 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:11:34.0484 3980 HidUsb - ok
17:11:34.0578 3980 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:11:34.0828 3980 hpn - ok
17:11:34.0875 3980 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
17:11:34.0937 3980 HSFHWBS2 - ok
17:11:35.0000 3980 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
17:11:35.0093 3980 HSF_DP - ok
17:11:35.0187 3980 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:11:35.0703 3980 HTTP - ok
17:11:35.0781 3980 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:11:36.0031 3980 i2omgmt - ok
17:11:36.0109 3980 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:11:36.0390 3980 i2omp - ok
17:11:36.0468 3980 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:11:36.0718 3980 i8042prt - ok
17:11:36.0828 3980 ialm (0294a30b302ca71a2c26e582dda93486) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:11:36.0968 3980 ialm - ok
17:11:37.0078 3980 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:11:37.0343 3980 Imapi - ok
17:11:37.0421 3980 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:11:37.0687 3980 ini910u - ok
17:11:37.0765 3980 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:11:38.0031 3980 IntelIde - ok
17:11:38.0109 3980 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:11:38.0343 3980 intelppm - ok
17:11:38.0421 3980 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:11:38.0687 3980 Ip6Fw - ok
17:11:38.0781 3980 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:11:39.0015 3980 IpFilterDriver - ok
17:11:39.0093 3980 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:11:39.0343 3980 IpInIp - ok
17:11:39.0468 3980 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:11:39.0718 3980 IpNat - ok
17:11:39.0796 3980 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:11:40.0046 3980 IPSec - ok
17:11:40.0140 3980 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:11:40.0265 3980 IRENUM - ok
17:11:40.0375 3980 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:11:40.0640 3980 isapnp - ok
17:11:40.0718 3980 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:11:41.0000 3980 Kbdclass - ok
17:11:41.0093 3980 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:11:41.0328 3980 kbdhid - ok
17:11:41.0421 3980 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:11:41.0656 3980 kmixer - ok
17:11:41.0750 3980 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:11:41.0921 3980 KSecDD - ok
17:11:42.0015 3980 L8042Kbd (5a11400ea1f0a106fe7edb28c270f7b8) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
17:11:42.0109 3980 L8042Kbd - ok
17:11:42.0187 3980 L8042mou (20c919b52897b72ebcb2ad2fc29d8ef0) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
17:11:42.0281 3980 L8042mou - ok
17:11:42.0390 3980 lbrtfdc - ok
17:11:42.0453 3980 LHidKe (31b582394da3290dff300f10952e9a4d) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
17:11:42.0500 3980 LHidKe - ok
17:11:42.0593 3980 LMIInfo - ok
17:11:42.0703 3980 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:11:42.0718 3980 lmimirr - ok
17:11:42.0750 3980 LMIRfsClientNP - ok
17:11:42.0812 3980 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
17:11:42.0843 3980 LMIRfsDriver - ok
17:11:42.0906 3980 LMouKE (90a794d0a0bf3531c4ba1c0510449629) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
17:11:42.0968 3980 LMouKE - ok
17:11:43.0046 3980 LVUSBSta (a9abad5fcb7011114082933b01e13fce) C:\WINDOWS\system32\drivers\lvusbsta.sys
17:11:43.0328 3980 LVUSBSta - ok
17:11:43.0453 3980 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
17:11:43.0484 3980 MBAMProtector - ok
17:11:43.0609 3980 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:11:43.0671 3980 mdmxsdk - ok
17:11:43.0812 3980 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys
17:11:43.0843 3980 mfeapfk - ok
17:11:43.0906 3980 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys
17:11:43.0937 3980 mfeavfk - ok
17:11:43.0968 3980 mfeavfk01 - ok
17:11:44.0015 3980 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys
17:11:44.0046 3980 mfebopk - ok
17:11:44.0156 3980 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys
17:11:44.0203 3980 mfefirek - ok
17:11:44.0281 3980 mfehidk (56d330981866a72f061dd16cc5004513) C:\WINDOWS\system32\drivers\mfehidk.sys
17:11:44.0312 3980 mfehidk - ok
17:11:44.0375 3980 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
17:11:44.0390 3980 mfendisk - ok
17:11:44.0421 3980 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
17:11:44.0437 3980 mfendiskmp - ok
17:11:44.0500 3980 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\WINDOWS\system32\drivers\mferkdet.sys
17:11:44.0531 3980 mferkdet - ok
17:11:44.0609 3980 mferkdk (c2ec40b1fd35cae0aa749ed318ecc571) C:\WINDOWS\system32\drivers\mferkdk.sys
17:11:44.0640 3980 mferkdk - ok
17:11:44.0718 3980 mfesmfk (257f236a8d97fb109790b31e6c94d39b) C:\WINDOWS\system32\drivers\mfesmfk.sys
17:11:44.0750 3980 mfesmfk - ok
17:11:44.0812 3980 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys
17:11:44.0828 3980 mfetdi2k - ok
17:11:44.0890 3980 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:11:45.0125 3980 mnmdd - ok
17:11:45.0218 3980 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:11:45.0484 3980 Modem - ok
17:11:45.0562 3980 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
17:11:45.0812 3980 MODEMCSA - ok
17:11:45.0921 3980 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:11:46.0171 3980 Mouclass - ok
17:11:46.0265 3980 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:11:46.0515 3980 mouhid - ok
17:11:46.0609 3980 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:11:46.0890 3980 MountMgr - ok
17:11:46.0968 3980 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:11:47.0218 3980 mraid35x - ok
17:11:47.0296 3980 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:11:47.0562 3980 MRxDAV - ok
17:11:47.0687 3980 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:11:47.0812 3980 MRxSmb - ok
17:11:47.0890 3980 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:11:48.0140 3980 Msfs - ok
17:11:48.0218 3980 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:11:48.0468 3980 MSKSSRV - ok
17:11:48.0609 3980 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:11:48.0828 3980 MSPCLOCK - ok
17:11:48.0906 3980 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:11:49.0171 3980 MSPQM - ok
17:11:49.0265 3980 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:11:49.0484 3980 mssmbios - ok
17:11:49.0562 3980 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:11:49.0796 3980 MSTEE - ok
17:11:49.0890 3980 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:11:50.0031 3980 Mup - ok
17:11:50.0109 3980 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:11:50.0375 3980 NABTSFEC - ok
17:11:50.0453 3980 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:11:50.0687 3980 NDIS - ok
17:11:50.0765 3980 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:11:51.0015 3980 NdisIP - ok
17:11:51.0109 3980 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:11:51.0171 3980 NdisTapi - ok
17:11:51.0250 3980 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:11:51.0515 3980 Ndisuio - ok
17:11:51.0718 3980 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:11:51.0984 3980 NdisWan - ok
17:11:52.0062 3980 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:11:52.0140 3980 NDProxy - ok
17:11:52.0265 3980 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:11:52.0515 3980 NetBIOS - ok
17:11:52.0578 3980 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:11:52.0812 3980 NetBT - ok
17:11:53.0109 3980 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:11:53.0375 3980 Npfs - ok
17:11:53.0468 3980 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:11:53.0734 3980 Ntfs - ok
17:11:53.0859 3980 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:11:54.0109 3980 Null - ok
17:11:54.0265 3980 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:11:54.0609 3980 nv - ok
17:11:54.0750 3980 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:11:54.0984 3980 NwlnkFlt - ok
17:11:55.0062 3980 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:11:55.0328 3980 NwlnkFwd - ok
17:11:55.0468 3980 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:11:55.0750 3980 Parport - ok
17:11:55.0828 3980 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:11:56.0062 3980 PartMgr - ok
17:11:56.0140 3980 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:11:56.0375 3980 ParVdm - ok
17:11:56.0500 3980 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:11:56.0750 3980 PCI - ok
17:11:56.0843 3980 PCIDump - ok
17:11:56.0921 3980 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:11:57.0171 3980 PCIIde - ok
17:11:57.0265 3980 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:11:57.0515 3980 Pcmcia - ok
17:11:57.0562 3980 PDCOMP - ok
17:11:57.0625 3980 PDFRAME - ok
17:11:57.0656 3980 PDRELI - ok
17:11:57.0687 3980 PDRFRAME - ok
17:11:57.0750 3980 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:11:58.0000 3980 perc2 - ok
17:11:58.0140 3980 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:11:58.0359 3980 perc2hib - ok
17:11:58.0468 3980 PID_08A0 (9070ed08873a70da3b1ba0b281363a79) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
17:11:58.0515 3980 PID_08A0 - ok
17:11:58.0687 3980 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:11:58.0937 3980 PptpMiniport - ok
17:11:59.0015 3980 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:11:59.0250 3980 PSched - ok
17:11:59.0312 3980 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:11:59.0562 3980 Ptilink - ok
17:11:59.0718 3980 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:11:59.0750 3980 PxHelp20 - ok
17:11:59.0828 3980 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:12:00.0078 3980 ql1080 - ok
17:12:00.0156 3980 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:12:00.0390 3980 Ql10wnt - ok
17:12:00.0484 3980 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:12:00.0703 3980 ql12160 - ok
17:12:00.0781 3980 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:12:01.0031 3980 ql1240 - ok
17:12:01.0109 3980 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:12:01.0343 3980 ql1280 - ok
17:12:01.0437 3980 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:12:01.0671 3980 RasAcd - ok
17:12:01.0765 3980 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:12:02.0015 3980 Rasl2tp - ok
17:12:02.0078 3980 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:12:02.0312 3980 RasPppoe - ok
17:12:02.0375 3980 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:12:02.0593 3980 Raspti - ok
17:12:02.0671 3980 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:12:02.0921 3980 Rdbss - ok
17:12:03.0000 3980 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:12:03.0218 3980 RDPCDD - ok
17:12:03.0343 3980 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:12:03.0578 3980 rdpdr - ok
17:12:03.0656 3980 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
17:12:03.0718 3980 RDPWD - ok
17:12:03.0796 3980 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:12:04.0031 3980 redbook - ok
17:12:04.0156 3980 SABProcEnum - ok
17:12:04.0328 3980 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:12:04.0453 3980 Secdrv - ok
17:12:04.0562 3980 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
17:12:04.0671 3980 senfilt - ok
17:12:04.0750 3980 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:12:05.0000 3980 serenum - ok
17:12:05.0046 3980 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:12:05.0281 3980 Serial - ok
17:12:05.0375 3980 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
17:12:05.0625 3980 Sfloppy - ok
17:12:05.0718 3980 Sftfs (44d20201a6c3fe4a634a559f8105f5b4) C:\WINDOWS\system32\DRIVERS\Sftfsxp.sys
17:12:05.0781 3980 Sftfs - ok
17:12:05.0875 3980 Sftplay (0e108d75f8db551669e5eb37cbf5bc02) C:\WINDOWS\system32\DRIVERS\Sftplayxp.sys
17:12:05.0921 3980 Sftplay - ok
17:12:06.0015 3980 Sftredir (65b31b4ba9efeace4dd95ed94051139f) C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys
17:12:06.0046 3980 Sftredir - ok
17:12:06.0109 3980 Sftvol (97604f605310f50dc49a2994c3264a42) C:\WINDOWS\system32\DRIVERS\Sftvolxp.sys
17:12:06.0140 3980 Sftvol - ok
17:12:06.0234 3980 Simbad - ok
17:12:06.0312 3980 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:12:06.0531 3980 sisagp - ok
17:12:06.0656 3980 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:12:06.0890 3980 SLIP - ok
17:12:07.0000 3980 smwdm (0066ff77aeb4ae70066f7e94d5a6d866) C:\WINDOWS\system32\drivers\smwdm.sys
17:12:07.0046 3980 smwdm - ok
17:12:07.0140 3980 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:12:07.0250 3980 Sparrow - ok
17:12:07.0328 3980 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:12:07.0562 3980 splitter - ok
17:12:07.0640 3980 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:12:07.0781 3980 sr - ok
17:12:07.0875 3980 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:12:07.0968 3980 Srv - ok
17:12:08.0062 3980 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:12:08.0281 3980 streamip - ok
17:12:08.0328 3980 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:12:08.0578 3980 swenum - ok
17:12:08.0625 3980 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:12:08.0890 3980 swmidi - ok
17:12:08.0968 3980 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:12:09.0187 3980 symc810 - ok
17:12:09.0312 3980 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:12:09.0546 3980 symc8xx - ok
17:12:09.0625 3980 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:12:09.0859 3980 sym_hi - ok
17:12:09.0937 3980 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:12:10.0171 3980 sym_u3 - ok
17:12:10.0250 3980 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:12:10.0484 3980 sysaudio - ok
17:12:10.0656 3980 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:12:10.0750 3980 Tcpip - ok
17:12:10.0796 3980 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:12:11.0031 3980 TDPIPE - ok
17:12:11.0062 3980 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:12:11.0296 3980 TDTCP - ok
17:12:11.0390 3980 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:12:11.0625 3980 TermDD - ok
17:12:11.0718 3980 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:12:11.0953 3980 TosIde - ok
17:12:12.0093 3980 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:12:12.0312 3980 Udfs - ok
17:12:12.0390 3980 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:12:12.0500 3980 ultra - ok
17:12:12.0625 3980 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:12:12.0875 3980 Update - ok
17:12:13.0031 3980 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:12:13.0234 3980 usbaudio - ok
17:12:13.0312 3980 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:12:13.0546 3980 usbccgp - ok
17:12:13.0671 3980 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:12:13.0906 3980 usbehci - ok
17:12:13.0984 3980 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:12:14.0234 3980 usbhub - ok
17:12:14.0312 3980 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:12:14.0562 3980 usbprint - ok
17:12:14.0640 3980 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:12:14.0843 3980 usbscan - ok
17:12:15.0000 3980 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:12:15.0234 3980 USBSTOR - ok
17:12:15.0312 3980 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:12:15.0546 3980 usbuhci - ok
17:12:15.0640 3980 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:12:15.0859 3980 VgaSave - ok
17:12:16.0000 3980 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:12:16.0234 3980 viaagp - ok
17:12:16.0312 3980 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:12:16.0546 3980 ViaIde - ok
17:12:16.0640 3980 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:12:16.0875 3980 VolSnap - ok
17:12:17.0000 3980 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:12:17.0234 3980 Wanarp - ok
17:12:17.0343 3980 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
17:12:17.0453 3980 wanatw - ok
17:12:17.0562 3980 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:12:17.0625 3980 Wdf01000 - ok
17:12:17.0671 3980 WDICA - ok
17:12:17.0734 3980 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:12:17.0968 3980 wdmaud - ok
17:12:18.0078 3980 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
17:12:18.0125 3980 winachsf - ok
17:12:18.0328 3980 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
17:12:18.0359 3980 WinUSB - ok
17:12:18.0484 3980 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:12:18.0546 3980 WpdUsb - ok
17:12:18.0750 3980 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:12:18.0984 3980 WSTCODEC - ok
17:12:19.0078 3980 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:12:19.0156 3980 WudfPf - ok
17:12:19.0234 3980 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:12:19.0281 3980 WudfRd - ok
17:12:19.0375 3980 zumbus - ok
17:12:19.0437 3980 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
17:12:19.0546 3980 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:12:19.0546 3980 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:12:19.0625 3980 Boot (0x1200) (e6171d549e1a2bfc651450dae5a063b1) \Device\Harddisk0\DR0\Partition0
17:12:19.0625 3980 \Device\Harddisk0\DR0\Partition0 - ok
17:12:19.0703 3980 Boot (0x1200) (4dbdb77374f17bc41d8971b32c2d06b7) \Device\Harddisk0\DR0\Partition1
17:12:19.0703 3980 \Device\Harddisk0\DR0\Partition1 - ok
17:12:19.0703 3980 ============================================================
17:12:19.0703 3980 Scan finished
17:12:19.0703 3980 ============================================================
17:12:19.0828 3408 Detected object count: 2
17:12:19.0828 3408 Actual detected object count: 2
17:13:20.0828 3408 AR5211 ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:20.0828 3408 AR5211 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:13:20.0828 3408 \Device\Harddisk0\DR0\TDLFS - deleted
17:13:20.0828 3408 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
  • 0

#5
JustinLeeA25

JustinLeeA25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Here is the aswMBR.exe log. You asked to be notified as to whether or not Fix was enabled after the scan. It was NOT enabled.

aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2011-12-28 17:15:41
-----------------------------
17:15:41.390 OS Version: Windows 5.1.2600 Service Pack 3
17:15:41.390 Number of processors: 1 586 0x409
17:15:41.390 ComputerName: HELEN UserName: HELEN
17:15:41.906 Initialize success
17:16:44.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:16:44.390 Disk 0 Vendor: ST3160812A 3.ADH Size: 152587MB BusType: 3
17:16:46.421 Disk 0 MBR read successfully
17:16:46.421 Disk 0 MBR scan
17:16:46.421 Disk 0 unknown MBR code
17:16:46.421 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 31 MB offset 63
17:16:46.437 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 111192 MB offset 64260
17:16:46.437 Disk 0 Partition - 00 0F Extended LBA 37464 MB offset 227801700
17:16:46.500 Disk 0 Partition 3 00 DB CP/M / CTOS MSWIN4.1 3890 MB offset 304528140
17:16:46.531 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 37464 MB offset 227801763
17:16:46.546 Disk 0 scanning sectors +312496380
17:16:46.656 Disk 0 scanning C:\WINDOWS\system32\drivers
17:16:57.390 Service scanning
17:16:58.890 Modules scanning
17:17:29.859 Module: C:\WINDOWS\system32\msvcp71.dll **SUSPICIOUS**
17:17:35.421 Scan finished successfully
17:18:17.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HELEN\Desktop\MBR.dat"
17:18:17.296 The log file has been saved successfully to "C:\Documents and Settings\HELEN\Desktop\aswMBR.txt"
  • 0

#6
JustinLeeA25

JustinLeeA25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Here is the MBAM log:

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2011.12.28.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
HELEN :: HELEN [administrator]

Protection: Disabled

12/28/2011 5:31:09 PM
mbam-log-2011-12-28 (17-31-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 234582
Time elapsed: 6 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#7
JustinLeeA25

JustinLeeA25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
And here are the two OTL Logs:

========== PROCESSES ==========
All processes killed
========== OTL ==========
C:\Documents and Settings\HELEN\Local Settings\Application Data\dd36rm417bn1dh83kl0kjq27l5kl3207o3jv40n0318j3 moved successfully.
C:\Documents and Settings\All Users\Application Data\dd36rm417bn1dh83kl0kjq27l5kl3207o3jv40n0318j3 moved successfully.
C:\Documents and Settings\HELEN\Local Settings\Application Data\55e6e430f8vdv6s64q6nq moved successfully.
C:\Documents and Settings\All Users\Application Data\55e6e430f8vdv6s64q6nq moved successfully.
C:\Documents and Settings\HELEN\Local Settings\Application Data\7a87b43w6j3k431082gc372r53u4r48p28gym moved successfully.
C:\Documents and Settings\All Users\Application Data\7a87b43w6j3k431082gc372r53u4r48p28gym moved successfully.
C:\Documents and Settings\HELEN\Application Data\cb71c138 moved successfully.
C:\Documents and Settings\HELEN\Application Data\2bac3ec7 moved successfully.
C:\WINDOWS\system32\ipxskgnb.dll moved successfully.
C:\WINDOWS\system32\sjjvtjaq.dll moved successfully.
C:\WINDOWS\system32\gkbtoqtp.dll moved successfully.
C:\WINDOWS\system32\plqynkqt.dll moved successfully.
========== FILES ==========
File\Folder C:\Documents and Settings\Ryan LaShomb\Local Settings\Application Data\*.exe not found.
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
< reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinSock2\Parameters %userprofile%\Desktop\windsock2.reg /c >
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========

[EMPTYFLASH]

User: aaron and alex

User: Administrator

User: All Users
->Flash cache emptied: 35 bytes

User: Application Data

User: Default User

User: Guest
->Flash cache emptied: 1262 bytes

User: HELEN
->Flash cache emptied: 1968 bytes

User: LocalService
->Flash cache emptied: 574 bytes

User: NetworkService
->Flash cache emptied: 23913 bytes

User: Owner

User: Taylor
->Flash cache emptied: 4477 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: aaron and alex

User: Administrator

User: All Users

User: Application Data

User: Default User

User: Guest

User: HELEN
->Java cache emptied: 4720323 bytes

User: LocalService

User: NetworkService
->Java cache emptied: 3034 bytes

User: Owner

User: Taylor

Total Java Files Cleaned = 5.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 12282011_175611

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...



OTL Log #2:

OTL logfile created on: 12/28/2011 6:01:00 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HELEN\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 580.01 Mb Available Physical Memory | 56.75% Memory free
2.41 Gb Paging File | 2.04 Gb Available in Paging File | 84.83% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 108.59 Gb Total Space | 66.78 Gb Free Space | 61.50% Space Free | Partition Type: NTFS
Drive D: | 36.59 Gb Total Space | 36.51 Gb Free Space | 99.80% Space Free | Partition Type: NTFS

Computer Name: HELEN | User Name: HELEN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/26 22:23:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/11 17:38:01 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/11/23 23:05:44 | 006,497,592 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/09/20 10:15:26 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.229\SSScheduler.exe
PRC - [2011/08/10 11:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/09/14 04:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 04:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005/10/05 02:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2004/05/21 19:11:22 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE


========== Modules (No Company Name) ==========

MOD - [2011/11/23 23:05:40 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/11/23 23:05:26 | 000,078,336 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\pcre.dll
MOD - [2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2005/10/05 02:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/18 16:59:54 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/09/20 10:15:26 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.229\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/08/10 11:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/09/14 04:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 04:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2011/12/28 17:30:45 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/03/30 11:51:44 | 000,034,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2011/03/30 11:51:42 | 000,040,648 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/09/14 04:46:26 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2010/09/14 04:46:22 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2010/09/14 04:46:20 | 000,209,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2010/09/14 04:46:14 | 000,581,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2009/09/05 11:23:34 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/06/19 20:31:34 | 000,456,384 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005/05/20 14:01:32 | 000,025,600 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2005/05/20 14:01:26 | 000,068,352 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMOUKE.sys -- (LMouKE)
DRV - [2005/05/20 14:00:48 | 000,054,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou)
DRV - [2005/05/20 14:00:36 | 000,013,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.SYS -- (L8042Kbd)
DRV - [2004/09/17 13:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/05/27 09:50:50 | 000,201,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - [2004/05/27 09:47:16 | 000,019,968 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2003/11/17 20:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 20:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 20:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...q={searchTerms}
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.facebook.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 52061
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\HELEN\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/24 16:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/12/24 18:23:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2011/12/28 17:25:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/11 17:27:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/27 09:25:07 | 000,000,000 | ---D | M]

[2008/08/27 13:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Extensions
[2011/12/24 18:22:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions
[2010/07/20 19:15:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/01/31 19:14:02 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2011/12/24 18:22:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/04/07 18:01:50 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2010/05/05 17:29:31 | 000,000,000 | ---D | M] (Veoh Video Compass) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\[email protected]
[2009/11/05 19:36:40 | 000,002,171 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\searchplugins\bing.xml
[2011/12/27 09:25:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/27 09:25:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\HELEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\UJRLJ6KY.DEFAULT\EXTENSIONS\{8EC8AFA5-15AF-42C4-A3AF-C327C73006DF}
[2011/11/12 16:32:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/11/18 15:15:06 | 000,106,128 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npstrlnk.dll
[2008/07/19 18:36:01 | 000,159,744 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2011/09/30 18:53:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/16 19:23:54 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011/11/12 16:32:30 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/12/28 16:21:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111228083301.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.229\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DriveConfiguration = [Binary data over 100 bytes]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://messenger.zon...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.209.36 97.64.168.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86F6CAAC-6FC7-4715-80C2-071C21097587}: DhcpNameServer = 97.64.209.36 97.64.168.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E39B74E-EE5B-4123-AD6E-B9800506D5C3}: DhcpNameServer = 192.168.2.1 97.64.209.36 97.64.168.13
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/28 18:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/12/28 17:56:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/28 17:25:54 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/12/28 17:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/28 17:25:44 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/28 17:25:12 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup-1.60.0.1800.exe
[2011/12/28 17:15:07 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Documents and Settings\HELEN\Desktop\aswMBR.exe
[2011/12/28 17:10:19 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HELEN\Desktop\tdsskiller.exe
[2011/12/28 17:06:11 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/28 14:13:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HELEN\Recent
[2011/12/28 11:22:14 | 004,354,974 | R--- | C] (Swearware) -- C:\Documents and Settings\HELEN\Desktop\ComboFix.exe
[2011/12/27 09:28:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/12/27 09:25:07 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/12/27 09:25:07 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/12/27 09:25:07 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/12/27 09:25:07 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/12/26 22:23:56 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
[2011/12/26 22:23:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Application Data\PerformerSoft
[2011/12/26 22:23:03 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2011/12/26 21:32:07 | 009,851,496 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup.exe
[2011/12/25 20:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/12/24 19:56:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/12/24 18:22:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2011/12/24 18:21:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/24 18:20:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus
[2011/12/24 18:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011/12/24 18:20:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2011/12/24 18:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Start Menu\Programs\BrowserPlus
[2011/12/24 18:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Local Settings\Application Data\Yahoo!
[2011/12/24 18:18:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood(2)
[2011/12/24 16:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/12/24 16:38:53 | 000,000,000 | -H-D | C] -- C:\Program Files\Creative Installation Information
[2011/12/24 16:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative
[2011/12/24 16:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/12/17 16:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\McAfee
[2011/12/16 19:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(5)
[2011/12/16 19:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion(2)
[2011/12/16 12:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(4)
[2011/12/16 09:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Online Backup(2)
[2011/12/16 09:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Online Backup(2)
[2011/12/16 09:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee(3).com
[2011/12/16 08:53:37 | 000,000,000 | ---D | C] -- C:\20111216085337-378490387
[2011/12/16 08:53:05 | 000,000,000 | ---D | C] -- C:\Archive
[2011/12/15 22:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(3)
[2011/12/15 18:38:57 | 000,009,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2011/12/15 18:37:23 | 000,150,856 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe
[2011/12/15 18:37:08 | 000,089,792 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2011/12/15 18:37:06 | 000,087,656 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2011/12/15 18:37:06 | 000,083,856 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2011/12/15 18:37:05 | 000,464,176 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2011/12/15 18:37:04 | 000,338,176 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2011/12/15 18:37:02 | 000,180,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2011/12/15 18:37:02 | 000,059,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2011/12/15 18:37:01 | 000,121,256 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys
[2011/12/15 18:37:00 | 000,057,600 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2011/12/14 19:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2011/12/14 19:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2011/12/11 20:19:58 | 015,134,664 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\windows-kb890830-v4.2.exe
[2011/12/11 20:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Application Data\ElevatedDiagnostics
[2011/12/11 20:10:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/12/11 20:09:04 | 000,347,920 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit.wu.Run.exe
[2011/12/11 20:06:52 | 006,136,176 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\WindowsUpdateAgent30-x86.exe
[2003/12/09 13:16:52 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\comintfs.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/28 18:05:30 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2011/12/28 17:57:58 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/28 17:57:58 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1912649743-2128827580-1748673051-1006.job
[2011/12/28 17:57:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/28 17:57:49 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/28 17:44:31 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\diskmgt.bmp
[2011/12/28 17:30:45 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/12/28 17:25:47 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:25:47 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:25:21 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup-1.60.0.1800.exe
[2011/12/28 17:18:17 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\MBR.dat
[2011/12/28 17:15:14 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Documents and Settings\HELEN\Desktop\aswMBR.exe
[2011/12/28 17:13:56 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_28.12.2011_17.10.32_log.lnk
[2011/12/28 17:10:32 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HELEN\Desktop\tdsskiller.exe
[2011/12/28 17:09:04 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_28.12.2011_17.06.57_log.lnk
[2011/12/28 16:21:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/28 11:22:22 | 004,354,974 | R--- | M] (Swearware) -- C:\Documents and Settings\HELEN\Desktop\ComboFix.exe
[2011/12/27 18:59:07 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/26 22:24:10 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1912649743-2128827580-1748673051-1006.job
[2011/12/26 22:23:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
[2011/12/26 22:23:29 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
[2011/12/26 21:32:52 | 009,851,496 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup.exe
[2011/12/26 21:19:59 | 000,001,205 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\FixNCR.reg
[2011/12/25 20:42:31 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/12/24 19:56:42 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/24 19:56:42 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/24 18:45:30 | 000,424,072 | ---- | M] (Yahoo! Inc.) -- C:\Documents and Settings\HELEN\Desktop\msgr11us.exe
[2011/12/24 18:30:06 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/12/24 18:25:51 | 000,260,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/24 15:11:42 | 000,468,524 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/24 15:11:42 | 000,083,400 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/24 15:07:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/12 06:13:42 | 000,001,801 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/12/11 20:22:44 | 015,134,664 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\windows-kb890830-v4.2.exe
[2011/12/11 20:14:38 | 000,983,040 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit50777.msi
[2011/12/11 20:09:04 | 000,347,920 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit.wu.Run.exe
[2011/12/11 20:06:53 | 006,136,176 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\WindowsUpdateAgent30-x86.exe
[2011/12/11 17:47:43 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/12/11 17:38:26 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2011/12/11 17:38:06 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2011/12/11 17:38:06 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/09 19:46:50 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_runescape_preferences2.dat
[2011/12/09 19:45:05 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_runescape_preferences.dat
[2011/12/09 19:45:03 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_cl_runescape_LIVE.dat
[2011/12/06 17:22:38 | 000,028,760 | ---- | M] (McAfee, Inc.) -- C:\ScriptFF.dll
[2011/12/02 18:04:22 | 000,017,464 | ---- | M] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,011,168 | -H-- | C] () -- C:\WINDOWS\System32\nazojabo
[2011/12/28 17:44:31 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\diskmgt.bmp
[2011/12/28 17:25:47 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:25:47 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:18:17 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\MBR.dat
[2011/12/28 17:13:56 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_28.12.2011_17.10.32_log.lnk
[2011/12/28 17:09:04 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_28.12.2011_17.06.57_log.lnk
[2011/12/28 15:45:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/26 22:23:28 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
[2011/12/26 22:16:12 | 1071,697,920 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/26 21:19:59 | 000,001,205 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\FixNCR.reg
[2011/12/24 19:56:42 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/24 19:56:42 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/24 18:31:31 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2011/12/24 18:30:06 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/12/11 20:14:36 | 000,983,040 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit50777.msi
[2011/12/09 19:45:03 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\HELEN\jagex_cl_runescape_LIVE.dat
[2011/12/08 20:31:36 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/03 13:48:56 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/11/12 15:32:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/11 13:00:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/04/28 14:16:45 | 000,260,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/11 11:50:51 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/11 11:50:51 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/10/11 11:50:51 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/10/11 11:50:51 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/30 16:51:58 | 000,577,568 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/02/19 20:18:18 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/11/02 18:29:25 | 000,000,086 | ---- | C] () -- C:\WINDOWS\epro.ini
[2008/08/28 22:27:39 | 000,030,976 | ---- | C] () -- C:\WINDOWS\rascntrl.dll
[2008/08/28 22:27:39 | 000,023,104 | ---- | C] () -- C:\WINDOWS\System32\svcprmpt.dll
[2008/03/10 19:05:32 | 000,000,023 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2008/03/10 19:05:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2008/02/04 20:19:55 | 000,000,184 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/02/03 23:04:11 | 000,000,022 | ---- | C] () -- C:\WINDOWS\msnmsgr.exe.ini
[2007/12/16 18:47:18 | 000,000,715 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2007/12/12 22:45:07 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/11/25 19:30:15 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/11/22 16:37:58 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\sdfixwcs.dll
[2007/06/30 22:02:54 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/11/11 22:25:09 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\fusioncache.dat
[2006/11/05 13:59:45 | 000,003,184 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/11/05 10:18:17 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/10/26 23:13:51 | 000,011,520 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\wklnhst.dat
[2006/10/20 01:10:20 | 000,000,168 | RHS- | C] () -- C:\WINDOWS\System32\1564C9D959.sys
[2006/10/20 01:10:19 | 000,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/10/18 19:28:19 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2006/10/18 19:28:11 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVUSBSta.sys
[2006/10/18 19:28:11 | 000,005,993 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/10/18 19:28:10 | 000,201,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\LV302AV.SYS
[2006/10/18 19:27:48 | 000,000,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2006/10/18 19:00:43 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/10/17 05:57:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/17 05:50:01 | 000,000,283 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/10/17 05:48:20 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/17 05:43:58 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/10/17 05:42:07 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/10/17 05:39:05 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/17 05:14:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/10/17 05:14:28 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/10/17 05:14:24 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 07:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/14 12:51:16 | 000,007,990 | ---- | C] () -- C:\WINDOWS\System32\drwatson.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,468,524 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,083,400 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

< End of report >
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Copy the text in the code box:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg 
%systemroot%\*.jpg 
%systemroot%\*.png 
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav 
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x 
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
DMIcall.sys
beep.sys
Netshell.dll
netcfgx.dll
Netman.dll
connect.dll
mswsock.dll
mmswsock.dll
msvcp71.dll
ar5211.sys 
/md5stop

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#9
JustinLeeA25

JustinLeeA25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Thanks again for your quick reply. We did all of the things you asked. I'm posting the logs below. I also posted the VEW log for application as well. I didn't know if you wanted that, too.

OTL #1

OTL logfile created on: 12/28/2011 7:45:59 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HELEN\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 432.88 Mb Available Physical Memory | 42.36% Memory free
2.41 Gb Paging File | 1.58 Gb Available in Paging File | 65.75% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 108.59 Gb Total Space | 66.75 Gb Free Space | 61.47% Space Free | Partition Type: NTFS
Drive D: | 36.59 Gb Total Space | 36.51 Gb Free Space | 99.79% Space Free | Partition Type: NTFS

Computer Name: HELEN | User Name: HELEN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/26 22:23:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/12 11:58:34 | 001,352,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SoftwareDistribution\Download\Install\windows-kb890830-v4.3-delta.exe
PRC - [2011/12/11 17:38:01 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/12/07 11:44:28 | 000,092,992 | ---- | M] (Microsoft Corporation) -- c:\3105c5522a1cdde8974b\mrtstub.exe
PRC - [2011/11/23 23:05:44 | 006,497,592 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/09/20 10:15:26 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.229\SSScheduler.exe
PRC - [2011/08/10 11:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/12/14 07:31:12 | 000,184,552 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSM\McSmtFwk.exe
PRC - [2010/09/14 04:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 04:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005/10/05 02:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2004/05/21 19:11:22 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE


========== Modules (No Company Name) ==========

MOD - [2011/11/23 23:05:40 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/11/23 23:05:26 | 000,078,336 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\pcre.dll
MOD - [2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2005/10/05 02:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/18 16:59:54 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/09/20 10:15:26 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.229\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/08/10 11:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/09/14 04:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 04:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2011/12/28 17:30:45 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/03/30 11:51:44 | 000,034,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2011/03/30 11:51:42 | 000,040,648 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/09/14 04:46:26 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2010/09/14 04:46:22 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2010/09/14 04:46:20 | 000,209,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2010/09/14 04:46:14 | 000,581,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2009/09/05 11:23:34 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/06/19 20:31:34 | 000,456,384 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005/05/20 14:01:32 | 000,025,600 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2005/05/20 14:01:26 | 000,068,352 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMOUKE.sys -- (LMouKE)
DRV - [2005/05/20 14:00:48 | 000,054,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou)
DRV - [2005/05/20 14:00:36 | 000,013,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.SYS -- (L8042Kbd)
DRV - [2004/09/17 13:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/05/27 09:50:50 | 000,201,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - [2004/05/27 09:47:16 | 000,019,968 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2003/11/17 20:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 20:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 20:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...q={searchTerms}
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.facebook.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 52061
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\HELEN\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/24 16:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/12/24 18:23:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2011/12/28 18:04:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/11 17:27:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/27 09:25:07 | 000,000,000 | ---D | M]

[2008/08/27 13:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Extensions
[2011/12/24 18:22:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions
[2010/07/20 19:15:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/01/31 19:14:02 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2011/12/24 18:22:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/04/07 18:01:50 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2010/05/05 17:29:31 | 000,000,000 | ---D | M] (Veoh Video Compass) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\[email protected]
[2009/11/05 19:36:40 | 000,002,171 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\searchplugins\bing.xml
[2011/12/27 09:25:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/27 09:25:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/11/12 16:32:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/11/18 15:15:06 | 000,106,128 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npstrlnk.dll
[2008/07/19 18:36:01 | 000,159,744 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2011/09/30 18:53:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/16 19:23:54 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011/11/12 16:32:30 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/12/28 16:21:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111228083301.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.229\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DriveConfiguration = [Binary data over 100 bytes]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://messenger.zon...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.209.36 97.64.168.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86F6CAAC-6FC7-4715-80C2-071C21097587}: DhcpNameServer = 97.64.209.36 97.64.168.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E39B74E-EE5B-4123-AD6E-B9800506D5C3}: DhcpNameServer = 192.168.2.1 97.64.209.36 97.64.168.13
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: midi1 - fxscover.dll File not found
Drivers32: msacm.enc - C:\WINDOWS\System32\ITIG726.acm (Ingenient Technologies, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/12/28 18:42:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HELEN\Recent
[2011/12/28 18:40:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/12/28 18:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/12/28 17:56:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/28 17:25:54 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/12/28 17:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/28 17:25:44 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/28 17:25:12 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup-1.60.0.1800.exe
[2011/12/28 17:15:07 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Documents and Settings\HELEN\Desktop\aswMBR.exe
[2011/12/28 17:10:19 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HELEN\Desktop\tdsskiller.exe
[2011/12/28 17:06:11 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/28 11:22:14 | 004,354,974 | R--- | C] (Swearware) -- C:\Documents and Settings\HELEN\Desktop\ComboFix.exe
[2011/12/27 09:28:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/12/27 09:25:07 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/12/27 09:25:07 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/12/27 09:25:07 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/12/27 09:25:07 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/12/26 22:23:56 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
[2011/12/26 22:23:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Application Data\PerformerSoft
[2011/12/26 22:23:03 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2011/12/26 21:32:07 | 009,851,496 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup.exe
[2011/12/25 20:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/12/24 19:56:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/12/24 18:22:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2011/12/24 18:21:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/24 18:20:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus
[2011/12/24 18:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011/12/24 18:20:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2011/12/24 18:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Start Menu\Programs\BrowserPlus
[2011/12/24 18:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Local Settings\Application Data\Yahoo!
[2011/12/24 18:18:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood(2)
[2011/12/24 16:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/12/24 16:38:53 | 000,000,000 | -H-D | C] -- C:\Program Files\Creative Installation Information
[2011/12/24 16:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative
[2011/12/24 16:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/12/17 16:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\McAfee
[2011/12/16 19:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(5)
[2011/12/16 19:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion(2)
[2011/12/16 12:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(4)
[2011/12/16 09:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Online Backup(2)
[2011/12/16 09:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Online Backup(2)
[2011/12/16 09:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee(3).com
[2011/12/16 08:53:37 | 000,000,000 | ---D | C] -- C:\20111216085337-378490387
[2011/12/16 08:53:05 | 000,000,000 | ---D | C] -- C:\Archive
[2011/12/15 22:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(3)
[2011/12/15 18:38:57 | 000,009,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2011/12/15 18:37:23 | 000,150,856 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe
[2011/12/15 18:37:08 | 000,089,792 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2011/12/15 18:37:06 | 000,087,656 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2011/12/15 18:37:06 | 000,083,856 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2011/12/15 18:37:05 | 000,464,176 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2011/12/15 18:37:04 | 000,338,176 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2011/12/15 18:37:02 | 000,180,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2011/12/15 18:37:02 | 000,059,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2011/12/15 18:37:01 | 000,121,256 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys
[2011/12/15 18:37:00 | 000,057,600 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2011/12/14 19:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2011/12/14 19:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2011/12/11 20:19:58 | 015,134,664 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\windows-kb890830-v4.2.exe
[2011/12/11 20:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Application Data\ElevatedDiagnostics
[2011/12/11 20:10:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/12/11 20:09:04 | 000,347,920 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit.wu.Run.exe
[2011/12/11 20:06:52 | 006,136,176 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\WindowsUpdateAgent30-x86.exe
[2003/12/09 13:16:52 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\comintfs.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/28 19:53:51 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/28 18:05:30 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2011/12/28 17:57:58 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/28 17:57:58 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1912649743-2128827580-1748673051-1006.job
[2011/12/28 17:57:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/28 17:57:49 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/28 17:44:31 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\diskmgt.bmp
[2011/12/28 17:30:45 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/12/28 17:25:47 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:25:47 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:25:21 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup-1.60.0.1800.exe
[2011/12/28 17:18:17 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\MBR.dat
[2011/12/28 17:15:14 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Documents and Settings\HELEN\Desktop\aswMBR.exe
[2011/12/28 17:13:56 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_28.12.2011_17.10.32_log.lnk
[2011/12/28 17:10:32 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HELEN\Desktop\tdsskiller.exe
[2011/12/28 17:09:04 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_28.12.2011_17.06.57_log.lnk
[2011/12/28 16:21:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/28 11:22:22 | 004,354,974 | R--- | M] (Swearware) -- C:\Documents and Settings\HELEN\Desktop\ComboFix.exe
[2011/12/27 18:59:07 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/26 22:24:10 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1912649743-2128827580-1748673051-1006.job
[2011/12/26 22:23:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
[2011/12/26 22:23:29 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
[2011/12/26 21:32:52 | 009,851,496 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup.exe
[2011/12/26 21:19:59 | 000,001,205 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\FixNCR.reg
[2011/12/25 20:42:31 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/12/24 19:56:42 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/24 19:56:42 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/24 18:45:30 | 000,424,072 | ---- | M] (Yahoo! Inc.) -- C:\Documents and Settings\HELEN\Desktop\msgr11us.exe
[2011/12/24 18:30:06 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/12/24 18:25:51 | 000,260,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/24 15:11:42 | 000,468,524 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/24 15:11:42 | 000,083,400 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/24 15:07:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/12 06:13:42 | 000,001,801 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/12/11 20:22:44 | 015,134,664 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\windows-kb890830-v4.2.exe
[2011/12/11 20:14:38 | 000,983,040 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit50777.msi
[2011/12/11 20:09:04 | 000,347,920 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit.wu.Run.exe
[2011/12/11 20:06:53 | 006,136,176 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\HELEN\Desktop\WindowsUpdateAgent30-x86.exe
[2011/12/11 17:47:43 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/12/11 17:38:26 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2011/12/11 17:38:06 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2011/12/11 17:38:06 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/09 19:46:50 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_runescape_preferences2.dat
[2011/12/09 19:45:05 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_runescape_preferences.dat
[2011/12/09 19:45:03 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_cl_runescape_LIVE.dat
[2011/12/06 17:22:38 | 000,028,760 | ---- | M] (McAfee, Inc.) -- C:\ScriptFF.dll
[2011/12/02 18:04:22 | 000,017,464 | ---- | M] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,011,168 | -H-- | C] () -- C:\WINDOWS\System32\nazojabo
[2011/12/28 18:43:18 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/12/28 17:44:31 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\diskmgt.bmp
[2011/12/28 17:25:47 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:25:47 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:18:17 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\MBR.dat
[2011/12/28 17:13:56 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_28.12.2011_17.10.32_log.lnk
[2011/12/28 17:09:04 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_28.12.2011_17.06.57_log.lnk
[2011/12/28 15:45:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/26 22:23:28 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
[2011/12/26 22:16:12 | 1071,697,920 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/26 21:19:59 | 000,001,205 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\FixNCR.reg
[2011/12/24 19:56:42 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/24 19:56:42 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/24 18:31:31 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2011/12/24 18:30:06 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/12/11 20:14:36 | 000,983,040 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit50777.msi
[2011/12/09 19:45:03 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\HELEN\jagex_cl_runescape_LIVE.dat
[2011/12/08 20:31:36 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/03 13:48:56 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/11/12 15:32:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/11 13:00:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/04/28 14:16:45 | 000,260,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/11 11:50:51 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/11 11:50:51 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/10/11 11:50:51 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/10/11 11:50:51 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/30 16:51:58 | 000,577,568 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/02/19 20:18:18 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/11/02 18:29:25 | 000,000,086 | ---- | C] () -- C:\WINDOWS\epro.ini
[2008/08/28 22:27:39 | 000,030,976 | ---- | C] () -- C:\WINDOWS\rascntrl.dll
[2008/08/28 22:27:39 | 000,023,104 | ---- | C] () -- C:\WINDOWS\System32\svcprmpt.dll
[2008/03/10 19:05:32 | 000,000,023 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2008/03/10 19:05:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2008/02/04 20:19:55 | 000,000,184 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/02/03 23:04:11 | 000,000,022 | ---- | C] () -- C:\WINDOWS\msnmsgr.exe.ini
[2007/12/16 18:47:18 | 000,000,715 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2007/12/12 22:45:07 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/11/25 19:30:15 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/11/22 16:37:58 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\sdfixwcs.dll
[2007/06/30 22:02:54 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/11/11 22:25:09 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\fusioncache.dat
[2006/11/05 13:59:45 | 000,003,184 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/11/05 10:18:17 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/10/26 23:13:51 | 000,011,520 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\wklnhst.dat
[2006/10/20 01:10:20 | 000,000,168 | RHS- | C] () -- C:\WINDOWS\System32\1564C9D959.sys
[2006/10/20 01:10:19 | 000,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/10/18 19:28:19 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2006/10/18 19:28:11 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVUSBSta.sys
[2006/10/18 19:28:11 | 000,005,993 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/10/18 19:28:10 | 000,201,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\LV302AV.SYS
[2006/10/18 19:27:48 | 000,000,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2006/10/18 19:00:43 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/10/17 05:57:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/17 05:50:01 | 000,000,283 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/10/17 05:48:20 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/17 05:43:58 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/10/17 05:42:07 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/10/17 05:39:05 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/17 05:14:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/10/17 05:14:28 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/10/17 05:14:24 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 07:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/14 12:51:16 | 000,007,990 | ---- | C] () -- C:\WINDOWS\System32\drwatson.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,468,524 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,083,400 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/11/12 18:02:17 | 000,001,024 | ---- | M] () -- C:\.rnd
[2007/10/02 18:56:06 | 000,000,367 | ---- | M] () -- C:\aaw7boot.log
[2007/12/16 21:44:18 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe
[2007/12/16 21:44:18 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt
[2004/08/10 12:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/04/04 21:58:03 | 000,000,211 | -HS- | M] () -- C:\Boot.bak
[2010/07/22 18:16:19 | 000,000,281 | -HS- | M] () -- C:\boot.ini
[2004/08/03 22:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2011/12/28 17:03:09 | 000,304,595 | ---- | M] () -- C:\ComboFix.txt
[2004/08/10 12:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/10/17 05:21:00 | 000,005,950 | RH-- | M] () -- C:\dell.sdr
[2011/12/28 17:57:49 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/01 17:20:08 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/10 12:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2006/10/18 19:27:35 | 000,000,183 | ---- | M] () -- C:\LogiSetup.log
[2004/08/10 12:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 04:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/04/18 02:08:19 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2009/06/03 18:27:28 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2011/10/08 14:40:59 | 000,001,024 | -H-- | M] () -- C:\ntuser.dat.LOG
[2011/12/28 17:57:48 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2011/12/27 16:24:20 | 000,000,551 | ---- | M] () -- C:\rkill.log
[2011/12/06 17:22:38 | 000,028,760 | ---- | M] (McAfee, Inc.) -- C:\ScriptFF.dll
[2008/04/16 22:09:41 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2008/04/18 16:29:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/04/20 13:57:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2008/04/23 20:34:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2008/04/24 16:00:23 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2008/04/25 20:31:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2008/10/16 15:57:28 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2008/12/15 16:10:43 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/01/31 13:18:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/03/17 00:21:20 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/03/17 06:06:42 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/04/15 15:29:22 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/05/04 17:04:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/06/04 13:32:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/07/08 08:02:18 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/09/24 15:21:47 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2008/04/12 11:58:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2008/04/14 18:14:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2008/04/15 09:22:57 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2008/04/16 09:56:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2008/04/16 22:09:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2008/04/18 16:29:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2008/04/20 13:57:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2008/04/23 20:34:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2008/04/24 16:00:23 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2008/04/25 20:31:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2008/10/16 15:57:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2008/12/15 16:10:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/01/31 13:18:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/03/17 00:21:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/03/17 06:06:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/04/15 15:29:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/05/04 17:04:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/06/04 13:32:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/07/08 08:02:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/09/24 15:21:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2008/04/12 11:58:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2008/04/14 18:14:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2008/04/15 09:22:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2008/04/16 09:56:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2006/10/17 05:40:22 | 000,000,087 | ---- | M] () -- C:\SystemInfo.ini
[2011/12/28 17:07:50 | 000,064,444 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_28.12.2011_17.06.57_log.txt
[2011/12/28 17:13:21 | 000,065,432 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_28.12.2011_17.10.32_log.txt
[2007/12/17 18:59:52 | 000,049,976 | ---- | M] () -- C:\VETlog.dmp
[2007/12/17 18:59:53 | 000,022,801 | ---- | M] () -- C:\VETlog.txt
[2007/03/14 21:03:13 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX
[2009/10/10 11:22:05 | 000,001,064 | ---- | M] () -- C:\VundoFix.txt
[2008/06/07 23:05:45 | 000,000,150 | ---- | M] () -- C:\YServer.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/10 12:03:42 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2009/09/05 11:23:26 | 000,047,416 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LMIproc.dll
[2008/07/06 04:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2011/09/08 05:30:30 | 000,001,738 | -H-- | M] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/08/10 11:56:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2004/08/10 11:56:46 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004/08/10 11:56:46 | 000,872,448 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/04/18 02:16:18 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-29 01:55:02


< MD5 for: AR5211.SYS >
[2005/06/19 20:31:34 | 000,456,384 | R--- | M] (Atheros Communications, Inc.) MD5=F6F31F142A2FF302B8D1ECDA9FE14A6B -- C:\WINDOWS\system32\drivers\ar5211.sys

< MD5 for: BEEP.SYS >
[2004/08/04 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\i386\beep.sys
[2004/08/04 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\erdnt\cache\beep.sys
[2004/08/04 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004/08/04 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

< MD5 for: MSVCP71.DLL >
[2005/09/08 18:20:04 | 000,503,808 | ---- | M] (Microsoft Corporation) MD5=20607EE4886D78DD95286F2D14E9FF2F -- C:\i386\msvcp71.dll
[2005/09/08 18:20:04 | 000,503,808 | ---- | M] (Microsoft Corporation) MD5=20607EE4886D78DD95286F2D14E9FF2F -- C:\WINDOWS\system32\msvcp71.dll
[2004/05/21 14:03:42 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=561FA2ABB31DFA8FAB762145F81667C2 -- C:\Program Files\Common Files\Logitech\QCDRV\BIN\msvcp71.dll
[2005/10/07 15:35:12 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=561FA2ABB31DFA8FAB762145F81667C2 -- C:\Program Files\Common Files\Microsoft Shared\Works Shared\msvcp71.dll
[2003/03/18 19:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=561FA2ABB31DFA8FAB762145F81667C2 -- C:\Program Files\Common Files\Roxio Shared\DLLShared\msvcp71.dll
[2009/12/30 11:20:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=561FA2ABB31DFA8FAB762145F81667C2 -- C:\Program Files\DivX\DivX Transcode Engine\MSVCP71.DLL
[2005/10/07 15:35:52 | 000,499,712 | R--- | M] (Microsoft Corporation) MD5=561FA2ABB31DFA8FAB762145F81667C2 -- C:\Program Files\Microsoft Works\msvcp71.dll
[2003/03/19 06:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=561FA2ABB31DFA8FAB762145F81667C2 -- C:\Program Files\OpenOffice.org 3\Basis\program\msvcp71.dll
[2003/03/18 21:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=561FA2ABB31DFA8FAB762145F81667C2 -- C:\WINDOWS\twain_32\LogiVid\msvcp71.dll

< MD5 for: MSWSOCK.DLL >
[2008/06/20 11:41:10 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=097722F235A1FB698BF9234E01B52637 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
[2008/06/20 11:36:11 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=1DFCA7713EA5A70D5D93B436AEA0317A -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[2004/08/04 04:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\i386\mswsock.dll
[2008/06/20 11:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[2008/06/20 10:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\erdnt\cache\mswsock.dll
[2008/06/20 10:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 10:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
[2008/04/13 18:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 11:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 11:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

< MD5 for: NETCFGX.DLL >
[2008/04/13 18:12:01 | 000,622,592 | ---- | M] (Microsoft Corporation) MD5=37A62C6092AADD2EFDE0468DD8818E99 -- C:\WINDOWS\ServicePackFiles\i386\netcfgx.dll
[2008/04/13 18:12:01 | 000,622,592 | ---- | M] (Microsoft Corporation) MD5=37A62C6092AADD2EFDE0468DD8818E99 -- C:\WINDOWS\system32\dllcache\netcfgx.dll
[2008/04/13 18:12:01 | 000,622,592 | ---- | M] (Microsoft Corporation) MD5=37A62C6092AADD2EFDE0468DD8818E99 -- C:\WINDOWS\system32\netcfgx.dll
[2004/08/04 04:00:00 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=E3AE8DC04643850D2DFD431443558B28 -- C:\i386\netcfgx.dll
[2004/08/04 04:00:00 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=E3AE8DC04643850D2DFD431443558B28 -- C:\WINDOWS\$NtServicePackUninstall$\netcfgx.dll

< MD5 for: NETMAN.DLL >
[2008/04/13 18:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\erdnt\cache\netman.dll
[2008/04/13 18:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\ServicePackFiles\i386\netman.dll
[2008/04/13 18:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\system32\dllcache\netman.dll
[2008/04/13 18:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\system32\netman.dll
[2005/08/22 12:24:55 | 000,197,632 | ---- | M] (Microsoft Corporation) MD5=3516D8A18B36784B1005B950B84232E1 -- C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll
[2005/08/22 12:29:46 | 000,197,632 | ---- | M] (Microsoft Corporation) MD5=36739B39267914BA69AD0610A0299732 -- C:\i386\netman.dll
[2005/08/22 12:29:46 | 000,197,632 | ---- | M] (Microsoft Corporation) MD5=36739B39267914BA69AD0610A0299732 -- C:\WINDOWS\$NtServicePackUninstall$\netman.dll

< MD5 for: NETSHELL.DLL >
[2008/04/13 18:12:02 | 001,703,936 | ---- | M] (Microsoft Corporation) MD5=062F837C1FBDB6A0A75F82EFC2EE8E74 -- C:\WINDOWS\ServicePackFiles\i386\netshell.dll
[2008/04/13 18:12:02 | 001,703,936 | ---- | M] (Microsoft Corporation) MD5=062F837C1FBDB6A0A75F82EFC2EE8E74 -- C:\WINDOWS\system32\dllcache\netshell.dll
[2008/04/13 18:12:02 | 001,703,936 | ---- | M] (Microsoft Corporation) MD5=062F837C1FBDB6A0A75F82EFC2EE8E74 -- C:\WINDOWS\system32\netshell.dll
[2004/08/04 04:00:00 | 001,708,032 | ---- | M] (Microsoft Corporation) MD5=BF52A4D4EB4CFB3109667E429B93E21A -- C:\i386\netshell.dll
[2004/08/04 04:00:00 | 001,708,032 | ---- | M] (Microsoft Corporation) MD5=BF52A4D4EB4CFB3109667E429B93E21A -- C:\WINDOWS\$NtServicePackUninstall$\netshell.dll

< End of report >


OTL #2

OTL Extras logfile created on: 12/28/2011 7:45:59 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HELEN\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 432.88 Mb Available Physical Memory | 42.36% Memory free
2.41 Gb Paging File | 1.58 Gb Available in Paging File | 65.75% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 108.59 Gb Total Space | 66.75 Gb Free Space | 61.47% Space Free | Partition Type: NTFS
Drive D: | 36.59 Gb Total Space | 36.51 Gb Free Space | 99.79% Space Free | Partition Type: NTFS

Computer Name: HELEN | User Name: HELEN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\WINDOWS\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- notepad.exe %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"53:UDP" = 53:UDP:*:Enabled:Promo

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 30
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140011-0062-0409-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - English
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.7
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"McAfee Virtual Technician" = McAfee Virtual Technician
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"MSC" = McAfee Total Protection
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"RealPlayer 15.0" = RealPlayer
"Security Task Manager" = Security Task Manager 1.8d
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0100" = Microsoft WinUsb 1.0
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/28/2011 7:58:27 PM | Computer Name = HELEN | Source = CVHSVC | ID = 100
Description = Information only. Product registration is corrupted for {90140011-0062-0409-0000-0000000FF1CE}

Error - 12/28/2011 7:58:27 PM | Computer Name = HELEN | Source = CVHSVC | ID = 100
Description = Information only. Error: Product {90140011-0062-0409-0000-0000000FF1CE}
found in the registry but SoftGrid doesn't know about it, skipping...

Error - 12/28/2011 7:58:27 PM | Computer Name = HELEN | Source = CVHSVC | ID = 100
Description = Information only. Product registration is corrupted for {90140011-0062-0409-0000-0000000FF1CE}

Error - 12/28/2011 7:58:27 PM | Computer Name = HELEN | Source = CVHSVC | ID = 100
Description = Information only. Error: Product {90140011-0062-0409-0000-0000000FF1CE}
found in the registry but SoftGrid doesn't know about it, skipping...

Error - 12/28/2011 7:58:27 PM | Computer Name = HELEN | Source = CVHSVC | ID = 100
Description = Information only. Product registration is corrupted for {90140011-0062-0409-0000-0000000FF1CE}

Error - 12/28/2011 7:58:27 PM | Computer Name = HELEN | Source = CVHSVC | ID = 100
Description = Information only. The action cannot be completed. Try the action again.
If the problem continues, contact Microsoft Product Support.

Error - 12/28/2011 7:58:36 PM | Computer Name = HELEN | Source = Application Virtualization Client | ID = 3037
Description = {tid=CE0} The Application Virtualization Client cannot open OfficeVirt
9014006204090000

Error - 12/28/2011 8:08:27 PM | Computer Name = HELEN | Source = CVHSVC | ID = 100
Description = Information only. The action cannot be completed. Try the action again.
If the problem continues, contact Microsoft Product Support.

Error - 12/28/2011 9:44:12 PM | Computer Name = HELEN | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Word 2002 -- Error 1706. Setup cannot find the
required files. Check your connection to the network, or CD-ROM drive. For other
potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.

Error - 12/28/2011 9:44:14 PM | Computer Name = HELEN | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Word 2002 - Update '{DA256408-A2E7-41A5-8AD6-62ACB86A0FD7}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

[ System Events ]
Error - 12/28/2011 9:52:11 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/28/2011 9:53:38 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/28/2011 9:54:07 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/28/2011 9:54:15 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/28/2011 9:54:15 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/28/2011 9:54:15 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/28/2011 10:00:59 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/28/2011 10:01:21 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/28/2011 10:01:35 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/28/2011 10:01:51 PM | Computer Name = HELEN | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058


< End of report >

VEW System:

Vino's Event Viewer v01c run on Windows XP in English
Report run at 28/12/2011 8:23:11 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/12/2011 8:22:10 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:22:10 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:22:10 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:22:10 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:22:10 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:22:10 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:21:47 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:21:47 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:21:47 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:21:46 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:21:42 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:21:42 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:21:41 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:21:41 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:21:22 PM
Type: error Category: 0
Event: 10010 Source: DCOM
The server {E0EC0F2B-773D-4DD7-BE6C-7D85D6AA6269} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 28/12/2011 8:20:36 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:20:36 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:20:36 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:20:36 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 28/12/2011 8:20:34 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VEW Application:

Vino's Event Viewer v01c run on Windows XP in English
Report run at 28/12/2011 8:25:05 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/12/2011 8:19:00 PM
Type: error Category: 11
Event: 3037 Source: Application Virtualization Client
{tid=D84}
The Application Virtualization Client cannot open OfficeVirt 9014006204090000

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Product registration is corrupted for {90140011-0062-0409-0000-0000000FF1CE}

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Error: Product {90140011-0062-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Product registration is corrupted for {90140011-0062-0409-0000-0000000FF1CE}

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Error: Product {90140011-0062-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Product registration is corrupted for {90140011-0062-0409-0000-0000000FF1CE}

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Error: Product {90140011-0062-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/12/2011 8:19:01 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Error: Virtual app registration is corrupted. Rerun bootstrapper. [SoftGrid Error: 0x0000000000000a09 in Module: Core, File: swappmgr.cpp:2176] Type: 96::SoftGridApplicationFailure. Stopping task (Stream product id=0x0062) because of fatal error.

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [SoftGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:912]

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Error: verion has fewer then two or more than four components Type: 29::InvalidArgument. Stopping task (PatchApply task for {90140011-0062-0409-0000-0000000FF1CE}) because of fatal error.

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [SoftGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:912]

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [SoftGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:912]

Log: 'Application' Date/Time: 28/12/2011 8:18:59 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [SoftGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:912]

Log: 'Application' Date/Time: 28/12/2011 8:18:58 PM
Type: warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=A58}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files\Microsoft Application Virtualization Client Global Data Directory: C:\Documents and Settings\All Users\Documents\ Machine Name: HELEN Operating System: Windows XP Professional 32-bit Service Pack 3.0 Build 2600 OSD Command:

Log: 'Application' Date/Time: 28/12/2011 8:18:46 PM
Type: warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=A58}
-------------------------------------------------------- Initialized client log (C:\Documents and Settings\All Users\Application Data\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 28/12/2011 8:17:09 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user HELEN\HELEN registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:OTL
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mkg030&p="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 52061
FF - prefs.js..network.proxy.type: 4
[2011/12/24 18:22:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/04/07 18:01:50 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
C:\WINDOWS\system32\msvcp71.dll|C:\i386\msvcp71.dll /replace
sc config TapiSrv start= manual /c
net start TapiSrv /c
net start
    
:Commands
[RESETHOSTS]
[purity]
[Reboot]

then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.

Run aswMBR again and copy and paste the log.

Uninstall:
Adobe Reader 9.4.7 - obsolete - get latest at adobe.com
Microsoft Choice Guard
McAfee Security Scan Plus
Yahoo! Toolbar

Did you install LogMeIn? I don't see it in the uninstall list but it is definitely on the PC.

Download UPHClean. To download and install UPHClean, visit the following Microsoft Web site:
http://www.microsoft...70-42470E2F3582
You will be prompted to validate your copy of Windows.
As soon as you have downloaded the UPHClean installer (UPHClean-Setup.msi), double-click the installer to begin the installation.
In the User Profile Hive Cleanup Service installation wizard, click Next.
In the License Agreement page, read the license agreement, select I Agree, and then click Next.
In the Select Installation Folder page, click Next.
In the Confirm Installation page, click Next.
When UPHClean is installed, click Close.

Note UPHClean runs as a service in Windows and will start automatically every time that Windows starts.
To confirm that UPHClean is installed and running, click Start, and then click Run.
In Open box, type the following text, and then click OK:

services.msc
In Services, in the Name column, locate User Profile Hive Cleanup. In the Status column, confirm that the User Profile Hive Cleanup service is Started.

Let's uninstall McAfee for now and try the free Avast. I want to have it run a boot-time scan to make sure we are clean.

Download and Save the free Avast installer.
http://www.avast.com...ivirus-download
Download the McAfee Removal tool
http://download.mcaf...atches/MCPR.exe
(If you think you might want to reinstall McAfee later then follow the instructions here to save your license info:
http://service.mcafe...spx?id=TS100507 )
Uninstall McAfee, run the McAfee uninstall tool, reboot.
Install Avast.
Once you have it installed and it has updated:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find?

I think on XP systems the log file can be found in text form in C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\report\boot.txt. If you can find it please copy and paste it into a reply.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

Advertisements


#11
JustinLeeA25

JustinLeeA25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Okay. We tried to do everything listed. There were a couple of problems, though. She couldn't find Microsoft Choice Guard anywhere on the computer to uninstall and we even tried to uninstall it through Start > Run, but found nothing. Also, Yahoo Toolbar proved problematic in getting rid of as it would lock up her computer when she tried to uninstall it. We tried to get rid of it several times, but it never worked. And yes, she did have LogMeIn on there a long time ago, but apparently there are still remnants on her computer. Everything else went fine, although she couldn't find a log for the Avast boot log. Instead, I'm attaching a screenshot of the View Results screen from Avast. There were 3 items it found. Below are the logs you requested.

OTL Log:

========== PROCESSES ==========
All processes killed
========== OTL ==========
Prefs.js: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220 removed from extensions.enabledItems
Prefs.js: "http://search.yahoo....h?fr=mkg030&p=" removed from keyword.URL
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 52061 removed from network.proxy.http_port
Prefs.js: 4 removed from network.proxy.type
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\plugins folder moved successfully.
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\META-INF folder moved successfully.
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\chrome\content folder moved successfully.
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\chrome folder moved successfully.
C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
File C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
========== FILES ==========
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
File C:\WINDOWS\system32\msvcp71.dll successfully replaced with C:\i386\msvcp71.dll
< sc config TapiSrv start= manual /c >
invalid start= field
Modifies a service entry in the registry and Service Database.
SYNTAX:
sc <server> config [service name] <option1> <option2>...
CONFIG OPTIONS:
NOTE: The option name includes the equal sign.
type= <own|share|interact|kernel|filesys|rec|adapt>
start= <boot|system|auto|demand|disabled>
error= <normal|severe|critical|ignore>
binPath= <BinaryPathName>
group= <LoadOrderGroup>
tag= <yes|no>
depend= <Dependencies(separated by / (forward slash))>
obj= <AccountName|ObjectName>
DisplayName= <display name>
password= <password>
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
< net start TapiSrv /c >
C:\Documents and Settings\HELEN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HELEN\Desktop\cmd.txt deleted successfully.
File\Folder net start not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 12282011_215550

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

aswMBR Log:

aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2011-12-28 22:00:39
-----------------------------
22:00:39.406 OS Version: Windows 5.1.2600 Service Pack 3
22:00:39.406 Number of processors: 1 586 0x409
22:00:39.406 ComputerName: HELEN UserName: HELEN
22:00:40.125 Initialize success
22:00:47.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:00:47.890 Disk 0 Vendor: ST3160812A 3.ADH Size: 152587MB BusType: 3
22:00:49.937 Disk 0 MBR read successfully
22:00:49.937 Disk 0 MBR scan
22:00:49.937 Disk 0 unknown MBR code
22:00:49.937 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 31 MB offset 63
22:00:49.937 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 111192 MB offset 64260
22:00:49.953 Disk 0 Partition - 00 0F Extended LBA 37464 MB offset 227801700
22:00:50.015 Disk 0 Partition 3 00 DB CP/M / CTOS MSWIN4.1 3890 MB offset 304528140
22:00:50.046 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 37464 MB offset 227801763
22:00:50.046 Disk 0 scanning sectors +312496380
22:00:50.234 Disk 0 scanning C:\WINDOWS\system32\drivers
22:01:02.640 Service scanning
22:01:04.453 Modules scanning
22:01:13.687 Disk 0 trace - called modules:
22:01:13.718 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
22:01:13.718 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87381ab8]
22:01:13.718 3 CLASSPNP.SYS[f7556fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x873a3b00]
22:01:13.734 Scan finished successfully
22:01:47.406 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HELEN\Desktop\MBR.dat"
22:01:47.421 The log file has been saved successfully to "C:\Documents and Settings\HELEN\Desktop\aswMBR.txt"


VEW System:

Vino's Event Viewer v01c run on Windows XP in English
Report run at 29/12/2011 3:39:51 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/12/2011 3:38:53 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:53 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:53 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:53 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:53 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:53 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:53 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:52 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:37 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:37 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:37 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:37 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:37 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:37 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:05 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:05 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:05 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:00 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:00 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 29/12/2011 3:38:00 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VEW Application:

Vino's Event Viewer v01c run on Windows XP in English
Report run at 29/12/2011 3:40:48 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 29/12/2011 3:37:10 PM
Type: error Category: 11
Event: 3037 Source: Application Virtualization Client
{tid=C4C}
The Application Virtualization Client cannot open OfficeVirt 9014006204090000

Log: 'Application' Date/Time: 29/12/2011 3:37:10 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Log: 'Application' Date/Time: 29/12/2011 3:37:09 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Product registration is corrupted for {90140011-0062-0409-0000-0000000FF1CE}

Log: 'Application' Date/Time: 29/12/2011 3:37:09 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Error: Product {90140011-0062-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Log: 'Application' Date/Time: 29/12/2011 3:37:09 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Product registration is corrupted for {90140011-0062-0409-0000-0000000FF1CE}

Log: 'Application' Date/Time: 29/12/2011 3:37:09 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Error: Product {90140011-0062-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Log: 'Application' Date/Time: 29/12/2011 3:37:09 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Product registration is corrupted for {90140011-0062-0409-0000-0000000FF1CE}

Log: 'Application' Date/Time: 29/12/2011 3:37:09 PM
Type: error Category: 1
Event: 100 Source: CVHSVC
Information only. Error: Product {90140011-0062-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 29/12/2011 3:37:10 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Error: Virtual app registration is corrupted. Rerun bootstrapper. [SoftGrid Error: 0x0000000000000a09 in Module: Core, File: swappmgr.cpp:2176] Type: 96::SoftGridApplicationFailure. Stopping task (Stream product id=0x0062) because of fatal error.

Log: 'Application' Date/Time: 29/12/2011 3:37:10 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [SoftGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:912]

Log: 'Application' Date/Time: 29/12/2011 3:37:10 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Error: verion has fewer then two or more than four components Type: 29::InvalidArgument. Stopping task (PatchApply task for {90140011-0062-0409-0000-0000000FF1CE}) because of fatal error.

Log: 'Application' Date/Time: 29/12/2011 3:37:09 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [SoftGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:912]

Log: 'Application' Date/Time: 29/12/2011 3:37:09 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [SoftGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:912]

Log: 'Application' Date/Time: 29/12/2011 3:37:09 PM
Type: warning Category: 1
Event: 100 Source: CVHSVC
Information only. Warning: GetPackageInfo failed for '{00000000-0000-0000-0000-000000000000}'. [SoftGrid Error: 0x0000000000001802 in Module: Core, File: packagemgr.cpp:912]

Log: 'Application' Date/Time: 29/12/2011 3:37:08 PM
Type: warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=AE0}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files\Microsoft Application Virtualization Client Global Data Directory: C:\Documents and Settings\All Users\Documents\ Machine Name: HELEN Operating System: Windows XP Professional 32-bit Service Pack 3.0 Build 2600 OSD Command:

Log: 'Application' Date/Time: 29/12/2011 3:37:02 PM
Type: warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=AE0}
-------------------------------------------------------- Initialized client log (C:\Documents and Settings\All Users\Application Data\Microsoft\Application Virtualization Client\sftlog.txt)
  • 0

#12
JustinLeeA25

JustinLeeA25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Here's the screenshot from Avast. I forgot to attach it to the previous post.

Attached Thumbnails

  • avast result.jpg

  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
TDSSKiller logs?

I see I missed something

[2099/01/01 12:00:00 | 000,011,168 | -H-- | C] () -- C:\WINDOWS\System32\nazojabo


Can you delete C:\WINDOWS\System32\nazojabo

Run OTL, quickscan and post the log.

We are missing the telephony service for some reason. Start, Run, services.msc, OK then see if Telephony is listed. If it is listed, right click on it and select Properties and try to change its Startup Type: to Manual

Did you get an error?
  • 0

#14
JustinLeeA25

JustinLeeA25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
She couldn't find the file you requested her to delete in System32. She even searched for it and it didn't come up. Is it hidden or is there some other way of finding it rather than looking in the System32 file? Also, she changed the Telephony Startup Type to Manual and it did NOT give her an error.

Here are the TDSSKiller Logs and OldTimer Logs

18:21:00.0312 2704 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
18:21:00.0687 2704 ============================================================
18:21:00.0687 2704 Current date / time: 2011/12/29 18:21:00.0687
18:21:00.0687 2704 SystemInfo:
18:21:00.0687 2704
18:21:00.0687 2704 OS Version: 5.1.2600 ServicePack: 3.0
18:21:00.0687 2704 Product type: Workstation
18:21:00.0687 2704 ComputerName: HELEN
18:21:00.0687 2704 UserName: HELEN
18:21:00.0687 2704 Windows directory: C:\WINDOWS
18:21:00.0687 2704 System windows directory: C:\WINDOWS
18:21:00.0687 2704 Processor architecture: Intel x86
18:21:00.0687 2704 Number of processors: 1
18:21:00.0687 2704 Page size: 0x1000
18:21:00.0687 2704 Boot type: Normal boot
18:21:00.0687 2704 ============================================================
18:21:02.0140 2704 Initialize success
18:21:28.0765 3584 ============================================================
18:21:28.0765 3584 Scan started
18:21:28.0765 3584 Mode: Manual;
18:21:28.0765 3584 ============================================================
18:21:29.0093 3584 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
18:21:29.0093 3584 Aavmker4 - ok
18:21:29.0140 3584 Abiosdsk - ok
18:21:29.0218 3584 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
18:21:29.0218 3584 abp480n5 - ok
18:21:29.0281 3584 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:21:29.0296 3584 ACPI - ok
18:21:29.0343 3584 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:21:29.0343 3584 ACPIEC - ok
18:21:29.0375 3584 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
18:21:29.0390 3584 adpu160m - ok
18:21:29.0437 3584 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:21:29.0437 3584 aec - ok
18:21:29.0500 3584 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:21:29.0515 3584 AFD - ok
18:21:29.0562 3584 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
18:21:29.0578 3584 agp440 - ok
18:21:29.0640 3584 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
18:21:29.0640 3584 agpCPQ - ok
18:21:29.0718 3584 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
18:21:29.0718 3584 Aha154x - ok
18:21:29.0781 3584 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
18:21:29.0781 3584 aic78u2 - ok
18:21:29.0859 3584 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
18:21:29.0859 3584 aic78xx - ok
18:21:29.0953 3584 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
18:21:29.0953 3584 AliIde - ok
18:21:30.0031 3584 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
18:21:30.0031 3584 alim1541 - ok
18:21:30.0109 3584 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
18:21:30.0109 3584 amdagp - ok
18:21:30.0187 3584 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
18:21:30.0203 3584 amsint - ok
18:21:30.0296 3584 AR5211 (f6f31f142a2ff302b8d1ecda9fe14a6b) C:\WINDOWS\system32\DRIVERS\ar5211.sys
18:21:30.0312 3584 AR5211 - ok
18:21:30.0375 3584 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
18:21:30.0375 3584 asc - ok
18:21:30.0437 3584 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
18:21:30.0437 3584 asc3350p - ok
18:21:30.0453 3584 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
18:21:30.0468 3584 asc3550 - ok
18:21:30.0546 3584 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:21:30.0562 3584 aswFsBlk - ok
18:21:30.0640 3584 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
18:21:30.0640 3584 aswMon2 - ok
18:21:30.0703 3584 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
18:21:30.0703 3584 aswRdr - ok
18:21:30.0781 3584 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
18:21:30.0796 3584 aswSnx - ok
18:21:30.0859 3584 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
18:21:30.0859 3584 aswSP - ok
18:21:30.0953 3584 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
18:21:30.0953 3584 aswTdi - ok
18:21:31.0000 3584 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:21:31.0015 3584 AsyncMac - ok
18:21:31.0062 3584 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:21:31.0078 3584 atapi - ok
18:21:31.0093 3584 Atdisk - ok
18:21:31.0156 3584 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:21:31.0156 3584 Atmarpc - ok
18:21:31.0234 3584 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:21:31.0234 3584 audstub - ok
18:21:31.0265 3584 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:21:31.0265 3584 Beep - ok
18:21:31.0312 3584 bvrp_pci - ok
18:21:31.0343 3584 catchme - ok
18:21:31.0406 3584 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
18:21:31.0406 3584 cbidf - ok
18:21:31.0515 3584 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:21:31.0515 3584 cbidf2k - ok
18:21:31.0609 3584 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:21:31.0625 3584 CCDECODE - ok
18:21:31.0656 3584 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
18:21:31.0656 3584 cd20xrnt - ok
18:21:31.0703 3584 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:21:31.0718 3584 Cdaudio - ok
18:21:31.0781 3584 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:21:31.0781 3584 Cdfs - ok
18:21:31.0843 3584 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:21:31.0843 3584 Cdrom - ok
18:21:31.0875 3584 Changer - ok
18:21:31.0953 3584 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
18:21:31.0953 3584 CmdIde - ok
18:21:32.0046 3584 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
18:21:32.0062 3584 Cpqarray - ok
18:21:32.0140 3584 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
18:21:32.0140 3584 dac2w2k - ok
18:21:32.0218 3584 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
18:21:32.0218 3584 dac960nt - ok
18:21:32.0312 3584 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:21:32.0312 3584 Disk - ok
18:21:32.0390 3584 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:21:32.0390 3584 dmboot - ok
18:21:32.0484 3584 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
18:21:32.0484 3584 dmio - ok
18:21:32.0562 3584 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:21:32.0562 3584 dmload - ok
18:21:32.0640 3584 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:21:32.0640 3584 DMusic - ok
18:21:32.0718 3584 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
18:21:32.0718 3584 dpti2o - ok
18:21:32.0765 3584 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:21:32.0765 3584 drmkaud - ok
18:21:32.0812 3584 DSproct - ok
18:21:32.0890 3584 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:21:32.0890 3584 E100B - ok
18:21:32.0968 3584 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:21:32.0984 3584 Fastfat - ok
18:21:33.0062 3584 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:21:33.0062 3584 Fdc - ok
18:21:33.0156 3584 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:21:33.0156 3584 Fips - ok
18:21:33.0218 3584 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:21:33.0218 3584 Flpydisk - ok
18:21:33.0250 3584 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:21:33.0250 3584 FltMgr - ok
18:21:33.0343 3584 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:21:33.0343 3584 Fs_Rec - ok
18:21:33.0390 3584 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:21:33.0390 3584 Ftdisk - ok
18:21:33.0484 3584 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:21:33.0500 3584 Gpc - ok
18:21:33.0562 3584 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:21:33.0578 3584 HidUsb - ok
18:21:33.0640 3584 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
18:21:33.0640 3584 hpn - ok
18:21:33.0703 3584 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
18:21:33.0703 3584 HSFHWBS2 - ok
18:21:33.0781 3584 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
18:21:33.0796 3584 HSF_DP - ok
18:21:33.0875 3584 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:21:33.0890 3584 HTTP - ok
18:21:33.0953 3584 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
18:21:33.0953 3584 i2omgmt - ok
18:21:34.0000 3584 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
18:21:34.0015 3584 i2omp - ok
18:21:34.0093 3584 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:21:34.0093 3584 i8042prt - ok
18:21:34.0156 3584 ialm (0294a30b302ca71a2c26e582dda93486) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:21:34.0156 3584 ialm - ok
18:21:34.0250 3584 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:21:34.0250 3584 Imapi - ok
18:21:34.0312 3584 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
18:21:34.0328 3584 ini910u - ok
18:21:34.0406 3584 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
18:21:34.0406 3584 IntelIde - ok
18:21:34.0468 3584 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:21:34.0484 3584 intelppm - ok
18:21:34.0531 3584 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:21:34.0531 3584 Ip6Fw - ok
18:21:34.0625 3584 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:21:34.0625 3584 IpFilterDriver - ok
18:21:34.0718 3584 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:21:34.0718 3584 IpInIp - ok
18:21:34.0781 3584 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:21:34.0781 3584 IpNat - ok
18:21:34.0828 3584 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:21:34.0828 3584 IPSec - ok
18:21:34.0906 3584 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:21:34.0906 3584 IRENUM - ok
18:21:34.0953 3584 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:21:34.0953 3584 isapnp - ok
18:21:34.0984 3584 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:21:34.0984 3584 Kbdclass - ok
18:21:35.0046 3584 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:21:35.0046 3584 kbdhid - ok
18:21:35.0093 3584 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:21:35.0109 3584 kmixer - ok
18:21:35.0187 3584 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:21:35.0203 3584 KSecDD - ok
18:21:35.0250 3584 L8042Kbd (5a11400ea1f0a106fe7edb28c270f7b8) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
18:21:35.0250 3584 L8042Kbd - ok
18:21:35.0312 3584 L8042mou (20c919b52897b72ebcb2ad2fc29d8ef0) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
18:21:35.0312 3584 L8042mou - ok
18:21:35.0359 3584 lbrtfdc - ok
18:21:35.0421 3584 LHidKe (31b582394da3290dff300f10952e9a4d) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
18:21:35.0421 3584 LHidKe - ok
18:21:35.0515 3584 LMIInfo - ok
18:21:35.0562 3584 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
18:21:35.0562 3584 lmimirr - ok
18:21:35.0593 3584 LMIRfsClientNP - ok
18:21:35.0671 3584 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
18:21:35.0671 3584 LMIRfsDriver - ok
18:21:35.0734 3584 LMouKE (90a794d0a0bf3531c4ba1c0510449629) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
18:21:35.0734 3584 LMouKE - ok
18:21:35.0796 3584 LVUSBSta (a9abad5fcb7011114082933b01e13fce) C:\WINDOWS\system32\drivers\lvusbsta.sys
18:21:35.0796 3584 LVUSBSta - ok
18:21:35.0875 3584 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
18:21:35.0875 3584 MBAMProtector - ok
18:21:35.0921 3584 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
18:21:35.0937 3584 mdmxsdk - ok
18:21:36.0093 3584 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:21:36.0093 3584 mnmdd - ok
18:21:36.0156 3584 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:21:36.0156 3584 Modem - ok
18:21:36.0265 3584 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
18:21:36.0265 3584 MODEMCSA - ok
18:21:36.0343 3584 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:21:36.0359 3584 Mouclass - ok
18:21:36.0437 3584 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:21:36.0437 3584 mouhid - ok
18:21:36.0515 3584 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:21:36.0515 3584 MountMgr - ok
18:21:36.0578 3584 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
18:21:36.0578 3584 mraid35x - ok
18:21:36.0640 3584 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:21:36.0640 3584 MRxDAV - ok
18:21:36.0703 3584 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:21:36.0703 3584 MRxSmb - ok
18:21:36.0765 3584 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:21:36.0765 3584 Msfs - ok
18:21:36.0843 3584 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:21:36.0843 3584 MSKSSRV - ok
18:21:36.0921 3584 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:21:36.0921 3584 MSPCLOCK - ok
18:21:36.0937 3584 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:21:36.0953 3584 MSPQM - ok
18:21:37.0000 3584 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:21:37.0000 3584 mssmbios - ok
18:21:37.0062 3584 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:21:37.0078 3584 MSTEE - ok
18:21:37.0125 3584 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:21:37.0125 3584 Mup - ok
18:21:37.0187 3584 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:21:37.0187 3584 NABTSFEC - ok
18:21:37.0281 3584 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:21:37.0281 3584 NDIS - ok
18:21:37.0343 3584 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:21:37.0343 3584 NdisIP - ok
18:21:37.0406 3584 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:21:37.0406 3584 NdisTapi - ok
18:21:37.0468 3584 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:21:37.0468 3584 Ndisuio - ok
18:21:37.0500 3584 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:21:37.0500 3584 NdisWan - ok
18:21:37.0578 3584 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:21:37.0578 3584 NDProxy - ok
18:21:37.0640 3584 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:21:37.0640 3584 NetBIOS - ok
18:21:37.0687 3584 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:21:37.0687 3584 NetBT - ok
18:21:37.0828 3584 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:21:37.0828 3584 Npfs - ok
18:21:37.0890 3584 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:21:37.0906 3584 Ntfs - ok
18:21:37.0984 3584 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:21:38.0000 3584 Null - ok
18:21:38.0156 3584 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:21:38.0187 3584 nv - ok
18:21:38.0265 3584 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:21:38.0265 3584 NwlnkFlt - ok
18:21:38.0343 3584 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:21:38.0359 3584 NwlnkFwd - ok
18:21:38.0437 3584 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
18:21:38.0453 3584 Parport - ok
18:21:38.0500 3584 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:21:38.0500 3584 PartMgr - ok
18:21:38.0578 3584 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:21:38.0578 3584 ParVdm - ok
18:21:38.0625 3584 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:21:38.0640 3584 PCI - ok
18:21:38.0671 3584 PCIDump - ok
18:21:38.0750 3584 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:21:38.0765 3584 PCIIde - ok
18:21:38.0843 3584 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:21:38.0843 3584 Pcmcia - ok
18:21:38.0906 3584 PDCOMP - ok
18:21:38.0968 3584 PDFRAME - ok
18:21:39.0000 3584 PDRELI - ok
18:21:39.0031 3584 PDRFRAME - ok
18:21:39.0093 3584 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
18:21:39.0109 3584 perc2 - ok
18:21:39.0171 3584 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
18:21:39.0187 3584 perc2hib - ok
18:21:39.0296 3584 PID_08A0 (9070ed08873a70da3b1ba0b281363a79) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
18:21:39.0296 3584 PID_08A0 - ok
18:21:39.0375 3584 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:21:39.0375 3584 PptpMiniport - ok
18:21:39.0421 3584 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:21:39.0421 3584 PSched - ok
18:21:39.0453 3584 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:21:39.0453 3584 Ptilink - ok
18:21:39.0531 3584 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:21:39.0531 3584 PxHelp20 - ok
18:21:39.0625 3584 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
18:21:39.0640 3584 ql1080 - ok
18:21:39.0687 3584 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
18:21:39.0687 3584 Ql10wnt - ok
18:21:39.0750 3584 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
18:21:39.0750 3584 ql12160 - ok
18:21:39.0796 3584 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
18:21:39.0796 3584 ql1240 - ok
18:21:39.0828 3584 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
18:21:39.0828 3584 ql1280 - ok
18:21:39.0890 3584 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:21:39.0890 3584 RasAcd - ok
18:21:39.0953 3584 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:21:39.0953 3584 Rasl2tp - ok
18:21:40.0000 3584 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:21:40.0000 3584 RasPppoe - ok
18:21:40.0046 3584 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:21:40.0062 3584 Raspti - ok
18:21:40.0312 3584 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:21:40.0312 3584 Rdbss - ok
18:21:40.0515 3584 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:21:40.0515 3584 RDPCDD - ok
18:21:40.0906 3584 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:21:40.0921 3584 rdpdr - ok
18:21:41.0203 3584 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
18:21:41.0218 3584 RDPWD - ok
18:21:41.0500 3584 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:21:41.0500 3584 redbook - ok
18:21:41.0656 3584 SABProcEnum - ok
18:21:42.0171 3584 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:21:42.0171 3584 Secdrv - ok
18:21:42.0625 3584 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
18:21:42.0640 3584 senfilt - ok
18:21:43.0015 3584 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:21:43.0015 3584 serenum - ok
18:21:43.0390 3584 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
18:21:43.0390 3584 Serial - ok
18:21:43.0515 3584 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
18:21:43.0531 3584 Sfloppy - ok
18:21:43.0640 3584 Sftfs (44d20201a6c3fe4a634a559f8105f5b4) C:\WINDOWS\system32\DRIVERS\Sftfsxp.sys
18:21:43.0656 3584 Sftfs - ok
18:21:43.0781 3584 Sftplay (0e108d75f8db551669e5eb37cbf5bc02) C:\WINDOWS\system32\DRIVERS\Sftplayxp.sys
18:21:43.0781 3584 Sftplay - ok
18:21:43.0859 3584 Sftredir (65b31b4ba9efeace4dd95ed94051139f) C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys
18:21:43.0875 3584 Sftredir - ok
18:21:43.0921 3584 Sftvol (97604f605310f50dc49a2994c3264a42) C:\WINDOWS\system32\DRIVERS\Sftvolxp.sys
18:21:43.0937 3584 Sftvol - ok
18:21:44.0015 3584 Simbad - ok
18:21:44.0093 3584 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
18:21:44.0093 3584 sisagp - ok
18:21:44.0187 3584 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:21:44.0187 3584 SLIP - ok
18:21:44.0296 3584 smwdm (0066ff77aeb4ae70066f7e94d5a6d866) C:\WINDOWS\system32\drivers\smwdm.sys
18:21:44.0296 3584 smwdm - ok
18:21:44.0359 3584 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
18:21:44.0359 3584 Sparrow - ok
18:21:44.0437 3584 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:21:44.0437 3584 splitter - ok
18:21:44.0562 3584 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:21:44.0562 3584 sr - ok
18:21:44.0640 3584 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:21:44.0640 3584 Srv - ok
18:21:44.0734 3584 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:21:44.0734 3584 streamip - ok
18:21:44.0812 3584 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:21:44.0828 3584 swenum - ok
18:21:44.0890 3584 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:21:44.0906 3584 swmidi - ok
18:21:44.0984 3584 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
18:21:44.0984 3584 symc810 - ok
18:21:45.0015 3584 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
18:21:45.0031 3584 symc8xx - ok
18:21:45.0062 3584 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
18:21:45.0062 3584 sym_hi - ok
18:21:45.0140 3584 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
18:21:45.0156 3584 sym_u3 - ok
18:21:45.0234 3584 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:21:45.0234 3584 sysaudio - ok
18:21:45.0328 3584 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:21:45.0343 3584 Tcpip - ok
18:21:45.0406 3584 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:21:45.0406 3584 TDPIPE - ok
18:21:45.0500 3584 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:21:45.0515 3584 TDTCP - ok
18:21:45.0562 3584 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:21:45.0562 3584 TermDD - ok
18:21:45.0687 3584 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
18:21:45.0687 3584 TosIde - ok
18:21:45.0781 3584 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:21:45.0781 3584 Udfs - ok
18:21:45.0843 3584 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
18:21:45.0843 3584 ultra - ok
18:21:45.0921 3584 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:21:45.0937 3584 Update - ok
18:21:46.0015 3584 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
18:21:46.0015 3584 usbaudio - ok
18:21:46.0093 3584 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:21:46.0109 3584 usbccgp - ok
18:21:46.0171 3584 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:21:46.0171 3584 usbehci - ok
18:21:46.0234 3584 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:21:46.0234 3584 usbhub - ok
18:21:46.0296 3584 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:21:46.0296 3584 usbprint - ok
18:21:46.0390 3584 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:21:46.0406 3584 usbscan - ok
18:21:46.0484 3584 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:21:46.0484 3584 USBSTOR - ok
18:21:46.0531 3584 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:21:46.0531 3584 usbuhci - ok
18:21:46.0578 3584 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:21:46.0578 3584 VgaSave - ok
18:21:46.0640 3584 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
18:21:46.0656 3584 viaagp - ok
18:21:46.0734 3584 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
18:21:46.0734 3584 ViaIde - ok
18:21:46.0812 3584 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:21:46.0828 3584 VolSnap - ok
18:21:46.0906 3584 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:21:46.0906 3584 Wanarp - ok
18:21:46.0984 3584 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
18:21:46.0984 3584 wanatw - ok
18:21:47.0109 3584 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
18:21:47.0125 3584 Wdf01000 - ok
18:21:47.0140 3584 WDICA - ok
18:21:47.0218 3584 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:21:47.0234 3584 wdmaud - ok
18:21:47.0281 3584 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
18:21:47.0296 3584 winachsf - ok
18:21:47.0453 3584 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
18:21:47.0453 3584 WinUSB - ok
18:21:47.0546 3584 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:21:47.0562 3584 WpdUsb - ok
18:21:47.0640 3584 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:21:47.0656 3584 WSTCODEC - ok
18:21:47.0750 3584 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:21:47.0750 3584 WudfPf - ok
18:21:47.0812 3584 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:21:47.0812 3584 WudfRd - ok
18:21:47.0890 3584 zumbus - ok
18:21:47.0953 3584 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
18:21:48.0031 3584 \Device\Harddisk0\DR0 - ok
18:21:48.0109 3584 Boot (0x1200) (e6171d549e1a2bfc651450dae5a063b1) \Device\Harddisk0\DR0\Partition0
18:21:48.0109 3584 \Device\Harddisk0\DR0\Partition0 - ok
18:21:48.0171 3584 Boot (0x1200) (4dbdb77374f17bc41d8971b32c2d06b7) \Device\Harddisk0\DR0\Partition1
18:21:48.0171 3584 \Device\Harddisk0\DR0\Partition1 - ok
18:21:48.0171 3584 ============================================================
18:21:48.0171 3584 Scan finished
18:21:48.0171 3584 ============================================================
18:21:48.0203 0160 Detected object count: 0
18:21:48.0203 0160 Actual detected object count: 0
18:22:26.0515 2776 Deinitialize success


OTL:

OTL logfile created on: 12/29/2011 7:22:21 PM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HELEN\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 606.80 Mb Available Physical Memory | 59.37% Memory free
2.41 Gb Paging File | 2.07 Gb Available in Paging File | 86.06% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 108.59 Gb Total Space | 66.72 Gb Free Space | 61.44% Space Free | Partition Type: NTFS
Drive D: | 36.59 Gb Total Space | 36.51 Gb Free Space | 99.80% Space Free | Partition Type: NTFS

Computer Name: HELEN | User Name: HELEN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/26 22:23:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/11 17:38:01 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/11/28 12:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 12:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/11/23 23:05:44 | 006,497,592 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/09/14 04:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 04:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/09/13 20:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005/10/05 02:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2004/05/21 19:11:22 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE


========== Modules (No Company Name) ==========

MOD - [2011/12/29 15:58:22 | 001,659,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11122901\algo.dll
MOD - [2011/12/29 14:38:40 | 000,268,808 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11122901\aswRep.dll
MOD - [2011/11/23 23:05:40 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/11/23 23:05:26 | 000,078,336 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\pcre.dll
MOD - [2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2005/10/05 02:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/11/28 12:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/14 04:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 04:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/09/13 20:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/11/28 11:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 11:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 11:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 11:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 11:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 11:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 11:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/09/14 04:46:26 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2010/09/14 04:46:22 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2010/09/14 04:46:20 | 000,209,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2010/09/14 04:46:14 | 000,581,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2009/09/05 11:23:34 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/06/19 20:31:34 | 000,456,384 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005/05/20 14:01:32 | 000,025,600 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2005/05/20 14:01:26 | 000,068,352 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMOUKE.sys -- (LMouKE)
DRV - [2005/05/20 14:00:48 | 000,054,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou)
DRV - [2005/05/20 14:00:36 | 000,013,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.SYS -- (L8042Kbd)
DRV - [2004/09/17 13:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/05/27 09:50:50 | 000,201,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - [2004/05/27 09:47:16 | 000,019,968 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2003/11/17 20:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 20:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 20:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...q={searchTerms}
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.facebook.com"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll File not found
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\HELEN\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/24 16:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/11 17:27:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/28 22:06:45 | 000,000,000 | ---D | M]

[2008/08/27 13:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Extensions
[2011/12/28 21:55:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions
[2010/07/20 19:15:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/01/31 19:14:02 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2010/05/05 17:29:31 | 000,000,000 | ---D | M] (Veoh Video Compass) -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\extensions\[email protected]
[2009/11/05 19:36:40 | 000,002,171 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Mozilla\Firefox\Profiles\ujrlj6ky.default\searchplugins\bing.xml
[2011/12/27 09:25:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/27 09:25:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/11/12 16:32:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/11/18 15:15:06 | 000,106,128 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npstrlnk.dll
[2008/07/19 18:36:01 | 000,159,744 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2011/09/30 18:53:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/16 19:23:54 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011/11/12 16:32:30 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/12/28 21:56:22 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DriveConfiguration = [Binary data over 100 bytes]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://messenger.zon...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.209.36 97.64.168.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86F6CAAC-6FC7-4715-80C2-071C21097587}: DhcpNameServer = 97.64.209.36 97.64.168.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E39B74E-EE5B-4123-AD6E-B9800506D5C3}: DhcpNameServer = 192.168.2.1 97.64.209.36 97.64.168.13
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/29 16:08:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HELEN\Recent
[2011/12/28 23:00:59 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/12/28 23:00:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/12/28 23:00:58 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/12/28 23:00:55 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/12/28 23:00:55 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/12/28 23:00:54 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/12/28 23:00:53 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/12/28 23:00:53 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/12/28 23:00:53 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/12/28 23:00:34 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/12/28 23:00:33 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/12/28 23:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/12/28 23:00:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/12/28 22:42:27 | 000,000,000 | ---D | C] -- C:\Program Files\UPHClean
[2011/12/28 21:52:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Desktop\logs
[2011/12/28 20:21:56 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\HELEN\Desktop\VEW.exe
[2011/12/28 17:56:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/28 17:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/28 17:25:44 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/28 17:25:12 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup-1.60.0.1800.exe
[2011/12/28 17:15:07 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Documents and Settings\HELEN\Desktop\aswMBR.exe
[2011/12/28 17:10:19 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HELEN\Desktop\tdsskiller.exe
[2011/12/28 17:06:11 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/28 11:22:14 | 004,354,974 | R--- | C] (Swearware) -- C:\Documents and Settings\HELEN\Desktop\ComboFix.exe
[2011/12/27 09:28:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/12/26 22:23:56 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
[2011/12/26 22:23:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Application Data\PerformerSoft
[2011/12/26 22:23:03 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2011/12/26 21:32:07 | 009,851,496 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup.exe
[2011/12/25 20:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/12/24 19:56:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/12/24 18:21:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/24 18:20:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus
[2011/12/24 18:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011/12/24 18:20:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2011/12/24 18:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Start Menu\Programs\BrowserPlus
[2011/12/24 18:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Local Settings\Application Data\Yahoo!
[2011/12/24 18:18:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood(2)
[2011/12/24 16:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/12/24 16:38:53 | 000,000,000 | -H-D | C] -- C:\Program Files\Creative Installation Information
[2011/12/24 16:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative
[2011/12/24 16:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/12/16 19:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(5)
[2011/12/16 19:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion(2)
[2011/12/16 12:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(4)
[2011/12/16 09:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Online Backup(2)
[2011/12/16 09:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Online Backup(2)
[2011/12/16 09:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee(3).com
[2011/12/16 08:53:37 | 000,000,000 | ---D | C] -- C:\20111216085337-378490387
[2011/12/16 08:53:05 | 000,000,000 | ---D | C] -- C:\Archive
[2011/12/15 22:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee(3)
[2011/12/11 20:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HELEN\Application Data\ElevatedDiagnostics
[2011/12/11 20:10:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2003/12/09 13:16:52 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\comintfs.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\HELEN\*.tmp files -> C:\Documents and Settings\HELEN\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/29 19:19:17 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/29 19:19:17 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1912649743-2128827580-1748673051-1006.job
[2011/12/29 19:19:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/29 19:19:07 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/29 19:14:59 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_29.12.2011_18.21.00_log.lnk
[2011/12/29 18:35:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\default_user_class.dat
[2011/12/29 15:39:09 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\HELEN\Desktop\VEW.exe
[2011/12/29 15:32:00 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\avast result.bmp
[2011/12/28 23:01:00 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/28 23:00:54 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/28 22:59:46 | 064,207,032 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\setup_av_free_cnet.exe
[2011/12/28 22:41:54 | 000,430,080 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\UPHClean-Setup.msi
[2011/12/28 22:01:47 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\MBR.dat
[2011/12/28 21:56:22 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/12/28 20:18:19 | 000,260,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/28 17:25:47 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:25:47 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:25:21 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup-1.60.0.1800.exe
[2011/12/28 17:15:14 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Documents and Settings\HELEN\Desktop\aswMBR.exe
[2011/12/28 17:13:56 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_28.12.2011_17.10.32_log.lnk
[2011/12/28 17:10:32 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HELEN\Desktop\tdsskiller.exe
[2011/12/28 11:22:22 | 004,354,974 | R--- | M] (Swearware) -- C:\Documents and Settings\HELEN\Desktop\ComboFix.exe
[2011/12/26 22:24:10 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1912649743-2128827580-1748673051-1006.job
[2011/12/26 22:23:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HELEN\Desktop\OTL.exe
[2011/12/26 22:23:29 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
[2011/12/26 21:32:52 | 009,851,496 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\HELEN\Desktop\mbam-setup.exe
[2011/12/26 21:19:59 | 000,001,205 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\FixNCR.reg
[2011/12/25 20:42:31 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/12/24 19:56:42 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/24 19:56:42 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/24 15:11:42 | 000,468,524 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/24 15:11:42 | 000,083,400 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/24 15:07:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/11 20:14:38 | 000,983,040 | ---- | M] () -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit50777.msi
[2011/12/11 17:47:43 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/09 19:46:50 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_runescape_preferences2.dat
[2011/12/09 19:45:05 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_runescape_preferences.dat
[2011/12/09 19:45:03 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\HELEN\jagex_cl_runescape_LIVE.dat
[2011/12/06 17:22:38 | 000,028,760 | ---- | M] (McAfee, Inc.) -- C:\ScriptFF.dll
[2011/12/02 18:04:22 | 000,017,464 | ---- | M] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\HELEN\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\HELEN\*.tmp files -> C:\Documents and Settings\HELEN\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,011,168 | -H-- | C] () -- C:\WINDOWS\System32\nazojabo
[2011/12/29 19:14:58 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_29.12.2011_18.21.00_log.lnk
[2011/12/29 18:35:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2011/12/29 15:31:59 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\avast result.bmp
[2011/12/28 23:01:00 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/28 22:59:26 | 064,207,032 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\setup_av_free_cnet.exe
[2011/12/28 22:41:33 | 000,430,080 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\UPHClean-Setup.msi
[2011/12/28 17:25:47 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:25:47 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 17:18:17 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\MBR.dat
[2011/12/28 17:13:56 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\Shortcut to TDSSKiller.2.6.25.0_28.12.2011_17.10.32_log.lnk
[2011/12/28 15:45:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/26 22:23:28 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
[2011/12/26 22:16:12 | 1071,697,920 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/26 21:19:59 | 000,001,205 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\FixNCR.reg
[2011/12/24 19:56:42 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/24 19:56:42 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/11 20:14:36 | 000,983,040 | ---- | C] () -- C:\Documents and Settings\HELEN\Desktop\MicrosoftFixit50777.msi
[2011/12/09 19:45:03 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\HELEN\jagex_cl_runescape_LIVE.dat
[2011/12/08 20:31:36 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/03 13:48:56 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/11/12 15:32:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/11 13:00:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/04/28 14:16:45 | 000,260,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/11 11:50:51 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/11 11:50:51 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/10/11 11:50:51 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/10/11 11:50:51 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/30 16:51:58 | 000,577,568 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/02/19 20:18:18 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/11/02 18:29:25 | 000,000,086 | ---- | C] () -- C:\WINDOWS\epro.ini
[2008/08/28 22:27:39 | 000,030,976 | ---- | C] () -- C:\WINDOWS\rascntrl.dll
[2008/08/28 22:27:39 | 000,023,104 | ---- | C] () -- C:\WINDOWS\System32\svcprmpt.dll
[2008/03/10 19:05:32 | 000,000,023 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2008/03/10 19:05:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2008/02/04 20:19:55 | 000,000,184 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/02/03 23:04:11 | 000,000,022 | ---- | C] () -- C:\WINDOWS\msnmsgr.exe.ini
[2007/12/16 18:47:18 | 000,000,715 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2007/12/12 22:45:07 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/11/25 19:30:15 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/11/22 16:37:58 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\sdfixwcs.dll
[2007/06/30 22:02:54 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/11/11 22:25:09 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\fusioncache.dat
[2006/11/05 13:59:45 | 000,003,184 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/11/05 10:18:17 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\HELEN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/10/26 23:13:51 | 000,011,520 | ---- | C] () -- C:\Documents and Settings\HELEN\Application Data\wklnhst.dat
[2006/10/20 01:10:20 | 000,000,168 | RHS- | C] () -- C:\WINDOWS\System32\1564C9D959.sys
[2006/10/20 01:10:19 | 000,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/10/18 19:28:19 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2006/10/18 19:28:11 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVUSBSta.sys
[2006/10/18 19:28:11 | 000,005,993 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/10/18 19:28:10 | 000,201,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\LV302AV.SYS
[2006/10/18 19:27:48 | 000,000,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2006/10/18 19:00:43 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/10/17 05:57:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/17 05:50:01 | 000,000,283 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/10/17 05:48:20 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/17 05:43:58 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/10/17 05:42:07 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/10/17 05:39:05 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/17 05:14:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/10/17 05:14:28 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/10/17 05:14:24 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 07:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/14 12:51:16 | 000,007,990 | ---- | C] () -- C:\WINDOWS\System32\drwatson.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,468,524 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,083,400 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2011/12/28 23:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/11/29 18:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2008/11/03 20:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc
[2009/04/14 16:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2009/04/14 16:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2008/11/01 18:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2008/07/02 21:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2008/11/03 20:05:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Launcher
[2009/02/19 20:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/07/26 18:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2008/10/02 21:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2008/02/20 23:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/02/11 18:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2008/09/01 00:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/02/16 17:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/10/11 11:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/08/12 23:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2011/12/24 18:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2007/11/07 21:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2008/08/28 13:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ULOPRYVFYG
[2007/02/08 21:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/09/17 15:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2007/03/28 15:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2011/12/28 23:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\5C243
[2011/12/28 23:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\7D520
[2008/12/24 20:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\7Wonders
[2011/11/20 13:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\ArllONNtxPuc
[2008/08/28 13:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\AweSEM
[2011/12/11 20:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\ElevatedDiagnostics
[2008/02/21 21:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Eyeblaster
[2006/10/18 19:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\FotoWire
[2008/09/03 01:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\funkitron
[2009/03/31 17:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\GameHouse
[2009/09/16 15:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\GetRightToGo
[2008/06/22 18:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Hasbro
[2007/11/22 16:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\IDS_COMPANY
[2008/06/22 19:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\iWin
[2008/06/22 18:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\iWinArcade
[2011/11/20 13:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\JTXXwjjUClIB
[2011/11/21 18:05:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\kGG44amH6sWKfE
[2007/02/11 19:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Leadertech
[2009/10/03 08:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\OpenOffice.org
[2010/06/20 17:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Opera
[2011/11/21 18:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\OvvDD2onF4am5sJ
[2011/11/21 18:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\PellIIBtzPN
[2011/12/26 22:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\PerformerSoft
[2009/02/16 17:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\PlayFirst
[2008/08/20 23:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Pogo Games
[2008/08/28 12:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\PogoChessBuddy
[2011/11/20 13:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\q88ffRL9h
[2011/11/20 13:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\rZqqjYYCkIVz
[2008/11/07 18:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\SecondLife
[2010/11/29 18:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\simppulltoolbar
[2011/12/19 18:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\SoftGrid Client
[2007/11/07 18:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Template
[2010/09/14 18:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\TP
[2011/11/21 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\ulllOBttzPycSiD
[2007/02/08 21:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\Viewpoint

========== Purity Check ==========



< End of report >
  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:OTL
[2099/01/01 12:00:00 | 000,011,168 | -H-- | C] () -- C:\WINDOWS\System32\nazojabo
[2011/12/28 23:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\5C243
[2011/12/28 23:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\7D520
[2011/11/20 13:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\ArllONNtxPuc
[2011/11/20 13:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\JTXXwjjUClIB
[2011/11/21 18:05:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\kGG44amH6sWKfE
[2011/11/21 18:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\OvvDD2onF4am5sJ
[2011/11/21 18:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\PellIIBtzPN
[2011/11/20 13:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\q88ffRL9h
[2011/11/20 13:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\rZqqjYYCkIVz
[2011/11/21 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HELEN\Application Data\ulllOBttzPycSiD

:files
C:\WINDOWS\System32\nazojabo
     
:Commands
[Reboot]

then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply. That should get rid of the file.

Run OTL, Quickscan and post the log so I can be sure.

You have something called Microsoft Office Click-to-Run 2010. I think it's a demo and has expired. IT's causign errors so if you don't use it please uninstall it.



Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot.

2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP