Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

xp antivirus 2012 bug....cant connect to internet

Started by tammy111 , Jan 10 2012 08:38 PM

  • Please log in to reply

#1
tammy111
Posted 10 January 2012 - 08:38 PM

tammy111

    Member

  • Member
  • PipPip
  • 95 posts
I googled some shoes that I want and when I clicked the link to see them, I immediately got the xp antivirus bug...agian.

You guys helped me so much the last time I caught a bug..
I ran OTL and here is the log...

OTL logfile created on: 1/10/2012 08:29:05 PM - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = F:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 80.65% Memory free
3.10 Gb Paging File | 2.78 Gb Available in Paging File | 89.62% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.47 Gb Total Space | 8.86 Gb Free Space | 11.90% Space Free | Partition Type: NTFS
Drive F: | 3.80 Gb Total Space | 3.79 Gb Free Space | 99.97% Space Free | Partition Type: FAT32

Computer Name: BEDROOM | User Name: Todd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2012/01/10 19:33:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- F:\OTL.scr
PRC - [2011/09/01 18:42:06 | 024,183,152 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Todd\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/07/04 05:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 05:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/05/15 13:53:20 | 000,325,512 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2010/05/06 18:09:06 | 000,415,638 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\billy.exe
PRC - [2010/05/06 17:59:36 | 000,516,216 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\oldmcdonald.exe
PRC - [2009/08/07 13:32:26 | 000,358,232 | ---- | M] (Creative Home) -- C:\Program Files\Creative Home\Hallmark Card Studio 2010 Deluxe\Planner\PLNRnote.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/03/09 11:37:15 | 000,151,597 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/10 13:08:53 | 001,666,560 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12011001\algo.dll
MOD - [2012/01/08 04:59:38 | 001,666,048 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12010800\algo.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/14 19:01:33 | 000,548,854 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2006/02/02 02:12:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\SYSTEM32\LXPRMON.DLL
MOD - [2004/12/26 20:34:38 | 000,121,344 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2002/07/04 08:38:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ArcSoft\Software Suite\PhotoImpression 5\Share\PIHook.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/10/18 18:26:20 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Disabled | Stopped] -- C:\Program Files\CouponAlert_2p\bar\1.bin\2pbarsvc.exe -- (CouponAlert_2pService)
SRV - [2011/07/04 05:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/02/25 10:42:46 | 000,466,944 | ---- | M] (Lexmark International, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\System32\lxcccoms.exe -- (lxcc_device)
SRV - [2003/03/03 13:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2003/01/30 17:55:44 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\hphipm09.exe -- (Pml Driver)


========== Driver Services (SafeList) ==========

DRV - [2011/07/04 05:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 05:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 05:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 05:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 05:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 05:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 05:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/04/13 12:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/11/24 19:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\rt73.sys -- (RT73)
DRV - [2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\bcm42rly.sys -- (BCM42RLY)
DRV - [2004/08/03 23:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 23:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 23:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 23:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 23:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 23:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 23:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 23:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 23:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/03 23:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2003/08/14 10:58:12 | 001,296,384 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2003/01/30 17:55:44 | 000,050,800 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hphid409.sys -- (Dot4 HPH09)
DRV - [2003/01/30 17:55:44 | 000,050,211 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hphs2k09.sys -- (Dot4Storage HPH09) Storage Class Driver for IEEE-1284.4 (HPH09)
DRV - [2003/01/30 17:55:44 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hphipr09.sys -- (Dot4Print HPH09)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [1999/12/17 01:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\PFMODNT.SYS -- (PfModNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {7b9f8c21-46ec-4c0b-8683-e755ef84577a} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....-8&fr=ytff-&p="
FF - prefs.js..browser.search.selectedengine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..keyword.URL: "http://search.mywebs...kwd&searchfor="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@CouponAlert_2p.com/Plugin: C:\Program Files\CouponAlert_2p\bar\1.bin\NP2pStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2009/05/28 21:07:36 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.835: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1136: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.847: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/05/11 08:59:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/19 19:25:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\2pffxtbr@CouponAlert_2p.com: C:\Program Files\CouponAlert_2p\bar\1.bin [2011/10/18 18:43:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/30 20:26:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/05 19:30:30 | 000,000,000 | ---D | M]

[2009/08/22 19:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Extensions
[2012/01/06 23:05:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\sgr9vmuh.default\extensions
[2010/04/27 11:35:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\sgr9vmuh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/29 14:45:04 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\sgr9vmuh.default\extensions\[email protected]
[2011/10/18 18:38:11 | 000,009,983 | ---- | M] () -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\sgr9vmuh.default\searchplugins\CouponAlert_2p.xml
[2011/09/09 21:02:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\TODD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\SGR9VMUH.DEFAULT\EXTENSIONS\{66E978CD-981F-47DF-AC42-E3CF417C1467}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\TODD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\SGR9VMUH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/12/30 20:26:22 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 12:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 12:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/06/26 11:33:18 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/10 22:25:07 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - Extension: Entanglement = C:\Documents and Settings\Todd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: Entanglement = C:\Documents and Settings\Todd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.5.7_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Todd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1125_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Todd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1203_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Todd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1374_0\
CHR - Extension: Poppit = C:\Documents and Settings\Todd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2011/09/10 10:11:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Search Assistant BHO) - {60e91567-ef8a-4520-bce2-83aba5256799} - C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrcAs.dll (COMPANYVERS_NAME)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Autorun Eater] C:\Program Files\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Event Planner Reminder 2010.lnk = C:\WINDOWS\Installer\{601BE80D-247B-4084-94C7-7A54369DB7A2}\Shortcut_EventPlan_E2FBA8F7F7FD4C5EAA7D652BB0CAAA9D.exe (Acresso Software Inc.)
O4 - Startup: C:\Documents and Settings\Todd\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Todd\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: &Search - http://tbedits.coupo...7E&n=2011101820 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: amphire.net ([commerce] http in Trusted sites)
O15 - HKCU\..Trusted Domains: csplans.com ([teamsterups] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ebay.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: paypal.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: usps.gov ([]* in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.55.24.10 209.55.24.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43C7A042-A8C9-4227-82B9-834C0473BEC0}: DhcpNameServer = 209.55.24.10 209.55.24.11
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\DELL.BMP
O24 - Desktop BackupWallPaper: C:\WINDOWS\DELL.BMP
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 08:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = Nm6] -- "C:\Documents and Settings\Todd\Local Settings\Application Data\apt.exe" -a "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/08 22:07:45 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Todd\Local Settings\Application Data\akj.exe
[2012/01/07 20:40:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\uniMainClock
[2011/12/29 14:45:03 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2011/12/29 14:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/12/29 12:37:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Todd\My Documents\Dropbox
[2011/12/29 12:33:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Start Menu\Programs\Dropbox
[2011/12/29 12:32:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Application Data\Dropbox
[2011/12/29 12:30:33 | 001,223,568 | ---- | C] (Web Deals Interactive LLC) -- C:\Documents and Settings\Todd\Desktop\DropDownDealsSmartSetup.exe
[2011/12/19 19:41:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/12/19 19:39:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/19 19:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/01/20 22:12:29 | 000,081,920 | ---- | C] (WIZnet Corp.) -- C:\Program Files\Common Files\WIZ1x0SR_105SR_CFG.exe
[2010/01/20 22:12:28 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\MSVCR80.dll
[1 C:\Documents and Settings\Todd\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Todd\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2049/12/31 15:00:00 | 000,065,348 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\Order in Suit to Modify Parent-Child Relationship02.wpd
[2012/01/10 20:21:33 | 000,013,154 | -HS- | M] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\h11sb3q77b
[2012/01/10 20:21:33 | 000,013,154 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\h11sb3q77b
[2012/01/10 19:24:26 | 000,002,527 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Event Planner Reminder 2010.lnk
[2012/01/10 19:24:04 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/01/10 19:23:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/01/10 19:23:40 | 2683,375,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/08 11:30:05 | 000,002,601 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Hallmark Card Studio 2010 Deluxe.lnk
[2012/01/02 19:06:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/29 12:37:48 | 000,000,991 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\Dropbox.lnk
[2011/12/29 12:35:24 | 000,001,003 | ---- | M] () -- C:\Documents and Settings\Todd\Start Menu\Programs\Startup\Dropbox.lnk
[2011/12/29 12:30:17 | 001,223,568 | ---- | M] (Web Deals Interactive LLC) -- C:\Documents and Settings\Todd\Desktop\DropDownDealsSmartSetup.exe
[2011/12/19 19:41:23 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/12/18 14:00:59 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/12/15 03:27:28 | 000,306,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 03:10:08 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\Documents and Settings\Todd\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Todd\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/08 22:07:45 | 000,013,154 | -HS- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\h11sb3q77b
[2012/01/08 22:07:45 | 000,013,154 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\h11sb3q77b
[2011/12/29 12:37:48 | 000,000,991 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\Dropbox.lnk
[2011/12/29 12:34:03 | 000,001,003 | ---- | C] () -- C:\Documents and Settings\Todd\Start Menu\Programs\Startup\Dropbox.lnk
[2011/12/19 19:41:23 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/09/10 09:42:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/09/10 09:42:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/10 09:42:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/09/10 09:42:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/09/10 09:42:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/03 02:15:51 | 000,188,408 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/10 13:11:16 | 000,068,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/04/21 18:04:31 | 000,122,771 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2009/04/21 18:04:31 | 000,001,996 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2008/09/13 08:37:35 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/09/13 08:37:08 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/01/23 19:48:19 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\$_hpcst$.hpc
[2007/12/04 21:18:43 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2007/11/03 21:09:55 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\uccspecc.sys
[2007/10/05 20:35:00 | 000,000,009 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\MumboJumbo.ini
[2007/10/05 20:35:00 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Todd\Application Data\ud_soundmanager.ini
[2007/06/20 14:46:41 | 000,000,138 | ---- | C] () -- C:\WINDOWS\WinInit.ini.backup
[2007/05/13 21:40:02 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/01/26 21:20:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2006/12/02 15:33:52 | 000,000,023 | ---- | C] () -- C:\WINDOWS\kodakpcd.Todd.ini
[2006/05/01 14:01:19 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005/12/25 21:24:55 | 000,000,063 | ---- | C] () -- C:\WINDOWS\hw.ini
[2005/08/28 18:49:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2005/08/28 18:49:48 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2005/08/28 18:47:45 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxccvs.dll
[2005/07/20 17:52:09 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/26 18:47:30 | 000,143,360 | ---- | C] () -- C:\WINDOWS\bbuninst.exe
[2005/02/22 22:29:49 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/11/10 20:20:13 | 000,001,096 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2004/10/21 09:34:19 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/09 12:15:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2004/07/18 15:52:14 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2004/07/18 15:46:27 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2004/07/18 15:45:45 | 000,000,111 | ---- | C] () -- C:\WINDOWS\EPSON Stylus CX5400.ini
[2004/06/13 10:32:05 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\fusioncache.dat
[2004/04/17 09:47:11 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\PFP110JPR.{PB
[2004/04/17 09:47:11 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\PFP110JCM.{PB
[2004/04/14 19:11:24 | 000,001,922 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/03/09 11:48:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/03/09 11:42:26 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/03/09 11:38:23 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2004/03/09 11:36:54 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2004/03/09 11:36:54 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2004/03/09 11:36:42 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2004/03/09 11:36:42 | 000,002,572 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2004/03/09 11:36:42 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2004/03/09 11:36:42 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/03/09 11:36:41 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2004/03/09 11:36:10 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/03/09 11:35:13 | 000,000,138 | ---- | C] () -- C:\WINDOWS\WinInit.ini
[2004/03/09 11:32:15 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/03/09 11:17:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2004/03/09 11:14:52 | 000,441,552 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2004/03/09 11:14:52 | 000,071,488 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2004/03/09 11:01:22 | 000,000,546 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/08/13 22:54:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/30 17:55:40 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2003/01/30 17:54:28 | 000,003,691 | ---- | C] () -- C:\WINDOWS\hphinfs.dat
[2002/09/03 09:05:08 | 000,306,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/03 08:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 08:56:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/03 08:31:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 08:31:44 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/29 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2002/08/29 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2002/08/29 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2002/08/29 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2002/08/29 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2002/08/29 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[1980/01/01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2011/05/19 09:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2011/05/16 22:18:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/12 12:36:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/01/26 16:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Eastman Kodak Company
[2011/05/19 09:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2008/01/26 16:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2011/04/14 17:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2004/05/21 19:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN Messenger 6.2.0133
[2008/02/02 23:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2011/12/29 14:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2009/03/11 20:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/14 23:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/24 07:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/23 16:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/06/06 22:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Audacity
[2012/01/10 19:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Dropbox
[2004/08/09 12:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\EPSON
[2004/04/14 19:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Leadertech
[2006/11/12 20:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Snapfish
[2011/01/26 15:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\uTorrent
[2011/05/19 09:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\WinPatrol

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Todd\Desktop\Order in Suit to Modify Parent-Child Relationship02.doc:SummaryInformation

< End of report >
  • 0

Advertisements

#2
RKinner
Posted 13 January 2012 - 11:53 PM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP
Hi Tammy111,

Was hoping we wouldn't see you again so soon. Sorry I didn't get to you earlier but have been on a trip and just got back.

I assume you are using a USB drive to move files from the sick computer to a good one.

Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then uncheck Enable AutoSandbox. OK

Copy the text in the code box by highlighting and Ctrl + c


:processes
killallprocesses

:OTL
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
O37 - HKCU\...exe [@ = Nm6] -- "C:\Documents and Settings\Todd\Local Settings\Application Data\apt.exe" -a "%1" %*
[2012/01/08 22:07:45 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Todd\Local Settings\Application Data\akj.exe
[2012/01/10 20:21:33 | 000,013,154 | -HS- | M] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\h11sb3q77b
[2012/01/10 20:21:33 | 000,013,154 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\h11sb3q77b

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
C:\Documents and Settings\Todd\Local Settings\Application Data\*.exe
net start dhcp /c
net start afd /c
net start tcpip /c
net start ipsec /c
reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec /s /c
ipconfig /all /c
ping 8.8.8.8 /c
nslookup att.com /c

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE]
@="Mozilla Firefox"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE]
@="Internet Explorer"

:Commands
[EMPTYJAVA]
[EMPTYFLASH]
[RESETHOSTS]
[purity]
[Reboot]


then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.

Open OTL again and select either the Use SafeList or All option in the Extra Registry group then the Run Scan button. Post the two logs it produces in your next reply.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.




Right click on the Avast Ball and select Avast! Shields Control and Disable Until Computer is Restarted


ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:


Download and Save this file -- to your Desktop -- from either of these two sources:

http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then check Enable AutoSandbox. OK

Ron
  • 0

#3
tammy111
Posted 14 January 2012 - 03:15 PM

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Thanks for your help!!! I just found that the infected computer is shut down..for some reason..I did not do it. I restarted it and now Avast is not showing in the bottom right corner where it should be. The only things there are the icon indicating internet connection, volume, and safely remove hardware. Usually, there are several other icons including the avast ball. I will skip the first step you said and copy/paste the info in to OTL and 'run fix'....hope this is ok
  • 0

#4
RKinner
Posted 14 January 2012 - 03:19 PM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP
OK. I just tell Avast not to put stuff in the sandbox because sometimes it decides that OTL or Combofix should run in the sandbox and they don't work that well then. If it asks you if you want them to run in the sandbox tell it no.
  • 0

#5
tammy111
Posted 14 January 2012 - 03:30 PM

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
========== PROCESSES ==========
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\avgsecuritytoolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2DDE6B2-9684-4A55-86D4-E255E237B77C}\ deleted successfully.
File {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found not found.
Registry key HKEY_CURRENT_USER\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\Nm6\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\Documents and Settings\Todd\Local Settings\Application Data\akj.exe moved successfully.
C:\Documents and Settings\Todd\Local Settings\Application Data\h11sb3q77b moved successfully.
C:\Documents and Settings\All Users\Application Data\h11sb3q77b moved successfully.
========== FILES ==========
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >
0 File(s) copied
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
0 File(s) copied
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >
0 File(s) copied
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
File\Folder C:\Documents and Settings\Todd\Local Settings\Application Data\*.exe not found.
< net start dhcp /c >
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
< net start afd /c >
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
< net start tcpip /c >
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
< net start ipsec /c >
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
< reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec /s /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec
Type REG_DWORD 0x1
Start REG_DWORD 0x1
ErrorControl REG_DWORD 0x1
Tag REG_DWORD 0x4
ImagePath REG_EXPAND_SZ System32\DRIVERS\ipsec.sys
DisplayName REG_SZ IPSEC driver
Group REG_SZ PNP_TDI
Description REG_SZ IPSEC driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec\Security
Security REG_BINARY 01001480900000009C000000140000003000000002001C000100000002801400FF010F00010100000000000100000000020060000400000000001400FD01020001010000000000051200000000001800FF010F0001020000000000052000000020020000000014008D01020001010000000000050B00000000001800FD01020001020000000000052000000023020000010100000000000512000000010100000000000512000000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec\Enum
0 REG_SZ Root\LEGACY_IPSEC\0000
Count REG_DWORD 0x1
NextInstance REG_DWORD 0x1
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
< ipconfig /all /c >
Windows IP Configuration
Host Name . . . . . . . . . . . . : Bedroom
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-0C-F1-B6-93-62
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 209.55.24.10
209.55.24.11
Lease Obtained. . . . . . . . . . : Saturday, January 14, 2012 03:10:26 PM
Lease Expires . . . . . . . . . . : Sunday, January 15, 2012 03:10:26 PM
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
< ping 8.8.8.8 /c >
Pinging 8.8.8.8 with 32 bytes of data:
Reply from 8.8.8.8: bytes=32 time=108ms TTL=45
Reply from 8.8.8.8: bytes=32 time=116ms TTL=45
Reply from 8.8.8.8: bytes=32 time=115ms TTL=45
Reply from 8.8.8.8: bytes=32 time=110ms TTL=45
Ping statistics for 8.8.8.8:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 108ms, Maximum = 116ms, Average = 112ms
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
< nslookup att.com /c >
Server: host-209-55-24-10.ibbsonline.com
Address: 209.55.24.10
Name: att.com
Addresses: 144.160.155.43, 144.160.36.42
F:\cmd.bat deleted successfully.
F:\cmd.txt deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\\@|"Mozilla Firefox" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\\@|"Internet Explorer" /E : value set successfully!
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Brooke

User: Default User

User: Drew

User: LocalService

User: NetworkService

User: Other

User: Owner

User: Todd
->Java cache emptied: 2329511 bytes

User: Tyler

Total Java Files Cleaned = 2.00 mb


[EMPTYFLASH]

User: All Users

User: Brooke
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Drew
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Other
->Flash cache emptied: 0 bytes

User: Owner

User: Todd
->Flash cache emptied: 112420 bytes

User: Tyler
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 01142012_152135

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
  • 0

#6
tammy111
Posted 14 January 2012 - 03:34 PM

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
ok...running the scan again after the first script was done. I just noticed that upon restart, all of the normal icons are present including the avast ball...but I didnt notice them until after I had started the 'run scan'...should I stop it and make the change to the avast setting? I will let it run for now and redo it if you think I should....

thanks again for your patience and all your help...
  • 0

#7
tammy111
Posted 14 January 2012 - 03:45 PM

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
OTL Extras logfile created on: 1/14/2012 03:34:08 PM - Run 7
OTL by OldTimer - Version 3.2.31.0 Folder = F:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 82.02% Memory free
3.10 Gb Paging File | 2.82 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.47 Gb Total Space | 8.62 Gb Free Space | 11.58% Space Free | Partition Type: NTFS

Computer Name: BEDROOM | User Name: Todd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\WINDOWS\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\WINDOWS\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\WINDOWS\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\WINDOWS\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\WINDOWS\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- C:\WINDOWS\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- C:\WINDOWS\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- C:\WINDOWS\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- C:\WINDOWS\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- C:\WINDOWS\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- C:\WINDOWS\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- C:\WINDOWS\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- C:\WINDOWS\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Dell Computer\Dell Picture Studio v2.0\launch.exe" = C:\Program Files\Dell Computer\Dell Picture Studio v2.0\launch.exe:*:Enabled:Jasc Paint Shop Photo Album Application -- (Jasc Software)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Steam\SteamApps\tbinnerarity\counter-strike source\hl2.exe" = C:\Program Files\Steam\SteamApps\tbinnerarity\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\Steam\SteamApps\tbinnerarity\half-life 2 deathmatch\hl2.exe" = C:\Program Files\Steam\SteamApps\tbinnerarity\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\Adobe Media Player\Adobe Media Player.exe" = C:\Program Files\Adobe Media Player\Adobe Media Player.exe:*:Enabled:Adobe Media Player -- ()
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\Todd\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Todd\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{04410044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Encyclopedia Standard 2004
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{166E180E-9A3F-41AE-8B40-22D8FFF4AF87}" = McAfee Virtual Technician
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Beta)
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{601BE80D-247B-4084-94C7-7A54369DB7A2}" = Hallmark Card Studio 2010 Deluxe
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{66C8BE35-8BBB-472B-96C7-C7C9A499F988}" = ArcSoft Software Suite
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}" = Sound Blaster Live!
"{976EA7B1-7562-483D-88DA-4323D263B7CD}" = DiMAGE Viewer
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel® PROSet
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600133}" = MSN Messenger 6.2
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.7
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint Plus
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}" = HP Deskjet All-In-One Software 9.0
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4868E88-F5B5-4E45-9592-C7062BD97441}" = Symantec Technical Support Web Controls
"{C7888C3F-0506-555F-7907-CDD3F81719A5}" = Adobe Media Player
"{CB011820-5484-4BC9-9644-88C17A69E708}" = WIZ1x0_105SR Configtool
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D111D725-97AB-4654-B866-21700C703E86}" = HHD Software Hex Editor
"{DD0B4C27-B1D9-40BE-AC96-68228FAC2149}" = HyperLoad - Candystand Billiards
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Autorun Eater_is1" = Autorun Eater v2.5
"avast" = avast! Free Antivirus
"Coupon Printer for Windows2.0" = Coupon Printer for Windows
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"CouponAlert_2pbar Uninstall" = Coupon Alert
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"Extreme HU 1.6" = Extreme HU 1.6
"Google Chrome" = Google Chrome
"Hex Workshop v4.20" = Hex Workshop v4.23
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"KeyRipper" = KeyRipper 3.1
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Lexmark 3300 Series" = Lexmark 3300 Series
"Loader_is1" = Loader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"Nagra Master - ROM 102 Utility" = Nagra Master - ROM 102 Utility 1.3 (BETA)
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = NeroVision Express 2
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMPUninstallKey" = Nero Media Player
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"PartyPoker" = PartyPoker
"Picasa 3" = Picasa 3
"PROSet" = Intel® PRO Network Adapters and Drivers
"PVRLoader_is1" = PVRLoader
"RealPlayer 6.0" = RealOne Player
"Sewer Run_is1" = Sewer Run
"Shockwave" = Shockwave
"ST6UNST #1" = FOXPRO Programmer
"Tier Creator for Dummies II" = Tier Creator for Dummies II
"Virtools3DLifePlayer" = Virtools 3D Life Player
"VSHD Loader_is1" = VSHD Loader 1.0
"Windows Audio Recorder Professional_is1" = Windows Audio Recorder Professional 5.00
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Windows Mobile® Device Handbook
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/29/2011 05:54:16 PM | Computer Name = BEDROOM | Source = .NET Runtime | ID = 1023
Description = Application: plugin-container.exe CoreCLR Version: 4.0.60831.0 Description:
The process was terminated due to an internal error in the .NET Runtime at IP 7928D2A6
(79150000) with exit code 8013150a.

Error - 12/29/2011 05:54:16 PM | Computer Name = BEDROOM | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 8.0.0.4325, faulting
module coreclr.dll, version 4.0.60831.0, fault address 0x0013d2a6.

Error - 12/29/2011 05:55:17 PM | Computer Name = BEDROOM | Source = .NET Runtime | ID = 1023
Description = Application: plugin-container.exe CoreCLR Version: 4.0.60831.0 Description:
The process was terminated due to an internal error in the .NET Runtime at IP 7928D2A6
(79150000) with exit code 8013150a.

Error - 12/29/2011 05:55:17 PM | Computer Name = BEDROOM | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 8.0.0.4325, faulting
module coreclr.dll, version 4.0.60831.0, fault address 0x0013d2a6.

Error - 12/29/2011 05:55:21 PM | Computer Name = BEDROOM | Source = Application Error | ID = 1001
Description = Fault bucket -1608264308.

Error - 12/30/2011 11:33:53 PM | Computer Name = BEDROOM | Source = Application Error | ID = 1000
Description = Faulting application photoimpression.exe, version 5.0.0.27, faulting
module browser.mll, version 5.0.0.39, fault address 0x00061ecb.

Error - 12/30/2011 11:34:07 PM | Computer Name = BEDROOM | Source = Application Error | ID = 1000
Description = Faulting application photoimpression.exe, version 5.0.0.27, faulting
module browser.mll, version 5.0.0.39, fault address 0x00061ecb.

Error - 12/30/2011 11:34:12 PM | Computer Name = BEDROOM | Source = Application Error | ID = 1001
Description = Fault bucket 67238174.

Error - 12/30/2011 11:37:17 PM | Computer Name = BEDROOM | Source = Application Error | ID = 1000
Description = Faulting application photoimpression.exe, version 5.0.0.27, faulting
module browser.mll, version 5.0.0.39, fault address 0x00061ecb.

Error - 12/30/2011 11:37:21 PM | Computer Name = BEDROOM | Source = Application Error | ID = 1001
Description = Fault bucket 67238174.

[ System Events ]
Error - 12/8/2011 12:25:10 AM | Computer Name = BEDROOM | Source = Service Control Manager | ID = 7031
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 0 milliseconds: Restart the service.

Error - 12/8/2011 12:25:24 AM | Computer Name = BEDROOM | Source = Service Control Manager | ID = 7031
Description = The DCOM Server Process Launcher service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Reboot the machine.

Error - 12/8/2011 12:25:24 AM | Computer Name = BEDROOM | Source = Service Control Manager | ID = 7034
Description = The Terminal Services service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/8/2011 01:16:40 AM | Computer Name = BEDROOM | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/8/2011 01:16:43 AM | Computer Name = BEDROOM | Source = Service Control Manager | ID = 7034
Description = The Creative Service for CDROM Access service terminated unexpectedly.
It has done this 1 time(s).

Error - 12/8/2011 01:16:45 AM | Computer Name = BEDROOM | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/8/2011 01:16:50 AM | Computer Name = BEDROOM | Source = Service Control Manager | ID = 7034
Description = The WMDM PMSP Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/18/2011 02:14:48 PM | Computer Name = BEDROOM | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/18/2011 02:14:54 PM | Computer Name = BEDROOM | Source = Service Control Manager | ID = 7034
Description = The WMDM PMSP Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/21/2011 01:00:00 AM | Computer Name = BEDROOM | Source = Service Control Manager | ID = 7034
Description = The Creative Service for CDROM Access service terminated unexpectedly.
It has done this 1 time(s).


< End of report >


OTL logfile created on: 1/14/2012 03:34:08 PM - Run 7
OTL by OldTimer - Version 3.2.31.0 Folder = F:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 82.02% Memory free
3.10 Gb Paging File | 2.82 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.47 Gb Total Space | 8.62 Gb Free Space | 11.58% Space Free | Partition Type: NTFS

Computer Name: BEDROOM | User Name: Todd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2011/09/01 18:42:06 | 024,183,152 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Todd\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/07/04 05:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 05:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/05/15 13:53:20 | 000,325,512 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2010/05/06 18:09:06 | 000,415,638 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\billy.exe
PRC - [2010/05/06 17:59:36 | 000,516,216 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\oldmcdonald.exe
PRC - [2009/08/07 13:32:26 | 000,358,232 | ---- | M] (Creative Home) -- C:\Program Files\Creative Home\Hallmark Card Studio 2010 Deluxe\Planner\PLNRnote.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/03/09 11:37:15 | 000,151,597 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/14 09:46:22 | 001,678,336 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12011401\algo.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/14 19:01:33 | 000,548,854 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2006/02/02 02:12:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\SYSTEM32\LXPRMON.DLL
MOD - [2002/07/04 08:38:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ArcSoft\Software Suite\PhotoImpression 5\Share\PIHook.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/10/18 18:26:20 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Disabled | Stopped] -- C:\Program Files\CouponAlert_2p\bar\1.bin\2pbarsvc.exe -- (CouponAlert_2pService)
SRV - [2011/07/04 05:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/02/25 10:42:46 | 000,466,944 | ---- | M] (Lexmark International, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\System32\lxcccoms.exe -- (lxcc_device)
SRV - [2003/03/03 13:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2003/01/30 17:55:44 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\hphipm09.exe -- (Pml Driver)


========== Driver Services (SafeList) ==========

DRV - [2011/07/04 05:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 05:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 05:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 05:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 05:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 05:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 05:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/04/13 12:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/11/24 19:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\rt73.sys -- (RT73)
DRV - [2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\bcm42rly.sys -- (BCM42RLY)
DRV - [2004/08/03 23:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 23:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 23:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 23:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 23:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 23:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 23:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 23:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 23:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/03 23:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2003/08/14 10:58:12 | 001,296,384 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2003/01/30 17:55:44 | 000,050,800 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hphid409.sys -- (Dot4 HPH09)
DRV - [2003/01/30 17:55:44 | 000,050,211 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hphs2k09.sys -- (Dot4Storage HPH09) Storage Class Driver for IEEE-1284.4 (HPH09)
DRV - [2003/01/30 17:55:44 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hphipr09.sys -- (Dot4Print HPH09)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [1999/12/17 01:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\PFMODNT.SYS -- (PfModNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {7b9f8c21-46ec-4c0b-8683-e755ef84577a} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....-8&fr=ytff-&p="
FF - prefs.js..browser.search.selectedengine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..keyword.URL: "http://search.mywebs...kwd&searchfor="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@CouponAlert_2p.com/Plugin: C:\Program Files\CouponAlert_2p\bar\1.bin\NP2pStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2009/05/28 21:07:36 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.835: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1136: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.847: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/05/11 08:59:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/19 19:25:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\2pffxtbr@CouponAlert_2p.com: C:\Program Files\CouponAlert_2p\bar\1.bin [2011/10/18 18:43:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/30 20:26:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/05 19:30:30 | 000,000,000 | ---D | M]

[2009/08/22 19:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Extensions
[2012/01/06 23:05:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\sgr9vmuh.default\extensions
[2010/04/27 11:35:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\sgr9vmuh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/29 14:45:04 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\sgr9vmuh.default\extensions\[email protected]
[2011/10/18 18:38:11 | 000,009,983 | ---- | M] () -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\sgr9vmuh.default\searchplugins\CouponAlert_2p.xml
[2011/09/09 21:02:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\TODD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\SGR9VMUH.DEFAULT\EXTENSIONS\{66E978CD-981F-47DF-AC42-E3CF417C1467}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\TODD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\SGR9VMUH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/12/30 20:26:22 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 12:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 12:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/06/26 11:33:18 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/10 22:25:07 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - Extension: Entanglement = C:\Documents and Settings\Todd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.5.7_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Todd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1203_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Todd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1374_0\
CHR - Extension: Poppit = C:\Documents and Settings\Todd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2011/09/10 10:11:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Search Assistant BHO) - {60e91567-ef8a-4520-bce2-83aba5256799} - C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrcAs.dll (COMPANYVERS_NAME)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Autorun Eater] C:\Program Files\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Event Planner Reminder 2010.lnk = C:\WINDOWS\Installer\{601BE80D-247B-4084-94C7-7A54369DB7A2}\Shortcut_EventPlan_E2FBA8F7F7FD4C5EAA7D652BB0CAAA9D.exe (Acresso Software Inc.)
O4 - Startup: C:\Documents and Settings\Todd\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Todd\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: &Search - http://tbedits.coupo...7E&n=2011101820 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: amphire.net ([commerce] http in Trusted sites)
O15 - HKCU\..Trusted Domains: csplans.com ([teamsterups] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ebay.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: paypal.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: usps.gov ([]* in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.55.24.10 209.55.24.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43C7A042-A8C9-4227-82B9-834C0473BEC0}: DhcpNameServer = 209.55.24.10 209.55.24.11
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\DELL.BMP
O24 - Desktop BackupWallPaper: C:\WINDOWS\DELL.BMP
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 08:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/07 20:40:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\uniMainClock
[2011/12/29 14:45:03 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2011/12/29 14:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/12/29 12:37:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Todd\My Documents\Dropbox
[2011/12/29 12:33:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Start Menu\Programs\Dropbox
[2011/12/29 12:32:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Application Data\Dropbox
[2011/12/29 12:30:33 | 001,223,568 | ---- | C] (Web Deals Interactive LLC) -- C:\Documents and Settings\Todd\Desktop\DropDownDealsSmartSetup.exe
[2011/12/19 19:41:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/12/19 19:39:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/19 19:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/01/20 22:12:29 | 000,081,920 | ---- | C] (WIZnet Corp.) -- C:\Program Files\Common Files\WIZ1x0SR_105SR_CFG.exe
[2010/01/20 22:12:28 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\MSVCR80.dll

========== Files - Modified Within 30 Days ==========

[2049/12/31 15:00:00 | 000,065,348 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\Order in Suit to Modify Parent-Child Relationship02.wpd
[2012/01/14 15:26:49 | 000,002,527 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Event Planner Reminder 2010.lnk
[2012/01/14 15:26:08 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/01/14 15:24:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/01/14 15:24:47 | 2683,375,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/08 11:30:05 | 000,002,601 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Hallmark Card Studio 2010 Deluxe.lnk
[2012/01/02 19:06:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/29 12:37:48 | 000,000,991 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\Dropbox.lnk
[2011/12/29 12:35:24 | 000,001,003 | ---- | M] () -- C:\Documents and Settings\Todd\Start Menu\Programs\Startup\Dropbox.lnk
[2011/12/29 12:30:17 | 001,223,568 | ---- | M] (Web Deals Interactive LLC) -- C:\Documents and Settings\Todd\Desktop\DropDownDealsSmartSetup.exe
[2011/12/19 19:41:23 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/12/18 14:00:59 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

========== Files Created - No Company Name ==========

[2011/12/29 12:37:48 | 000,000,991 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\Dropbox.lnk
[2011/12/29 12:34:03 | 000,001,003 | ---- | C] () -- C:\Documents and Settings\Todd\Start Menu\Programs\Startup\Dropbox.lnk
[2011/12/19 19:41:23 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/09/10 09:42:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/09/10 09:42:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/10 09:42:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/09/10 09:42:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/09/10 09:42:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/03 02:15:51 | 000,188,408 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/10 13:11:16 | 000,068,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/04/21 18:04:31 | 000,122,771 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2009/04/21 18:04:31 | 000,001,996 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2008/09/13 08:37:35 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/09/13 08:37:08 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/01/23 19:48:19 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\$_hpcst$.hpc
[2007/12/04 21:18:43 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2007/11/03 21:09:55 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\uccspecc.sys
[2007/10/05 20:35:00 | 000,000,009 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\MumboJumbo.ini
[2007/10/05 20:35:00 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Todd\Application Data\ud_soundmanager.ini
[2007/06/20 14:46:41 | 000,000,138 | ---- | C] () -- C:\WINDOWS\WinInit.ini.backup
[2007/05/13 21:40:02 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/01/26 21:20:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2006/12/02 15:33:52 | 000,000,023 | ---- | C] () -- C:\WINDOWS\kodakpcd.Todd.ini
[2006/05/01 14:01:19 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005/12/25 21:24:55 | 000,000,063 | ---- | C] () -- C:\WINDOWS\hw.ini
[2005/08/28 18:49:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2005/08/28 18:49:48 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2005/08/28 18:47:45 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxccvs.dll
[2005/07/20 17:52:09 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/26 18:47:30 | 000,143,360 | ---- | C] () -- C:\WINDOWS\bbuninst.exe
[2005/02/22 22:29:49 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/11/10 20:20:13 | 000,001,096 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2004/10/21 09:34:19 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/09 12:15:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2004/07/18 15:52:14 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2004/07/18 15:46:27 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2004/07/18 15:45:45 | 000,000,111 | ---- | C] () -- C:\WINDOWS\EPSON Stylus CX5400.ini
[2004/06/13 10:32:05 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\fusioncache.dat
[2004/04/17 09:47:11 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\PFP110JPR.{PB
[2004/04/17 09:47:11 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\PFP110JCM.{PB
[2004/04/14 19:11:24 | 000,001,922 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/03/09 11:48:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/03/09 11:42:26 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/03/09 11:38:23 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2004/03/09 11:36:54 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2004/03/09 11:36:54 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2004/03/09 11:36:42 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2004/03/09 11:36:42 | 000,002,572 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2004/03/09 11:36:42 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2004/03/09 11:36:42 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/03/09 11:36:41 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2004/03/09 11:36:10 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/03/09 11:35:13 | 000,000,138 | ---- | C] () -- C:\WINDOWS\WinInit.ini
[2004/03/09 11:32:15 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/03/09 11:17:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2004/03/09 11:14:52 | 000,441,552 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2004/03/09 11:14:52 | 000,071,488 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2004/03/09 11:01:22 | 000,000,546 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/08/13 22:54:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/30 17:55:40 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2003/01/30 17:54:28 | 000,003,691 | ---- | C] () -- C:\WINDOWS\hphinfs.dat
[2002/09/03 09:05:08 | 000,306,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/03 08:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 08:56:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/03 08:31:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 08:31:44 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/29 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2002/08/29 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2002/08/29 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2002/08/29 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2002/08/29 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2002/08/29 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[1980/01/01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Todd\Desktop\Order in Suit to Modify Parent-Child Relationship02.doc:SummaryInformation

< End of report >
  • 0

#8
RKinner
Posted 14 January 2012 - 04:24 PM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP
If you get a chance do tell Avast not to put things in the Sandbox. So far it appears things are working as planned. You should be able to get on the Internet now but continue with the other scans just to make sure we didn't miss anything.
  • 0

#9
tammy111
Posted 14 January 2012 - 05:59 PM

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.14.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Todd :: BEDROOM [administrator]

1/14/2012 03:54:54 PM
mbam-log-2012-01-14 (15-54-54).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 254009
Time elapsed: 1 hour(s), 43 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrcAs.dll (Adware.MyWebSearch) -> Delete on reboot.

Registry Keys Detected: 91
HKCR\CLSID\{60e91567-ef8a-4520-bce2-83aba5256799} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60E91567-EF8A-4520-BCE2-83ABA5256799} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{60E91567-EF8A-4520-BCE2-83ABA5256799} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{60E91567-EF8A-4520-BCE2-83ABA5256799} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\CouponAlert_2pService (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1948934a-1c68-4b2b-9a1f-d12e2a062a1a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CouponAlert_2pbar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{d7ce22af-ccb3-423f-84d5-4d77152181f3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{004EB151-885B-4A9E-A22D-CA98DD998D75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.ToolbarPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.ToolbarPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1f0a2185-da7e-4614-91c0-dd5f4a76cb1b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{16fe2505-f2a0-4782-b035-af0e5188c02c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{79583de9-d0c2-44ef-ae0d-cbfa16c2a785} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{1116A14B-F6A3-4FD9-A00E-FF8CF270EE48} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16FE2505-F2A0-4782-B035-AF0E5188C02C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{23b38049-323f-443d-9732-f454e5b15b72} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.SettingsPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.SettingsPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{23B38049-323F-443D-9732-F454E5B15B72} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{3462c343-be19-4143-af70-cefb56f46fc6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3462C343-BE19-4143-AF70-CEFB56F46FC6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{3a421c8f-e238-4aeb-8874-b8b5f2cc4772} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7717f4b3-397f-4ce5-9192-6effde3ac999} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{4d8eacbc-e293-4462-b91e-42ea5b54b743} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.Radio.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.Radio (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{3276e8a8-a233-449b-a7eb-fcee21246018} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{A0636D37-97D0-4DC4-95A6-93AABA07437F} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.RadioSettings.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.RadioSettings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7b9f8c21-46ec-4c0b-8683-e755ef84577a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B9F8C21-46EC-4C0B-8683-E755EF84577A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{cf9d6d4e-5496-438e-ba24-5a580a59f5a3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.PseudoTransparentPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CF9D6D4E-5496-438E-BA24-5A580A59F5A3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.DynamicBarButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.DynamicBarButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.FeedManager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.FeedManager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.HTMLMenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.HTMLMenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.HTMLPanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.HTMLPanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.MultipleButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.MultipleButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.ScriptButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.ScriptButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.ThirdPartyInstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.UrlAlertButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.UrlAlertButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.XMLSessionPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.XMLSessionPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\Software\CouponAlert_2p (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MENUEXT\&SEARCH (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\CouponAlert_2p (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MozillaPlugins\@CouponAlert_2p.com/Plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{411b1946-3277-4a7f-9f60-745266360613} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ebaf2b4f-510a-47c7-86ba-e7d94d1162f6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{860AF5D1-0735-409D-8E5F-E3E99356D7E9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{84576f6e-0660-4b4f-8918-bc6c975044d4} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{60fc9013-4a5a-4306-9695-fce0a6617f22} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{D244EAC5-A0F5-4859-A1F8-18ABC0AC3A00} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{86d02bcf-0e0e-444f-8a8d-2d5c4a9e6578} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{2d205adf-c992-4eda-99c3-096e13f38ab4} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{20bcce5a-c687-46ff-8dd2-ad8235f5f2b4} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{041278C7-DF92-486D-AE85-921BDFC75A43} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{0bdf6c42-132c-45f5-92de-dc13f40c6dab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{a4116f8c-a634-4536-b9ef-6b9ebcc5bae1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{65D8E17B-312E-4E12-913B-A841A8631143} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0BDF6C42-132C-45F5-92DE-DC13F40C6DAB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{95B3F577-D54A-4831-B2B4-8AACEEDA85CF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{95B3F577-D54A-4831-B2B4-8AACEEDA85CF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{457a4cb8-0391-409d-98b4-c4ccb2849670} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{7924fd2b-877c-4395-a063-a88ab887ea6d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{36A7148B-639E-423C-90BB-30B6E1A40BD7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{def07acd-bcea-4269-933a-4087d20842bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{c2df3856-676c-41dc-a73b-facbdf8e81e9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8542e415-0e53-4261-8be4-0d1598229d90} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{56965DCF-718F-4148-BECF-5A2B466F4556} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C2DF3856-676C-41DC-A73B-FACBDF8E81E9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{ebbc4e43-292a-40df-88e3-3262b7521460} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{8867ac9b-4426-44a2-a693-c95850d3405c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{53ca18e7-5223-4358-9fd9-97c62c66c5bd} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{61DAB0AD-AD23-4E40-84AC-7C6CE64D4EB3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8867AC9B-4426-44A2-A693-C95850D3405C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{23b0ae65-17d2-4491-98e5-b1aa6228dda2} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{7B9F8C21-46EC-4C0B-8683-E755EF84577A} (Adware.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{7b9f8c21-46ec-4c0b-8683-e755ef84577a} (Adware.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search| (Adware.MyWebSearch) -> Data: http://tbedits.coupo...7E&n=2011101820 -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|2pffxtbr@CouponAlert_2p.com (Adware.MyWebSearch) -> Data: C:\Program Files\CouponAlert_2p\bar\1.bin -> Quarantined and deleted successfully.

Registry Data Items Detected: 6
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command| (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\Todd\Local Settings\Application Data\apt.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command| (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\Todd\Local Settings\Application Data\apt.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\Todd\Local Settings\Application Data\apt.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 12
C:\Program Files\CouponAlert_2p (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\IE9Mesg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\setups (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\CouponAlert_2p (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\CouponAlert_2p\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Detected: 69
C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrcAs.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pbarsvc.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pbar.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pskin.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pradio.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pauxstb.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pbrstub.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pdatact.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pdlghk.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pdyn.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pfeedmg.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2phighin.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2phtml.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2phtmlmu.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2phttpct.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pidle.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pieovr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pimpipe.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pmlbtn.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pmsg.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pPlugin.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pregfft.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pregiet.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pscript.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pskplay.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2ptpinst.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2puabtn.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\CHROME.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\INSTALL.RDF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\LOGO.BMP (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\NP2pStub.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\T8RES.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\chrome\2pffxtbr.jar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\2279794A (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\22797C95 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\2279859E.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\227986E6.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\22798792.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\2279887C.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\22798928.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\227989D4.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\22798A61.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\22798AFD.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\22798B89.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\22798CB2.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\22798D2F.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\22798DDB.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\22798E58 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\227991E2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\227996E4.jhtml (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\2279ADE6 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\2279B077 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\2279D1AB.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\IE9Mesg\COMMON.T8S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Message\COMMON.T8S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Settings\setting3.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Settings\s_w1.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\Settings\s_w2.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\setups\Coupon Alert Installer(2279befd).exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\CouponAlert_2p\Cache\CouponAlertBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\CouponAlert_2p\Cache\CouponAlertNewDealsBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\CouponAlert_2p\Cache\GrouponBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\CouponAlert_2p\Cache\PopupProperties100064904.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\CouponAlert_2p\Cache\PopupProperties200820798.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\CouponAlert_2p\Cache\Radio.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

(end)
  • 0

#10
tammy111
Posted 14 January 2012 - 06:59 PM

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
ComboFix 12-01-13.05 - Todd 01/14/2012 18:11:57.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2559.2116 [GMT -6:00]
Running from: F:\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\Tarma Installer
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\documents and settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setup.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setupx.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\Setup.dat
c:\documents and settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\Setup.exe
c:\documents and settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\Setup.ico
c:\documents and settings\Todd\Local Settings\Application Data\assembly\tmp
c:\program files\CouponAlert_2pEI
c:\windows\dasetup.log
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_COUPONALERT_2PSERVICE
.
.
((((((((((((((((((((((((( Files Created from 2011-12-15 to 2012-01-15 )))))))))))))))))))))))))))))))
.
.
2012-01-15 00:39 . 2012-01-15 00:39 -------- d-----w- c:\windows\LastGood
2012-01-08 02:40 . 2012-01-08 02:40 -------- d-----w- c:\documents and settings\Todd\Local Settings\Application Data\uniMainClock
2011-12-31 02:26 . 2011-12-31 02:26 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-31 02:26 . 2011-12-31 02:26 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-31 02:26 . 2011-12-31 02:26 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-31 02:26 . 2011-12-31 02:26 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-12-29 20:45 . 2011-12-29 20:45 -------- d-----w- c:\program files\Yontoo
2011-12-29 18:32 . 2012-01-15 00:41 -------- d-----w- c:\documents and settings\Todd\Application Data\Dropbox
2011-12-20 01:39 . 2011-12-20 01:39 -------- d-----w- c:\program files\iPod
2011-12-20 01:39 . 2011-12-20 01:41 -------- d-----w- c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 21:24 . 2011-09-10 04:59 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-26 17:07 . 2011-10-11 03:45 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:25 . 2008-09-13 14:36 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:20 . 2004-08-24 01:32 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2002-08-29 11:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2002-08-29 11:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2008-09-13 14:38 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2008-09-13 14:37 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2008-09-13 14:36 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2008-09-13 14:36 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2008-09-13 14:36 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-24 20:29 . 2011-10-24 20:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 20:29 . 2011-10-24 20:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-18 11:13 . 2008-09-13 14:38 186880 ----a-w- c:\windows\system32\encdec.dll
2009-01-13 20:45 . 2010-01-21 04:12 81920 -c--a-w- c:\program files\Common Files\WIZ1x0SR_105SR_CFG.exe
2006-12-01 11:54 . 2010-01-21 04:12 626688 -c--a-w- c:\program files\Common Files\MSVCR80.dll
2011-12-31 02:26 . 2011-06-26 17:33 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-10_16.12.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-15 00:36 . 2012-01-15 00:36 16384 c:\windows\temp\Perflib_Perfdata_5f0.dat
- 2008-09-13 14:38 . 2011-07-08 13:49 46080 c:\windows\SYSTEM32\tzchange.exe
+ 2008-09-13 14:38 . 2011-11-08 13:46 46080 c:\windows\SYSTEM32\tzchange.exe
+ 2004-03-09 17:14 . 2011-11-11 14:06 71488 c:\windows\SYSTEM32\PERFC009.DAT
- 2004-03-09 17:14 . 2011-08-10 08:10 71488 c:\windows\SYSTEM32\PERFC009.DAT
+ 2002-08-29 11:00 . 2011-09-26 16:41 20480 c:\windows\SYSTEM32\oleaccrc.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 66560 c:\windows\SYSTEM32\mshtmled.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 66560 c:\windows\SYSTEM32\mshtmled.dll
+ 2006-11-08 03:03 . 2011-11-04 19:20 55296 c:\windows\SYSTEM32\msfeedsbs.dll
- 2006-11-08 03:03 . 2011-06-23 18:36 55296 c:\windows\SYSTEM32\msfeedsbs.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 25600 c:\windows\SYSTEM32\jsproxy.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 25600 c:\windows\SYSTEM32\jsproxy.dll
+ 2011-10-18 04:13 . 2011-05-10 13:06 42496 c:\windows\SYSTEM32\DRVSTORE\usbaapl_091115F4EDEB41DBA0EC91574CE905B4E0482482\usbaapl.sys
+ 2011-10-18 04:13 . 2011-05-10 13:06 18432 c:\windows\SYSTEM32\DRVSTORE\netaapl_63AA05C4700EB9CAF2D048DAC1D06D764A0D4C41\netaapl.sys
+ 2011-08-31 04:05 . 2011-08-31 04:05 73064 c:\windows\SYSTEM32\dnssd.dll
- 2011-07-12 16:20 . 2011-07-12 16:20 73064 c:\windows\SYSTEM32\dnssd.dll
- 2011-07-12 16:20 . 2011-07-12 16:20 83816 c:\windows\SYSTEM32\dns-sd.exe
+ 2011-08-31 04:05 . 2011-08-31 04:05 83816 c:\windows\SYSTEM32\dns-sd.exe
+ 2009-06-10 03:30 . 2011-11-04 19:20 12800 c:\windows\SYSTEM32\DLLCACHE\xpshims.dll
- 2009-06-10 03:30 . 2011-06-23 18:36 12800 c:\windows\SYSTEM32\DLLCACHE\xpshims.dll
+ 2002-08-29 11:00 . 2011-09-26 16:41 20480 c:\windows\SYSTEM32\DLLCACHE\oleaccrc.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 66560 c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 66560 c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
- 2007-05-09 02:22 . 2011-06-23 18:36 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
+ 2007-05-09 02:22 . 2011-11-04 19:20 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 43520 c:\windows\SYSTEM32\DLLCACHE\licmgr10.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 43520 c:\windows\SYSTEM32\DLLCACHE\licmgr10.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
- 2008-09-13 14:36 . 2011-04-26 11:07 33280 c:\windows\SYSTEM32\DLLCACHE\csrsrv.dll
+ 2008-09-13 14:36 . 2011-10-28 05:31 33280 c:\windows\SYSTEM32\DLLCACHE\csrsrv.dll
+ 2011-07-08 19:00 . 2011-07-08 19:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-09-23 20:55 . 2010-09-23 20:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-07-07 17:04 . 2011-07-07 17:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-09-23 07:26 . 2010-09-23 07:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-07-07 17:04 . 2011-07-07 17:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-09-23 07:26 . 2010-09-23 07:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-07-07 17:03 . 2011-07-07 17:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2010-09-23 07:26 . 2010-09-23 07:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-07-07 18:09 . 2011-07-07 18:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-09-23 08:17 . 2010-09-23 08:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-07-07 18:09 . 2011-07-07 18:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2010-09-23 08:17 . 2010-09-23 08:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-12-15 09:11 . 2011-12-15 09:11 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
- 2011-06-17 08:06 . 2011-06-17 08:06 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
+ 2008-07-11 00:27 . 2011-12-15 09:10 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-07-11 00:27 . 2011-06-17 08:09 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-07-11 00:27 . 2011-12-15 09:10 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-07-11 00:27 . 2011-06-17 08:09 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-07-11 00:27 . 2011-12-15 09:10 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-07-11 00:27 . 2011-06-17 08:09 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-06-04 08:01 . 2011-06-17 08:05 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-04 08:01 . 2011-10-12 08:14 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 12800 c:\windows\ie8updates\KB2586448-IE8\xpshims.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 66560 c:\windows\ie8updates\KB2586448-IE8\mshtmled.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 55296 c:\windows\ie8updates\KB2586448-IE8\msfeedsbs.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 43520 c:\windows\ie8updates\KB2586448-IE8\licmgr10.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 25600 c:\windows\ie8updates\KB2586448-IE8\jsproxy.dll
+ 2011-10-12 08:01 . 2011-10-12 08:01 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_50e16520\System.Drawing.Design.dll
+ 2011-10-12 08:01 . 2011-10-12 08:01 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_8f676846\CustomMarshalers.dll
+ 2011-10-12 08:17 . 2011-10-12 08:17 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\888b745ca99d39692c2e9af222e5eae8\UIAutomationProvider.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\6c334564da041df8fb75415f2d503224\System.Windows.Presentation.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a54a122f1070ab71931dd9679ddd8e90\System.Web.DynamicData.Design.ni.dll
+ 2011-10-12 08:21 . 2011-10-12 08:21 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-12 08:21 . 2011-10-12 08:21 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll
+ 2011-10-12 08:15 . 2011-10-12 08:15 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\66873b557d5c7013e4c630361473b0c2\PresentationFontCache.ni.exe
+ 2011-10-12 08:14 . 2011-10-12 08:14 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5b30652a7b802199984f93b5e414260f\PresentationCFFRasterizer.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\eaa8d72317e5b8047e413939cc71ffba\Microsoft.Vsa.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a140509b1342934fc5e58ae22ac9696c\Microsoft.VisualC.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll
+ 2011-10-12 08:21 . 2011-10-12 08:21 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe
+ 2011-10-12 08:18 . 2011-10-12 08:18 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-12 08:01 . 2011-10-12 08:01 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-07 23:21 . 2010-10-07 23:21 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-15 09:04 . 2011-07-08 13:49 46080 c:\windows\$NtUninstallKB2633952$\tzchange.exe
+ 2011-12-15 09:04 . 2011-11-08 14:58 16896 c:\windows\$NtUninstallKB2633952$\spuninst\tzchange.dll
+ 2011-12-15 09:03 . 2011-04-26 11:07 33280 c:\windows\$NtUninstallKB2620712$\csrsrv.dll
+ 2011-10-12 08:12 . 2002-08-29 11:00 16896 c:\windows\$NtUninstallKB2564958$\oleaccrc.dll
+ 2011-11-11 09:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2641690\update\spcustom.dll
+ 2011-11-11 09:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2641690\spmsg.dll
+ 2011-12-15 09:10 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2639417\update\spcustom.dll
+ 2011-12-15 09:10 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2639417\spmsg.dll
+ 2011-12-15 09:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2633171\update\spcustom.dll
+ 2011-12-14 22:23 . 2011-10-26 10:50 16896 c:\windows\$hf_mig$\KB2633171\update\mpsyschk.dll
+ 2011-12-15 09:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2633171\spmsg.dll
+ 2011-12-15 09:10 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2624667\update\spcustom.dll
+ 2011-12-15 09:10 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2624667\spmsg.dll
+ 2011-12-15 09:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2620712\update\spcustom.dll
+ 2011-12-15 09:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2620712\spmsg.dll
+ 2011-10-28 05:31 . 2011-10-28 05:31 33280 c:\windows\$hf_mig$\KB2620712\SP3QFE\csrsrv.dll
+ 2011-12-15 09:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2619339\update\spcustom.dll
+ 2011-12-15 09:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2619339\spmsg.dll
+ 2011-12-15 09:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2618451\update\spcustom.dll
+ 2011-12-15 09:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2618451\spmsg.dll
+ 2011-12-15 09:09 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2618444-IE8\update\spcustom.dll
+ 2011-12-15 09:09 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2618444-IE8\spmsg.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 12800 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\xpshims.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 66560 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtmled.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 55296 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\msfeedsbs.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 43520 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\licmgr10.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 25600 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\jsproxy.dll
+ 2011-09-16 08:07 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2616676\update\spcustom.dll
+ 2011-09-16 08:07 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2616676\spmsg.dll
+ 2011-10-12 08:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2592799\update\spcustom.dll
+ 2011-10-12 08:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2592799\spmsg.dll
+ 2011-10-12 08:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2586448-IE8\update\spcustom.dll
+ 2011-10-12 08:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2586448-IE8\spmsg.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 12800 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\xpshims.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 66560 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtmled.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 55296 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\msfeedsbs.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 43520 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\licmgr10.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 25600 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\jsproxy.dll
+ 2011-09-16 08:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570947\update\spcustom.dll
+ 2011-09-16 08:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570947\spmsg.dll
+ 2011-10-12 08:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2567053\update\spcustom.dll
+ 2011-10-12 08:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2567053\spmsg.dll
+ 2011-11-09 09:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893-v2\update\spcustom.dll
+ 2011-11-09 09:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893-v2\spmsg.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-05-14 06:17 . 2011-05-14 06:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 06:12 . 2011-05-14 06:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 06:11 . 2011-05-14 06:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 105984 c:\windows\SYSTEM32\url.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 105984 c:\windows\SYSTEM32\url.dll
+ 2008-07-30 00:59 . 2011-09-26 16:41 611328 c:\windows\SYSTEM32\uiautomationcore.dll
+ 2004-03-09 17:14 . 2011-11-11 14:06 441552 c:\windows\SYSTEM32\PERFH009.DAT
- 2004-03-09 17:14 . 2011-08-10 08:10 441552 c:\windows\SYSTEM32\PERFH009.DAT
+ 2002-08-29 11:00 . 2011-09-26 16:41 220160 c:\windows\SYSTEM32\oleacc.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 206848 c:\windows\SYSTEM32\occache.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 206848 c:\windows\SYSTEM32\occache.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 611840 c:\windows\SYSTEM32\mstime.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 611840 c:\windows\SYSTEM32\mstime.dll
+ 2006-11-08 03:03 . 2011-11-04 19:20 602112 c:\windows\SYSTEM32\msfeeds.dll
- 2006-11-08 03:03 . 2011-06-23 18:36 602112 c:\windows\SYSTEM32\msfeeds.dll
+ 2011-11-26 17:07 . 2011-11-26 17:07 247968 c:\windows\SYSTEM32\Macromed\Flash\FlashUtil11e_Plugin.exe
+ 2011-10-11 03:45 . 2011-10-11 03:45 247968 c:\windows\SYSTEM32\Macromed\Flash\FlashUtil11c_Plugin.exe
- 2008-09-13 14:37 . 2011-05-02 15:31 692736 c:\windows\SYSTEM32\inetcomm.dll
+ 2008-09-13 14:37 . 2011-10-10 14:22 692736 c:\windows\SYSTEM32\inetcomm.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 184320 c:\windows\SYSTEM32\iepeers.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 184320 c:\windows\SYSTEM32\iepeers.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 387584 c:\windows\SYSTEM32\iedkcs32.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 387584 c:\windows\SYSTEM32\iedkcs32.dll
+ 2002-08-29 11:00 . 2011-11-04 11:24 174080 c:\windows\SYSTEM32\ie4uinit.exe
+ 2002-09-03 15:05 . 2011-12-15 09:27 306008 c:\windows\SYSTEM32\FNTCACHE.DAT
- 2002-09-03 15:05 . 2011-07-13 08:22 306008 c:\windows\SYSTEM32\FNTCACHE.DAT
- 2008-09-13 14:36 . 2011-02-16 13:22 138496 c:\windows\SYSTEM32\DRIVERS\afd.sys
+ 2008-09-13 14:36 . 2011-08-17 13:49 138496 c:\windows\SYSTEM32\DRIVERS\afd.sys
+ 2004-08-24 01:32 . 2011-11-04 19:20 916992 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 105984 c:\windows\SYSTEM32\DLLCACHE\url.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 105984 c:\windows\SYSTEM32\DLLCACHE\url.dll
+ 2002-08-29 11:00 . 2011-09-26 16:41 220160 c:\windows\SYSTEM32\DLLCACHE\oleacc.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 206848 c:\windows\SYSTEM32\DLLCACHE\occache.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 206848 c:\windows\SYSTEM32\DLLCACHE\occache.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 611840 c:\windows\SYSTEM32\DLLCACHE\mstime.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 611840 c:\windows\SYSTEM32\DLLCACHE\mstime.dll
- 2007-05-09 02:22 . 2011-06-23 18:36 602112 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
+ 2007-05-09 02:22 . 2011-11-04 19:20 602112 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
+ 2008-09-13 14:37 . 2011-10-10 14:22 692736 c:\windows\SYSTEM32\DLLCACHE\inetcomm.dll
- 2008-09-13 14:37 . 2011-05-02 15:31 692736 c:\windows\SYSTEM32\DLLCACHE\inetcomm.dll
- 2009-06-10 03:30 . 2011-06-23 18:36 247808 c:\windows\SYSTEM32\DLLCACHE\ieproxy.dll
+ 2009-06-10 03:30 . 2011-11-04 19:20 247808 c:\windows\SYSTEM32\DLLCACHE\ieproxy.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 184320 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 184320 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll
+ 2010-06-11 18:50 . 2011-11-04 19:20 743424 c:\windows\SYSTEM32\DLLCACHE\iedvtool.dll
- 2010-06-11 18:50 . 2011-06-23 18:36 743424 c:\windows\SYSTEM32\DLLCACHE\iedvtool.dll
- 2002-08-29 11:00 . 2011-06-23 18:36 387584 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
+ 2002-08-29 11:00 . 2011-11-04 19:20 387584 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
+ 2002-08-29 11:00 . 2011-11-04 11:24 174080 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
- 2008-09-13 14:38 . 2011-02-09 13:53 186880 c:\windows\SYSTEM32\DLLCACHE\encdec.dll
+ 2008-09-13 14:38 . 2011-10-18 11:13 186880 c:\windows\SYSTEM32\DLLCACHE\encdec.dll
+ 2008-09-13 14:37 . 2011-09-28 07:06 599040 c:\windows\SYSTEM32\DLLCACHE\crypt32.dll
- 2008-09-13 14:37 . 2011-09-03 10:17 599040 c:\windows\SYSTEM32\DLLCACHE\crypt32.dll
- 2008-09-13 14:36 . 2011-02-16 13:22 138496 c:\windows\SYSTEM32\DLLCACHE\afd.sys
+ 2008-09-13 14:36 . 2011-08-17 13:49 138496 c:\windows\SYSTEM32\DLLCACHE\afd.sys
- 2008-09-13 14:37 . 2011-09-03 10:17 599040 c:\windows\SYSTEM32\crypt32.dll
+ 2008-09-13 14:37 . 2011-09-28 07:06 599040 c:\windows\SYSTEM32\crypt32.dll
- 2011-03-25 11:15 . 2011-03-25 11:15 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-07-07 10:18 . 2011-07-07 10:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-03-25 11:15 . 2011-03-25 11:15 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 10:18 . 2011-07-07 10:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 17:04 . 2011-07-07 17:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 07:26 . 2010-09-23 07:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 07:25 . 2010-09-23 07:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-07-07 17:01 . 2011-07-07 17:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-09-23 08:17 . 2010-09-23 08:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-07-07 18:09 . 2011-07-07 18:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-12-06 01:26 . 2011-12-06 01:26 897024 c:\windows\Installer\{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}\SafariIco.exe
+ 2011-12-20 01:41 . 2011-12-20 01:41 380928 c:\windows\Installer\{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}\iTunesIco.exe
+ 2008-07-11 00:27 . 2011-12-15 09:10 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-07-11 00:27 . 2011-06-17 08:09 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-07-11 00:27 . 2011-12-15 09:10 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
- 2008-07-11 00:27 . 2011-06-17 08:09 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
- 2008-07-11 00:27 . 2011-06-17 08:09 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
+ 2008-07-11 00:27 . 2011-12-15 09:10 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
+ 2008-07-11 00:27 . 2011-12-15 09:10 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
- 2008-07-11 00:27 . 2011-06-17 08:09 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-01-14 12:10 . 2011-01-14 12:10 155520 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD6.DLL
+ 2011-01-14 12:10 . 2011-01-14 12:10 140160 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL2.DLL
+ 2011-12-15 09:09 . 2011-08-22 23:48 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2011-12-15 09:09 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2011-12-15 09:09 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2011-12-15 09:09 . 2011-08-22 23:48 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2011-12-15 09:09 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2011-10-12 08:04 . 2011-06-23 18:36 916480 c:\windows\ie8updates\KB2586448-IE8\wininet.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 105984 c:\windows\ie8updates\KB2586448-IE8\url.dll
+ 2011-10-12 08:04 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll
+ 2011-10-12 08:04 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe
+ 2011-10-12 08:04 . 2011-06-23 18:36 206848 c:\windows\ie8updates\KB2586448-IE8\occache.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 611840 c:\windows\ie8updates\KB2586448-IE8\mstime.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 602112 c:\windows\ie8updates\KB2586448-IE8\msfeeds.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 247808 c:\windows\ie8updates\KB2586448-IE8\ieproxy.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 184320 c:\windows\ie8updates\KB2586448-IE8\iepeers.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 743424 c:\windows\ie8updates\KB2586448-IE8\iedvtool.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 387584 c:\windows\ie8updates\KB2586448-IE8\iedkcs32.dll
+ 2011-10-12 08:04 . 2011-06-23 12:05 173568 c:\windows\ie8updates\KB2586448-IE8\ie4uinit.exe
+ 2011-10-12 08:02 . 2011-10-12 08:02 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_c4983c1f\System.Drawing.dll
+ 2011-10-12 08:02 . 2011-10-12 08:02 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_47a49ed6\System.Drawing.Design.dll
+ 2011-10-12 08:02 . 2011-10-12 08:02 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_0c51b37c\CustomMarshalers.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe
+ 2011-10-12 08:17 . 2011-10-12 08:17 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a2c1bb3c5b1447b398e72c56091ca571\WindowsFormsIntegration.ni.dll
+ 2011-10-12 08:17 . 2011-10-12 08:17 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f102afdffdbe2565bcedb7fa0626b865\UIAutomationTypes.ni.dll
+ 2011-10-12 08:17 . 2011-10-12 08:17 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\ba55240b7753047f8d1b03ef473bf74e\UIAutomationClient.ni.dll
+ 2011-10-12 08:23 . 2011-10-12 08:23 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3533d614ebecd4344efbee619dd11a74\System.Web.Routing.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d93514a764a83b18f6f3547b59cc8ae9\System.Web.Extensions.Design.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\93b5d1b77a74b76ac73cbf51ec871c01\System.Web.Entity.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d06a7d5872bbe85795f947f6c75d38c6\System.Web.Entity.Design.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ad0851438a18bf730d974c9b2f5f776a\System.Web.DynamicData.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\36bf3d5f05a40c9e3cadca5789c8a469\System.Runtime.Remoting.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\b2a84980f206431821d85d5155d5916f\System.Net.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\f36eded354122da9555a6c7cdbdb5431\System.Management.Instrumentation.ni.dll
+ 2011-10-12 08:18 . 2011-10-12 08:18 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll
+ 2011-10-12 08:18 . 2011-10-12 08:18 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
+ 2011-10-12 08:16 . 2011-10-12 08:16 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca06e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11cdd1c0d65428cd3505d3813d36638c\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3f179f373f31817a914b639a56cc0497\System.Data.Services.Design.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\fee1a48b769a8c4beb335ee5ce006091\System.Data.Entity.Design.ni.dll
+ 2011-10-12 08:21 . 2011-10-12 08:21 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\b9d9ff5d03e90ede1116794f2c7dd6da\System.Data.DataSetExtensions.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll
+ 2011-10-12 08:21 . 2011-10-12 08:21 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3048737e9e3bf5173121a084337256bc\System.AddIn.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe
+ 2011-10-12 08:20 . 2011-10-12 08:20 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe
+ 2011-10-12 08:15 . 2011-10-12 08:15 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c2ebcc8d60422f224b4088f3d7a2ac1f\PresentationFramework.Luna.ni.dll
+ 2011-10-12 08:15 . 2011-10-12 08:15 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94cfc00ad448575bfb0e67c53b514cd5\PresentationFramework.Aero.ni.dll
+ 2011-10-12 08:15 . 2011-10-12 08:15 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\478d57d96f3d8d5fc15c7ac635a4a6a1\PresentationFramework.Classic.ni.dll
+ 2011-10-12 08:15 . 2011-10-12 08:15 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\23c5852ff8ed973ff9b63ce9ba7f91f0\PresentationFramework.Royale.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe
+ 2011-10-12 08:20 . 2011-10-12 08:20 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 411648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\da3be42e87131f147bf55c35a4d1e17e\Microsoft.MapPoint.Network.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 434176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\d137fda2930fa44f4bb690196497ee8b\Microsoft.MapPoint.Data.CompactMapFile.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 438272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\b795888ec77d41a0210502e0c6982414\Microsoft.MapPoint.MapControl3D.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 344064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\a888bb95795ee53b7dcb067f0d26dec3\Microsoft.MapPoint.Utility.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 766976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\93b1cccb9a0e08e5ca3b3d27f00f04fa\Microsoft.MapPoint.Data.VirtualEarthTileDataSource.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 472064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\5fbb37ffbc2cee432475ba6c80030bfe\Microsoft.MapPoint.Rendering3D.Utility.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 340992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\3eabacb7444dbf92bd68cf6bd1d7b4af\Microsoft.MapPoint.UtilityPartialTrust.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 840192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\348982b5ccfa4c973de0f668ef4bdade\Microsoft.MapPoint.Geometry.ni.dll
+ 2011-10-12 08:21 . 2011-10-12 08:21 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll
+ 2011-10-12 08:21 . 2011-10-12 08:21 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\47ff0720cb80a0fc0bbd15ddc3d12adc\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\dc278e1123086ae32fec8f7e9751db14\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe
+ 2011-10-12 08:18 . 2011-10-12 08:18 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-12-15 09:10 . 2011-12-15 09:10 350080 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2011-11-11 09:02 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2641690$\spuninst\updspapi.dll
+ 2011-11-11 09:02 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2641690$\spuninst\spuninst.exe
+ 2011-11-11 09:02 . 2011-09-09 09:12 599040 c:\windows\$NtUninstallKB2641690$\crypt32.dll
+ 2011-12-15 09:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2639417$\spuninst\updspapi.dll
+ 2011-12-15 09:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2639417$\spuninst\spuninst.exe
+ 2011-12-15 09:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2633952$\spuninst\updspapi.dll
+ 2011-12-15 09:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2633952$\spuninst\spuninst.exe
+ 2011-12-15 09:02 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2633171$\spuninst\updspapi.dll
+ 2011-12-15 09:02 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2633171$\spuninst\spuninst.exe
+ 2011-12-15 09:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2624667$\spuninst\updspapi.dll
+ 2011-12-15 09:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2624667$\spuninst\spuninst.exe
+ 2011-12-15 09:03 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2620712$\spuninst\updspapi.dll
+ 2011-12-15 09:03 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2620712$\spuninst\spuninst.exe
+ 2011-12-15 09:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2619339$\spuninst\updspapi.dll
+ 2011-12-15 09:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2619339$\spuninst\spuninst.exe
+ 2011-12-15 09:04 . 2011-02-09 13:53 186880 c:\windows\$NtUninstallKB2619339$\encdec.dll
+ 2011-12-15 09:03 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2618451$\spuninst\updspapi.dll
+ 2011-12-15 09:03 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2618451$\spuninst\spuninst.exe
+ 2011-09-16 08:07 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2616676$\spuninst\updspapi.dll
+ 2011-09-16 08:07 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2616676$\spuninst\spuninst.exe
+ 2011-09-16 08:07 . 2011-09-03 10:17 599040 c:\windows\$NtUninstallKB2616676$\crypt32.dll
+ 2011-10-12 08:05 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2592799$\spuninst\updspapi.dll
+ 2011-10-12 08:05 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2592799$\spuninst\spuninst.exe
+ 2011-10-12 08:05 . 2011-02-16 13:22 138496 c:\windows\$NtUninstallKB2592799$\afd.sys
+ 2011-09-16 08:03 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570947$\spuninst\updspapi.dll
+ 2011-09-16 08:03 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570947$\spuninst\spuninst.exe
+ 2011-10-12 08:05 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2567053$\spuninst\updspapi.dll
+ 2011-10-12 08:05 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2567053$\spuninst\spuninst.exe
+ 2011-10-12 08:12 . 2008-07-30 00:59 161296 c:\windows\$NtUninstallKB2564958$\uiautomationcore.dll
+ 2011-10-12 08:12 . 2011-08-12 18:51 382840 c:\windows\$NtUninstallKB2564958$\spuninst\updspapi.dll
+ 2011-10-12 08:12 . 2011-08-12 18:51 231288 c:\windows\$NtUninstallKB2564958$\spuninst\spuninst.exe
+ 2011-10-12 08:12 . 2002-08-29 11:00 163328 c:\windows\$NtUninstallKB2564958$\oleacc.dll
+ 2011-11-09 09:05 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2544893-v2$\spuninst\updspapi.dll
+ 2011-11-09 09:05 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe
+ 2011-11-09 09:05 . 2011-05-02 15:31 692736 c:\windows\$NtUninstallKB2544893-v2$\inetcomm.dll
+ 2011-11-11 09:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2641690\update\updspapi.dll
+ 2011-11-11 09:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2641690\update\update.exe
+ 2011-11-11 09:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2641690\spuninst.exe
+ 2011-09-28 07:05 . 2011-09-28 07:05 599552 c:\windows\$hf_mig$\KB2641690\SP3QFE\crypt32.dll
+ 2011-12-15 09:10 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2639417\update\updspapi.dll
+ 2011-12-15 09:10 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2639417\update\update.exe
+ 2011-12-15 09:10 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2639417\spuninst.exe
+ 2011-12-15 09:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2633171\update\updspapi.dll
+ 2011-12-15 09:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2633171\update\update.exe
+ 2011-12-15 09:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2633171\spuninst.exe
+ 2011-12-15 09:10 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2624667\update\updspapi.dll
+ 2011-12-15 09:10 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2624667\update\update.exe
+ 2011-12-15 09:10 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2624667\spuninst.exe
+ 2011-12-15 09:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2620712\update\updspapi.dll
+ 2011-12-15 09:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2620712\update\update.exe
+ 2011-12-15 09:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2620712\spuninst.exe
+ 2011-12-15 09:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2619339\update\updspapi.dll
+ 2011-12-15 09:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2619339\update\update.exe
+ 2011-12-15 09:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2619339\spuninst.exe
+ 2011-10-18 11:12 . 2011-10-18 11:12 186880 c:\windows\$hf_mig$\KB2619339\SP3QFE\encdec.dll
+ 2011-12-15 09:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2618451\update\updspapi.dll
+ 2011-12-15 09:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2618451\update\update.exe
+ 2011-12-15 09:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2618451\spuninst.exe
+ 2011-12-15 09:09 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2618444-IE8\update\updspapi.dll
+ 2011-12-15 09:09 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2618444-IE8\update\update.exe
+ 2011-12-15 09:09 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2618444-IE8\spuninst.exe
+ 2011-12-14 22:22 . 2011-11-04 19:19 919552 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 105984 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\url.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 206848 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\occache.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 611840 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mstime.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 602112 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\msfeeds.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 247808 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ieproxy.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 184320 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iepeers.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 743424 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iedvtool.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 387584 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iedkcs32.dll
+ 2011-12-14 22:22 . 2011-10-25 12:01 174080 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ie4uinit.exe
+ 2011-09-16 08:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2616676\update\updspapi.dll
+ 2011-09-16 08:07 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2616676\update\update.exe
+ 2011-09-16 08:07 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2616676\spuninst.exe
+ 2011-09-09 09:11 . 2011-09-09 09:11 599552 c:\windows\$hf_mig$\KB2616676\SP3QFE\crypt32.dll
+ 2011-10-12 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2592799\update\updspapi.dll
+ 2011-10-12 08:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2592799\update\update.exe
+ 2011-10-12 08:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2592799\spuninst.exe
+ 2011-10-12 05:39 . 2011-08-17 13:41 138496 c:\windows\$hf_mig$\KB2592799\SP3QFE\afd.sys
+ 2011-10-12 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2586448-IE8\update\updspapi.dll
+ 2011-10-12 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2586448-IE8\update\update.exe
+ 2011-10-12 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2586448-IE8\spuninst.exe
+ 2011-10-12 05:39 . 2011-08-22 23:47 919552 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 105984 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\url.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 206848 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\occache.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 611840 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mstime.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 602112 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\msfeeds.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 247808 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieproxy.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 184320 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iepeers.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 743424 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iedvtool.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 387584 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iedkcs32.dll
+ 2011-10-12 05:39 . 2011-08-22 11:52 174080 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ie4uinit.exe
+ 2011-09-16 08:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570947\update\updspapi.dll
+ 2011-09-16 08:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570947\update\update.exe
+ 2011-09-16 08:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570947\spuninst.exe
+ 2011-10-12 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567053\update\updspapi.dll
+ 2011-10-12 08:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567053\update\update.exe
+ 2011-10-12 08:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567053\spuninst.exe
+ 2011-11-09 09:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893-v2\update\updspapi.dll
+ 2011-11-09 09:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893-v2\update\update.exe
+ 2011-11-09 09:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893-v2\spuninst.exe
+ 2011-10-10 14:21 . 2011-10-10 14:21 692736 c:\windows\$hf_mig$\KB2544893-v2\SP3QFE\inetcomm.dll
- 2004-09-23 22:08 . 2011-06-23 18:36 1212416 c:\windows\SYSTEM32\urlmon.dll
+ 2004-09-23 22:08 . 2011-11-04 19:20 1212416 c:\windows\SYSTEM32\urlmon.dll
+ 2004-09-29 05:57 . 2011-11-04 19:20 5978112 c:\windows\SYSTEM32\mshtml.dll
+ 2010-01-27 01:07 . 2011-11-26 17:07 8527008 c:\windows\SYSTEM32\Macromed\Flash\NPSWF32.dll
+ 2006-10-17 17:57 . 2011-11-04 19:20 2000384 c:\windows\SYSTEM32\iertutil.dll
+ 2011-10-18 04:13 . 2011-05-10 13:06 4517664 c:\windows\SYSTEM32\DRVSTORE\usbaapl_091115F4EDEB41DBA0EC91574CE905B4E0482482\usbaaplrc.dll
+ 2011-10-18 04:13 . 2010-04-20 01:29 1461992 c:\windows\SYSTEM32\DRVSTORE\netaapl_63AA05C4700EB9CAF2D048DAC1D06D764A0D4C41\wdfcoinstaller01009.dll
+ 2008-09-13 14:36 . 2011-11-23 13:25 1859584 c:\windows\SYSTEM32\DLLCACHE\win32k.sys
- 2004-09-23 22:08 . 2011-06-23 18:36 1212416 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
+ 2004-09-23 22:08 . 2011-11-04 19:20 1212416 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
+ 2008-09-13 14:37 . 2011-11-01 16:07 1288704 c:\windows\SYSTEM32\DLLCACHE\ole32.dll
+ 2008-10-15 11:55 . 2011-10-25 13:33 2192768 c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
- 2008-10-15 11:55 . 2010-12-09 13:38 2192768 c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
- 2008-09-13 14:36 . 2010-12-09 13:07 2027008 c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe
+ 2008-09-13 14:36 . 2011-10-25 12:52 2027008 c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe
+ 2008-10-15 11:55 . 2011-10-25 12:52 2069376 c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
- 2008-10-15 11:55 . 2010-12-09 13:07 2069376 c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
- 2008-09-13 14:36 . 2010-12-09 13:42 2148864 c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe
+ 2008-09-13 14:36 . 2011-10-25 13:37 2148864 c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe
+ 2004-09-29 05:57 . 2011-11-04 19:20 5978112 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
+ 2007-05-09 02:22 . 2011-11-04 19:20 2000384 c:\windows\SYSTEM32\DLLCACHE\iertutil.dll
- 2011-03-25 11:15 . 2011-03-25 11:15 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-07-07 10:18 . 2011-07-07 10:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-03-25 11:15 . 2011-03-25 11:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-07-07 10:18 . 2011-07-07 10:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-07-08 18:59 . 2011-07-08 18:59 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-09-23 20:55 . 2010-09-23 20:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-09-23 20:55 . 2010-09-23 20:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-07-08 18:59 . 2011-07-08 18:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 07:26 . 2010-09-23 07:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 17:02 . 2011-07-07 17:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 17:02 . 2011-07-07 17:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2010-09-23 20:55 . 2010-09-23 20:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-07-08 18:59 . 2011-07-08 18:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-09-07 23:36 . 2011-09-07 23:36 6069248 c:\windows\Installer\f9f94e.msp
+ 2011-12-20 01:41 . 2011-12-20 01:41 5651456 c:\windows\Installer\6c92d98.msi
+ 2011-12-13 07:10 . 2011-12-13 07:10 4703232 c:\windows\Installer\6b4b87.msp
+ 2011-12-06 01:30 . 2011-12-06 01:30 9474048 c:\windows\Installer\304c76ee.msi
+ 2011-12-06 01:26 . 2011-12-06 01:26 3470848 c:\windows\Installer\304c743e.msi
+ 2011-12-06 01:25 . 2011-12-06 01:25 1530368 c:\windows\Installer\304c7412.msi
+ 2011-11-01 19:34 . 2011-11-01 19:34 1552384 c:\windows\Installer\252aff83.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 4250112 c:\windows\Installer\252aff7b.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 2247168 c:\windows\Installer\252aff64.msp
+ 2011-11-11 22:14 . 2011-11-11 22:14 9096192 c:\windows\Installer\252aff53.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 2531840 c:\windows\Installer\252aff34.msp
+ 2011-11-11 22:15 . 2011-11-11 22:15 1795584 c:\windows\Installer\252aff2c.msp
+ 2011-11-11 22:16 . 2011-11-11 22:16 8458240 c:\windows\Installer\252aff1b.msp
+ 2011-08-10 22:43 . 2011-08-10 22:43 3795968 c:\windows\Installer\2002e501.msp
+ 2011-09-07 02:46 . 2011-09-07 02:46 9006080 c:\windows\Installer\2002e4f9.msp
+ 2011-08-10 22:42 . 2011-08-10 22:42 7070208 c:\windows\Installer\2002e4da.msp
+ 2011-07-21 17:34 . 2011-07-21 17:34 3456000 c:\windows\Installer\2002e4d3.msp
+ 2011-09-07 02:48 . 2011-09-07 02:48 8181248 c:\windows\Installer\2002e4c8.msp
+ 2011-07-27 12:39 . 2011-07-27 12:39 9892352 c:\windows\Installer\2002e4a9.msp
+ 2011-10-25 02:23 . 2011-10-25 02:23 1709568 c:\windows\Installer\1f588bba.msi
+ 2011-10-18 04:12 . 2011-10-18 04:12 2002432 c:\windows\Installer\1e135fb3.msi
+ 2011-11-15 02:09 . 2011-11-15 02:09 1717248 c:\windows\Installer\13224e92.msi
+ 2008-07-11 00:27 . 2011-12-15 09:10 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-07-11 00:27 . 2011-06-17 08:09 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-01-14 12:10 . 2011-01-14 12:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD.DLL
+ 2011-01-14 12:10 . 2011-01-14 12:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKPOWERPOINT.DLL
+ 2011-01-14 12:10 . 2011-01-14 12:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL.DLL
+ 2009-04-03 02:44 . 2009-04-03 02:44 2532224 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\GRAPH.EXE
+ 2011-12-15 09:09 . 2011-08-22 23:48 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2011-12-15 09:09 . 2011-10-03 08:35 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2011-12-15 09:09 . 2011-08-22 23:48 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 1212416 c:\windows\ie8updates\KB2586448-IE8\urlmon.dll
+ 2011-10-12 08:04 . 2011-07-25 15:17 5969920 c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 1991680 c:\windows\ie8updates\KB2586448-IE8\iertutil.dll
+ 2008-10-15 11:55 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\I386\ntoskrnl.exe
- 2008-10-15 11:55 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\I386\ntoskrnl.exe
- 2008-10-15 11:55 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\I386\ntkrpamp.exe
+ 2008-10-15 11:55 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\I386\ntkrpamp.exe
+ 2008-10-15 11:55 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\I386\ntkrnlpa.exe
- 2008-10-15 11:55 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\I386\ntkrnlpa.exe
+ 2008-10-15 11:55 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\I386\ntkrnlmp.exe
- 2008-10-15 11:55 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\I386\ntkrnlmp.exe
+ 2011-10-12 08:02 . 2011-10-12 08:02 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_fcffa327\System.dll
+ 2011-10-12 08:01 . 2011-10-12 08:01 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_15648980\System.dll
+ 2011-10-12 08:01 . 2011-10-12 08:01 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_e8c2244c\System.Xml.dll
+ 2011-10-12 08:02 . 2011-10-12 08:02 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_dd707271\System.Xml.dll
+ 2011-10-12 08:01 . 2011-10-12 08:01 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_6afa0b72\System.Windows.Forms.dll
+ 2011-10-12 08:02 . 2011-10-12 08:02 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_36fe79c1\System.Windows.Forms.dll
+ 2011-10-12 08:02 . 2011-10-12 08:02 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_6b211ca2\System.Drawing.dll
+ 2011-10-12 08:02 . 2011-10-12 08:02 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_db6631bf\System.Design.dll
+ 2011-10-12 08:02 . 2011-10-12 08:02 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_15c5914a\System.Design.dll
+ 2011-10-12 08:02 . 2011-10-12 08:02 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_da93351a\mscorlib.dll
+ 2011-10-12 08:02 . 2011-10-12 08:02 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_8e0ab3a6\mscorlib.dll
+ 2011-10-12 08:14 . 2011-10-12 08:14 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll
+ 2011-10-12 08:17 . 2011-10-12 08:17 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\55d4813580b1e5d268ff0564942cee9c\UIAutomationClientsideProviders.ni.dll
+ 2011-10-12 08:14 . 2011-10-12 08:14 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
+ 2011-10-12 08:17 . 2011-10-12 08:17 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
+ 2011-10-12 08:23 . 2011-10-12 08:23 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\17902fdb0e0d3bc8b49bce693415fe7e\System.WorkflowServices.ni.dll
+ 2011-10-12 08:23 . 2011-10-12 08:23 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f72c5f649951b0403e62bfab6c453e6f\System.Workflow.Runtime.ni.dll
+ 2011-10-12 08:23 . 2011-10-12 08:23 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0aa4f4174204c93cc5181df4a6b2fb09\System.Workflow.ComponentModel.ni.dll
+ 2011-10-12 08:23 . 2011-10-12 08:23 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\921629dc69a5a895101097c88ae67897\System.Workflow.Activities.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ccaf6bdd256a9b5079fedadcc8993327\System.Web.Extensions.ni.dll
+ 2011-10-12 08:16 . 2011-10-12 08:16 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\10d7daa3d1e62a0e40587cdc707be93f\System.Speech.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9ec7da53380a754b4ad97709df0dd7e7\System.ServiceModel.Web.ni.dll
+ 2011-10-12 08:18 . 2011-10-12 08:18 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
+ 2011-10-12 08:16 . 2011-10-12 08:16 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\0f8e14bfdb27645fb1a92ce26f9bf521\System.Printing.ni.dll
+ 2011-10-12 08:18 . 2011-10-12 08:18 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll
+ 2011-10-12 08:16 . 2011-10-12 08:16 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
+ 2011-10-12 08:16 . 2011-10-12 08:16 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\541142d8742e6e88f1e729fafee04e71\System.Data.Services.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\5d5aa4b926ae422607ea833d934665c2\System.Data.OracleClient.ni.dll
+ 2011-10-12 08:16 . 2011-10-12 08:16 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\d96a94076acb8e0c5a96a1b2de4b3a7a\System.Data.Linq.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\a3ce22c2a84fdcb008d72d230ee0b2c0\System.Data.Entity.ni.dll
+ 2011-10-12 08:16 . 2011-10-12 08:16 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll
+ 2011-10-12 08:15 . 2011-10-12 08:15 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\714e9504255565bd9076fe13628e104a\ReachFramework.ni.dll
+ 2011-10-12 08:15 . 2011-10-12 08:15 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7dc6ee14234b0686182ced75f7dae990\PresentationUI.ni.dll
+ 2011-10-12 08:14 . 2011-10-12 08:14 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b42ad515bb20ec1f1250c040371c6730\PresentationBuildTasks.ni.dll
+ 2011-10-12 08:21 . 2011-10-12 08:21 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 2766336 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\f14552c2219907c0d41d62189b62951d\Microsoft.MapPoint.Graphics3D.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 1949184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\a8dec76ab839509f05df4066396978e0\Microsoft.MapPoint.Modeling.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 1217024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\6eca9984d00b5d55bac0203db2f72dbe\Microsoft.MapPoint.Data.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 1524224 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\6c6aab249f2f7e1f5ff60d670af95822\Microsoft.MapPoint.GraphicsAPI.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 1524736 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\46ce198e275b85130378e5f167b81ebf\Microsoft.MapPoint.Rendering3D.WorldMemoryDataSource.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 4082688 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\421065816964f8604a39d6a201eef933\Microsoft.MapPoint.Rendering3D.ni.dll
+ 2011-10-12 08:22 . 2011-10-12 08:22 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\8ad32b72258899177c07dc5912b5b748\Microsoft.JScript.ni.dll
+ 2011-10-12 08:21 . 2011-10-12 08:21 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll
+ 2011-10-12 08:21 . 2011-10-12 08:21 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\415cef6abab5bb959f200f6c537bc289\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-10-12 08:10 . 2011-10-12 08:10 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-08-10 08:09 . 2011-08-10 08:09 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-08-10 08:10 . 2011-08-10 08:10 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-10-12 08:11 . 2011-10-12 08:11 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-10-12 08:01 . 2011-10-12 08:01 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2010-10-07 23:21 . 2010-10-07 23:21 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-10-12 08:01 . 2011-10-12 08:01 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-07 23:21 . 2010-10-07 23:21 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-12-15 09:10 . 2011-09-06 13:20 1858944 c:\windows\$NtUninstallKB2639417$\win32k.sys
+ 2011-12-15 09:02 . 2010-12-09 13:42 2148864 c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
+ 2011-12-15 09:02 . 2010-12-09 13:07 2027008 c:\windows\$NtUninstallKB2633171$\ntkrpamp.exe
+ 2011-12-15 09:02 . 2010-12-09 13:07 2027008 c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
+ 2011-12-15 09:02 . 2010-12-09 13:42 2148864 c:\windows\$NtUninstallKB2633171$\ntkrnlmp.exe
+ 2011-12-15 09:10 . 2010-07-16 12:05 1288192 c:\windows\$NtUninstallKB2624667$\ole32.dll
+ 2011-10-12 08:05 . 2011-06-02 14:02 1858944 c:\windows\$NtUninstallKB2567053$\win32k.sys
+ 2011-11-23 13:29 . 2011-11-23 13:29 1868544 c:\windows\$hf_mig$\KB2639417\SP3QFE\win32k.sys
+ 2011-10-25 13:34 . 2011-10-25 13:34 2192768 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
+ 2011-10-25 12:52 . 2011-10-25 12:52 2027008 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrpamp.exe
+ 2011-10-25 12:52 . 2011-10-25 12:52 2069376 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
+ 2011-10-25 13:38 . 2011-10-25 13:38 2148864 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlmp.exe
+ 2011-11-01 16:05 . 2011-11-01 16:05 1289216 c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 1214464 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\urlmon.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 5978624 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
+ 2011-12-14 22:22 . 2011-11-04 19:19 2001408 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iertutil.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 1214464 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\urlmon.dll
+ 2011-10-12 05:39 . 2011-10-03 08:34 5972992 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 2001408 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iertutil.dll
+ 2011-09-06 13:25 . 2011-09-06 13:25 1867904 c:\windows\$hf_mig$\KB2567053\SP3QFE\win32k.sys
+ 2010-01-13 09:00 . 2011-12-15 09:06 52988224 c:\windows\SYSTEM32\MRT.exe
- 2006-11-08 03:03 . 2011-06-23 18:36 11081728 c:\windows\SYSTEM32\ieframe.dll
+ 2006-11-08 03:03 . 2011-11-04 19:20 11081728 c:\windows\SYSTEM32\ieframe.dll
- 2007-05-09 02:22 . 2011-06-23 18:36 11081728 c:\windows\SYSTEM32\DLLCACHE\ieframe.dll
+ 2007-05-09 02:22 . 2011-11-04 19:20 11081728 c:\windows\SYSTEM32\DLLCACHE\ieframe.dll
+ 2011-07-13 03:49 . 2011-07-13 03:49 11459584 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp
+ 2011-10-12 08:12 . 2011-10-12 08:12 20333568 c:\windows\Installer\3a8a3e40.msp
+ 2011-07-12 01:43 . 2011-07-12 01:43 11641344 c:\windows\Installer\3a8a3e35.msp
+ 2011-07-12 20:50 . 2011-07-12 20:50 17555968 c:\windows\Installer\3a8a3e2c.msp
+ 2011-12-15 09:09 . 2011-08-23 22:48 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2011-10-12 08:04 . 2011-06-23 18:36 11081728 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll
+ 2011-10-12 08:16 . 2011-10-12 08:16 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
+ 2011-10-12 08:20 . 2011-10-12 08:20 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
+ 2011-10-12 08:19 . 2011-10-12 08:19 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll
+ 2011-10-12 08:16 . 2011-10-12 08:16 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b7e3e46b32176f76558\System.Design.ni.dll
+ 2011-10-12 08:15 . 2011-10-12 08:15 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll
+ 2011-10-12 08:15 . 2011-10-12 08:15 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll
+ 2011-10-12 08:13 . 2011-10-12 08:13 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
+ 2011-11-05 20:19 . 2011-11-05 20:19 11083776 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ieframe.dll
+ 2011-10-12 05:39 . 2011-08-22 23:47 11084288 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-12-08 00:13 194848 ----a-w- c:\program files\Yontoo\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Todd\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Todd\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Todd\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Todd\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-11 68856]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-10-30 4800512]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-08-06 114741]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-03-09 151597]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Autorun Eater"="c:\program files\Autorun Eater\oldmcdonald.exe" [2010-05-06 516216]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2011-05-15 325512]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
.
c:\documents and settings\Todd\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Todd\Application Data\Dropbox\bin\Dropbox.exe [2011-9-1 24183152]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Event Planner Reminder 2010.lnk - c:\windows\Installer\{601BE80D-247B-4084-94C7-7A54369DB7A2}\Shortcut_EventPlan_E2FBA8F7F7FD4C5EAA7D652BB0CAAA9D.exe [2010-6-10 341328]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KODAK Software Updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\KODAK Software Updater.lnk
backup=c:\windows\pss\KODAK Software Updater.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\diagent]
2002-04-03 07:01 135264 -c--a-w- c:\program files\Creative\SBLive\Diagnostics\diagent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2003-01-30 23:55 196608 -c--a-w- c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\hpztsb04.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon03]
2003-01-30 23:55 311296 -c--a-w- c:\windows\SYSTEM32\hphmon03.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-12-08 07:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxccmon.exe]
2005-02-21 11:21 192512 -c--a-w- c:\program files\Lexmark 3300 Series\lxccmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 15:50 155648 -c--a-w- c:\windows\SYSTEM32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2003-11-01 01:42 32768 -c--a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2003-08-19 06:01 110592 -c--a-w- c:\program files\Common Files\Sonic\Update Manager\sgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Dell Computer\\Dell Picture Studio v2.0\\launch.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\tbinnerarity\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Steam\\SteamApps\\tbinnerarity\\half-life 2 deathmatch\\hl2.exe"=
"c:\\Program Files\\Adobe Media Player\\Adobe Media Player.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\Todd\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R1 aswSnx;aswSnx;c:\windows\SYSTEM32\DRIVERS\aswSnx.sys [5/16/2011 10:18 PM 441176]
R1 aswSP;aswSP;c:\windows\SYSTEM32\DRIVERS\aswSP.sys [5/16/2011 10:18 PM 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\SYSTEM32\DRIVERS\aswFsBlk.sys [5/16/2011 10:18 PM 19544]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 06:19 PM 13592]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: amphire.net\commerce
Trusted Zone: csplans.com\teamsterups
Trusted Zone: ebay.com
Trusted Zone: paypal.com
Trusted Zone: usps.gov
TCP: DhcpNameServer = 209.55.24.10 209.55.24.11
FF - ProfilePath - c:\documents and settings\Todd\Application Data\Mozilla\Firefox\Profiles\sgr9vmuh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedengine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=CDxdm135YYus&ptb=0C2F4B7F-5755-4241-B231-5B09E188DD7E&ind=2011101820&ptnrS=CDxdm135YYus&si=179027_5&n=77defa7c&psa=&st=kwd&searchfor=
FF - user.js: extentions.y2layers.installId - 38927dcb-a81f-4842-b211-ea5c2a20fd9f
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDealsLite,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\docume~1\ALLUSE~1\APPLIC~1\TARMAI~1\{889DF~1\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-14 18:41
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\## aswSnx private storage
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Windows\AutorunsDisabled]
"Appinit_Dlls"="refobaju.dll,c:\\windows\\system32\\vebimayo.dll,refobaju.dll,c:\\windows\\system32\\kiduruka.dll,c:\\windows\\system32\\goyetude.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2564)
c:\windows\system32\WININET.dll
c:\program files\BillP Studios\WinPatrol\PATROLPRO.DLL
c:\documents and settings\Todd\Application Data\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\ArcSoft\Software Suite\PhotoImpression 5\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\System32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\System32\nvsvc32.exe
c:\windows\System32\MsPMSPSv.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Autorun Eater\billy.exe
c:\program files\iPod\bin\iPodService.exe
c:\progra~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2012-01-14 19:00:15 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-15 01:00
ComboFix2.txt 2011-09-10 16:20
ComboFix3.txt 2011-05-18 18:48
.
Pre-Run: 9,168,863,232 bytes free
Post-Run: 10,234,740,736 bytes free
.
- - End Of File - - DBB2612F958F3AEC3D9199BE6DE30266
  • 0

Advertisements

#11
tammy111
Posted 14 January 2012 - 07:10 PM

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
19:08:43.0953 3328 TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
19:08:44.0359 3328 ============================================================
19:08:44.0359 3328 Current date / time: 2012/01/14 19:08:44.0359
19:08:44.0359 3328 SystemInfo:
19:08:44.0359 3328
19:08:44.0359 3328 OS Version: 5.1.2600 ServicePack: 3.0
19:08:44.0359 3328 Product type: Workstation
19:08:44.0359 3328 ComputerName: BEDROOM
19:08:44.0359 3328 UserName: Todd
19:08:44.0359 3328 Windows directory: C:\WINDOWS
19:08:44.0359 3328 System windows directory: C:\WINDOWS
19:08:44.0359 3328 Processor architecture: Intel x86
19:08:44.0359 3328 Number of processors: 1
19:08:44.0359 3328 Page size: 0x1000
19:08:44.0359 3328 Boot type: Normal boot
19:08:44.0359 3328 ============================================================
19:08:46.0296 3328 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000, SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054
19:08:46.0328 3328 Drive \Device\Harddisk1\DR7 - Size: 0xF3630000, SectorSize: 0x200, Cylinders: 0x1F0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:08:46.0390 3328 Initialize success
19:08:55.0750 2996 ============================================================
19:08:55.0750 2996 Scan started
19:08:55.0750 2996 Mode: Manual;
19:08:55.0750 2996 ============================================================
19:08:56.0484 2996 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
19:08:56.0484 2996 Aavmker4 - ok
19:08:56.0656 2996 Abiosdsk - ok
19:08:56.0859 2996 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
19:08:56.0859 2996 abp480n5 - ok
19:08:57.0078 2996 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:08:57.0093 2996 ACPI - ok
19:08:57.0312 2996 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:08:57.0312 2996 ACPIEC - ok
19:08:57.0546 2996 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
19:08:57.0546 2996 adpu160m - ok
19:08:57.0796 2996 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
19:08:57.0796 2996 aeaudio - ok
19:08:58.0000 2996 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:08:58.0000 2996 aec - ok
19:08:58.0203 2996 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:08:58.0203 2996 AFD - ok
19:08:58.0468 2996 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\System32\DRIVERS\agp440.sys
19:08:58.0468 2996 agp440 - ok
19:08:58.0671 2996 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
19:08:58.0671 2996 agpCPQ - ok
19:08:58.0890 2996 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
19:08:58.0890 2996 Aha154x - ok
19:08:59.0140 2996 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
19:08:59.0140 2996 aic78u2 - ok
19:08:59.0375 2996 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
19:08:59.0375 2996 aic78xx - ok
19:08:59.0656 2996 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
19:08:59.0656 2996 AliIde - ok
19:08:59.0843 2996 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
19:08:59.0843 2996 alim1541 - ok
19:09:00.0046 2996 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
19:09:00.0046 2996 amdagp - ok
19:09:00.0281 2996 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
19:09:00.0281 2996 amsint - ok
19:09:00.0578 2996 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
19:09:00.0578 2996 asc - ok
19:09:00.0828 2996 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
19:09:00.0828 2996 asc3350p - ok
19:09:01.0062 2996 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
19:09:01.0062 2996 asc3550 - ok
19:09:01.0312 2996 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:09:01.0312 2996 aswFsBlk - ok
19:09:01.0562 2996 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
19:09:01.0562 2996 aswMon2 - ok
19:09:01.0859 2996 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
19:09:01.0859 2996 aswRdr - ok
19:09:02.0078 2996 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
19:09:02.0078 2996 aswSnx - ok
19:09:02.0328 2996 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
19:09:02.0328 2996 aswSP - ok
19:09:02.0578 2996 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
19:09:02.0578 2996 aswTdi - ok
19:09:02.0812 2996 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:09:02.0812 2996 AsyncMac - ok
19:09:03.0015 2996 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:09:03.0015 2996 atapi - ok
19:09:03.0187 2996 Atdisk - ok
19:09:03.0406 2996 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:09:03.0406 2996 Atmarpc - ok
19:09:03.0656 2996 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:09:03.0656 2996 audstub - ok
19:09:03.0812 2996 BCM42RLY (438179abe9b7a922a21b8d6369ff52ff) C:\WINDOWS\System32\BCM42RLY.SYS
19:09:03.0812 2996 BCM42RLY - ok
19:09:04.0062 2996 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:09:04.0062 2996 Beep - ok
19:09:04.0078 2996 catchme - ok
19:09:04.0296 2996 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
19:09:04.0296 2996 cbidf - ok
19:09:04.0531 2996 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:09:04.0531 2996 cbidf2k - ok
19:09:04.0765 2996 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:09:04.0765 2996 CCDECODE - ok
19:09:05.0000 2996 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
19:09:05.0000 2996 cd20xrnt - ok
19:09:05.0281 2996 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:09:05.0281 2996 Cdaudio - ok
19:09:05.0484 2996 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:09:05.0484 2996 Cdfs - ok
19:09:05.0734 2996 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:09:05.0734 2996 Cdrom - ok
19:09:05.0890 2996 Changer - ok
19:09:06.0156 2996 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
19:09:06.0156 2996 CmdIde - ok
19:09:06.0406 2996 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
19:09:06.0421 2996 Cpqarray - ok
19:09:06.0671 2996 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
19:09:06.0671 2996 dac2w2k - ok
19:09:06.0906 2996 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
19:09:06.0906 2996 dac960nt - ok
19:09:07.0140 2996 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:09:07.0140 2996 Disk - ok
19:09:07.0390 2996 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:09:07.0406 2996 dmboot - ok
19:09:07.0656 2996 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:09:07.0671 2996 dmio - ok
19:09:07.0875 2996 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:09:07.0875 2996 dmload - ok
19:09:08.0109 2996 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:09:08.0109 2996 DMusic - ok
19:09:08.0375 2996 Dot4 HPH09 (577dc4c5f7102ba9957f302942eb2da4) C:\WINDOWS\system32\DRIVERS\hphid409.sys
19:09:08.0375 2996 Dot4 HPH09 - ok
19:09:08.0609 2996 Dot4Print HPH09 (d559e03b3168bc00011dd2b6f443ac71) C:\WINDOWS\system32\DRIVERS\hphipr09.sys
19:09:08.0609 2996 Dot4Print HPH09 - ok
19:09:08.0843 2996 Dot4Storage HPH09 (7e90e0199786c4bda3cf675b93544939) C:\WINDOWS\system32\Drivers\hphs2k09.sys
19:09:08.0843 2996 Dot4Storage HPH09 - ok
19:09:09.0078 2996 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
19:09:09.0078 2996 dpti2o - ok
19:09:09.0296 2996 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:09:09.0296 2996 drmkaud - ok
19:09:09.0484 2996 drvmcdb (7f056a52bcba3102d2d37a4a2646c807) C:\WINDOWS\system32\drivers\drvmcdb.sys
19:09:09.0484 2996 drvmcdb - ok
19:09:09.0687 2996 drvnddm (d3c1e501ed42e77574b3095309dd4075) C:\WINDOWS\system32\drivers\drvnddm.sys
19:09:09.0687 2996 drvnddm - ok
19:09:09.0906 2996 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
19:09:09.0906 2996 DSproct - ok
19:09:10.0125 2996 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
19:09:10.0140 2996 dsunidrv - ok
19:09:10.0359 2996 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:09:10.0359 2996 E100B - ok
19:09:10.0625 2996 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
19:09:10.0625 2996 EL90XBC - ok
19:09:10.0859 2996 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:09:10.0875 2996 Fastfat - ok
19:09:11.0062 2996 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:09:11.0062 2996 Fdc - ok
19:09:11.0250 2996 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:09:11.0250 2996 Fips - ok
19:09:11.0500 2996 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:09:11.0500 2996 Flpydisk - ok
19:09:11.0703 2996 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:09:11.0703 2996 FltMgr - ok
19:09:11.0984 2996 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:09:11.0984 2996 Fs_Rec - ok
19:09:12.0296 2996 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:09:12.0296 2996 Ftdisk - ok
19:09:12.0578 2996 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:09:12.0578 2996 gameenum - ok
19:09:12.0765 2996 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:09:12.0765 2996 GEARAspiWDM - ok
19:09:12.0921 2996 giveio - ok
19:09:13.0156 2996 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:09:13.0156 2996 Gpc - ok
19:09:13.0390 2996 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:09:13.0406 2996 HidUsb - ok
19:09:13.0640 2996 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
19:09:13.0640 2996 hpn - ok
19:09:13.0859 2996 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:09:13.0859 2996 HPZid412 - ok
19:09:14.0093 2996 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:09:14.0093 2996 HPZipr12 - ok
19:09:14.0312 2996 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:09:14.0312 2996 HPZius12 - ok
19:09:14.0531 2996 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:09:14.0531 2996 HTTP - ok
19:09:14.0734 2996 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:09:14.0734 2996 i2omgmt - ok
19:09:14.0953 2996 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
19:09:14.0953 2996 i2omp - ok
19:09:15.0171 2996 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:09:15.0171 2996 i8042prt - ok
19:09:15.0437 2996 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
19:09:15.0453 2996 i81x - ok
19:09:15.0703 2996 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
19:09:15.0703 2996 iAimFP0 - ok
19:09:15.0953 2996 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
19:09:15.0953 2996 iAimFP1 - ok
19:09:16.0203 2996 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
19:09:16.0203 2996 iAimFP2 - ok
19:09:16.0468 2996 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
19:09:16.0468 2996 iAimFP3 - ok
19:09:16.0718 2996 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
19:09:16.0718 2996 iAimFP4 - ok
19:09:16.0968 2996 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
19:09:16.0968 2996 iAimTV0 - ok
19:09:17.0203 2996 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
19:09:17.0203 2996 iAimTV1 - ok
19:09:17.0453 2996 iAimTV2 - ok
19:09:17.0687 2996 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
19:09:17.0703 2996 iAimTV3 - ok
19:09:17.0937 2996 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
19:09:17.0953 2996 iAimTV4 - ok
19:09:18.0171 2996 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:09:18.0171 2996 Imapi - ok
19:09:18.0421 2996 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
19:09:18.0421 2996 ini910u - ok
19:09:18.0671 2996 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
19:09:18.0671 2996 IntelIde - ok
19:09:18.0953 2996 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:09:18.0953 2996 intelppm - ok
19:09:19.0171 2996 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:09:19.0171 2996 ip6fw - ok
19:09:19.0421 2996 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:09:19.0421 2996 IpFilterDriver - ok
19:09:19.0656 2996 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:09:19.0656 2996 IpInIp - ok
19:09:19.0921 2996 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:09:19.0921 2996 IpNat - ok
19:09:20.0140 2996 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:09:20.0140 2996 IPSec - ok
19:09:20.0359 2996 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:09:20.0359 2996 IRENUM - ok
19:09:20.0593 2996 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:09:20.0593 2996 isapnp - ok
19:09:20.0875 2996 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:09:20.0875 2996 Kbdclass - ok
19:09:21.0078 2996 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:09:21.0078 2996 kmixer - ok
19:09:21.0343 2996 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:09:21.0343 2996 KSecDD - ok
19:09:21.0578 2996 lbrtfdc - ok
19:09:21.0828 2996 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:09:21.0828 2996 mnmdd - ok
19:09:22.0093 2996 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:09:22.0109 2996 Modem - ok
19:09:22.0328 2996 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:09:22.0328 2996 Mouclass - ok
19:09:22.0609 2996 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:09:22.0609 2996 mouhid - ok
19:09:22.0859 2996 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:09:22.0859 2996 MountMgr - ok
19:09:23.0125 2996 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
19:09:23.0125 2996 mraid35x - ok
19:09:23.0343 2996 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:09:23.0343 2996 MRxDAV - ok
19:09:23.0593 2996 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:09:23.0625 2996 MRxSmb - ok
19:09:23.0875 2996 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:09:23.0890 2996 Msfs - ok
19:09:24.0156 2996 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:09:24.0156 2996 MSKSSRV - ok
19:09:24.0437 2996 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:09:24.0437 2996 MSPCLOCK - ok
19:09:24.0671 2996 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:09:24.0671 2996 MSPQM - ok
19:09:24.0921 2996 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:09:24.0921 2996 mssmbios - ok
19:09:25.0125 2996 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:09:25.0140 2996 MSTEE - ok
19:09:25.0359 2996 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:09:25.0359 2996 Mup - ok
19:09:25.0640 2996 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:09:25.0656 2996 NABTSFEC - ok
19:09:25.0875 2996 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:09:25.0890 2996 NDIS - ok
19:09:26.0156 2996 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:09:26.0156 2996 NdisIP - ok
19:09:26.0375 2996 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:09:26.0375 2996 NdisTapi - ok
19:09:26.0625 2996 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:09:26.0625 2996 Ndisuio - ok
19:09:26.0890 2996 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:09:26.0890 2996 NdisWan - ok
19:09:27.0156 2996 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:09:27.0156 2996 NDProxy - ok
19:09:27.0421 2996 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:09:27.0421 2996 NetBIOS - ok
19:09:27.0671 2996 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:09:27.0671 2996 NetBT - ok
19:09:27.0921 2996 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:09:27.0921 2996 Npfs - ok
19:09:28.0187 2996 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:09:28.0203 2996 Ntfs - ok
19:09:28.0468 2996 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:09:28.0468 2996 Null - ok
19:09:28.0828 2996 nv (1aa2270491a46e90e454e143ea8ac775) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:09:28.0843 2996 nv - ok
19:09:29.0093 2996 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:09:29.0093 2996 NwlnkFlt - ok
19:09:29.0328 2996 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:09:29.0328 2996 NwlnkFwd - ok
19:09:29.0578 2996 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
19:09:29.0593 2996 omci - ok
19:09:29.0890 2996 P16X (13026e137486d916a0677d276144ea7f) C:\WINDOWS\system32\drivers\P16X.sys
19:09:29.0953 2996 P16X - ok
19:09:30.0187 2996 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
19:09:30.0203 2996 P3 - ok
19:09:30.0437 2996 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:09:30.0453 2996 Parport - ok
19:09:30.0687 2996 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:09:30.0687 2996 PartMgr - ok
19:09:30.0921 2996 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:09:30.0921 2996 ParVdm - ok
19:09:31.0109 2996 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:09:31.0109 2996 PCI - ok
19:09:31.0281 2996 PCIDump - ok
19:09:31.0484 2996 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:09:31.0484 2996 PCIIde - ok
19:09:31.0734 2996 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:09:31.0734 2996 Pcmcia - ok
19:09:31.0953 2996 PDCOMP - ok
19:09:32.0125 2996 PDFRAME - ok
19:09:32.0281 2996 PDRELI - ok
19:09:32.0453 2996 PDRFRAME - ok
19:09:32.0671 2996 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
19:09:32.0687 2996 perc2 - ok
19:09:32.0953 2996 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
19:09:32.0968 2996 perc2hib - ok
19:09:33.0171 2996 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\System32\PfModNT.sys
19:09:33.0187 2996 PfModNT - ok
19:09:33.0421 2996 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:09:33.0437 2996 PptpMiniport - ok
19:09:33.0703 2996 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
19:09:33.0703 2996 Processor - ok
19:09:33.0953 2996 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:09:33.0953 2996 PSched - ok
19:09:34.0187 2996 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:09:34.0187 2996 Ptilink - ok
19:09:34.0437 2996 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
19:09:34.0437 2996 PxHelp20 - ok
19:09:34.0718 2996 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
19:09:34.0718 2996 ql1080 - ok
19:09:34.0953 2996 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
19:09:34.0953 2996 Ql10wnt - ok
19:09:35.0250 2996 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
19:09:35.0265 2996 ql12160 - ok
19:09:35.0562 2996 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
19:09:35.0562 2996 ql1240 - ok
19:09:35.0843 2996 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
19:09:35.0843 2996 ql1280 - ok
19:09:36.0125 2996 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:09:36.0140 2996 RasAcd - ok
19:09:36.0390 2996 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:09:36.0390 2996 Rasl2tp - ok
19:09:36.0625 2996 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:09:36.0625 2996 RasPppoe - ok
19:09:36.0906 2996 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:09:36.0906 2996 Raspti - ok
19:09:37.0171 2996 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:09:37.0171 2996 Rdbss - ok
19:09:37.0453 2996 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:09:37.0453 2996 RDPCDD - ok
19:09:37.0703 2996 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:09:37.0718 2996 rdpdr - ok
19:09:37.0921 2996 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
19:09:37.0921 2996 RDPWD - ok
19:09:38.0125 2996 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:09:38.0125 2996 redbook - ok
19:09:38.0312 2996 rt2870 - ok
19:09:38.0531 2996 RT73 (7436bfd3a542cf6ff55097200031b293) C:\WINDOWS\system32\DRIVERS\rt73.sys
19:09:38.0531 2996 RT73 - ok
19:09:38.0781 2996 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:09:38.0781 2996 Secdrv - ok
19:09:38.0984 2996 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:09:38.0984 2996 serenum - ok
19:09:39.0171 2996 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:09:39.0187 2996 Serial - ok
19:09:39.0390 2996 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:09:39.0390 2996 Sfloppy - ok
19:09:39.0578 2996 Simbad - ok
19:09:39.0765 2996 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
19:09:39.0781 2996 sisagp - ok
19:09:40.0015 2996 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:09:40.0015 2996 SLIP - ok
19:09:40.0250 2996 smwdm (39f9595d2f6f7eb93f45a466789a6f49) C:\WINDOWS\system32\drivers\smwdm.sys
19:09:40.0265 2996 smwdm - ok
19:09:40.0515 2996 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
19:09:40.0515 2996 SONYPVU1 - ok
19:09:40.0828 2996 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
19:09:40.0828 2996 Sparrow - ok
19:09:41.0062 2996 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:09:41.0062 2996 splitter - ok
19:09:41.0312 2996 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:09:41.0312 2996 sr - ok
19:09:41.0578 2996 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:09:41.0593 2996 Srv - ok
19:09:41.0843 2996 sscdbhk5 (328e8bb94ec58480f60458fb4b8437a7) C:\WINDOWS\system32\drivers\sscdbhk5.sys
19:09:41.0843 2996 sscdbhk5 - ok
19:09:42.0093 2996 ssrtln (7ec8b427cee5c0cdac066320b93f1355) C:\WINDOWS\system32\drivers\ssrtln.sys
19:09:42.0109 2996 ssrtln - ok
19:09:42.0343 2996 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
19:09:42.0343 2996 StillCam - ok
19:09:42.0593 2996 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:09:42.0593 2996 streamip - ok
19:09:42.0781 2996 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:09:42.0781 2996 swenum - ok
19:09:43.0015 2996 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:09:43.0031 2996 swmidi - ok
19:09:43.0328 2996 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
19:09:43.0343 2996 symc810 - ok
19:09:43.0625 2996 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
19:09:43.0625 2996 symc8xx - ok
19:09:43.0906 2996 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
19:09:43.0906 2996 sym_hi - ok
19:09:44.0187 2996 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
19:09:44.0187 2996 sym_u3 - ok
19:09:44.0421 2996 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:09:44.0437 2996 sysaudio - ok
19:09:44.0718 2996 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:09:44.0718 2996 Tcpip - ok
19:09:44.0984 2996 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:09:44.0984 2996 TDPIPE - ok
19:09:45.0265 2996 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:09:45.0265 2996 TDTCP - ok
19:09:45.0593 2996 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:09:45.0593 2996 TermDD - ok
19:09:45.0812 2996 tfsnboio (c229bf90443be8d3bd2b65d7f3ac0f35) C:\WINDOWS\system32\dla\tfsnboio.sys
19:09:45.0828 2996 tfsnboio - ok
19:09:46.0078 2996 tfsncofs (79ee9fcd7728e54ab8fbc30962f0416f) C:\WINDOWS\system32\dla\tfsncofs.sys
19:09:46.0078 2996 tfsncofs - ok
19:09:46.0343 2996 tfsndrct (9efb37e7de17d783a059b653f7e8afad) C:\WINDOWS\system32\dla\tfsndrct.sys
19:09:46.0343 2996 tfsndrct - ok
19:09:46.0593 2996 tfsndres (130254995ebedcb34d62e8d78ec9dbd0) C:\WINDOWS\system32\dla\tfsndres.sys
19:09:46.0593 2996 tfsndres - ok
19:09:46.0875 2996 tfsnifs (9b40e1e4aeed849812a2e43a388a7e77) C:\WINDOWS\system32\dla\tfsnifs.sys
19:09:46.0875 2996 tfsnifs - ok
19:09:47.0187 2996 tfsnopio (818047ad850b312705aa17ca96b9427d) C:\WINDOWS\system32\dla\tfsnopio.sys
19:09:47.0187 2996 tfsnopio - ok
19:09:47.0421 2996 tfsnpool (4603e813bcc6dd465cd8d2afd37fa90d) C:\WINDOWS\system32\dla\tfsnpool.sys
19:09:47.0437 2996 tfsnpool - ok
19:09:47.0671 2996 tfsnudf (6fc2cd904a9a55acfdfc780a611a75ed) C:\WINDOWS\system32\dla\tfsnudf.sys
19:09:47.0671 2996 tfsnudf - ok
19:09:47.0921 2996 tfsnudfa (d4afa4d00f8db3fd1c15b3fe49c3a96c) C:\WINDOWS\system32\dla\tfsnudfa.sys
19:09:47.0921 2996 tfsnudfa - ok
19:09:48.0203 2996 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
19:09:48.0203 2996 TosIde - ok
19:09:48.0468 2996 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:09:48.0468 2996 Udfs - ok
19:09:48.0718 2996 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
19:09:48.0718 2996 ultra - ok
19:09:48.0968 2996 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:09:48.0984 2996 Update - ok
19:09:49.0234 2996 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:09:49.0250 2996 USBAAPL - ok
19:09:49.0484 2996 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:09:49.0484 2996 usbccgp - ok
19:09:49.0718 2996 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:09:49.0734 2996 usbehci - ok
19:09:49.0984 2996 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:09:49.0984 2996 usbhub - ok
19:09:50.0234 2996 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:09:50.0250 2996 usbprint - ok
19:09:50.0484 2996 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:09:50.0500 2996 usbscan - ok
19:09:50.0750 2996 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:09:50.0750 2996 USBSTOR - ok
19:09:51.0000 2996 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:09:51.0000 2996 usbuhci - ok
19:09:51.0265 2996 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
19:09:51.0265 2996 usbvideo - ok
19:09:51.0515 2996 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:09:51.0515 2996 VgaSave - ok
19:09:51.0765 2996 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
19:09:51.0765 2996 viaagp - ok
19:09:52.0046 2996 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
19:09:52.0046 2996 ViaIde - ok
19:09:52.0281 2996 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:09:52.0281 2996 VolSnap - ok
19:09:52.0562 2996 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:09:52.0562 2996 Wanarp - ok
19:09:52.0781 2996 WDICA - ok
19:09:53.0046 2996 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:09:53.0046 2996 wdmaud - ok
19:09:53.0359 2996 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:09:53.0375 2996 WS2IFSL - ok
19:09:53.0625 2996 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:09:53.0625 2996 WSTCODEC - ok
19:09:53.0875 2996 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:09:53.0890 2996 WudfPf - ok
19:09:54.0125 2996 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:09:54.0125 2996 WudfRd - ok
19:09:54.0187 2996 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:09:54.0406 2996 \Device\Harddisk0\DR0 - ok
19:09:54.0406 2996 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR7
19:09:54.0421 2996 \Device\Harddisk1\DR7 - ok
19:09:54.0437 2996 Boot (0x1200) (39b4b34511795e9d25511da81699fa03) \Device\Harddisk0\DR0\Partition0
19:09:54.0437 2996 \Device\Harddisk0\DR0\Partition0 - ok
19:09:54.0437 2996 Boot (0x1200) (dfaff6781d8dbbe5c83a6f3ab161a44f) \Device\Harddisk1\DR7\Partition0
19:09:54.0437 2996 \Device\Harddisk1\DR7\Partition0 - ok
19:09:54.0453 2996 ============================================================
19:09:54.0453 2996 Scan finished
19:09:54.0453 2996 ============================================================
19:09:54.0468 3492 Detected object count: 0
19:09:54.0468 3492 Actual detected object count: 0
  • 0

#12
tammy111
Posted 14 January 2012 - 07:14 PM

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
19:08:43.0953 3328 TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
19:08:44.0359 3328 ============================================================
19:08:44.0359 3328 Current date / time: 2012/01/14 19:08:44.0359
19:08:44.0359 3328 SystemInfo:
19:08:44.0359 3328
19:08:44.0359 3328 OS Version: 5.1.2600 ServicePack: 3.0
19:08:44.0359 3328 Product type: Workstation
19:08:44.0359 3328 ComputerName: BEDROOM
19:08:44.0359 3328 UserName: Todd
19:08:44.0359 3328 Windows directory: C:\WINDOWS
19:08:44.0359 3328 System windows directory: C:\WINDOWS
19:08:44.0359 3328 Processor architecture: Intel x86
19:08:44.0359 3328 Number of processors: 1
19:08:44.0359 3328 Page size: 0x1000
19:08:44.0359 3328 Boot type: Normal boot
19:08:44.0359 3328 ============================================================
19:08:46.0296 3328 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000, SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054
19:08:46.0328 3328 Drive \Device\Harddisk1\DR7 - Size: 0xF3630000, SectorSize: 0x200, Cylinders: 0x1F0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:08:46.0390 3328 Initialize success
19:08:55.0750 2996 ============================================================
19:08:55.0750 2996 Scan started
19:08:55.0750 2996 Mode: Manual;
19:08:55.0750 2996 ============================================================
19:08:56.0484 2996 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
19:08:56.0484 2996 Aavmker4 - ok
19:08:56.0656 2996 Abiosdsk - ok
19:08:56.0859 2996 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
19:08:56.0859 2996 abp480n5 - ok
19:08:57.0078 2996 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:08:57.0093 2996 ACPI - ok
19:08:57.0312 2996 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:08:57.0312 2996 ACPIEC - ok
19:08:57.0546 2996 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
19:08:57.0546 2996 adpu160m - ok
19:08:57.0796 2996 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
19:08:57.0796 2996 aeaudio - ok
19:08:58.0000 2996 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:08:58.0000 2996 aec - ok
19:08:58.0203 2996 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:08:58.0203 2996 AFD - ok
19:08:58.0468 2996 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\System32\DRIVERS\agp440.sys
19:08:58.0468 2996 agp440 - ok
19:08:58.0671 2996 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
19:08:58.0671 2996 agpCPQ - ok
19:08:58.0890 2996 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
19:08:58.0890 2996 Aha154x - ok
19:08:59.0140 2996 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
19:08:59.0140 2996 aic78u2 - ok
19:08:59.0375 2996 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
19:08:59.0375 2996 aic78xx - ok
19:08:59.0656 2996 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
19:08:59.0656 2996 AliIde - ok
19:08:59.0843 2996 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
19:08:59.0843 2996 alim1541 - ok
19:09:00.0046 2996 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
19:09:00.0046 2996 amdagp - ok
19:09:00.0281 2996 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
19:09:00.0281 2996 amsint - ok
19:09:00.0578 2996 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
19:09:00.0578 2996 asc - ok
19:09:00.0828 2996 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
19:09:00.0828 2996 asc3350p - ok
19:09:01.0062 2996 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
19:09:01.0062 2996 asc3550 - ok
19:09:01.0312 2996 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:09:01.0312 2996 aswFsBlk - ok
19:09:01.0562 2996 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
19:09:01.0562 2996 aswMon2 - ok
19:09:01.0859 2996 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
19:09:01.0859 2996 aswRdr - ok
19:09:02.0078 2996 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
19:09:02.0078 2996 aswSnx - ok
19:09:02.0328 2996 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
19:09:02.0328 2996 aswSP - ok
19:09:02.0578 2996 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
19:09:02.0578 2996 aswTdi - ok
19:09:02.0812 2996 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:09:02.0812 2996 AsyncMac - ok
19:09:03.0015 2996 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:09:03.0015 2996 atapi - ok
19:09:03.0187 2996 Atdisk - ok
19:09:03.0406 2996 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:09:03.0406 2996 Atmarpc - ok
19:09:03.0656 2996 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:09:03.0656 2996 audstub - ok
19:09:03.0812 2996 BCM42RLY (438179abe9b7a922a21b8d6369ff52ff) C:\WINDOWS\System32\BCM42RLY.SYS
19:09:03.0812 2996 BCM42RLY - ok
19:09:04.0062 2996 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:09:04.0062 2996 Beep - ok
19:09:04.0078 2996 catchme - ok
19:09:04.0296 2996 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
19:09:04.0296 2996 cbidf - ok
19:09:04.0531 2996 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:09:04.0531 2996 cbidf2k - ok
19:09:04.0765 2996 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:09:04.0765 2996 CCDECODE - ok
19:09:05.0000 2996 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
19:09:05.0000 2996 cd20xrnt - ok
19:09:05.0281 2996 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:09:05.0281 2996 Cdaudio - ok
19:09:05.0484 2996 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:09:05.0484 2996 Cdfs - ok
19:09:05.0734 2996 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:09:05.0734 2996 Cdrom - ok
19:09:05.0890 2996 Changer - ok
19:09:06.0156 2996 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
19:09:06.0156 2996 CmdIde - ok
19:09:06.0406 2996 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
19:09:06.0421 2996 Cpqarray - ok
19:09:06.0671 2996 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
19:09:06.0671 2996 dac2w2k - ok
19:09:06.0906 2996 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
19:09:06.0906 2996 dac960nt - ok
19:09:07.0140 2996 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:09:07.0140 2996 Disk - ok
19:09:07.0390 2996 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:09:07.0406 2996 dmboot - ok
19:09:07.0656 2996 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:09:07.0671 2996 dmio - ok
19:09:07.0875 2996 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:09:07.0875 2996 dmload - ok
19:09:08.0109 2996 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:09:08.0109 2996 DMusic - ok
19:09:08.0375 2996 Dot4 HPH09 (577dc4c5f7102ba9957f302942eb2da4) C:\WINDOWS\system32\DRIVERS\hphid409.sys
19:09:08.0375 2996 Dot4 HPH09 - ok
19:09:08.0609 2996 Dot4Print HPH09 (d559e03b3168bc00011dd2b6f443ac71) C:\WINDOWS\system32\DRIVERS\hphipr09.sys
19:09:08.0609 2996 Dot4Print HPH09 - ok
19:09:08.0843 2996 Dot4Storage HPH09 (7e90e0199786c4bda3cf675b93544939) C:\WINDOWS\system32\Drivers\hphs2k09.sys
19:09:08.0843 2996 Dot4Storage HPH09 - ok
19:09:09.0078 2996 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
19:09:09.0078 2996 dpti2o - ok
19:09:09.0296 2996 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:09:09.0296 2996 drmkaud - ok
19:09:09.0484 2996 drvmcdb (7f056a52bcba3102d2d37a4a2646c807) C:\WINDOWS\system32\drivers\drvmcdb.sys
19:09:09.0484 2996 drvmcdb - ok
19:09:09.0687 2996 drvnddm (d3c1e501ed42e77574b3095309dd4075) C:\WINDOWS\system32\drivers\drvnddm.sys
19:09:09.0687 2996 drvnddm - ok
19:09:09.0906 2996 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
19:09:09.0906 2996 DSproct - ok
19:09:10.0125 2996 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
19:09:10.0140 2996 dsunidrv - ok
19:09:10.0359 2996 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:09:10.0359 2996 E100B - ok
19:09:10.0625 2996 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
19:09:10.0625 2996 EL90XBC - ok
19:09:10.0859 2996 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:09:10.0875 2996 Fastfat - ok
19:09:11.0062 2996 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:09:11.0062 2996 Fdc - ok
19:09:11.0250 2996 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:09:11.0250 2996 Fips - ok
19:09:11.0500 2996 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:09:11.0500 2996 Flpydisk - ok
19:09:11.0703 2996 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:09:11.0703 2996 FltMgr - ok
19:09:11.0984 2996 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:09:11.0984 2996 Fs_Rec - ok
19:09:12.0296 2996 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:09:12.0296 2996 Ftdisk - ok
19:09:12.0578 2996 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:09:12.0578 2996 gameenum - ok
19:09:12.0765 2996 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:09:12.0765 2996 GEARAspiWDM - ok
19:09:12.0921 2996 giveio - ok
19:09:13.0156 2996 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:09:13.0156 2996 Gpc - ok
19:09:13.0390 2996 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:09:13.0406 2996 HidUsb - ok
19:09:13.0640 2996 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
19:09:13.0640 2996 hpn - ok
19:09:13.0859 2996 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:09:13.0859 2996 HPZid412 - ok
19:09:14.0093 2996 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:09:14.0093 2996 HPZipr12 - ok
19:09:14.0312 2996 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:09:14.0312 2996 HPZius12 - ok
19:09:14.0531 2996 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:09:14.0531 2996 HTTP - ok
19:09:14.0734 2996 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:09:14.0734 2996 i2omgmt - ok
19:09:14.0953 2996 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
19:09:14.0953 2996 i2omp - ok
19:09:15.0171 2996 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:09:15.0171 2996 i8042prt - ok
19:09:15.0437 2996 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
19:09:15.0453 2996 i81x - ok
19:09:15.0703 2996 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
19:09:15.0703 2996 iAimFP0 - ok
19:09:15.0953 2996 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
19:09:15.0953 2996 iAimFP1 - ok
19:09:16.0203 2996 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
19:09:16.0203 2996 iAimFP2 - ok
19:09:16.0468 2996 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
19:09:16.0468 2996 iAimFP3 - ok
19:09:16.0718 2996 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
19:09:16.0718 2996 iAimFP4 - ok
19:09:16.0968 2996 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
19:09:16.0968 2996 iAimTV0 - ok
19:09:17.0203 2996 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
19:09:17.0203 2996 iAimTV1 - ok
19:09:17.0453 2996 iAimTV2 - ok
19:09:17.0687 2996 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
19:09:17.0703 2996 iAimTV3 - ok
19:09:17.0937 2996 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
19:09:17.0953 2996 iAimTV4 - ok
19:09:18.0171 2996 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:09:18.0171 2996 Imapi - ok
19:09:18.0421 2996 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
19:09:18.0421 2996 ini910u - ok
19:09:18.0671 2996 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
19:09:18.0671 2996 IntelIde - ok
19:09:18.0953 2996 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:09:18.0953 2996 intelppm - ok
19:09:19.0171 2996 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:09:19.0171 2996 ip6fw - ok
19:09:19.0421 2996 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:09:19.0421 2996 IpFilterDriver - ok
19:09:19.0656 2996 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:09:19.0656 2996 IpInIp - ok
19:09:19.0921 2996 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:09:19.0921 2996 IpNat - ok
19:09:20.0140 2996 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:09:20.0140 2996 IPSec - ok
19:09:20.0359 2996 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:09:20.0359 2996 IRENUM - ok
19:09:20.0593 2996 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:09:20.0593 2996 isapnp - ok
19:09:20.0875 2996 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:09:20.0875 2996 Kbdclass - ok
19:09:21.0078 2996 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:09:21.0078 2996 kmixer - ok
19:09:21.0343 2996 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:09:21.0343 2996 KSecDD - ok
19:09:21.0578 2996 lbrtfdc - ok
19:09:21.0828 2996 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:09:21.0828 2996 mnmdd - ok
19:09:22.0093 2996 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:09:22.0109 2996 Modem - ok
19:09:22.0328 2996 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:09:22.0328 2996 Mouclass - ok
19:09:22.0609 2996 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:09:22.0609 2996 mouhid - ok
19:09:22.0859 2996 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:09:22.0859 2996 MountMgr - ok
19:09:23.0125 2996 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
19:09:23.0125 2996 mraid35x - ok
19:09:23.0343 2996 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:09:23.0343 2996 MRxDAV - ok
19:09:23.0593 2996 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:09:23.0625 2996 MRxSmb - ok
19:09:23.0875 2996 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:09:23.0890 2996 Msfs - ok
19:09:24.0156 2996 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:09:24.0156 2996 MSKSSRV - ok
19:09:24.0437 2996 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:09:24.0437 2996 MSPCLOCK - ok
19:09:24.0671 2996 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:09:24.0671 2996 MSPQM - ok
19:09:24.0921 2996 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:09:24.0921 2996 mssmbios - ok
19:09:25.0125 2996 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:09:25.0140 2996 MSTEE - ok
19:09:25.0359 2996 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:09:25.0359 2996 Mup - ok
19:09:25.0640 2996 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:09:25.0656 2996 NABTSFEC - ok
19:09:25.0875 2996 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:09:25.0890 2996 NDIS - ok
19:09:26.0156 2996 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:09:26.0156 2996 NdisIP - ok
19:09:26.0375 2996 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:09:26.0375 2996 NdisTapi - ok
19:09:26.0625 2996 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:09:26.0625 2996 Ndisuio - ok
19:09:26.0890 2996 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:09:26.0890 2996 NdisWan - ok
19:09:27.0156 2996 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:09:27.0156 2996 NDProxy - ok
19:09:27.0421 2996 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:09:27.0421 2996 NetBIOS - ok
19:09:27.0671 2996 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:09:27.0671 2996 NetBT - ok
19:09:27.0921 2996 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:09:27.0921 2996 Npfs - ok
19:09:28.0187 2996 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:09:28.0203 2996 Ntfs - ok
19:09:28.0468 2996 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:09:28.0468 2996 Null - ok
19:09:28.0828 2996 nv (1aa2270491a46e90e454e143ea8ac775) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:09:28.0843 2996 nv - ok
19:09:29.0093 2996 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:09:29.0093 2996 NwlnkFlt - ok
19:09:29.0328 2996 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:09:29.0328 2996 NwlnkFwd - ok
19:09:29.0578 2996 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
19:09:29.0593 2996 omci - ok
19:09:29.0890 2996 P16X (13026e137486d916a0677d276144ea7f) C:\WINDOWS\system32\drivers\P16X.sys
19:09:29.0953 2996 P16X - ok
19:09:30.0187 2996 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
19:09:30.0203 2996 P3 - ok
19:09:30.0437 2996 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:09:30.0453 2996 Parport - ok
19:09:30.0687 2996 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:09:30.0687 2996 PartMgr - ok
19:09:30.0921 2996 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:09:30.0921 2996 ParVdm - ok
19:09:31.0109 2996 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:09:31.0109 2996 PCI - ok
19:09:31.0281 2996 PCIDump - ok
19:09:31.0484 2996 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:09:31.0484 2996 PCIIde - ok
19:09:31.0734 2996 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:09:31.0734 2996 Pcmcia - ok
19:09:31.0953 2996 PDCOMP - ok
19:09:32.0125 2996 PDFRAME - ok
19:09:32.0281 2996 PDRELI - ok
19:09:32.0453 2996 PDRFRAME - ok
19:09:32.0671 2996 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
19:09:32.0687 2996 perc2 - ok
19:09:32.0953 2996 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
19:09:32.0968 2996 perc2hib - ok
19:09:33.0171 2996 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\System32\PfModNT.sys
19:09:33.0187 2996 PfModNT - ok
19:09:33.0421 2996 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:09:33.0437 2996 PptpMiniport - ok
19:09:33.0703 2996 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
19:09:33.0703 2996 Processor - ok
19:09:33.0953 2996 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:09:33.0953 2996 PSched - ok
19:09:34.0187 2996 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:09:34.0187 2996 Ptilink - ok
19:09:34.0437 2996 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
19:09:34.0437 2996 PxHelp20 - ok
19:09:34.0718 2996 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
19:09:34.0718 2996 ql1080 - ok
19:09:34.0953 2996 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
19:09:34.0953 2996 Ql10wnt - ok
19:09:35.0250 2996 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
19:09:35.0265 2996 ql12160 - ok
19:09:35.0562 2996 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
19:09:35.0562 2996 ql1240 - ok
19:09:35.0843 2996 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
19:09:35.0843 2996 ql1280 - ok
19:09:36.0125 2996 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:09:36.0140 2996 RasAcd - ok
19:09:36.0390 2996 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:09:36.0390 2996 Rasl2tp - ok
19:09:36.0625 2996 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:09:36.0625 2996 RasPppoe - ok
19:09:36.0906 2996 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:09:36.0906 2996 Raspti - ok
19:09:37.0171 2996 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:09:37.0171 2996 Rdbss - ok
19:09:37.0453 2996 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:09:37.0453 2996 RDPCDD - ok
19:09:37.0703 2996 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:09:37.0718 2996 rdpdr - ok
19:09:37.0921 2996 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
19:09:37.0921 2996 RDPWD - ok
19:09:38.0125 2996 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:09:38.0125 2996 redbook - ok
19:09:38.0312 2996 rt2870 - ok
19:09:38.0531 2996 RT73 (7436bfd3a542cf6ff55097200031b293) C:\WINDOWS\system32\DRIVERS\rt73.sys
19:09:38.0531 2996 RT73 - ok
19:09:38.0781 2996 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:09:38.0781 2996 Secdrv - ok
19:09:38.0984 2996 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:09:38.0984 2996 serenum - ok
19:09:39.0171 2996 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:09:39.0187 2996 Serial - ok
19:09:39.0390 2996 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:09:39.0390 2996 Sfloppy - ok
19:09:39.0578 2996 Simbad - ok
19:09:39.0765 2996 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
19:09:39.0781 2996 sisagp - ok
19:09:40.0015 2996 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:09:40.0015 2996 SLIP - ok
19:09:40.0250 2996 smwdm (39f9595d2f6f7eb93f45a466789a6f49) C:\WINDOWS\system32\drivers\smwdm.sys
19:09:40.0265 2996 smwdm - ok
19:09:40.0515 2996 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
19:09:40.0515 2996 SONYPVU1 - ok
19:09:40.0828 2996 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
19:09:40.0828 2996 Sparrow - ok
19:09:41.0062 2996 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:09:41.0062 2996 splitter - ok
19:09:41.0312 2996 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:09:41.0312 2996 sr - ok
19:09:41.0578 2996 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:09:41.0593 2996 Srv - ok
19:09:41.0843 2996 sscdbhk5 (328e8bb94ec58480f60458fb4b8437a7) C:\WINDOWS\system32\drivers\sscdbhk5.sys
19:09:41.0843 2996 sscdbhk5 - ok
19:09:42.0093 2996 ssrtln (7ec8b427cee5c0cdac066320b93f1355) C:\WINDOWS\system32\drivers\ssrtln.sys
19:09:42.0109 2996 ssrtln - ok
19:09:42.0343 2996 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
19:09:42.0343 2996 StillCam - ok
19:09:42.0593 2996 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:09:42.0593 2996 streamip - ok
19:09:42.0781 2996 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:09:42.0781 2996 swenum - ok
19:09:43.0015 2996 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:09:43.0031 2996 swmidi - ok
19:09:43.0328 2996 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
19:09:43.0343 2996 symc810 - ok
19:09:43.0625 2996 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
19:09:43.0625 2996 symc8xx - ok
19:09:43.0906 2996 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
19:09:43.0906 2996 sym_hi - ok
19:09:44.0187 2996 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
19:09:44.0187 2996 sym_u3 - ok
19:09:44.0421 2996 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:09:44.0437 2996 sysaudio - ok
19:09:44.0718 2996 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:09:44.0718 2996 Tcpip - ok
19:09:44.0984 2996 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:09:44.0984 2996 TDPIPE - ok
19:09:45.0265 2996 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:09:45.0265 2996 TDTCP - ok
19:09:45.0593 2996 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:09:45.0593 2996 TermDD - ok
19:09:45.0812 2996 tfsnboio (c229bf90443be8d3bd2b65d7f3ac0f35) C:\WINDOWS\system32\dla\tfsnboio.sys
19:09:45.0828 2996 tfsnboio - ok
19:09:46.0078 2996 tfsncofs (79ee9fcd7728e54ab8fbc30962f0416f) C:\WINDOWS\system32\dla\tfsncofs.sys
19:09:46.0078 2996 tfsncofs - ok
19:09:46.0343 2996 tfsndrct (9efb37e7de17d783a059b653f7e8afad) C:\WINDOWS\system32\dla\tfsndrct.sys
19:09:46.0343 2996 tfsndrct - ok
19:09:46.0593 2996 tfsndres (130254995ebedcb34d62e8d78ec9dbd0) C:\WINDOWS\system32\dla\tfsndres.sys
19:09:46.0593 2996 tfsndres - ok
19:09:46.0875 2996 tfsnifs (9b40e1e4aeed849812a2e43a388a7e77) C:\WINDOWS\system32\dla\tfsnifs.sys
19:09:46.0875 2996 tfsnifs - ok
19:09:47.0187 2996 tfsnopio (818047ad850b312705aa17ca96b9427d) C:\WINDOWS\system32\dla\tfsnopio.sys
19:09:47.0187 2996 tfsnopio - ok
19:09:47.0421 2996 tfsnpool (4603e813bcc6dd465cd8d2afd37fa90d) C:\WINDOWS\system32\dla\tfsnpool.sys
19:09:47.0437 2996 tfsnpool - ok
19:09:47.0671 2996 tfsnudf (6fc2cd904a9a55acfdfc780a611a75ed) C:\WINDOWS\system32\dla\tfsnudf.sys
19:09:47.0671 2996 tfsnudf - ok
19:09:47.0921 2996 tfsnudfa (d4afa4d00f8db3fd1c15b3fe49c3a96c) C:\WINDOWS\system32\dla\tfsnudfa.sys
19:09:47.0921 2996 tfsnudfa - ok
19:09:48.0203 2996 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
19:09:48.0203 2996 TosIde - ok
19:09:48.0468 2996 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:09:48.0468 2996 Udfs - ok
19:09:48.0718 2996 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
19:09:48.0718 2996 ultra - ok
19:09:48.0968 2996 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:09:48.0984 2996 Update - ok
19:09:49.0234 2996 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:09:49.0250 2996 USBAAPL - ok
19:09:49.0484 2996 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:09:49.0484 2996 usbccgp - ok
19:09:49.0718 2996 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:09:49.0734 2996 usbehci - ok
19:09:49.0984 2996 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:09:49.0984 2996 usbhub - ok
19:09:50.0234 2996 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:09:50.0250 2996 usbprint - ok
19:09:50.0484 2996 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:09:50.0500 2996 usbscan - ok
19:09:50.0750 2996 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:09:50.0750 2996 USBSTOR - ok
19:09:51.0000 2996 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:09:51.0000 2996 usbuhci - ok
19:09:51.0265 2996 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
19:09:51.0265 2996 usbvideo - ok
19:09:51.0515 2996 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:09:51.0515 2996 VgaSave - ok
19:09:51.0765 2996 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
19:09:51.0765 2996 viaagp - ok
19:09:52.0046 2996 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
19:09:52.0046 2996 ViaIde - ok
19:09:52.0281 2996 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:09:52.0281 2996 VolSnap - ok
19:09:52.0562 2996 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:09:52.0562 2996 Wanarp - ok
19:09:52.0781 2996 WDICA - ok
19:09:53.0046 2996 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:09:53.0046 2996 wdmaud - ok
19:09:53.0359 2996 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:09:53.0375 2996 WS2IFSL - ok
19:09:53.0625 2996 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:09:53.0625 2996 WSTCODEC - ok
19:09:53.0875 2996 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:09:53.0890 2996 WudfPf - ok
19:09:54.0125 2996 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:09:54.0125 2996 WudfRd - ok
19:09:54.0187 2996 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:09:54.0406 2996 \Device\Harddisk0\DR0 - ok
19:09:54.0406 2996 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR7
19:09:54.0421 2996 \Device\Harddisk1\DR7 - ok
19:09:54.0437 2996 Boot (0x1200) (39b4b34511795e9d25511da81699fa03) \Device\Harddisk0\DR0\Partition0
19:09:54.0437 2996 \Device\Harddisk0\DR0\Partition0 - ok
19:09:54.0437 2996 Boot (0x1200) (dfaff6781d8dbbe5c83a6f3ab161a44f) \Device\Harddisk1\DR7\Partition0
19:09:54.0437 2996 \Device\Harddisk1\DR7\Partition0 - ok
19:09:54.0453 2996 ============================================================
19:09:54.0453 2996 Scan finished
19:09:54.0453 2996 ============================================================
19:09:54.0468 3492 Detected object count: 0
19:09:54.0468 3492 Actual detected object count: 0
19:12:10.0437 0620 ============================================================
19:12:10.0437 0620 Scan started
19:12:10.0437 0620 Mode: Manual; SigCheck; TDLFS;
19:12:10.0437 0620 ============================================================
19:12:10.0875 0620 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
19:12:15.0875 0620 Aavmker4 - ok
19:12:16.0093 0620 Abiosdsk - ok
19:12:16.0312 0620 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
19:12:16.0515 0620 abp480n5 - ok
19:12:16.0750 0620 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:12:16.0937 0620 ACPI - ok
19:12:17.0187 0620 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:12:17.0375 0620 ACPIEC - ok
19:12:17.0640 0620 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
19:12:17.0843 0620 adpu160m - ok
19:12:18.0078 0620 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
19:12:18.0125 0620 aeaudio - ok
19:12:18.0375 0620 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:12:18.0968 0620 aec - ok
19:12:19.0187 0620 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:12:19.0250 0620 AFD - ok
19:12:19.0484 0620 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\System32\DRIVERS\agp440.sys
19:12:19.0671 0620 agp440 - ok
19:12:19.0906 0620 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
19:12:20.0093 0620 agpCPQ - ok
19:12:20.0343 0620 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
19:12:20.0437 0620 Aha154x - ok
19:12:20.0703 0620 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
19:12:20.0906 0620 aic78u2 - ok
19:12:21.0171 0620 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
19:12:21.0531 0620 aic78xx - ok
19:12:21.0828 0620 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
19:12:22.0031 0620 AliIde - ok
19:12:22.0234 0620 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
19:12:22.0421 0620 alim1541 - ok
19:12:22.0671 0620 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
19:12:22.0859 0620 amdagp - ok
19:12:23.0125 0620 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
19:12:23.0234 0620 amsint - ok
19:12:23.0531 0620 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
19:12:23.0703 0620 asc - ok
19:12:23.0968 0620 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
19:12:24.0078 0620 asc3350p - ok
19:12:24.0343 0620 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
19:12:24.0531 0620 asc3550 - ok
19:12:24.0781 0620 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:12:24.0781 0620 aswFsBlk - ok
19:12:24.0984 0620 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
19:12:25.0000 0620 aswMon2 - ok
19:12:25.0234 0620 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
19:12:25.0250 0620 aswRdr - ok
19:12:25.0453 0620 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
19:12:25.0484 0620 aswSnx - ok
19:12:25.0718 0620 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
19:12:25.0734 0620 aswSP - ok
19:12:25.0968 0620 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
19:12:25.0984 0620 aswTdi - ok
19:12:26.0250 0620 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:12:26.0421 0620 AsyncMac - ok
19:12:26.0656 0620 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:12:26.0828 0620 atapi - ok
19:12:27.0046 0620 Atdisk - ok
19:12:27.0265 0620 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:12:27.0437 0620 Atmarpc - ok
19:12:27.0718 0620 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:12:27.0921 0620 audstub - ok
19:12:28.0093 0620 BCM42RLY (438179abe9b7a922a21b8d6369ff52ff) C:\WINDOWS\System32\BCM42RLY.SYS
19:12:28.0125 0620 BCM42RLY ( UnsignedFile.Multi.Generic ) - warning
19:12:28.0125 0620 BCM42RLY - detected UnsignedFile.Multi.Generic (1)
19:12:28.0390 0620 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:12:28.0578 0620 Beep - ok
19:12:28.0593 0620 catchme - ok
19:12:28.0843 0620 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
19:12:29.0046 0620 cbidf - ok
19:12:29.0312 0620 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:12:29.0484 0620 cbidf2k - ok
19:12:29.0718 0620 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:12:29.0906 0620 CCDECODE - ok
19:12:30.0140 0620 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
19:12:30.0250 0620 cd20xrnt - ok
19:12:30.0515 0620 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:12:30.0703 0620 Cdaudio - ok
19:12:30.0937 0620 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:12:31.0109 0620 Cdfs - ok
19:12:31.0343 0620 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:12:31.0531 0620 Cdrom - ok
19:12:31.0734 0620 Changer - ok
19:12:31.0968 0620 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
19:12:32.0140 0620 CmdIde - ok
19:12:32.0421 0620 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
19:12:32.0609 0620 Cpqarray - ok
19:12:32.0859 0620 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
19:12:33.0078 0620 dac2w2k - ok
19:12:33.0328 0620 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
19:12:33.0515 0620 dac960nt - ok
19:12:33.0750 0620 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:12:33.0906 0620 Disk - ok
19:12:34.0140 0620 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:12:34.0343 0620 dmboot - ok
19:12:34.0609 0620 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:12:34.0781 0620 dmio - ok
19:12:35.0015 0620 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:12:35.0187 0620 dmload - ok
19:12:35.0421 0620 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:12:35.0609 0620 DMusic - ok
19:12:35.0859 0620 Dot4 HPH09 (577dc4c5f7102ba9957f302942eb2da4) C:\WINDOWS\system32\DRIVERS\hphid409.sys
19:12:35.0906 0620 Dot4 HPH09 - ok
19:12:36.0171 0620 Dot4Print HPH09 (d559e03b3168bc00011dd2b6f443ac71) C:\WINDOWS\system32\DRIVERS\hphipr09.sys
19:12:36.0203 0620 Dot4Print HPH09 - ok
19:12:36.0515 0620 Dot4Storage HPH09 (7e90e0199786c4bda3cf675b93544939) C:\WINDOWS\system32\Drivers\hphs2k09.sys
19:12:36.0531 0620 Dot4Storage HPH09 - ok
19:12:36.0765 0620 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
19:12:36.0953 0620 dpti2o - ok
19:12:37.0171 0620 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:12:37.0359 0620 drmkaud - ok
19:12:37.0593 0620 drvmcdb (7f056a52bcba3102d2d37a4a2646c807) C:\WINDOWS\system32\drivers\drvmcdb.sys
19:12:37.0625 0620 drvmcdb ( UnsignedFile.Multi.Generic ) - warning
19:12:37.0625 0620 drvmcdb - detected UnsignedFile.Multi.Generic (1)
19:12:37.0859 0620 drvnddm (d3c1e501ed42e77574b3095309dd4075) C:\WINDOWS\system32\drivers\drvnddm.sys
19:12:37.0890 0620 drvnddm ( UnsignedFile.Multi.Generic ) - warning
19:12:37.0890 0620 drvnddm - detected UnsignedFile.Multi.Generic (1)
19:12:38.0140 0620 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
19:12:38.0156 0620 DSproct ( UnsignedFile.Multi.Generic ) - warning
19:12:38.0156 0620 DSproct - detected UnsignedFile.Multi.Generic (1)
19:12:38.0390 0620 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
19:12:38.0421 0620 dsunidrv ( UnsignedFile.Multi.Generic ) - warning
19:12:38.0421 0620 dsunidrv - detected UnsignedFile.Multi.Generic (1)
19:12:38.0687 0620 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:12:38.0734 0620 E100B - ok
19:12:38.0984 0620 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
19:12:39.0171 0620 EL90XBC - ok
19:12:39.0406 0620 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:12:39.0562 0620 Fastfat - ok
19:12:39.0750 0620 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:12:39.0921 0620 Fdc - ok
19:12:40.0156 0620 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:12:40.0359 0620 Fips - ok
19:12:40.0578 0620 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:12:40.0750 0620 Flpydisk - ok
19:12:40.0984 0620 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:12:41.0171 0620 FltMgr - ok
19:12:41.0437 0620 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:12:41.0640 0620 Fs_Rec - ok
19:12:41.0890 0620 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:12:42.0109 0620 Ftdisk - ok
19:12:42.0328 0620 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:12:42.0500 0620 gameenum - ok
19:12:42.0718 0620 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:12:42.0734 0620 GEARAspiWDM - ok
19:12:42.0828 0620 giveio - ok
19:12:43.0015 0620 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:12:43.0203 0620 Gpc - ok
19:12:43.0437 0620 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:12:43.0625 0620 HidUsb - ok
19:12:43.0875 0620 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
19:12:44.0046 0620 hpn - ok
19:12:44.0296 0620 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:12:44.0359 0620 HPZid412 - ok
19:12:44.0593 0620 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:12:44.0640 0620 HPZipr12 - ok
19:12:44.0875 0620 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:12:44.0937 0620 HPZius12 - ok
19:12:45.0187 0620 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:12:45.0250 0620 HTTP - ok
19:12:45.0421 0620 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:12:45.0609 0620 i2omgmt - ok
19:12:45.0765 0620 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
19:12:45.0953 0620 i2omp - ok
19:12:46.0109 0620 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:12:46.0296 0620 i8042prt - ok
19:12:46.0468 0620 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
19:12:46.0640 0620 i81x - ok
19:12:46.0796 0620 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
19:12:46.0953 0620 iAimFP0 - ok
19:12:47.0109 0620 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
19:12:47.0265 0620 iAimFP1 - ok
19:12:47.0421 0620 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
19:12:47.0578 0620 iAimFP2 - ok
19:12:47.0765 0620 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
19:12:47.0906 0620 iAimFP3 - ok
19:12:48.0140 0620 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
19:12:48.0281 0620 iAimFP4 - ok
19:12:48.0531 0620 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
19:12:48.0687 0620 iAimTV0 - ok
19:12:48.0921 0620 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
19:12:49.0078 0620 iAimTV1 - ok
19:12:49.0281 0620 iAimTV2 - ok
19:12:49.0484 0620 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
19:12:49.0640 0620 iAimTV3 - ok
19:12:49.0890 0620 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
19:12:50.0031 0620 iAimTV4 - ok
19:12:50.0265 0620 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:12:50.0453 0620 Imapi - ok
19:12:50.0718 0620 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
19:12:50.0906 0620 ini910u - ok
19:12:51.0171 0620 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
19:12:51.0343 0620 IntelIde - ok
19:12:51.0562 0620 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:12:51.0718 0620 intelppm - ok
19:12:51.0921 0620 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:12:52.0093 0620 ip6fw - ok
19:12:52.0359 0620 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:12:52.0531 0620 IpFilterDriver - ok
19:12:52.0781 0620 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:12:52.0937 0620 IpInIp - ok
19:12:53.0187 0620 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:12:53.0375 0620 IpNat - ok
19:12:53.0609 0620 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:12:53.0781 0620 IPSec - ok
19:12:54.0015 0620 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:12:54.0187 0620 IRENUM - ok
19:12:54.0437 0620 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:12:54.0609 0620 isapnp - ok
19:12:54.0843 0620 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:12:55.0015 0620 Kbdclass - ok
19:12:55.0250 0620 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:12:55.0437 0620 kmixer - ok
19:12:55.0671 0620 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:12:55.0703 0620 KSecDD - ok
19:12:55.0921 0620 lbrtfdc - ok
19:12:56.0203 0620 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:12:56.0406 0620 mnmdd - ok
19:12:56.0671 0620 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:12:56.0843 0620 Modem - ok
19:12:57.0062 0620 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:12:57.0281 0620 Mouclass - ok
19:12:57.0531 0620 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:12:57.0734 0620 mouhid - ok
19:12:57.0953 0620 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:12:58.0140 0620 MountMgr - ok
19:12:58.0406 0620 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
19:12:58.0578 0620 mraid35x - ok
19:12:58.0812 0620 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:12:59.0000 0620 MRxDAV - ok
19:12:59.0234 0620 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:12:59.0296 0620 MRxSmb - ok
19:12:59.0500 0620 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:12:59.0687 0620 Msfs - ok
19:12:59.0921 0620 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:13:00.0109 0620 MSKSSRV - ok
19:13:00.0390 0620 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:13:00.0562 0620 MSPCLOCK - ok
19:13:00.0812 0620 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:13:00.0984 0620 MSPQM - ok
19:13:01.0218 0620 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:13:01.0406 0620 mssmbios - ok
19:13:01.0640 0620 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:13:01.0796 0620 MSTEE - ok
19:13:02.0015 0620 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:13:02.0062 0620 Mup - ok
19:13:02.0296 0620 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:13:02.0515 0620 NABTSFEC - ok
19:13:02.0765 0620 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:13:02.0953 0620 NDIS - ok
19:13:03.0203 0620 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:13:03.0390 0620 NdisIP - ok
19:13:03.0625 0620 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:13:03.0656 0620 NdisTapi - ok
19:13:03.0890 0620 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:13:04.0062 0620 Ndisuio - ok
19:13:04.0312 0620 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:13:04.0500 0620 NdisWan - ok
19:13:04.0734 0620 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:13:04.0781 0620 NDProxy - ok
19:13:05.0015 0620 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:13:05.0203 0620 NetBIOS - ok
19:13:05.0437 0620 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:13:05.0609 0620 NetBT - ok
19:13:05.0875 0620 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:13:06.0046 0620 Npfs - ok
19:13:06.0281 0620 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:13:06.0500 0620 Ntfs - ok
19:13:06.0781 0620 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:13:06.0968 0620 Null - ok
19:13:07.0281 0620 nv (1aa2270491a46e90e454e143ea8ac775) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:13:07.0375 0620 nv - ok
19:13:07.0625 0620 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:13:07.0812 0620 NwlnkFlt - ok
19:13:08.0062 0620 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:13:08.0265 0620 NwlnkFwd - ok
19:13:08.0531 0620 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
19:13:08.0562 0620 omci ( UnsignedFile.Multi.Generic ) - warning
19:13:08.0562 0620 omci - detected UnsignedFile.Multi.Generic (1)
19:13:08.0843 0620 P16X (13026e137486d916a0677d276144ea7f) C:\WINDOWS\system32\drivers\P16X.sys
19:13:08.0937 0620 P16X - ok
19:13:09.0171 0620 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
19:13:09.0343 0620 P3 - ok
19:13:09.0593 0620 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:13:09.0781 0620 Parport - ok
19:13:10.0000 0620 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:13:10.0171 0620 PartMgr - ok
19:13:10.0437 0620 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:13:10.0625 0620 ParVdm - ok
19:13:10.0828 0620 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:13:11.0015 0620 PCI - ok
19:13:11.0218 0620 PCIDump - ok
19:13:11.0406 0620 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:13:11.0609 0620 PCIIde - ok
19:13:11.0843 0620 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:13:12.0015 0620 Pcmcia - ok
19:13:12.0218 0620 PDCOMP - ok
19:13:12.0375 0620 PDFRAME - ok
19:13:12.0546 0620 PDRELI - ok
19:13:12.0718 0620 PDRFRAME - ok
19:13:12.0937 0620 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
19:13:13.0140 0620 perc2 - ok
19:13:13.0421 0620 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
19:13:13.0609 0620 perc2hib - ok
19:13:13.0828 0620 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\System32\PfModNT.sys
19:13:13.0859 0620 PfModNT ( UnsignedFile.Multi.Generic ) - warning
19:13:13.0859 0620 PfModNT - detected UnsignedFile.Multi.Generic (1)
19:13:14.0093 0620 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:13:14.0265 0620 PptpMiniport - ok
19:13:14.0484 0620 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
19:13:14.0640 0620 Processor - ok
19:13:14.0843 0620 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:13:15.0015 0620 PSched - ok
19:13:15.0265 0620 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:13:15.0453 0620 Ptilink - ok
19:13:15.0703 0620 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
19:13:15.0718 0620 PxHelp20 - ok
19:13:15.0984 0620 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
19:13:16.0203 0620 ql1080 - ok
19:13:16.0453 0620 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
19:13:16.0656 0620 Ql10wnt - ok
19:13:16.0921 0620 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
19:13:17.0140 0620 ql12160 - ok
19:13:17.0390 0620 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
19:13:17.0593 0620 ql1240 - ok
19:13:17.0890 0620 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
19:13:18.0062 0620 ql1280 - ok
19:13:18.0343 0620 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:13:18.0531 0620 RasAcd - ok
19:13:18.0781 0620 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:13:18.0968 0620 Rasl2tp - ok
19:13:19.0203 0620 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:13:19.0375 0620 RasPppoe - ok
19:13:19.0625 0620 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:13:19.0812 0620 Raspti - ok
19:13:20.0046 0620 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:13:20.0234 0620 Rdbss - ok
19:13:20.0515 0620 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:13:20.0703 0620 RDPCDD - ok
19:13:20.0937 0620 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:13:21.0125 0620 rdpdr - ok
19:13:21.0359 0620 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
19:13:21.0406 0620 RDPWD - ok
19:13:21.0656 0620 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:13:21.0828 0620 redbook - ok
19:13:22.0046 0620 rt2870 - ok
19:13:22.0250 0620 RT73 (7436bfd3a542cf6ff55097200031b293) C:\WINDOWS\system32\DRIVERS\rt73.sys
19:13:22.0312 0620 RT73 ( UnsignedFile.Multi.Generic ) - warning
19:13:22.0312 0620 RT73 - detected UnsignedFile.Multi.Generic (1)
19:13:22.0562 0620 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:13:22.0750 0620 Secdrv - ok
19:13:22.0984 0620 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:13:23.0187 0620 serenum - ok
19:13:23.0421 0620 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:13:23.0593 0620 Serial - ok
19:13:23.0843 0620 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:13:24.0015 0620 Sfloppy - ok
19:13:24.0234 0620 Simbad - ok
19:13:24.0437 0620 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
19:13:24.0609 0620 sisagp - ok
19:13:24.0843 0620 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:13:25.0015 0620 SLIP - ok
19:13:25.0281 0620 smwdm (39f9595d2f6f7eb93f45a466789a6f49) C:\WINDOWS\system32\drivers\smwdm.sys
19:13:25.0343 0620 smwdm - ok
19:13:25.0562 0620 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
19:13:25.0765 0620 SONYPVU1 - ok
19:13:26.0015 0620 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
19:13:26.0156 0620 Sparrow - ok
19:13:26.0375 0620 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:13:26.0546 0620 splitter - ok
19:13:26.0812 0620 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:13:26.0984 0620 sr - ok
19:13:27.0218 0620 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:13:27.0281 0620 Srv - ok
19:13:27.0515 0620 sscdbhk5 (328e8bb94ec58480f60458fb4b8437a7) C:\WINDOWS\system32\drivers\sscdbhk5.sys
19:13:27.0562 0620 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
19:13:27.0562 0620 sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
19:13:27.0796 0620 ssrtln (7ec8b427cee5c0cdac066320b93f1355) C:\WINDOWS\system32\drivers\ssrtln.sys
19:13:27.0796 0620 ssrtln ( UnsignedFile.Multi.Generic ) - warning
19:13:27.0796 0620 ssrtln - detected UnsignedFile.Multi.Generic (1)
19:13:28.0046 0620 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
19:13:28.0234 0620 StillCam - ok
19:13:28.0500 0620 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:13:28.0671 0620 streamip - ok
19:13:28.0875 0620 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:13:29.0046 0620 swenum - ok
19:13:29.0265 0620 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:13:29.0437 0620 swmidi - ok
19:13:29.0718 0620 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
19:13:29.0921 0620 symc810 - ok
19:13:30.0187 0620 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
19:13:30.0390 0620 symc8xx - ok
19:13:30.0640 0620 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
19:13:30.0843 0620 sym_hi - ok
19:13:31.0125 0620 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
19:13:31.0343 0620 sym_u3 - ok
19:13:31.0578 0620 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:13:31.0734 0620 sysaudio - ok
19:13:32.0015 0620 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:13:32.0093 0620 Tcpip - ok
19:13:32.0296 0620 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:13:32.0484 0620 TDPIPE - ok
19:13:32.0703 0620 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:13:32.0875 0620 TDTCP - ok
19:13:33.0125 0620 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:13:33.0296 0620 TermDD - ok
19:13:33.0515 0620 tfsnboio (c229bf90443be8d3bd2b65d7f3ac0f35) C:\WINDOWS\system32\dla\tfsnboio.sys
19:13:33.0562 0620 tfsnboio ( UnsignedFile.Multi.Generic ) - warning
19:13:33.0562 0620 tfsnboio - detected UnsignedFile.Multi.Generic (1)
19:13:33.0843 0620 tfsncofs (79ee9fcd7728e54ab8fbc30962f0416f) C:\WINDOWS\system32\dla\tfsncofs.sys
19:13:33.0875 0620 tfsncofs ( UnsignedFile.Multi.Generic ) - warning
19:13:33.0875 0620 tfsncofs - detected UnsignedFile.Multi.Generic (1)
19:13:34.0109 0620 tfsndrct (9efb37e7de17d783a059b653f7e8afad) C:\WINDOWS\system32\dla\tfsndrct.sys
19:13:34.0140 0620 tfsndrct ( UnsignedFile.Multi.Generic ) - warning
19:13:34.0140 0620 tfsndrct - detected UnsignedFile.Multi.Generic (1)
19:13:34.0375 0620 tfsndres (130254995ebedcb34d62e8d78ec9dbd0) C:\WINDOWS\system32\dla\tfsndres.sys
19:13:34.0406 0620 tfsndres ( UnsignedFile.Multi.Generic ) - warning
19:13:34.0406 0620 tfsndres - detected UnsignedFile.Multi.Generic (1)
19:13:34.0625 0620 tfsnifs (9b40e1e4aeed849812a2e43a388a7e77) C:\WINDOWS\system32\dla\tfsnifs.sys
19:13:34.0671 0620 tfsnifs ( UnsignedFile.Multi.Generic ) - warning
19:13:34.0671 0620 tfsnifs - detected UnsignedFile.Multi.Generic (1)
19:13:34.0890 0620 tfsnopio (818047ad850b312705aa17ca96b9427d) C:\WINDOWS\system32\dla\tfsnopio.sys
19:13:34.0890 0620 tfsnopio ( UnsignedFile.Multi.Generic ) - warning
19:13:34.0890 0620 tfsnopio - detected UnsignedFile.Multi.Generic (1)
19:13:35.0156 0620 tfsnpool (4603e813bcc6dd465cd8d2afd37fa90d) C:\WINDOWS\system32\dla\tfsnpool.sys
19:13:35.0187 0620 tfsnpool ( UnsignedFile.Multi.Generic ) - warning
19:13:35.0187 0620 tfsnpool - detected UnsignedFile.Multi.Generic (1)
19:13:35.0437 0620 tfsnudf (6fc2cd904a9a55acfdfc780a611a75ed) C:\WINDOWS\system32\dla\tfsnudf.sys
19:13:35.0437 0620 tfsnudf ( UnsignedFile.Multi.Generic ) - warning
19:13:35.0437 0620 tfsnudf - detected UnsignedFile.Multi.Generic (1)
19:13:35.0671 0620 tfsnudfa (d4afa4d00f8db3fd1c15b3fe49c3a96c) C:\WINDOWS\system32\dla\tfsnudfa.sys
19:13:35.0703 0620 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
19:13:35.0703 0620 tfsnudfa - detected UnsignedFile.Multi.Generic (1)
19:13:36.0031 0620 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
19:13:36.0343 0620 TosIde - ok
19:13:49.0140 0620 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:13:49.0437 0620 Udfs - ok
19:13:49.0671 0620 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
19:13:49.0765 0620 ultra - ok
19:13:50.0031 0620 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:13:50.0234 0620 Update - ok
19:13:50.0562 0620 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:13:50.0687 0620 USBAAPL - ok
19:13:51.0031 0620 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:13:51.0218 0620 usbccgp - ok
19:13:51.0437 0620 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:13:51.0625 0620 usbehci - ok
19:13:51.0859 0620 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:13:52.0031 0620 usbhub - ok
19:13:52.0265 0620 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:13:52.0453 0620 usbprint - ok
19:13:52.0671 0620 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:13:52.0843 0620 usbscan - ok
19:13:53.0078 0620 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:13:53.0250 0620 USBSTOR - ok
19:13:53.0484 0620 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:13:53.0656 0620 usbuhci - ok
19:13:53.0906 0620 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
19:13:54.0062 0620 usbvideo - ok
19:13:54.0296 0620 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:13:54.0484 0620 VgaSave - ok
19:13:54.0718 0620 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
19:13:54.0890 0620 viaagp - ok
19:13:55.0156 0620 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
19:13:55.0328 0620 ViaIde - ok
19:13:55.0546 0620 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:13:55.0734 0620 VolSnap - ok
19:13:56.0296 0620 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:13:56.0484 0620 Wanarp - ok
19:13:56.0687 0620 WDICA - ok
19:13:56.0875 0620 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:13:57.0046 0620 wdmaud - ok
19:13:57.0375 0620 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:13:57.0578 0620 WS2IFSL - ok
19:13:57.0843 0620 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:13:58.0015 0620 WSTCODEC - ok
19:13:58.0265 0620 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:13:58.0328 0620 WudfPf - ok
19:13:58.0578 0620 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:13:58.0625 0620 WudfRd - ok
19:13:58.0687 0620 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:13:59.0031 0620 \Device\Harddisk0\DR0 - ok
19:13:59.0078 0620 Boot (0x1200) (39b4b34511795e9d25511da81699fa03) \Device\Harddisk0\DR0\Partition0
19:13:59.0078 0620 \Device\Harddisk0\DR0\Partition0 - ok
19:13:59.0093 0620 ============================================================
19:13:59.0093 0620 Scan finished
19:13:59.0093 0620 ============================================================
19:13:59.0218 3244 Detected object count: 19
19:13:59.0218 3244 Actual detected object count: 19
  • 0

#13
tammy111
Posted 14 January 2012 - 07:16 PM

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
I will stop here til I hear from you. The screen I have has the list of threats and I can 'copy all to quaranteen' or 'restore default actions' ....dont know which to do....
  • 0

#14
RKinner
Posted 14 January 2012 - 10:14 PM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP
They are all false positives so just SKIP them.
  • 0

#15
tammy111
Posted 15 January 2012 - 10:48 AM

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Only the 'fixmbr' was enabled. Here is the log.

aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-15 10:40:29
-----------------------------
10:40:29.421 OS Version: Windows 5.1.2600 Service Pack 3
10:40:29.421 Number of processors: 1 586 0x209
10:40:29.421 ComputerName: BEDROOM UserName: Todd
10:40:29.937 Initialize success
10:40:30.031 AVAST engine defs: 12011500
10:40:43.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:40:43.140 Disk 0 Vendor: Maxtor_6Y080L0 YAR41BW0 Size: 76293MB BusType: 3
10:40:43.156 Disk 0 MBR read successfully
10:40:43.156 Disk 0 MBR scan
10:40:43.156 Disk 0 Windows XP default MBR code
10:40:43.156 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 31 MB offset 63
10:40:43.171 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76253 MB offset 64260
10:40:43.171 Disk 0 scanning sectors +156232125
10:40:43.250 Disk 0 scanning C:\WINDOWS\system32\drivers
10:40:58.187 Service scanning
10:40:59.375 Modules scanning
10:41:04.609 Module: C:\WINDOWS\system32\dla\tfsndres.sys **SUSPICIOUS**
10:41:07.484 AVAST engine scan C:\WINDOWS
10:42:01.625 AVAST engine scan C:\WINDOWS\system32
10:44:19.750 AVAST engine scan C:\WINDOWS\system32\drivers
10:44:39.921 AVAST engine scan C:\Documents and Settings\Todd
10:50:35.812 Disk 0 MBR has been saved successfully to "F:\MBR.dat"
10:50:35.843 The log file has been saved successfully to "F:\aswMBR.txt"
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP