Solved AVG reported win32/heur during scheduled scan

Status
Not open for further replies.
N

nontech

Posts: 12   +0
G'day all. I think I may have a virus problem. During a normal scheduled weekly scan AVG reported win/32 heur in four .exe files on my data storage array.

These files had been on the data array for a couple of years and were no longer required so they were quarantined and deleted. I was carrying out your 8 step prelim, and malwarebytes detected both Heuristics.Shuriken and Spyware.Passwords viruses on some even older files.(These to were no longer required so were quarantined and deleted).

My system is a fairly new reinstall of Windows 7 Professional SP1. After I had problems updating to SP1. The C array was not formatted Windows was just reinstalled on the exsisting partition. Windows.old has been being deleted as i reinstall the programs that I require.

I run AVG 2011 on auto update with scheduled scans, Spybot Search & Destroy "teatimer" on autorun at startup and I periodically do Spybot S&D scans and imunise

Logs pasted below:

Malwarebytes log:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6075

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.7601.17514

16/03/2011 9:01:10 PM
mbam-log-2011-03-16 (21-01-10).txt

Scan type: Full scan (C:\|D:\|E:\|H:\|)
Objects scanned: 636577
Time elapsed: 27 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Grant\downloads\twc_4-11_setup.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
d:\downloads\game downloads\silent hunter 4\Ini-Mods\jtex-minichrono\JTxE.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
d:\downloads\game downloads\silent hunter 4\MODTOOLS\JTxE.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
d:\modding tools\MODTOOLS\JTxE.exe (Spyware.Passwords) -> Quarantined and deleted successfully.

dds attach log:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 26/02/2011 8:50:00 AM
System Uptime: 16/03/2011 9:23:50 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P6T DELUXE V2
Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz | LGA1366 | 3800/190mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 838 GiB total, 742.24 GiB free.
D: is FIXED (NTFS) - 901 GiB total, 649.118 GiB free.
E: is FIXED (NTFS) - 962 GiB total, 863.253 GiB free.
F: is CDROM ()
G: is CDROM (CDFS)
H: is FIXED (NTFS) - 0 GiB total, 0.06 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP93: 3/03/2011 6:53:29 PM - Installed X3 Reunion
RP94: 3/03/2011 7:10:16 PM - Installed X3 Reunion
RP95: 6/03/2011 7:00:02 PM - Windows Backup
RP96: 8/03/2011 9:41:59 PM - ATI Catalyst Install
RP97: 9/03/2011 4:33:37 PM - Windows Update
RP99: 10/03/2011 10:05:53 PM - Paint.NET v3.5.8
RP100: 11/03/2011 7:31:20 PM - Installed Application Profiles
RP101: 11/03/2011 7:32:16 PM - Installed Application Profiles
RP102: 11/03/2011 7:41:00 PM - Installed Dolby Digital Live Pack
RP103: 12/03/2011 1:24:41 PM - pre CiM
RP104: 12/03/2011 1:26:29 PM - Installed Steam
RP105: 13/03/2011 7:00:03 PM - Windows Backup
RP106: 15/03/2011 7:44:38 PM - Removed X3 Reunion
RP107: 15/03/2011 7:49:01 PM - Installed X3 Reunion
RP108: 16/03/2011 10:27:05 AM - Removed Java(TM) 6 Update 24
RP109: 16/03/2011 10:27:32 AM - Installed Java(TM) 6 Update 24
RP110: 16/03/2011 10:28:37 AM - Removed Java(TM) 6 Update 24
RP111: 16/03/2011 10:28:53 AM - Installed Java(TM) 6 Update 24
RP112: 16/03/2011 9:04:49 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
Acronis*True*Image*Home 2011
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop 7.0
Adobe Photoshop Scripting Support 1.0
Adobe Reader X (10.0.1)
Application Profiles
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Desktop
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
Cities in Motion
Creative Audio Control Panel
Creative Console Launcher
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
Creative WaveStudio 7
Definition update for Microsoft Office 2010 (KB982726)
Dolby Digital Live Pack
Driver Sweeper version 2.8.5
eReg
GIMP 2.6.11
Google Earth
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
GPL Ghostscript 8.71
HiJackThis
Java Auto Updater
Java(TM) 6 Update 24
Malwarebytes' Anti-Malware
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Notepad++
NVIDIA Photoshop Plug-ins
OpenAL
Plus Pack for Acronis True Image Home 2011
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Sib Icon Studio
Spybot - Search & Destroy
Steam
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2289116)
Visual Studio 2008 x64 Redistributables
WinMerge 2.12.4
WinZip 15.0
X Plugin Manager 2.12
X3 Bonus Package 3.1.07
X3 Reunion
.
==== Event Viewer Messages From Past Week ========
.
16/03/2011 9:22:09 PM, Error: Service Control Manager [7034] - The Creative Audio Service service terminated unexpectedly. It has done this 1 time(s).
16/03/2011 8:31:01 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
16/03/2011 8:31:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
16/03/2011 8:30:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
16/03/2011 8:30:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
16/03/2011 8:30:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
16/03/2011 8:30:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
16/03/2011 8:30:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
16/03/2011 8:30:36 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031611-17300-01.
16/03/2011 8:30:34 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgfwfd Avgldx64 Avgmfx64 Avgtdia CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vpcnfltr vpcvmm Wanarpv6 WfpLwf
16/03/2011 8:30:34 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
16/03/2011 8:30:34 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
16/03/2011 8:30:34 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
16/03/2011 8:30:34 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
16/03/2011 8:30:34 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
16/03/2011 8:30:34 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
16/03/2011 8:30:34 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
16/03/2011 8:30:34 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
16/03/2011 8:30:34 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
16/03/2011 8:30:34 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
16/03/2011 8:30:33 PM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.
16/03/2011 11:23:41 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fc (0x000000000002bb2c, 0x8250000348ed2847, 0xfffff880033fd9d0, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031611-34616-01.
15/03/2011 9:14:25 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x000000000c690000, 0x0000000000000002, 0x0000000000000000, 0xfffff80002ef7d68). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031511-30014-01.
14/03/2011 6:00:19 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031411-31527-01.
13/03/2011 5:15:09 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x000000000048d229, 0x000000000000000b, 0x0000000000000008, 0xfffff88005a96dc8). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031311-35583-01.
12/03/2011 7:22:27 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fc (0x00000000004c852a, 0xb35000030c2e6847, 0xfffff8800331b940, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031211-30014-01.
12/03/2011 5:25:37 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000000, 0x000000000000000d, 0x0000000000000001, 0xfffff80002e9d9a2). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031211-37799-01.
12/03/2011 1:28:24 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
12/03/2011 1:28:24 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/03/2011 6:01:26 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000000000e80, 0x000000000000000d, 0x0000000000000008, 0x0000000000000e80). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031111-30076-01.
11/03/2011 5:41:51 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031111-28454-01.
.
==== End Of File ===========================

dds log:

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Grant at 21:38:48.28 on Wed 16/03/2011
Internet Explorer: 8.0.7601.17514
Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.12279.10220 [GMT 10:00]
.
AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\AVG\AVG10\avgfws.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\AVG\AVG10\avgam.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDClock.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\AVG\AVG10\avgsystx.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\AVG\AVG10\avgsysta.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Grant\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [MysticThumbs] C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
mRun-x64: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
mRun-x64: [Launch LCore] "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
mRun-x64: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\System32\drivers\tdrpm273.sys [2011-3-1 1263200]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2010-7-12 57696]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-12-8 308304]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-12 382032]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-3-1 3246040]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-27 203776]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2010-11-22 3226632]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-2-27 1153368]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2011-3-1 285280]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-3-13 9085952]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-3-13 299520]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-3 157264]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-3 35920]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2010-7-7 230488]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-7-7 1445976]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2010-7-7 95320]
R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\System32\drivers\ha20x22k.sys [2010-7-7 1612888]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2011-2-27 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2011-2-27 16008]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-26 136176]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-1-6 6128720]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-2-26 79360]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2010-7-7 230488]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-7-7 1445976]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2010-7-7 95320]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-26 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-26 1255736]
.
=============== Created Last 30 ================
.
2011-03-16 11:05:00 388096 ----a-r- C:\Users\Grant\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-16 11:05:00 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-03-16 09:54:36 -------- d-----w- C:\Users\Grant\AppData\Roaming\Malwarebytes
2011-03-16 09:54:22 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-16 09:54:21 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-03-16 09:54:19 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-03-16 09:54:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-15 19:44:44 -------- d-----w- C:\X3 Savegame Manager
2011-03-12 19:58:22 9085952 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-03-12 19:54:39 299520 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-03-12 03:26:39 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2011-03-12 03:26:38 -------- d-----w- C:\Program Files (x86)\Steam
2011-03-09 08:48:48 -------- d-----w- C:\Users\Grant\.assistant
2011-03-09 08:48:41 -------- d-----w- C:\Program Files (x86)\X Plugin Manager
2011-03-08 11:47:51 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2011-03-08 11:47:32 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-03-04 07:01:53 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-03-04 07:01:52 -------- d-----w- C:\Program Files\ATI
2011-03-04 07:01:25 -------- d-----w- C:\Program Files\ATI Technologies
2011-03-04 06:01:25 -------- d-----w- C:\ATI
2011-03-03 09:09:58 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2011-03-03 09:09:58 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2011-03-03 09:09:58 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2011-03-03 09:09:58 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2011-03-03 09:09:57 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2011-03-03 09:09:57 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2011-03-03 09:09:57 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2011-03-03 08:53:34 -------- d-----w- C:\Program Files (x86)\DeepSilver
2011-03-01 08:39:10 285280 ----a-w- C:\Windows\System32\drivers\afcdp.sys
2011-03-01 08:39:09 1263200 ----a-w- C:\Windows\System32\drivers\tdrpm273.sys
2011-03-01 08:39:08 970336 ----a-w- C:\Windows\System32\drivers\timntr.sys
2011-03-01 08:39:05 277088 ----a-w- C:\Windows\System32\drivers\snapman.sys
2011-02-27 12:32:44 14744 ----a-w- C:\Users\Grant\AppData\Roaming\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
2011-02-27 11:46:20 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-02-27 11:46:20 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2011-02-27 11:40:53 1047552 ----a-w- C:\Windows\SysWow64\mfc71u.dll
2011-02-27 11:40:53 -------- d-----w- C:\Program Files (x86)\WinMerge
2011-02-27 10:38:56 -------- d-----w- C:\Program Files (x86)\Sib Icon Studio
2011-02-27 10:08:41 -------- d-----w- C:\Program Files (x86)\gs
2011-02-27 10:03:01 -------- d-----w- C:\Program Files\MysticCoder
2011-02-27 10:02:06 -------- d-----w- C:\Program Files\gs
2011-02-27 08:25:00 485376 ----a-w- C:\Windows\System32\MyDefragScreenSaver_v4.3.1.scr
2011-02-27 08:25:00 1147392 ----a-w- C:\Windows\System32\MyDefragScreenSaver_v4.3.1.exe
2011-02-27 08:25:00 -------- d-----w- C:\Program Files\MyDefrag v4.3.1
2011-02-27 06:43:04 -------- d-----w- C:\Program Files\Windows XP Mode
2011-02-27 06:26:45 -------- d-----r- C:\Users\Grant\Virtual Machines
2011-02-27 06:21:59 3584 ----a-w- C:\Windows\System32\drivers\sv-SE\vpchbus.sys.mui
2011-02-27 05:02:32 -------- d-----w- C:\PROGRA~3\Bitstream Font Navigator
2011-02-27 04:24:16 -------- d-----w- C:\Users\Grant\AppData\Local\Paint.NET
2011-02-27 03:58:33 -------- d-----w- C:\Users\Grant\.gimp-2.6
2011-02-27 03:53:45 -------- d-----w- C:\Users\Grant\.thumbnails
2011-02-27 03:52:25 -------- d-----w- C:\Users\Grant\.gimp-2.6_ORIGINAL
2011-02-27 03:49:46 -------- d-----w- C:\Program Files (x86)\GIMP-2.0
2011-02-27 02:38:19 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-02-27 02:38:19 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-02-27 02:38:19 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-02-27 02:38:06 151552 ----a-w- C:\Windows\SysWow64\nvRegDev.dll
2011-02-27 02:29:53 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-02-27 02:29:53 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-02-27 02:29:53 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-02-27 02:29:52 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-02-27 02:29:52 602244 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-02-27 02:05:35 306688 ----a-w- C:\Windows\IsUninst.exe
2011-02-27 01:46:21 521448 ----a-w- C:\Windows\System32\deployJava1.dll
2011-02-27 01:45:45 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-02-26 20:46:33 -------- d-----w- C:\Users\Grant\AppData\Local\Logitech
2011-02-26 20:45:40 374792 ----a-w- C:\Windows\System32\drivers\UMDF\lgSSQVGA.dll
2011-02-26 20:45:40 22408 ----a-w- C:\Windows\System32\drivers\LGBusEnum.sys
2011-02-26 20:45:40 16008 ----a-w- C:\Windows\System32\drivers\LGVirHid.sys
2011-02-26 20:45:40 157704 ----a-w- C:\Windows\System32\drivers\UMDF\lgSSBW.dll
2011-02-26 20:45:39 -------- d-----w- C:\Program Files\Logitech Gaming Software
2011-02-26 20:38:39 53248 ----a-r- C:\Users\Grant\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-02-26 20:38:30 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2011-02-26 20:37:48 -------- d-----w- C:\Users\Grant\AppData\Roaming\Logishrd
2011-02-26 16:36:01 -------- d-----w- C:\Windows\Panther
2011-02-26 07:30:35 -------- d-----w- C:\Program Files (x86)\MSECache
2011-02-26 06:46:35 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2011-02-26 06:46:28 -------- d-----w- C:\Windows\PCHEALTH
2011-02-26 06:46:28 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-02-26 06:44:25 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-02-26 06:44:08 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2011-02-26 06:43:55 -------- d-----w- C:\Users\Grant\AppData\Local\Microsoft Help
2011-02-26 05:46:58 -------- d-----w- C:\Users\Grant\AppData\Local\ElevatedDiagnostics
2011-02-26 05:46:35 -------- d-----w- C:\Program Files (x86)\Common Files\Creative
2011-02-26 05:46:34 -------- d--h--w- C:\Program Files (x86)\Creative Installation Information
2011-02-26 05:46:33 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
2011-02-26 05:46:25 -------- d-----w- C:\Program Files\Creative
2011-02-26 05:46:17 -------- d-----w- C:\Program Files (x86)\Creative
2011-02-26 05:45:57 113152 ----a-w- C:\Windows\System32\cttele64.dll
2011-02-26 05:45:57 106496 ----a-w- C:\Windows\SysWow64\cttele32.dll
2011-02-26 05:45:44 -------- d-----w- C:\Windows\System32\data
2011-02-26 05:03:31 7062 ----a-w- C:\Windows\SysWow64\audiopid.vxd
2011-02-26 04:43:58 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-02-26 04:43:58 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-02-26 03:22:35 -------- d-----w- C:\Windows\SysWow64\Wat
2011-02-26 03:22:35 -------- d-----w- C:\Windows\System32\Wat
2011-02-26 03:21:43 715776 ----a-w- C:\Windows\System32\kerberos.dll
2011-02-26 03:21:43 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2011-02-26 02:53:53 -------- d-----w- C:\Users\Grant\AppData\Local\Adobe
2011-02-26 02:42:23 -------- d-----w- C:\Users\Grant\AppData\Local\WinZip
2011-02-26 01:04:01 -------- d-----w- C:\Users\Grant\AppData\Local\Google
2011-02-26 00:38:38 -------- d-----w- C:\Users\Grant\AppData\Roaming\AVG10
2011-02-26 00:37:47 -------- d--h--w- C:\PROGRA~3\Common Files
2011-02-26 00:37:40 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-02-26 00:37:18 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-02-26 00:37:18 -------- d-----w- C:\PROGRA~3\AVG10
2011-02-26 00:36:56 -------- d-----w- C:\Program Files (x86)\AVG
2011-02-26 00:35:35 -------- d-----w- C:\PROGRA~3\MFAData
2011-02-26 00:28:23 0 ----a-w- C:\Windows\ativpsrm.bin
2011-02-26 00:24:42 -------- d-----w- C:\AMD
2011-02-26 00:18:45 -------- d-----w- C:\Windows\System32\appmgmt
2011-02-26 00:17:53 -------- d-----w- C:\Program Files (x86)\Phyxion.net
2011-02-25 23:55:55 -------- d-----w- C:\Users\Grant\AppData\Local\ATI
2011-02-25 23:43:25 -------- d-sh--w- C:\Windows\Installer
2011-02-25 23:15:55 -------- d-----w- C:\Windows\System32\SPReview
2011-02-25 23:07:14 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui
2011-02-25 23:07:12 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2011-02-25 23:07:09 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
2011-02-25 23:07:09 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
2011-02-25 23:06:27 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-02-25 23:06:27 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-02-25 23:05:33 3129344 ----a-w- C:\Windows\System32\win32k.sys
2011-02-25 23:01:41 -------- d-----w- C:\Windows\System32\EventProviders
2011-02-25 23:01:07 7947600 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{288987BB-B445-4B85-9F52-BA4981DBC9DC}\mpengine.dll
2011-02-25 23:01:05 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-02-24 11:40:13 -------- d-----w- C:\e0a41745d932398196
.
==================== Find3M ====================
.
2011-02-26 05:45:54 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2011-02-26 05:45:54 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2011-02-26 05:45:54 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2011-02-26 05:45:54 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2011-02-25 23:14:42 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-02-25 23:14:42 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-01-26 23:22:18 22295040 ----a-w- C:\Windows\System32\atio6axx.dll
2011-01-26 23:00:44 143360 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-01-26 23:00:30 596480 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-01-26 22:59:46 17204736 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-01-26 22:59:10 708608 ----a-w- C:\Windows\System32\aticfx64.dll
2011-01-26 22:56:30 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-01-26 22:56:14 479232 ----a-w- C:\Windows\System32\atieclxx.exe
2011-01-26 22:55:36 203776 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-01-26 22:54:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-01-26 22:54:00 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-01-26 22:53:54 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-01-26 22:53:42 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-01-26 22:53:36 16384 ----a-w- C:\Windows\System32\atimuixx.dll
2011-01-26 22:53:32 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-01-26 22:53:26 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-01-26 22:49:44 4105728 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-01-26 22:40:02 4847616 ----a-w- C:\Windows\System32\atidxx64.dll
2011-01-26 22:32:46 1208320 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-01-26 22:32:12 1912832 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-01-26 22:32:00 3222016 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-01-26 22:28:52 4170752 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-01-26 22:27:52 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-01-26 22:27:50 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-01-26 22:27:42 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-01-26 22:27:40 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-01-26 22:27:30 6982144 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-01-26 22:25:50 5580800 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-01-26 22:24:18 3463680 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-01-26 22:21:58 5316096 ----a-w- C:\Windows\System32\atiumd64.dll
2011-01-26 22:20:46 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-01-26 22:14:14 354304 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-01-26 22:14:08 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-01-26 22:13:56 14848 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-01-26 22:13:52 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-01-26 22:13:52 12800 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-01-26 22:13:50 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-01-26 22:13:42 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-01-26 22:12:46 39936 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-01-26 22:12:40 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-01-26 22:12:32 38400 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-01-26 22:12:24 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-01-26 22:11:46 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-01-26 22:08:46 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2011-01-26 22:08:46 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-01-26 22:08:40 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-01-26 22:08:40 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-01-07 12:17:52 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-01-07 12:17:52 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-07 12:14:11 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 09:20:44 366592 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 07:46:34 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-07 07:46:34 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:45:57 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:43:36 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 10:34:00 612864 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 05:55:55 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-04 09:37:38 875520 ----a-w- C:\Windows\System32\MysticThumbs.cpl
2011-01-04 09:37:36 51024 ----a-w- C:\Windows\SysWow64\vcomp100.dll
2011-01-04 09:37:30 57168 ----a-w- C:\Windows\System32\vcomp100.dll
2010-12-23 10:42:53 1118720 ----a-w- C:\Windows\System32\sbe.dll
2010-12-23 10:42:51 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2010-12-23 10:42:51 723968 ----a-w- C:\Windows\System32\EncDec.dll
2010-12-23 10:36:02 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2010-12-23 05:54:18 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2010-12-23 05:54:17 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2010-12-23 05:54:17 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2010-12-23 05:50:23 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
.
============= FINISH: 21:39:10.01 ===============

I had followed a link to a site that that was definately not what I was looking for on google and it opened up gambling and other sites behind internet explorer. I didn't realise these sites were open until I closed down IE.

Please help if you can?
 
Welcome to TechSpot!
As you may know by now, a recent AVG update caused most users with AVG to report out False Positives of Win32/Heur. Since AVG found this on old files, it sounds like you may not have had the 'fix' update before the scan which was issued a few days after. It sounds like you have currently updated, but if you have not, please do so and see if this makes a difference.
==========================================
Did you attempt to run GMER? If not, please refer to the link and instructions for it on this thread: Preliminary Virus and Malware Removal thread HERE.

If you have a problem running GMER, try one of the following:
1. Uncheck Devices
2. Scan in Safe Mode (only for this- otherwise scans should be done in Normal Mode.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
======================================
I will have you check the Services in the Management Console later. It appears that you do not have some Services running and/or you do not have the Dependencies running.
======================================
Run Eset NOD32 Online AntiVirus scan HEREhttp://www.eset.eu/online-scanner
  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the Active X control to install
  4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
  5. Click Start
  6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
  7. Click Scan
  8. Wait for the scan to finish
  9. Click on "Copy to Clipboard"> (you won't see the 'clipboard')
  10. Click anywhere in the post where you want the logs to go, the do Ctrl V. The log will be sent from the clipboard and pasted in the post.
  11. Re-enable your Antivirus software.
    NOTE: If you forget to copy to the clipboard you can find the log here:
    C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
==========================================
AVG will have to be uninstall to run Combofix:
Download AppRemover and save to the desktop]
How to Use AppRemover to Remove a Complete Security Application
  1. Double click the setup on the desktop> click Next
  2. Select “Remove Security Application”
  3. Let scan finish to determine security apps
  4. A screen like below will appear:
    https://www.techspot.com/downloads/5514-appremover.htmlabout/chooseuninstall.gif/image_preview[/img[*] Click on [b]Next[/b] after choice has been made
    [*] Check the AVG program you want to uninstall
    [*] After uninstall shows complete, follow online prompts to Exit the program.[/list]
    ===============================
    If you would like to have a 'temporary AV', you can install either of these free, good programs. Although you will need to disable the security for the Combofix scan, their presence on the system will not interfer:
    [url=http://download.cnet.com/Avira-AntiVir-Personal-Free-Antivirus/3000-2239_4-10322935.html?part=dl-10322935&subj=dl&tag=button&cdlPid=11012914][b][color=blue]Avira-AntiVir-Personal-Free-Antivirus[/b][/color][/url]
    [URL="http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html?part=dl-85737&subj=dl&tag=button"][B][COLOR="RoyalBlue"]Avast Free Version[/COLOR][/B][/URL]
    Please reboot when finished.
    ==================================
    [b]Download Combofix to your desktop from one of these locations:[/b][b]
    [url=http://www.bleepingcomputer.com/download/anti-virus/combofix]HERE[/url] or [url=http://www.forospyware.com/sUBs/ComboFix.exe]HERE[/b][/url][list]
    [*]Double click combofix.exe & follow the prompts.
    [*]ComboFix checks to see if the Microsoft Windows Recovery Console is installed. We recommended that you pre-installed it on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
    [b]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.[/b]
    [*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    [*]Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    [img]http://img.photobucket.com/albums/v706/ried7/whatnext.png
  5. .Click on Yes, to continue scanning for malware
  6. .If Combofix asks you to update the program, allow
  7. .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  8. .Close any open browsers.
  9. .Double click combofix.exe
    cf-icon.jpg
    & follow the prompts to run.
  10. When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
Re-enable your Antivirus software.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
 
G'day Bobbye and thanks for the assist.

I have updated AVG and done another complete scan with nil viruses reported.

Apologies "my bad" I had run GMER but the log was completely blank and I forgot to post that up.

I have started to run Eset NOD32 this morning but after 1hr 25min I stopped the scan as I must get theeself to grindstone post haste.
So far it has reported the following:

D:\Downloads\Computer Downloads\Software Downloads\1CLICK_DVD\1CLICK DVD\1CLICK_DVD_Copy_5.3.1.6\Patch\All.LG.Software.Innovations.Generic.Patch-ICU.exe probably a variant of Win32/Autorun.CPLKURV worm
D:\Downloads\Computer Downloads\Software Downloads\1CLICK_DVD\1CLICK DVD\1CLICK_DVD_Copy_Pro_3.0.1.6\Patch\All.LG.Software.Innovations.Generic.Patch-ICU.exe probably a variant of Win32/Autorun.CPLKURV worm
D:\Downloads\Computer Downloads\Software Downloads\NERO\NERO 9\NERO BackItUp & Burn\Nero_BackItUpAndBurn-1.2.17b.exe Win32/Toolbar.AskSBar application

When I get home, I shall run it to completion. Would you like the completed Eset NOD32 log posted up before I continue on with uninstalling AVG and running combo fix? :-(

Many thanks

Cheers

G
 
G'day again Bobbye,

Apologies that this is taking so long :eek:

Got home last night and finished running Eset. I dont know where the permanent disable AVG control is, so have used the temporary disable that only disables AVG for max 15 minutes. Reset temporary disable every 13-14 minutes so that it would remain off.

The Eset scan took four hours :dead:

Results same as earlier:

D:\Downloads\Computer Downloads\Software Downloads\1CLICK_DVD\1CLICK DVD\1CLICK_DVD_Copy_5.3.1.6\Patch\All.LG.Software.Innovations.Generic.Patch-ICU.exe probably a variant of Win32/Autorun.CPLKURV worm
D:\Downloads\Computer Downloads\Software Downloads\1CLICK_DVD\1CLICK DVD\1CLICK_DVD_Copy_Pro_3.0.1.6\Patch\All.LG.Software.Innovations.Generic.Patch-ICU.exe probably a variant of Win32/Autorun.CPLKURV worm
D:\Downloads\Computer Downloads\Software Downloads\NERO\NERO 9\NERO BackItUp & Burn\Nero_BackItUpAndBurn-1.2.17b.exe Win32/Toolbar.AskSBar application

I have tried to run gmer three more time both in safe and normal mode, but the log it generates is still blank. ???

I have to get theeself back to grindstone; and will be late getting in tonight as we have compulsory dinning in night. I will remove AVG and do combofix in the weeeeeeeeeee hours of tommorow morning

:wave:
 
bobbye are you still there?

I have finished all tasks that you asked me to do

gmer:

log is blank

Eset log:

D:\Downloads\Computer Downloads\Software Downloads\1CLICK_DVD\1CLICK DVD\1CLICK_DVD_Copy_5.3.1.6\Patch\All.LG.Software.Innovations.Generic.Patch-ICU.exe probably a variant of Win32/Autorun.CPLKURV worm
D:\Downloads\Computer Downloads\Software Downloads\1CLICK_DVD\1CLICK DVD\1CLICK_DVD_Copy_Pro_3.0.1.6\Patch\All.LG.Software.Innovations.Generic.P atch-ICU.exe probably a variant of Win32/Autorun.CPLKURV worm
D:\Downloads\Computer Downloads\Software Downloads\NERO\NERO 9\NERO BackItUp & Burn\Nero_BackItUpAndBurn-1.2.17b.exe Win32/Toolbar.AskSBar application

combofix log:

ComboFix 11-03-18.01 - Grant 19/03/2011 11:34:12.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.12279.10372 [GMT 10:00]
Running from: c:\users\Grant\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-02-19 to 2011-03-19 )))))))))))))))))))))))))))))))
.
.
2011-03-19 01:36 . 2011-03-19 01:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-16 20:16 . 2011-03-16 20:16 -------- d-----w- c:\program files (x86)\ESET
2011-03-16 11:05 . 2011-03-16 11:05 -------- d-----w- c:\program files (x86)\Trend Micro
2011-03-16 09:54 . 2010-12-20 08:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-16 09:54 . 2011-03-16 09:54 -------- d-----w- c:\programdata\Malwarebytes
2011-03-16 09:54 . 2011-03-16 09:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-16 09:54 . 2010-12-20 08:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-16 00:29 . 2011-03-16 00:29 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-03-16 00:29 . 2011-03-16 00:29 -------- d-----w- c:\program files (x86)\Java
2011-03-15 19:44 . 2011-03-16 00:29 -------- d-----w- C:\X3 Savegame Manager
2011-03-12 19:58 . 2011-01-26 23:37 9085952 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-03-12 19:54 . 2011-01-26 22:13 299520 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-03-12 03:26 . 2011-03-12 07:28 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-03-12 03:26 . 2011-03-17 08:10 -------- d-----w- c:\program files (x86)\Steam
2011-03-09 08:48 . 2011-03-16 08:11 -------- d-----w- c:\program files (x86)\X Plugin Manager
2011-03-08 11:47 . 2011-03-08 11:47 -------- d-----w- c:\programdata\ATI
2011-03-08 11:47 . 2011-03-08 11:47 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-03-08 11:47 . 2011-03-08 11:47 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-03-04 07:01 . 2011-03-11 09:31 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-03-04 07:01 . 2011-03-04 07:01 -------- d-----w- c:\program files\ATI
2011-03-04 07:01 . 2011-03-08 11:47 -------- d-----w- c:\program files\ATI Technologies
2011-03-04 06:01 . 2011-03-04 06:01 -------- d-----w- C:\ATI
2011-03-03 08:53 . 2011-03-15 09:33 -------- d-----w- c:\program files (x86)\DeepSilver
2011-03-01 08:39 . 2011-03-01 08:39 285280 ----a-w- c:\windows\system32\drivers\afcdp.sys
2011-03-01 08:39 . 2011-03-01 08:39 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2011-03-01 08:39 . 2011-03-01 08:39 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-03-01 08:39 . 2011-03-01 08:39 277088 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-03-01 08:38 . 2011-03-01 08:39 -------- d-----w- c:\program files (x86)\Common Files\Acronis
2011-03-01 08:38 . 2011-03-01 08:38 -------- d-----w- c:\program files (x86)\Acronis
2011-02-27 11:46 . 2011-03-04 03:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-02-27 11:46 . 2011-02-27 11:49 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-02-27 11:40 . 2011-03-04 03:04 -------- d-----w- c:\program files (x86)\WinMerge
2011-02-27 11:40 . 2008-12-21 13:22 1047552 ----a-w- c:\windows\SysWow64\mfc71u.dll
2011-02-27 11:33 . 2011-03-04 03:04 -------- d-----w- c:\program files (x86)\Notepad++
2011-02-27 10:38 . 2011-02-27 10:39 -------- d-----w- c:\program files (x86)\Sib Icon Studio
2011-02-27 10:08 . 2011-02-27 10:08 -------- d-----w- c:\program files (x86)\gs
2011-02-27 10:03 . 2011-02-27 10:03 -------- d-----w- c:\program files\MysticCoder
2011-02-27 10:02 . 2011-02-27 10:02 -------- d-----w- c:\program files\gs
2011-02-27 08:25 . 2011-02-28 09:57 -------- d-----w- c:\program files\MyDefrag v4.3.1
2011-02-27 08:25 . 2010-05-21 02:11 485376 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2011-02-27 08:25 . 2010-05-21 02:11 1147392 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2011-02-27 06:43 . 2011-02-27 06:43 -------- d-----w- c:\program files\Windows XP Mode
2011-02-27 06:21 . 2010-11-20 13:25 2264064 ----a-w- c:\windows\system32\VPCWizard.exe
2011-02-27 06:21 . 2010-11-20 11:35 59392 ----a-w- c:\windows\system32\drivers\vpcnfltr.sys
2011-02-27 06:21 . 2010-11-20 10:52 793600 ----a-w- c:\windows\SysWow64\vmsal.exe
2011-02-27 06:21 . 2010-11-20 13:34 360832 ----a-w- c:\windows\system32\drivers\vpcvmm.sys
2011-02-27 06:21 . 2010-11-20 13:34 194944 ----a-w- c:\windows\system32\drivers\vpchbus.sys
2011-02-27 06:21 . 2010-11-20 13:27 15872 ----a-w- c:\windows\system32\vpchbuspipe.dll
2011-02-27 06:21 . 2010-11-20 13:25 4514816 ----a-w- c:\windows\system32\vpc.exe
2011-02-27 06:21 . 2010-11-20 13:25 1369600 ----a-w- c:\windows\system32\VPCSettings.exe
2011-02-27 06:21 . 2010-11-20 11:37 936448 ----a-w- c:\windows\system32\vmsal.exe
2011-02-27 06:21 . 2010-11-20 11:37 1210368 ----a-w- c:\windows\system32\VMWindow.exe
2011-02-27 06:21 . 2010-11-20 11:35 95232 ----a-w- c:\windows\system32\drivers\vpcusb.sys
2011-02-27 06:21 . 2010-11-20 11:35 562176 ----a-w- c:\windows\system32\VMCPropertyHandler.dll
2011-02-27 05:02 . 2011-02-27 05:02 -------- d-----w- c:\programdata\Bitstream Font Navigator
2011-02-27 03:49 . 2011-02-27 03:52 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-02-27 02:38 . 2011-02-27 02:38 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-02-27 02:38 . 2007-11-01 07:23 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-02-27 02:38 . 2007-11-01 07:23 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-02-27 02:38 . 2011-02-27 02:37 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2011-02-27 02:05 . 1998-10-29 06:45 306688 ----a-w- c:\windows\IsUninst.exe
2011-02-27 01:58 . 2011-02-27 01:58 -------- d-----w- c:\program files\Java
2011-02-27 01:53 . 2011-02-27 01:53 -------- d-----w- c:\programdata\McAfee
2011-02-27 01:46 . 2011-02-27 01:58 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-27 01:45 . 2011-03-16 00:29 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-02-26 20:45 . 2011-02-26 20:45 374792 ----a-w- c:\windows\system32\drivers\UMDF\lgSSQVGA.dll
2011-02-26 20:45 . 2011-02-26 20:45 22408 ----a-w- c:\windows\system32\drivers\LGBusEnum.sys
2011-02-26 20:45 . 2011-02-26 20:45 16008 ----a-w- c:\windows\system32\drivers\LGVirHid.sys
2011-02-26 20:45 . 2011-02-26 20:45 157704 ----a-w- c:\windows\system32\drivers\UMDF\lgSSBW.dll
2011-02-26 20:45 . 2011-02-26 20:45 -------- d-----w- c:\program files\Logitech Gaming Software
2011-02-26 20:38 . 2011-02-26 20:38 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2011-02-26 20:38 . 2011-02-26 20:38 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-02-26 20:38 . 2011-02-26 20:38 -------- d-----w- c:\programdata\Logishrd
2011-02-26 20:38 . 2011-02-26 20:38 -------- d-----w- c:\program files\Logitech
2011-02-26 20:37 . 2011-02-26 20:38 -------- d-----w- c:\program files\Common Files\LogiShrd
2011-02-26 16:36 . 2011-02-25 22:48 -------- d-----w- c:\windows\Panther
2011-02-26 07:30 . 2011-02-26 07:30 -------- d-----w- c:\program files (x86)\MSECache
2011-02-26 07:17 . 2011-02-26 07:17 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-02-26 06:46 . 2011-02-26 06:46 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-02-26 06:46 . 2011-02-26 06:46 -------- d-----w- c:\windows\PCHEALTH
2011-02-26 06:46 . 2011-02-26 06:46 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-02-26 06:46 . 2011-02-26 06:46 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-02-26 06:44 . 2011-02-26 06:44 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-02-26 06:44 . 2011-02-26 06:44 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-02-26 06:43 . 2011-03-09 06:34 -------- d-----w- c:\programdata\Microsoft Help
2011-02-26 06:43 . 2011-02-26 06:43 -------- d-----r- C:\MSOCache
2011-02-26 05:46 . 2011-02-26 05:46 -------- d-----w- c:\program files (x86)\Common Files\Creative
2011-02-26 05:46 . 2011-02-26 05:46 -------- d--h--w- c:\program files (x86)\Creative Installation Information
2011-02-26 05:46 . 2011-02-26 05:46 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2011-02-26 05:46 . 2011-02-26 05:46 -------- d-----w- c:\program files\Creative
2011-02-26 05:46 . 2011-02-26 06:21 -------- d-----w- c:\program files (x86)\Creative
2011-02-26 05:45 . 2009-02-17 07:33 113152 ----a-w- c:\windows\system32\cttele64.dll
2011-02-26 05:45 . 2009-02-17 07:33 106496 ----a-w- c:\windows\SysWow64\cttele32.dll
2011-02-26 05:45 . 2011-02-26 05:45 -------- d-----w- c:\windows\system32\data
2011-02-26 05:05 . 2011-02-26 05:47 -------- d-----w- c:\programdata\Creative
2011-02-26 05:03 . 2003-06-12 13:25 7062 ----a-w- c:\windows\SysWow64\audiopid.vxd
2011-02-26 04:43 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-02-26 04:43 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-02-26 04:38 . 2011-02-26 06:46 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-02-26 03:22 . 2011-02-26 03:22 -------- d-----w- c:\windows\SysWow64\Wat
2011-02-26 03:22 . 2011-02-26 03:22 -------- d-----w- c:\windows\system32\Wat
2011-02-26 03:21 . 2010-12-17 11:40 715776 ----a-w- c:\windows\system32\kerberos.dll
2011-02-26 03:21 . 2010-12-17 07:07 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-02-26 03:01 . 2011-02-26 03:01 -------- d-----w- c:\windows\SysWow64\Macromed
2011-02-26 02:54 . 2011-02-27 02:10 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-02-26 02:53 . 2011-02-26 02:53 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2011-02-26 02:39 . 2011-02-26 02:46 -------- d-----w- c:\programdata\WinZip
2011-02-26 02:03 . 2011-02-26 02:03 -------- d-----w- c:\program files\7-Zip
2011-02-26 01:04 . 2011-02-26 01:04 -------- d-----w- c:\program files\Google
2011-02-26 01:03 . 2011-02-26 01:07 -------- d-----w- c:\program files (x86)\Google
2011-02-26 00:37 . 2011-02-26 00:37 -------- d--h--w- c:\programdata\Common Files
2011-02-26 00:37 . 2011-03-19 01:27 -------- d-----w- c:\programdata\AVG10
2011-02-26 00:36 . 2011-02-26 00:36 -------- d-----w- c:\program files (x86)\AVG
2011-02-26 00:35 . 2011-02-26 00:36 -------- d-----w- c:\programdata\MFAData
2011-02-26 00:28 . 2011-02-26 00:28 0 ----a-w- c:\windows\ativpsrm.bin
2011-02-26 00:24 . 2011-03-11 09:32 -------- d-----w- C:\AMD
2011-02-26 00:18 . 2011-02-26 00:18 -------- d-----w- c:\windows\system32\appmgmt
2011-02-26 00:17 . 2011-02-26 00:17 -------- d-----w- c:\program files (x86)\Phyxion.net
2011-02-25 23:43 . 2011-03-19 01:31 -------- d-sh--w- c:\windows\Installer
2011-02-25 23:15 . 2011-02-25 23:15 -------- d-----w- c:\windows\system32\SPReview
2011-02-25 23:07 . 2010-11-19 19:01 2560 ----a-w- c:\windows\system32\drivers\en-US\rdpwd.sys.mui
2011-02-25 23:07 . 2010-11-19 18:57 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2011-02-25 23:07 . 2010-11-19 19:11 6144 ----a-w- c:\windows\system32\drivers\en-US\IPMIDrv.sys.mui
2011-02-25 23:07 . 2010-11-19 19:10 4608 ----a-w- c:\windows\system32\drivers\en-US\kbdclass.sys.mui
2011-02-25 23:06 . 2011-01-07 09:51 1638912 ----a-w- c:\windows\system32\mshtml.tlb
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-25 23:14 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-25 23:14 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-01-26 23:22 . 2011-01-26 23:22 22295040 ----a-w- c:\windows\system32\atio6axx.dll
2011-01-26 23:00 . 2011-01-26 23:00 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2011-01-26 23:00 . 2011-01-26 23:00 596480 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-01-26 22:59 . 2011-01-26 22:59 17204736 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-01-26 22:59 . 2011-01-26 22:59 708608 ----a-w- c:\windows\system32\aticfx64.dll
2011-01-26 22:56 . 2010-11-26 02:54 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-01-26 22:56 . 2011-01-26 22:56 479232 ----a-w- c:\windows\system32\atieclxx.exe
2011-01-26 22:55 . 2011-01-26 22:55 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-01-26 22:54 . 2011-01-26 22:54 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-01-26 22:54 . 2011-01-26 22:54 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-01-26 22:53 . 2011-01-26 22:53 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-01-26 22:53 . 2011-01-26 22:53 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-01-26 22:53 . 2011-01-26 22:53 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-01-26 22:53 . 2011-01-26 22:53 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-01-26 22:53 . 2011-01-26 22:53 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-01-26 22:49 . 2011-01-26 22:49 4105728 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-01-26 22:40 . 2011-01-26 22:40 4847616 ----a-w- c:\windows\system32\atidxx64.dll
2011-01-26 22:32 . 2011-01-26 22:32 1208320 ----a-w- c:\windows\system32\atiumd6v.dll
2011-01-26 22:32 . 2011-01-26 22:32 1912832 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-01-26 22:32 . 2011-01-26 22:32 3222016 ----a-w- c:\windows\system32\atiumd6a.dll
2011-01-26 22:28 . 2011-01-26 22:28 4170752 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-01-26 22:27 . 2011-01-26 22:27 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-01-26 22:27 . 2011-01-26 22:27 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-01-26 22:27 . 2011-01-26 22:27 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-01-26 22:27 . 2011-01-26 22:27 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-01-26 22:27 . 2011-01-26 22:27 6982144 ----a-w- c:\windows\system32\aticaldd64.dll
2011-01-26 22:25 . 2011-01-26 22:25 5580800 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-01-26 22:24 . 2011-01-26 22:24 3463680 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-01-26 22:21 . 2011-01-26 22:21 5316096 ----a-w- c:\windows\system32\atiumd64.dll
2011-01-26 22:20 . 2011-01-26 22:20 58880 ----a-w- c:\windows\system32\coinst.dll
2011-01-26 22:14 . 2010-11-26 02:17 354304 ----a-w- c:\windows\system32\atiadlxx.dll
2011-01-26 22:14 . 2011-01-26 22:14 249856 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-01-26 22:13 . 2011-01-26 22:13 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-01-26 22:13 . 2011-01-26 22:13 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-01-26 22:12 . 2011-01-26 22:12 39936 ----a-w- c:\windows\system32\atiuxp64.dll
2011-01-26 22:12 . 2011-01-26 22:12 30720 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-01-26 22:12 . 2011-01-26 22:12 38400 ----a-w- c:\windows\system32\atiu9p64.dll
2011-01-26 22:12 . 2011-01-26 22:12 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-01-26 22:11 . 2011-01-26 22:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-01-26 22:08 . 2011-01-26 22:08 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-01-26 22:08 . 2011-01-26 22:08 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-01-26 22:08 . 2011-01-26 22:08 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-01-26 22:08 . 2011-01-26 22:08 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-01-04 09:37 . 2011-01-04 09:37 875520 ----a-w- c:\windows\system32\MysticThumbs.cpl
2011-01-04 09:37 . 2011-01-04 09:37 51024 ----a-w- c:\windows\SysWow64\vcomp100.dll
2011-01-04 09:37 . 2011-01-04 09:37 57168 ----a-w- c:\windows\system32\vcomp100.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-19 18:20 442880 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-02-26 39408]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-15 718208]
"MysticThumbs"="c:\program files\MysticCoder\MysticThumbs\MysticThumbsTray.exe" [2011-01-04 537088]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-07-07 24576]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-11-15 2536448]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-02-01 5546376]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 336384]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-2-27 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-26 136176]
R2 sppsvc;Software Protection;c:\windows\system32\sppsvc.exe [x]
R3 1394ohci;1394 OHCI Compliant Host Controller;c:\windows\system32\drivers\1394ohci.sys [x]
R3 AcpiPmi;ACPI Power Meter Driver;c:\windows\system32\drivers\acpipmi.sys [x]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [x]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [x]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [x]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [x]
R3 AppID;AppID Driver;c:\windows\system32\drivers\appid.sys [x]
R3 AppIDSvc;Application Identity;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [x]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [x]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [x]
R3 BDESVC;BitLocker Drive Encryption Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [x]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [x]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [x]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [x]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [x]
R3 CertPropSvc;Certificate Propagation;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-02-26 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]
R3 defragsvc;Disk Defragmenter;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [x]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [x]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [x]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [x]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [x]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [x]
R3 IPBusEnum;PnP-X IP Bus Enumerator;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [x]
R3 iScsiPrt;iScsiPort Driver;c:\windows\system32\drivers\msiscsi.sys [x]
R3 KtmRm;KtmRm for Distributed Transaction Coordinator;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 lltdsvc;Link-Layer Topology Discovery Mapper;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [x]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [x]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [x]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [x]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 mpio;Microsoft Multi-Path Bus Driver;c:\windows\system32\drivers\mpio.sys [x]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [x]
R3 msdsm;Microsoft Multi-Path Device Specific Module;c:\windows\system32\drivers\msdsm.sys [x]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [x]
R3 MSiSCSI;Microsoft iSCSI Initiator Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [x]
R3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [x]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [x]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [x]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PerfHost;Performance Counter DLL Host;c:\windows\SysWow64\perfhost.exe [2009-07-14 20992]
R3 pla;Performance Logs & Alerts;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PNRPAutoReg;PNRP Machine Name Publication Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [x]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [x]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [x]
R3 scfilter;Smart card PnP Class Filter Driver;c:\windows\system32\DRIVERS\scfilter.sys [x]
R3 SCPolicySvc;Smart Card Removal Policy;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SensrSvc;Adaptive Brightness;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SessionEnv;Remote Desktop Configuration;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\drivers\sffp_mmc.sys [x]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [x]
R3 Smb;Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session);c:\windows\system32\DRIVERS\smb.sys [x]
R3 sppuinotify;SPP Notification Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [x]
R3 StorSvc;Storage Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [x]
R3 TabletInputService;Tablet PC Input Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 TBS;TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 THREADORDER;Thread Ordering Server;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UI0Detect;Interactive Services Detection;c:\windows\system32\UI0Detect.exe [x]
R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\drivers\uliagpkx.sys [x]
R3 UmRdpService;Remote Desktop Services UserMode Port Redirector;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\system32\drivers\usbcir.sys [x]
R3 VaultSvc;Credential Manager;c:\windows\system32\lsass.exe [x]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [x]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys [x]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [x]
R3 vwifibus;Virtual WiFi Bus Driver;c:\windows\System32\drivers\vwifibus.sys [x]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wbengine;Block Level Backup Engine Service;c:\windows\system32\wbengine.exe [x]
R3 WbioSrvc;Windows Biometric Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wcncsvc;Windows Connect Now - Config Registrar;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WcsPlugInService;Windows Color System;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [x]
R3 Wecsvc;Windows Event Collector;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wercplsupport;Problem Reports and Solutions Control Panel Support;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WerSvc;Windows Error Reporting Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 22096]
R3 WinRM;Windows Remote Management (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 Wlansvc;WLAN AutoConfig;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WPDBusEnum;Portable Device Enumerator Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WwanSvc;WWAN AutoConfig;c:\windows\system32\svchost.exe [2009-07-14 27136]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
R4 Mcx2Svc;Media Center Extender Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [x]
S0 CLFS;Common Log (CLFS);c:\windows\System32\CLFS.sys [x]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [x]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [x]
S0 fvevol;Bitlocker Drive Encryption Filter Driver;c:\windows\System32\DRIVERS\fvevol.sys [x]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [x]
S0 iaStorV;Intel RAID Controller Windows 7;c:\windows\system32\drivers\iaStorV.sys [x]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [x]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [x]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [x]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [x]
S0 spldr;Security Processor Loader Driver; [x]
S0 storflt;Disk Virtual Machine Bus Acceleration Filter Driver;c:\windows\system32\drivers\vmstorfl.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [x]
S0 vdrvroot;Microsoft Virtual Drive Enumerator Driver;c:\windows\system32\drivers\vdrvroot.sys [x]
S0 vmbus;Virtual Machine Bus;c:\windows\system32\drivers\vmbus.sys [x]
S0 volmgr;Volume Manager Driver;c:\windows\system32\drivers\volmgr.sys [x]
S0 volmgrx;Dynamic Volume Manager;c:\windows\System32\drivers\volmgrx.sys [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [x]
S1 CSC;Offline Files Driver;c:\windows\system32\drivers\csc.sys [x]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [x]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [x]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [x]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [x]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [x]
S1 tdx;NetIO Legacy TDI Support Driver;c:\windows\system32\DRIVERS\tdx.sys [x]
S1 Wanarpv6;Remote Access IPv6 ARP Driver;c:\windows\system32\DRIVERS\wanarp.sys [x]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-03-01 3246040]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AudioEndpointBuilder;Windows Audio Endpoint Builder;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BFE;Base Filtering Engine;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 CscService;Offline Files;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 DPS;Diagnostic Policy Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 FDResPub;Function Discovery Resource Publication;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 gpsvc;Group Policy Client;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IKEEXT;IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 iphlpsvc;IP Helper;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [x]
S2 luafv;UAC File Virtualization;c:\windows\system32\drivers\luafv.sys [x]
S2 MMCSS;Multimedia Class Scheduler;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MpsSvc;Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NlaSvc;Network Location Awareness;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 nsi;Network Store Interface Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [x]
S2 Power;Power;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 ProfSvc;User Profile Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RpcEptMapper;RPC Endpoint Mapper;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [x]
S2 UxSms;Desktop Window Manager Session Manager;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 Appinfo;Application Information;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 bowser;Browser Support Driver;c:\windows\system32\DRIVERS\bowser.sys [x]
S3 CompositeBus;Composite Bus Enumerator Driver;c:\windows\system32\drivers\CompositeBus.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [x]
S3 fdPHost;Function Discovery Provider Host;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys [x]
S3 HomeGroupListener;HomeGroup Listener;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 HomeGroupProvider;HomeGroup Provider;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 KeyIso;CNG Key Isolation;c:\windows\system32\lsass.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
S3 monitor;Microsoft Monitor Class Function Driver Service;c:\windows\system32\DRIVERS\monitor.sys [x]
S3 mpsdrv;Windows Firewall Authorization Driver;c:\windows\system32\drivers\mpsdrv.sys [x]
S3 mrxsmb10;SMB 1.x MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb10.sys [x]
S3 mrxsmb20;SMB 2.0 MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb20.sys [x]
S3 netprofm;Network List Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [x]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [x]
S3 SDRSVC;Windows Backup;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 srv2;Server SMB 2.xxx Driver;c:\windows\system32\DRIVERS\srv2.sys [x]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [x]
S3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [2010-11-19 194048]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [x]
S3 umbus;UMBus Enumerator Driver;c:\windows\system32\DRIVERS\umbus.sys [x]
S3 WdiServiceHost;Diagnostic Service Host;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WdiSystemHost;Diagnostic System Host;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
wcssvc REG_MULTI_SZ WcsPlugInService
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-26 01:04]
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-26 01:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-19 19:27 509952 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2010-11-16 104008]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-02-01 390720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
winmgmt
SessionEnv
browser
EapHost
schedule
hkmsvc
wercplsupport
ProfSvc
Themes
BDESVC
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
StorSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-03-19 11:37:16
ComboFix-quarantined-files.txt 2011-03-19 01:37
.
Pre-Run: 791,404,855,296 bytes free
Post-Run: 793,377,308,672 bytes free
.
- - End Of File - - 7D5194A42357D517F4608A01D57D0798


If bobbye is no longer available could some else please help.

I don't know what to do next :-(

If my system is clear of virus/malware you also mentioned:

======================================
I will have you check the Services in the Management Console later. It appears that you do not have some Services running and/or you do not have the Dependencies running.
======================================

I would appreciate this assist as my system has not run at all well since the last rebuild.

I presumed the ongoing crashes were a result of a Timeout Detection and Recovery error caused by ATI drivers/ATI catalyst not playing nice with windows 7.

If there has been something else causing the instability it would be nice to know.

cheers

G
 
I have deleted your other thread since this thread is still active.
You are not the only member I'm helping. Your last log was only 20 hours ago> you don't throw a tantrum and criticize your helper because you haven't had a reply in 20 hours!

We are having a problem with how Combofix is reading some of the Services. Rather than remove Services you might be using, I have been attempting to qualify the reason for the glitch.

Your malware infection was caused by your downloading of a game named Silent Hunter4. I would guess that you may have gotten it from a torrent site. The game came with ModTools for a textenabler with malware. You are downloaded patched software with malware.
==========================
Please download OTMovit by Old Timer and save to your desktop.
  • Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    Code: 
    :Files 
D:\Downloads\Computer Downloads\Software Downloads\1CLICK_DVD\1CLICK DVD\1CLICK_DVD_Copy_5.3.1.6\Patch\All.LG.Software.Innovations.Generic.Patch-ICU.exe 
D:\Downloads\Computer Downloads\Software Downloads\1CLICK_DVD\1CLICK DVD\1CLICK_DVD_Copy_Pro_3.0.1.6\Patch\All.LG.Software.Innovations.Generic.P atch-ICU.exe 
D:\Downloads\Computer Downloads\Software Downloads\NERO\NERO 9\NERO BackItUp & Burn\Nero_BackItUpAndBurn-1.2.17b.exe 
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
==============================================
Run this while I finish reviewing Combofix. I will have you remove all the cleaning tools when through.

Don't even consider burning me again for not being at your beck and call.
 
Please run this Custom CFScript:

  • [1]. Close any open browsers.
    [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    [3]. Open notepad> click on Format> Uncheck 'Word Wrap'> and copy/paste the text in the code below into it:Be sure to scroll down to include ALL lines.
Code: 
File::
C:\Users\Grant\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
Folder::
c:\programdata\McAfee

DirLook::
c:\program files (x86)\gs
c:\program files\gs
C:\MSOCache
Save this as CFScript.txt, in the same location as ComboFix.exe
CFScriptB-4.gif


Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt . Please paste in your next reply.
====================
 
Bobbye, please accept my humble apology. Sometimes the written word doesn't convey the emotions or the intent of the writer.

I sincerely appreciate your assitance and I fully realise that it is given out of kindness and is voluntarily given.

I was not having a go at you for not replying quickly enough.

I was actually afraid that because I had been taking so long to get the tasks done that you had asked me to do; that you may have become "p__ssioffed" with me and cut me away.

OTM log attached below but I am in the middle of uninstalling AVG again so that I can run the combofix as you asked.

All processes killed
========== FILES ==========
File/Folder D:\Downloads\Computer Downloads\Software Downloads\1CLICK_DVD\1CLICK DVD\1CLICK_DVD_Copy_5.3.1.6\Patch\All.LG.Software.Innovations.Generic.Patch-ICU.exe not found.
File/Folder D:\Downloads\Computer Downloads\Software Downloads\1CLICK_DVD\1CLICK DVD\1CLICK_DVD_Copy_Pro_3.0.1.6\Patch\All.LG.Software.Innovations.Generic.P atch-ICU.exe not found.
File/Folder D:\Downloads\Computer Downloads\Software Downloads\NERO\NERO 9\NERO BackItUp & Burn\Nero_BackItUpAndBurn-1.2.17b.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Grant
->Temp folder emptied: 449963 bytes
->Temporary Internet Files folder emptied: 59829498 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 3141 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2522 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 58.00 mb

Again I aplogies, and hopefully you will acept my apology and realise that we may have had a bit of a missunderstanding.

I will be back soon with combofix log
 
Bobbye,

One small point I would like to clear up you wrote earlier:

"Your malware infection was caused by your downloading of a game named Silent Hunter4. I would guess that you may have gotten it from a torrent site. The game came with ModTools for a textenabler with malware. You are downloaded patched software with malware."

I don't pirate my games, I have the box and the receipt from EB games for that game and every other game that has ever been loaded on my system.

I do MOD, I do 3D modelling and I do 2D graphics I often use many free and freeware programs to assist in the creation of user content that I freely post up for the wider gaming community.

Whilst I almost always virus scan every piece of free or freeware modding tool that I download from community sites, there may be a small chance that I may have overlooked scanning that Modtool file.

My bad, I will be even more careful in future.

I do politely asked without trying to upset you, that you please do not call me a thief.

I have one piece of software that I have never installed sitting on my data array that a friend of mine said "here this will help you to complete that 3D model."

That piece of software has sat there for years and will probably never get installed.

combofix log part 1 attached below:

ComboFix 11-03-19.01 - Grant 20/03/2011 10:06:20.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.12279.10367 [GMT 10:00]
Running from: c:\users\Grant\Desktop\ComboFix.exe
Command switches used :: c:\users\Grant\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Grant\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\McAfee
c:\programdata\McAfee\MCLOGS\Common\MsiExec\MsiExec000.log
c:\users\Grant\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-02-20 to 2011-03-20 )))))))))))))))))))))))))))))))
.
.
2011-03-20 00:08 . 2011-03-20 00:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-19 10:52 . 2011-03-19 10:57 -------- d-----w- C:\X3
2011-03-19 10:00 . 2011-03-19 10:11 -------- d-----w- c:\program files (x86)\XSP-DB
2011-03-19 10:00 . 2009-07-24 03:22 39936 ----a-w- c:\windows\SysWow64\MSWLSDE.DLL
2011-03-19 10:00 . 2009-07-24 03:22 397072 ----a-w- c:\windows\SysWow64\MSWLESS.OCX
2011-03-19 10:00 . 2009-07-24 03:22 24626 ----a-w- c:\windows\SysWow64\scrrnde.dll
2011-03-19 10:00 . 2009-07-24 03:22 158208 ----a-w- c:\windows\SysWow64\MSCMCde.DLL
2011-03-19 10:00 . 2009-07-24 03:22 125712 ----a-w- c:\windows\SysWow64\VB6DE.DLL
2011-03-19 10:00 . 2009-07-24 03:22 101888 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2011-03-19 08:50 . 2011-03-19 08:50 -------- d-----w- c:\program files (x86)\WinMend
2011-03-19 04:31 . 2011-03-19 04:31 -------- d-----w- c:\program files (x86)\Secunia
2011-03-19 04:23 . 2011-03-19 04:23 -------- d-----w- c:\program files (x86)\WOT
2011-03-16 20:16 . 2011-03-16 20:16 -------- d-----w- c:\program files (x86)\ESET
2011-03-16 11:05 . 2011-03-16 11:05 -------- d-----w- c:\program files (x86)\Trend Micro
2011-03-16 09:54 . 2010-12-20 08:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-16 09:54 . 2011-03-16 09:54 -------- d-----w- c:\programdata\Malwarebytes
2011-03-16 09:54 . 2011-03-16 09:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-16 09:54 . 2010-12-20 08:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-16 00:29 . 2011-03-16 00:29 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-03-16 00:29 . 2011-03-16 00:29 -------- d-----w- c:\program files (x86)\Java
2011-03-15 19:44 . 2011-03-16 00:29 -------- d-----w- C:\X3 Savegame Manager
2011-03-12 19:58 . 2011-01-26 23:37 9085952 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-03-12 19:54 . 2011-01-26 22:13 299520 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-03-12 03:26 . 2011-03-12 07:28 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-03-12 03:26 . 2011-03-17 08:10 -------- d-----w- c:\program files (x86)\Steam
2011-03-09 08:48 . 2011-03-19 11:04 -------- d-----w- c:\program files (x86)\X Plugin Manager
2011-03-08 11:47 . 2011-03-08 11:47 -------- d-----w- c:\programdata\ATI
2011-03-08 11:47 . 2011-03-08 11:47 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-03-08 11:47 . 2011-03-08 11:47 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-03-04 07:01 . 2011-03-11 09:31 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-03-04 07:01 . 2011-03-04 07:01 -------- d-----w- c:\program files\ATI
2011-03-04 07:01 . 2011-03-08 11:47 -------- d-----w- c:\program files\ATI Technologies
2011-03-04 06:01 . 2011-03-04 06:01 -------- d-----w- C:\ATI
2011-03-03 08:53 . 2011-03-19 11:06 -------- d-----w- C:\X3 Reunion Non_XTM
2011-03-03 08:53 . 2011-03-19 11:05 -------- d-----w- c:\program files (x86)\DeepSilver
2011-03-01 08:39 . 2011-03-01 08:39 285280 ----a-w- c:\windows\system32\drivers\afcdp.sys
2011-03-01 08:39 . 2011-03-01 08:39 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2011-03-01 08:39 . 2011-03-01 08:39 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-03-01 08:39 . 2011-03-01 08:39 277088 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-03-01 08:38 . 2011-03-01 08:39 -------- d-----w- c:\program files (x86)\Common Files\Acronis
2011-03-01 08:38 . 2011-03-01 08:38 -------- d-----w- c:\program files (x86)\Acronis
2011-02-27 11:46 . 2011-03-04 03:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-02-27 11:46 . 2011-02-27 11:49 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-02-27 11:40 . 2011-03-04 03:04 -------- d-----w- c:\program files (x86)\WinMerge
2011-02-27 11:40 . 2008-12-21 13:22 1047552 ----a-w- c:\windows\SysWow64\mfc71u.dll
2011-02-27 11:33 . 2011-03-04 03:04 -------- d-----w- c:\program files (x86)\Notepad++
2011-02-27 10:38 . 2011-02-27 10:39 -------- d-----w- c:\program files (x86)\Sib Icon Studio
2011-02-27 10:08 . 2011-02-27 10:08 -------- d-----w- c:\program files (x86)\gs
2011-02-27 10:03 . 2011-02-27 10:03 -------- d-----w- c:\program files\MysticCoder
2011-02-27 10:02 . 2011-02-27 10:02 -------- d-----w- c:\program files\gs
2011-02-27 08:25 . 2011-03-19 08:03 -------- d-----w- c:\program files\MyDefrag v4.3.1
2011-02-27 08:25 . 2010-05-21 02:11 485376 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2011-02-27 08:25 . 2010-05-21 02:11 1147392 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2011-02-27 06:43 . 2011-02-27 06:43 -------- d-----w- c:\program files\Windows XP Mode
2011-02-27 06:21 . 2010-11-20 13:25 2264064 ----a-w- c:\windows\system32\VPCWizard.exe
2011-02-27 06:21 . 2010-11-20 11:35 59392 ----a-w- c:\windows\system32\drivers\vpcnfltr.sys
2011-02-27 06:21 . 2010-11-20 10:52 793600 ----a-w- c:\windows\SysWow64\vmsal.exe
2011-02-27 06:21 . 2010-11-20 13:34 360832 ----a-w- c:\windows\system32\drivers\vpcvmm.sys
2011-02-27 06:21 . 2010-11-20 13:34 194944 ----a-w- c:\windows\system32\drivers\vpchbus.sys
2011-02-27 06:21 . 2010-11-20 13:27 15872 ----a-w- c:\windows\system32\vpchbuspipe.dll
2011-02-27 06:21 . 2010-11-20 13:25 4514816 ----a-w- c:\windows\system32\vpc.exe
2011-02-27 06:21 . 2010-11-20 13:25 1369600 ----a-w- c:\windows\system32\VPCSettings.exe
2011-02-27 06:21 . 2010-11-20 11:37 936448 ----a-w- c:\windows\system32\vmsal.exe
2011-02-27 06:21 . 2010-11-20 11:37 1210368 ----a-w- c:\windows\system32\VMWindow.exe
2011-02-27 06:21 . 2010-11-20 11:35 95232 ----a-w- c:\windows\system32\drivers\vpcusb.sys
2011-02-27 06:21 . 2010-11-20 11:35 562176 ----a-w- c:\windows\system32\VMCPropertyHandler.dll
2011-02-27 05:02 . 2011-02-27 05:02 -------- d-----w- c:\programdata\Bitstream Font Navigator
2011-02-27 03:49 . 2011-02-27 03:52 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-02-27 02:38 . 2011-02-27 02:38 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-02-27 02:38 . 2007-11-01 07:23 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-02-27 02:38 . 2007-11-01 07:23 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-02-27 02:38 . 2011-02-27 02:37 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2011-02-27 02:05 . 1998-10-29 06:45 306688 ----a-w- c:\windows\IsUninst.exe
2011-02-27 01:58 . 2011-02-27 01:58 -------- d-----w- c:\program files\Java
2011-02-27 01:46 . 2011-02-27 01:58 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-27 01:45 . 2011-03-16 00:29 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-02-26 20:45 . 2011-02-26 20:45 374792 ----a-w- c:\windows\system32\drivers\UMDF\lgSSQVGA.dll
2011-02-26 20:45 . 2011-02-26 20:45 22408 ----a-w- c:\windows\system32\drivers\LGBusEnum.sys
2011-02-26 20:45 . 2011-02-26 20:45 16008 ----a-w- c:\windows\system32\drivers\LGVirHid.sys
2011-02-26 20:45 . 2011-02-26 20:45 157704 ----a-w- c:\windows\system32\drivers\UMDF\lgSSBW.dll
2011-02-26 20:45 . 2011-02-26 20:45 -------- d-----w- c:\program files\Logitech Gaming Software
2011-02-26 20:38 . 2011-02-26 20:38 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2011-02-26 20:38 . 2011-02-26 20:38 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-02-26 20:38 . 2011-02-26 20:38 -------- d-----w- c:\programdata\Logishrd
2011-02-26 20:38 . 2011-02-26 20:38 -------- d-----w- c:\program files\Logitech
2011-02-26 20:37 . 2011-02-26 20:38 -------- d-----w- c:\program files\Common Files\LogiShrd
2011-02-26 16:36 . 2011-02-25 22:48 -------- d-----w- c:\windows\Panther
2011-02-26 07:30 . 2011-02-26 07:30 -------- d-----w- c:\program files (x86)\MSECache
2011-02-26 07:17 . 2011-02-26 07:17 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-02-26 06:46 . 2011-02-26 06:46 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-02-26 06:46 . 2011-02-26 06:46 -------- d-----w- c:\windows\PCHEALTH
2011-02-26 06:46 . 2011-02-26 06:46 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-02-26 06:46 . 2011-02-26 06:46 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-02-26 06:44 . 2011-02-26 06:44 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-02-26 06:44 . 2011-02-26 06:44 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-02-26 06:43 . 2011-03-09 06:34 -------- d-----w- c:\programdata\Microsoft Help
2011-02-26 06:43 . 2011-02-26 06:43 -------- d-----r- C:\MSOCache
2011-02-26 05:46 . 2011-02-26 05:46 -------- d-----w- c:\program files (x86)\Common Files\Creative
2011-02-26 05:46 . 2011-02-26 05:46 -------- d--h--w- c:\program files (x86)\Creative Installation Information
2011-02-26 05:46 . 2011-02-26 05:46 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2011-02-26 05:46 . 2011-02-26 05:46 -------- d-----w- c:\program files\Creative
2011-02-26 05:46 . 2011-02-26 06:21 -------- d-----w- c:\program files (x86)\Creative
2011-02-26 05:45 . 2009-02-17 07:33 113152 ----a-w- c:\windows\system32\cttele64.dll
2011-02-26 05:45 . 2009-02-17 07:33 106496 ----a-w- c:\windows\SysWow64\cttele32.dll
2011-02-26 05:45 . 2011-02-26 05:45 -------- d-----w- c:\windows\system32\data
2011-02-26 05:05 . 2011-02-26 05:47 -------- d-----w- c:\programdata\Creative
2011-02-26 05:03 . 2003-06-12 13:25 7062 ----a-w- c:\windows\SysWow64\audiopid.vxd
2011-02-26 04:43 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-02-26 04:43 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-02-26 04:38 . 2011-02-26 06:46 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-02-26 03:22 . 2011-02-26 03:22 -------- d-----w- c:\windows\SysWow64\Wat
2011-02-26 03:22 . 2011-02-26 03:22 -------- d-----w- c:\windows\system32\Wat
2011-02-26 03:21 . 2010-12-17 11:40 715776 ----a-w- c:\windows\system32\kerberos.dll
2011-02-26 03:21 . 2010-12-17 07:07 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-02-26 03:01 . 2011-02-26 03:01 -------- d-----w- c:\windows\SysWow64\Macromed
2011-02-26 02:54 . 2011-02-27 02:10 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-02-26 02:53 . 2011-02-26 02:53 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2011-02-26 02:39 . 2011-02-26 02:46 -------- d-----w- c:\programdata\WinZip
2011-02-26 02:03 . 2011-02-26 02:03 -------- d-----w- c:\program files\7-Zip
2011-02-26 01:04 . 2011-02-26 01:04 -------- d-----w- c:\program files\Google
2011-02-26 01:03 . 2011-02-26 01:07 -------- d-----w- c:\program files (x86)\Google
2011-02-26 00:37 . 2011-02-26 00:37 -------- d--h--w- c:\programdata\Common Files
2011-02-26 00:37 . 2011-03-19 23:49 -------- d-----w- c:\programdata\AVG10
2011-02-26 00:36 . 2011-02-26 00:36 -------- d-----w- c:\program files (x86)\AVG
2011-02-26 00:35 . 2011-02-26 00:36 -------- d-----w- c:\programdata\MFAData
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-25 23:14 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-25 23:14 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-01-26 23:22 . 2011-01-26 23:22 22295040 ----a-w- c:\windows\system32\atio6axx.dll
2011-01-26 23:00 . 2011-01-26 23:00 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2011-01-26 23:00 . 2011-01-26 23:00 596480 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-01-26 22:59 . 2011-01-26 22:59 17204736 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-01-26 22:59 . 2011-01-26 22:59 708608 ----a-w- c:\windows\system32\aticfx64.dll
2011-01-26 22:56 . 2010-11-26 02:54 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-01-26 22:56 . 2011-01-26 22:56 479232 ----a-w- c:\windows\system32\atieclxx.exe
2011-01-26 22:55 . 2011-01-26 22:55 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-01-26 22:54 . 2011-01-26 22:54 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-01-26 22:54 . 2011-01-26 22:54 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-01-26 22:53 . 2011-01-26 22:53 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-01-26 22:53 . 2011-01-26 22:53 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-01-26 22:53 . 2011-01-26 22:53 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-01-26 22:53 . 2011-01-26 22:53 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-01-26 22:53 . 2011-01-26 22:53 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-01-26 22:49 . 2011-01-26 22:49 4105728 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-01-26 22:40 . 2011-01-26 22:40 4847616 ----a-w- c:\windows\system32\atidxx64.dll
2011-01-26 22:32 . 2011-01-26 22:32 1208320 ----a-w- c:\windows\system32\atiumd6v.dll
2011-01-26 22:32 . 2011-01-26 22:32 1912832 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-01-26 22:32 . 2011-01-26 22:32 3222016 ----a-w- c:\windows\system32\atiumd6a.dll
2011-01-26 22:28 . 2011-01-26 22:28 4170752 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-01-26 22:27 . 2011-01-26 22:27 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-01-26 22:27 . 2011-01-26 22:27 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-01-26 22:27 . 2011-01-26 22:27 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-01-26 22:27 . 2011-01-26 22:27 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-01-26 22:27 . 2011-01-26 22:27 6982144 ----a-w- c:\windows\system32\aticaldd64.dll
2011-01-26 22:25 . 2011-01-26 22:25 5580800 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-01-26 22:24 . 2011-01-26 22:24 3463680 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-01-26 22:21 . 2011-01-26 22:21 5316096 ----a-w- c:\windows\system32\atiumd64.dll
2011-01-26 22:20 . 2011-01-26 22:20 58880 ----a-w- c:\windows\system32\coinst.dll
2011-01-26 22:14 . 2010-11-26 02:17 354304 ----a-w- c:\windows\system32\atiadlxx.dll
2011-01-26 22:14 . 2011-01-26 22:14 249856 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-01-26 22:13 . 2011-01-26 22:13 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-01-26 22:13 . 2011-01-26 22:13 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-01-26 22:12 . 2011-01-26 22:12 39936 ----a-w- c:\windows\system32\atiuxp64.dll
2011-01-26 22:12 . 2011-01-26 22:12 30720 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-01-26 22:12 . 2011-01-26 22:12 38400 ----a-w- c:\windows\system32\atiu9p64.dll
2011-01-26 22:12 . 2011-01-26 22:12 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-01-26 22:11 . 2011-01-26 22:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-01-26 22:08 . 2011-01-26 22:08 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-01-26 22:08 . 2011-01-26 22:08 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-01-26 22:08 . 2011-01-26 22:08 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-01-26 22:08 . 2011-01-26 22:08 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-01-04 09:37 . 2011-01-04 09:37 875520 ----a-w- c:\windows\system32\MysticThumbs.cpl
2011-01-04 09:37 . 2011-01-04 09:37 51024 ----a-w- c:\windows\SysWow64\vcomp100.dll
2011-01-04 09:37 . 2011-01-04 09:37 57168 ----a-w- c:\windows\system32\vcomp100.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\MSOCache ----
.
2011-02-26 12:29 . 2011-03-13 00:41 129896 ----a-w- c:\msocache\All Users\microsoft.watson.watsonrc14.data\WatsonRC.dat
2010-03-30 20:51 . 2011-02-26 06:44 17254 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ProPlusrWW.xml
2010-03-30 20:51 . 2011-02-26 06:45 32219 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:51 . 2011-02-26 06:44 25146368 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ProPlusrWW.msi
2010-03-30 20:47 . 2011-02-26 06:44 811 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proofing.xml
2010-03-30 20:47 . 2011-02-26 06:44 913 ----a-w- c:\msocache\All Users\{90140000-00BA-0409-0000-0000000FF1CE}-C\GrooveMUI.xml
2010-03-30 20:47 . 2011-02-26 06:43 819 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\OfficeMUISet.xml
2010-03-30 20:47 . 2011-02-26 06:44 823 ----a-w- c:\msocache\All Users\{90140000-0116-0409-1000-0000000FF1CE}-C\Office64MUISet.xml
2010-03-30 20:47 . 2011-02-26 06:44 819 ----a-w- c:\msocache\All Users\{90140000-0117-0409-0000-0000000FF1CE}-C\AccessMUISet.xml
2010-03-30 20:47 . 2011-02-26 06:44 149278843 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ProPrWW.cab
2010-03-30 20:47 . 2011-02-26 06:44 1565 ----a-w- c:\msocache\All Users\{90140000-0016-0409-0000-0000000FF1CE}-C\ExcelMUI.xml
2010-03-30 20:47 . 2011-02-26 06:43 1557 ----a-w- c:\msocache\All Users\{90140000-0018-0409-0000-0000000FF1CE}-C\PowerPointMUI.xml
2010-03-30 20:47 . 2011-02-26 06:44 1450 ----a-w- c:\msocache\All Users\{90140000-0019-0409-0000-0000000FF1CE}-C\PublisherMUI.xml
2010-03-30 20:47 . 2011-02-26 06:44 1608 ----a-w- c:\msocache\All Users\{90140000-0019-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:44 1457 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proof.es\Proof.xml
2010-03-30 20:47 . 2011-02-26 06:44 1458 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proof.fr\Proof.xml
2010-03-30 20:47 . 2011-02-26 06:44 1231 ----a-w- c:\msocache\All Users\{90140000-0044-0409-0000-0000000FF1CE}-C\InfoPathMUI.xml
2010-03-30 20:47 . 2011-02-26 06:44 1606 ----a-w- c:\msocache\All Users\{90140000-00A1-0409-0000-0000000FF1CE}-C\OneNoteMUI.xml
2010-03-30 20:47 . 2011-02-26 06:44 1452 ----a-w- c:\msocache\All Users\{90140000-00BA-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:44 1489 ----a-w- c:\msocache\All Users\{90140000-0116-0409-1000-0000000FF1CE}-C\Office64MUI.xml
2010-03-30 20:47 . 2011-02-26 06:44 1349 ----a-w- c:\msocache\All Users\{90140000-0117-0409-0000-0000000FF1CE}-C\Access.en-us\AccessMUI.xml
2010-03-30 20:47 . 2011-02-26 06:44 2296 ----a-w- c:\msocache\All Users\{90140000-0016-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:44 1886 ----a-w- c:\msocache\All Users\{90140000-0018-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:44 3186 ----a-w- c:\msocache\All Users\{90140000-001A-0409-0000-0000000FF1CE}-C\OutlookMUI.xml
2010-03-30 20:47 . 2011-02-26 06:44 4207 ----a-w- c:\msocache\All Users\{90140000-001A-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:44 2424 ----a-w- c:\msocache\All Users\{90140000-001B-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:44 1800 ----a-w- c:\msocache\All Users\{90140000-001B-0409-0000-0000000FF1CE}-C\WordMUI.xml
2010-03-30 20:47 . 2011-02-26 06:44 1852 ----a-w- c:\msocache\All Users\{90140000-0044-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:44 1988 ----a-w- c:\msocache\All Users\{90140000-00A1-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:44 2372 ----a-w- c:\msocache\All Users\{90140000-0116-0409-1000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:44 2624 ----a-w- c:\msocache\All Users\{90140000-0117-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:44 5884 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:47 . 2011-02-26 06:43 5662 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\OfficeMUI.xml
2010-03-30 20:47 . 2011-02-26 06:43 9598 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\Setup.xml
2010-03-30 20:46 . 2011-02-26 06:44 650240 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proofing.msi
2010-03-30 20:46 . 2011-02-26 06:43 650240 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\OfficeMUISet.msi
2010-03-30 20:46 . 2011-02-26 06:44 653824 ----a-w- c:\msocache\All Users\{90140000-0116-0409-1000-0000000FF1CE}-C\Office64MUI.msi
2010-03-30 20:46 . 2011-02-26 06:44 650240 ----a-w- c:\msocache\All Users\{90140000-0116-0409-1000-0000000FF1CE}-C\Office64MUISet.msi
2010-03-30 20:46 . 2011-02-26 06:44 650240 ----a-w- c:\msocache\All Users\{90140000-0117-0409-0000-0000000FF1CE}-C\AccessMUISet.msi
2010-03-30 20:46 . 2011-02-26 06:44 663040 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proof.es\Proof.msi
2010-03-30 20:46 . 2011-02-26 06:44 667648 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proof.fr\Proof.msi
2010-03-30 20:46 . 2011-02-26 06:44 1194497 ----a-w- c:\msocache\All Users\{90140000-0116-0409-1000-0000000FF1CE}-C\OWOW64LR.cab
2010-03-30 20:46 . 2011-02-26 06:44 1802240 ----a-w- c:\msocache\All Users\{90140000-0016-0409-0000-0000000FF1CE}-C\ExcelMUI.msi
2010-03-30 20:46 . 2011-02-26 06:43 1800704 ----a-w- c:\msocache\All Users\{90140000-0018-0409-0000-0000000FF1CE}-C\PowerPointMUI.msi
2010-03-30 20:46 . 2011-02-26 06:44 1810944 ----a-w- c:\msocache\All Users\{90140000-0019-0409-0000-0000000FF1CE}-C\PublisherMUI.msi
2010-03-30 20:46 . 2011-02-26 06:44 1819648 ----a-w- c:\msocache\All Users\{90140000-001B-0409-0000-0000000FF1CE}-C\WordMUI.msi
2010-03-30 20:46 . 2011-02-26 06:44 1800704 ----a-w- c:\msocache\All Users\{90140000-00A1-0409-0000-0000000FF1CE}-C\OneNoteMUI.msi
2010-03-30 20:46 . 2011-02-26 06:44 1804800 ----a-w- c:\msocache\All Users\{90140000-00BA-0409-0000-0000000FF1CE}-C\GrooveMUI.msi
2010-03-30 20:46 . 2011-02-26 06:44 1813504 ----a-w- c:\msocache\All Users\{90140000-0117-0409-0000-0000000FF1CE}-C\Access.en-us\AccessMUI.msi
2010-03-30 20:46 . 2011-02-26 06:44 2115584 ----a-w- c:\msocache\All Users\{90140000-001A-0409-0000-0000000FF1CE}-C\OutlookMUI.msi
2010-03-30 20:46 . 2011-02-26 06:44 2413568 ----a-w- c:\msocache\All Users\{90140000-0044-0409-0000-0000000FF1CE}-C\InfoPathMUI.msi
2010-03-30 20:46 . 2011-02-26 06:43 2863104 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\OfficeMUI.msi
2010-03-30 20:46 . 2011-02-26 06:44 4095293 ----a-w- c:\msocache\All Users\{90140000-00BA-0409-0000-0000000FF1CE}-C\GrooveLR.cab
2010-03-30 20:46 . 2011-02-26 06:45 197934115 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ProPrWW2.cab
2010-03-30 20:46 . 2011-02-26 06:44 9955228 ----a-w- c:\msocache\All Users\{90140000-0019-0409-0000-0000000FF1CE}-C\PubLR.cab
2010-03-30 20:46 . 2011-02-26 06:44 13184516 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proof.es\Proof.cab
2010-03-30 20:46 . 2011-02-26 06:43 14318086 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\OfficeLR.cab
2010-03-30 20:46 . 2011-02-26 06:44 14811654 ----a-w- c:\msocache\All Users\{90140000-001A-0409-0000-0000000FF1CE}-C\OutlkLR.cab
2010-03-30 20:46 . 2011-02-26 06:44 15706572 ----a-w- c:\msocache\All Users\{90140000-0044-0409-0000-0000000FF1CE}-C\InfLR.cab
2010-03-30 20:46 . 2011-02-26 06:44 16882259 ----a-w- c:\msocache\All Users\{90140000-0016-0409-0000-0000000FF1CE}-C\ExcelLR.cab
2010-03-30 20:46 . 2011-02-26 06:44 17451982 ----a-w- c:\msocache\All Users\{90140000-00A1-0409-0000-0000000FF1CE}-C\OnoteLR.cab
2010-03-30 20:46 . 2011-02-26 06:44 20451562 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proof.fr\Proof.cab
2010-03-30 20:46 . 2011-02-26 06:44 28006304 ----a-w- c:\msocache\All Users\{90140000-0117-0409-0000-0000000FF1CE}-C\Access.en-us\AccLR.cab
2010-03-30 20:46 . 2011-02-26 06:44 43803555 ----a-w- c:\msocache\All Users\{90140000-001B-0409-0000-0000000FF1CE}-C\WordLR.cab
2010-03-30 20:46 . 2011-02-26 06:43 70986225 ----a-w- c:\msocache\All Users\{90140000-0018-0409-0000-0000000FF1CE}-C\PptLR.cab
2010-03-30 15:14 . 2011-02-26 06:44 1347 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proof.en\Proof.xml
2010-03-30 15:13 . 2011-02-26 06:44 4685 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml
2010-03-30 15:12 . 2011-02-26 06:44 656896 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proof.en\Proof.msi
2010-03-30 15:10 . 2011-02-26 06:44 3025408 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.msi
2010-03-30 15:10 . 2011-02-26 06:44 10918653 ----a-w- c:\msocache\All Users\{90140000-002C-0409-0000-0000000FF1CE}-C\Proof.en\Proof.cab
2010-03-30 15:10 . 2011-02-26 06:44 23865400 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\OWOW64WW.cab
2010-03-27 20:14 . 2011-02-26 06:43 3584 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\ShellUI.MST
2010-03-27 20:14 . 2011-02-26 06:43 596341 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\branding.xml
2010-03-27 20:14 . 2011-02-26 06:44 596341 ----a-w- c:\msocache\All Users\{90140000-0117-0409-0000-0000000FF1CE}-C\Access.en-us\branding.xml
2010-03-25 19:44 . 2011-02-26 06:43 1857 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\Microsoft.VC90.CRT.manifest
2010-03-25 19:44 . 2011-02-26 06:43 655872 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\msvcr90.dll
2010-03-22 15:47 . 2011-02-26 06:43 107912 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\1033\dwintl20.dll
2010-03-22 10:58 . 2011-02-26 06:43 526176 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\dwdcw20.dll
2010-03-22 10:58 . 2011-02-26 06:43 519584 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\dwtrig20.exe
2010-03-22 10:58 . 2011-02-26 06:43 838536 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\DW20.EXE
2010-03-21 04:17 . 2011-02-26 06:43 67190 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\setup.chm
2010-03-20 04:29 . 2011-02-26 06:45 1248016 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\PidGenX.dll
2010-03-20 04:29 . 2011-02-26 06:45 715834 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\pkeyconfig-office.xrm-ms
2010-03-17 02:35 . 2011-02-26 06:43 27195 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\pss10r.chm
2010-03-16 07:12 . 2011-02-26 06:45 149352 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ose.exe
2010-03-12 03:04 . 2011-02-26 06:43 191872 ----a-w- c:\msocache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\osetupui.dll
2010-03-11 20:44 . 2011-02-26 06:45 1100664 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\setup.exe
2010-03-11 20:44 . 2011-02-26 06:45 5789544 ----a-w- c:\msocache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\osetup.dll
.
 
combolog Part 2

---- Directory of c:\program files (x86)\gs ----
.
2011-02-27 10:08 . 2010-02-16 04:03 102400 ----a-w- c:\program files (x86)\gs\uninstgs.exe
2011-02-27 10:08 . 2011-02-27 10:08 19304 ----a-w- c:\program files (x86)\gs\gs8.71\uninstal.txt
2011-02-27 10:08 . 2005-12-28 01:56 2463 ----a-w- c:\program files (x86)\gs\gs8.71\lib\zeroline.ps
2011-02-27 10:08 . 2005-12-28 01:56 198 ----a-w- c:\program files (x86)\gs\gs8.71\lib\wmakebat.bat
2011-02-27 10:08 . 2005-12-28 01:56 18168 ----a-w- c:\program files (x86)\gs\gs8.71\lib\wrfont.ps
2011-02-27 10:08 . 2005-12-28 01:56 8923 ----a-w- c:\program files (x86)\gs\gs8.71\lib\wftopfa.ps
2011-02-27 10:08 . 2006-06-14 04:03 3743 ----a-w- c:\program files (x86)\gs\gs8.71\lib\winmaps.ps
2011-02-27 10:08 . 2009-03-02 01:47 5314 ----a-w- c:\program files (x86)\gs\gs8.71\lib\viewrgb.ps
2011-02-27 10:08 . 2007-07-05 02:04 326 ----a-w- c:\program files (x86)\gs\gs8.71\lib\wftopfa
2011-02-27 10:08 . 2005-12-28 01:56 4345 ----a-w- c:\program files (x86)\gs\gs8.71\lib\viewpcx.ps
2011-02-27 10:08 . 2005-12-28 01:56 1282 ----a-w- c:\program files (x86)\gs\gs8.71\lib\viewps2a.ps
2011-02-27 10:08 . 2005-12-28 01:56 4949 ----a-w- c:\program files (x86)\gs\gs8.71\lib\viewjpeg.ps
2011-02-27 10:08 . 2005-12-28 01:56 3778 ----a-w- c:\program files (x86)\gs\gs8.71\lib\viewmiff.ps
2011-02-27 10:08 . 2005-12-28 01:56 5307 ----a-w- c:\program files (x86)\gs\gs8.71\lib\viewpbm.ps
2011-02-27 10:08 . 2005-12-28 01:56 2113 ----a-w- c:\program files (x86)\gs\gs8.71\lib\viewcmyk.ps
2011-02-27 10:08 . 2005-12-28 01:56 4573 ----a-w- c:\program files (x86)\gs\gs8.71\lib\viewgif.ps
2011-02-27 10:08 . 2005-12-28 01:56 4206 ----a-w- c:\program files (x86)\gs\gs8.71\lib\unix-lpr.sh
2011-02-27 10:08 . 2005-12-28 01:56 1904 ----a-w- c:\program files (x86)\gs\gs8.71\lib\unprot.ps
2011-02-27 10:08 . 2005-12-28 01:56 2536 ----a-w- c:\program files (x86)\gs\gs8.71\lib\type1enc.ps
2011-02-27 10:08 . 2005-12-28 01:56 7576 ----a-w- c:\program files (x86)\gs\gs8.71\lib\type1ops.ps
2011-02-27 10:08 . 2005-12-28 01:56 6136 ----a-w- c:\program files (x86)\gs\gs8.71\lib\uninfo.ps
2011-02-27 10:08 . 2005-12-28 01:56 1528 ----a-w- c:\program files (x86)\gs\gs8.71\lib\traceimg.ps
2011-02-27 10:08 . 2005-12-28 01:56 2734 ----a-w- c:\program files (x86)\gs\gs8.71\lib\traceop.ps
2011-02-27 10:08 . 2002-05-07 13:26 730 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc_l.upp
2011-02-27 10:08 . 2007-06-05 05:23 2646 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stocht.ps
2011-02-27 10:08 . 2005-12-28 01:56 5221 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stcolor.ps
2011-02-27 10:08 . 2002-05-07 13:26 1909 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc_h.upp
2011-02-27 10:08 . 2002-05-07 13:26 669 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stcany.upp
2011-02-27 10:08 . 2002-05-07 13:26 677 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stcany_h.upp
2011-02-27 10:08 . 2005-12-28 01:56 25733 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stcinfo.ps
2011-02-27 10:08 . 2002-05-07 13:26 1111 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc800p.upp
2011-02-27 10:08 . 2002-05-07 13:26 1093 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc800pl.upp
2011-02-27 10:08 . 2002-05-07 13:26 1091 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc640p.upp
2011-02-27 10:08 . 2002-05-07 13:26 2154 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc800ih.upp
2011-02-27 10:08 . 2002-05-07 13:26 2277 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc600ih.upp
2011-02-27 10:08 . 2002-05-07 13:26 1147 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc600p.upp
2011-02-27 10:08 . 2002-05-07 13:26 1111 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc600pl.upp
2011-02-27 10:08 . 2002-05-07 13:26 1899 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc500p.upp
2011-02-27 10:08 . 2002-05-07 13:26 1899 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc500ph.upp
2011-02-27 10:08 . 2002-05-07 13:26 2132 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc300.upp
2011-02-27 10:08 . 2002-05-07 13:26 1337 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc300bl.upp
2011-02-27 10:08 . 2002-05-07 13:26 1426 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc300bm.upp
2011-02-27 10:08 . 2002-05-07 13:26 2268 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc2s_h.upp
2011-02-27 10:08 . 2002-05-07 13:26 1875 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc2_h.upp
2011-02-27 10:08 . 2002-05-07 13:26 2150 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc1520h.upp
2011-02-27 10:08 . 2002-05-07 13:26 1900 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc2.upp
2011-02-27 10:08 . 2002-05-07 13:26 1844 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc200_h.upp
2011-02-27 10:08 . 2002-05-07 13:26 1101 ----a-w- c:\program files (x86)\gs\gs8.71\lib\st640plg.upp
2011-02-27 10:08 . 2002-05-07 13:26 1919 ----a-w- c:\program files (x86)\gs\gs8.71\lib\stc.upp
2011-02-27 10:08 . 2002-05-07 13:26 1137 ----a-w- c:\program files (x86)\gs\gs8.71\lib\st640pg.upp
2011-02-27 10:08 . 2002-05-07 13:26 1874 ----a-w- c:\program files (x86)\gs\gs8.71\lib\st640pl.upp
2011-02-27 10:08 . 2002-05-07 13:26 2277 ----a-w- c:\program files (x86)\gs\gs8.71\lib\st640ih.upp
2011-02-27 10:08 . 2002-05-07 13:26 1504 ----a-w- c:\program files (x86)\gs\gs8.71\lib\st640ihg.upp
2011-02-27 10:08 . 2002-05-07 13:26 1910 ----a-w- c:\program files (x86)\gs\gs8.71\lib\st640p.upp
2011-02-27 10:08 . 2005-12-28 01:56 2932 ----a-w- c:\program files (x86)\gs\gs8.71\lib\showchar.ps
2011-02-27 10:08 . 2000-03-08 14:40 9 ----a-w- c:\program files (x86)\gs\gs8.71\lib\showpage.ps
2011-02-27 10:08 . 2000-03-08 14:40 205 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ras8m.upp
2011-02-27 10:08 . 2004-05-28 06:58 3228 ----a-w- c:\program files (x86)\gs\gs8.71\lib\rinkj-2200-setup
2011-02-27 10:08 . 2005-12-28 01:56 11765 ----a-w- c:\program files (x86)\gs\gs8.71\lib\rollconv.ps
2011-02-27 10:08 . 2000-03-15 09:01 192 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ras32.upp
2011-02-27 10:08 . 2000-03-08 14:40 216 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ras4.upp
2011-02-27 10:08 . 2000-03-08 14:40 211 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ras1.upp
2011-02-27 10:08 . 2000-03-08 14:40 215 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ras24.upp
2011-02-27 10:08 . 2000-03-08 14:40 210 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ras3.upp
2011-02-27 10:08 . 2007-07-04 17:41 1412 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pv.sh
2011-02-27 10:08 . 2000-03-08 14:40 5 ----a-w- c:\program files (x86)\gs\gs8.71\lib\quit.ps
2011-02-27 10:08 . 2005-12-28 07:11 530 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ps2.bat
2011-02-27 10:08 . 2005-12-28 01:56 694 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ps2.cmd
2011-02-27 10:08 . 2005-12-28 07:11 501 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ps.bat
2011-02-27 10:08 . 2005-12-28 01:56 692 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ps.cmd
2011-02-27 10:08 . 2009-01-10 04:11 704 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ps2
2011-02-27 10:08 . 2008-02-24 22:10 1381 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdfxx.bat
2011-02-27 10:08 . 2009-01-10 04:11 676 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ps
2011-02-27 10:08 . 2005-12-28 01:56 330 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf14.cmd
2011-02-27 10:08 . 2009-01-10 04:11 1130 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdfwr
2011-02-27 10:08 . 2007-07-05 02:04 260 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf14
2011-02-27 10:08 . 2005-12-28 01:56 330 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf14.bat
2011-02-27 10:08 . 2005-12-28 01:56 330 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf13.bat
2011-02-27 10:08 . 2005-12-28 01:56 330 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf13.cmd
2011-02-27 10:08 . 2005-12-28 01:56 330 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf12.cmd
2011-02-27 10:08 . 2007-07-05 02:04 260 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf13
2011-02-27 10:08 . 2007-09-18 02:01 953 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf.cmd
2011-02-27 10:08 . 2007-07-05 02:04 260 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf12
2011-02-27 10:08 . 2005-12-28 01:56 330 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf12.bat
2011-02-27 10:08 . 2007-07-05 02:04 315 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf
2011-02-27 10:08 . 2007-09-18 02:01 509 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2pdf.bat
2011-02-27 10:08 . 2009-04-06 17:20 1213 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2epsi.cmd
2011-02-27 10:08 . 2009-04-06 17:20 8187 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2epsi.ps
2011-02-27 10:08 . 2009-04-06 17:20 2825 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2epsi
2011-02-27 10:08 . 2009-04-06 17:20 1239 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2epsi.bat
2011-02-27 10:08 . 2005-12-28 01:56 527 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ascii.cmd
2011-02-27 10:08 . 2009-10-07 08:53 44623 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ascii.ps
2011-02-27 10:08 . 2005-12-28 01:56 786 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ascii
2011-02-27 10:08 . 2005-12-28 01:56 433 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ascii.bat
2011-02-27 10:08 . 2007-07-05 02:04 428 ----a-w- c:\program files (x86)\gs\gs8.71\lib\printafm
2011-02-27 10:08 . 2008-05-27 00:07 3775 ----a-w- c:\program files (x86)\gs\gs8.71\lib\printafm.ps
2011-02-27 10:08 . 2009-05-15 22:29 22485 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ps2ai.ps
2011-02-27 10:08 . 2005-12-28 01:56 6922 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pphs.ps
2011-02-27 10:08 . 2007-06-05 05:23 6487 ----a-w- c:\program files (x86)\gs\gs8.71\lib\prfont.ps
2011-02-27 10:08 . 2005-12-28 01:56 1379 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pftogsf.bat
2011-02-27 10:08 . 2005-12-28 01:56 1974 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ppath.ps
2011-02-27 10:08 . 2007-07-05 02:04 433 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pphs
2011-02-27 10:08 . 2005-12-28 01:56 302 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pfbtopfa.bat
2011-02-27 10:08 . 2005-12-28 01:56 1141 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pfbtopfa.ps
2011-02-27 10:08 . 2005-12-28 01:56 250 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pf2afm.cmd
2011-02-27 10:08 . 2009-06-12 21:33 15351 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pf2afm.ps
2011-02-27 10:08 . 2007-07-05 02:04 553 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pfbtopfa
2011-02-27 10:08 . 2007-07-05 02:04 537 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pf2afm
2011-02-27 10:08 . 2005-12-28 01:56 315 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pf2afm.bat
2011-02-27 10:08 . 2009-01-23 01:04 36516 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pdfopt.ps
2011-02-27 10:08 . 2008-11-26 07:58 11676 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pdfwrite.ps
2011-02-27 10:08 . 2007-10-10 00:40 1868 ----a-w- c:\program files (x86)\gs\gs8.71\lib\PDFX_def.ps
2011-02-27 10:08 . 2008-05-24 09:17 589 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pdfopt
2011-02-27 10:08 . 2005-12-28 01:56 395 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pdfopt.bat
2011-02-27 10:08 . 2005-12-28 01:56 492 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pdf2ps.bat
2011-02-27 10:08 . 2005-12-28 01:56 812 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pdf2ps.cmd
2011-02-27 10:08 . 2007-10-10 00:40 1430 ----a-w- c:\program files (x86)\gs\gs8.71\lib\PDFA_def.ps
2011-02-27 10:08 . 2008-02-24 11:48 8377 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pdf2dsc.ps
2011-02-27 10:08 . 2007-07-05 02:04 943 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pdf2ps
2011-02-27 10:08 . 2005-12-28 01:56 3584 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pcharstr.ps
2011-02-27 10:08 . 2007-07-05 02:04 738 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pdf2dsc
2011-02-27 10:08 . 2005-12-28 01:56 363 ----a-w- c:\program files (x86)\gs\gs8.71\lib\pdf2dsc.bat
2011-02-27 10:08 . 2000-03-08 14:40 1041 ----a-w- c:\program files (x86)\gs\gs8.71\lib\necp2x.upp
2011-02-27 10:08 . 2000-03-08 14:40 1065 ----a-w- c:\program files (x86)\gs\gs8.71\lib\necp2x6.upp
2011-02-27 10:08 . 2005-12-28 01:56 10358 ----a-w- c:\program files (x86)\gs\gs8.71\lib\packfile.ps
2011-02-27 10:08 . 2005-12-28 01:56 1890 ----a-w- c:\program files (x86)\gs\gs8.71\lib\markpath.ps
2011-02-27 10:08 . 2007-06-05 05:23 7305 ----a-w- c:\program files (x86)\gs\gs8.71\lib\mkcidfm.ps
2011-02-27 10:08 . 2005-12-28 01:56 172 ----a-w- c:\program files (x86)\gs\gs8.71\lib\lpr2.bat
2011-02-27 10:08 . 2005-12-28 01:56 4661 ----a-w- c:\program files (x86)\gs\gs8.71\lib\lprsetup.sh
2011-02-27 10:08 . 2005-12-28 01:56 3473 ----a-w- c:\program files (x86)\gs\gs8.71\lib\markhint.ps
2011-02-27 10:08 . 2005-12-28 01:56 137 ----a-w- c:\program files (x86)\gs\gs8.71\lib\lp386.bat
2011-02-27 10:08 . 2005-12-28 01:56 132 ----a-w- c:\program files (x86)\gs\gs8.71\lib\lp386r2.bat
2011-02-27 10:08 . 2005-12-28 01:56 179 ----a-w- c:\program files (x86)\gs\gs8.71\lib\lpgs.bat
2011-02-27 10:08 . 2005-12-28 01:56 1525 ----a-w- c:\program files (x86)\gs\gs8.71\lib\landscap.ps
2011-02-27 10:08 . 2005-12-28 01:56 110 ----a-w- c:\program files (x86)\gs\gs8.71\lib\level1.ps
2011-02-27 10:08 . 2005-12-28 01:56 3868 ----a-w- c:\program files (x86)\gs\gs8.71\lib\lines.ps
2011-02-27 10:08 . 2001-12-03 06:02 469 ----a-w- c:\program files (x86)\gs\gs8.71\lib\Info-macos.plist
2011-02-27 10:08 . 2005-12-28 01:56 930 ----a-w- c:\program files (x86)\gs\gs8.71\lib\jispaper.ps
2011-02-27 10:08 . 2007-06-05 05:23 180 ----a-w- c:\program files (x86)\gs\gs8.71\lib\jobseparator.ps
2011-02-27 10:08 . 2005-12-28 01:56 73323 ----a-w- c:\program files (x86)\gs\gs8.71\lib\image-qa.ps
2011-02-27 10:08 . 2005-12-28 01:56 5538 ----a-w- c:\program files (x86)\gs\gs8.71\lib\impath.ps
2011-02-27 10:08 . 2005-12-28 01:56 2528 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_wl2_e.ps
2011-02-27 10:08 . 2005-12-28 01:56 2546 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_wl5_e.ps
2011-02-27 10:08 . 2007-12-31 01:06 228194 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ht_ccsto.ps
2011-02-27 10:08 . 2000-03-08 14:40 605 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_t.xpm
2011-02-27 10:08 . 2000-03-08 14:40 355 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_t_m.xbm
2011-02-27 10:08 . 2005-12-28 01:56 2530 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_wl1_e.ps
2011-02-27 10:08 . 2000-03-08 14:40 957 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_s.xpm
2011-02-27 10:08 . 2000-03-08 14:40 604 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_s_m.xbm
2011-02-27 10:08 . 2000-03-08 14:40 345 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_t.xbm
2011-02-27 10:08 . 2000-03-08 14:40 955 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_m_m.xbm
2011-02-27 10:08 . 2005-12-28 01:56 4349 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_pfile.ps
2011-02-27 10:08 . 2005-12-28 01:56 862 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_rdlin.ps
2011-02-27 10:08 . 2000-03-08 14:40 594 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_s.xbm
2011-02-27 10:08 . 2000-03-08 14:40 1955 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_l_m.xbm
2011-02-27 10:08 . 2000-03-08 14:40 945 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_m.xbm
2011-02-27 10:08 . 2000-03-08 14:40 1437 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_m.xpm
2011-02-27 10:08 . 2000-03-08 14:40 2751 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_l.xpm
2011-02-27 10:08 . 2005-12-28 01:56 2886 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_lgo_e.ps
2011-02-27 10:08 . 2005-12-28 01:56 1912 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_lgx_e.ps
2011-02-27 10:08 . 2005-12-28 01:56 3942 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_kanji.ps
2011-02-27 10:08 . 2005-12-28 01:56 3291 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_ksb_e.ps
2011-02-27 10:08 . 2000-03-08 14:40 1945 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_l.xbm
2011-02-27 10:08 . 2005-12-28 01:56 4844 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_cmdl.ps
2011-02-27 10:08 . 2005-12-28 01:56 3162 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_fform.ps
2011-02-27 10:08 . 2005-12-28 01:56 2777 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_il2_e.ps
2011-02-27 10:08 . 2005-12-28 01:56 115 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gst.bat
2011-02-27 10:08 . 2005-12-28 01:56 117 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gstt.bat
2011-02-27 10:08 . 2005-12-28 01:56 2364 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gs_ce_e.ps
2011-02-27 10:08 . 2005-12-28 01:56 130 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gsndt.bat
2011-02-27 10:08 . 2005-12-28 01:56 2725 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gsnup.ps
2011-02-27 10:08 . 2005-12-28 01:56 240 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gssetgs.bat
2011-02-27 10:08 . 2005-12-28 01:56 19643 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gslp.ps
2011-02-27 10:08 . 2007-07-05 02:04 306 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gsnd
2011-02-27 10:08 . 2005-12-28 01:56 126 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gsnd.bat
2011-02-27 10:08 . 2005-12-28 01:56 178 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gslj.bat
2011-02-27 10:08 . 2007-07-05 02:04 379 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gslp
2011-02-27 10:08 . 2005-12-28 01:56 175 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gslp.bat
2011-02-27 10:08 . 2007-07-05 02:04 384 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gsdj500
2011-02-27 10:08 . 2005-12-28 01:56 183 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gsdj500.bat
2011-02-27 10:08 . 2007-07-05 02:04 382 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gslj
2011-02-27 10:08 . 2005-12-28 01:56 175 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gsbj.bat
2011-02-27 10:08 . 2007-07-05 02:04 381 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gsdj
2011-02-27 10:08 . 2005-12-28 01:56 177 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gsdj.bat
2011-02-27 10:08 . 2009-10-22 01:24 25643 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ghostpdf.ppd
2011-02-27 10:08 . 2007-07-05 02:04 379 ----a-w- c:\program files (x86)\gs\gs8.71\lib\gsbj
2011-02-27 10:08 . 2005-12-28 01:56 16466 ----a-w- c:\program files (x86)\gs\gs8.71\lib\Fontmap.Sol
2011-02-27 10:08 . 2005-12-28 01:56 6080 ----a-w- c:\program files (x86)\gs\gs8.71\lib\Fontmap.Ult
2011-02-27 10:08 . 2000-09-21 10:30 14409 ----a-w- c:\program files (x86)\gs\gs8.71\lib\Fontmap.VMS
2011-02-27 10:08 . 2007-01-01 17:36 927 ----a-w- c:\program files (x86)\gs\gs8.71\lib\ghostpdf.inf
2011-02-27 10:08 . 2005-12-28 01:56 7271 ----a-w- c:\program files (x86)\gs\gs8.71\lib\Fontmap.OS2
2011-02-27 10:08 . 2000-03-08 14:40 6532 ----a-w- c:\program files (x86)\gs\gs8.71\lib\Fontmap.OSF
2011-02-27 10:08 . 2005-12-28 01:56 13787 ----a-w- c:\program files (x86)\gs\gs8.71\lib\Fontmap.SGI
2011-02-27 10:08 . 2005-12-28 01:56 19591 ----a-w- c:\program files (x86)\gs\gs8.71\lib\font2c.ps
2011-02-27 10:08 . 2005-12-28 01:56 17568 ----a-w- c:\program files (x86)\gs\gs8.71\lib\font2pcl.ps
2011-02-27 10:08 . 2005-12-28 01:56 5911 ----a-w- c:\program files (x86)\gs\gs8.71\lib\Fontmap.ATB
2011-02-27 10:08 . 2005-12-28 01:56 5687 ----a-w- c:\program files (x86)\gs\gs8.71\lib\Fontmap.ATM
2011-02-27 10:08 . 2007-07-05 02:04 342 ----a-w- c:\program files (x86)\gs\gs8.71\lib\font2c
2011-02-27 10:08 . 2005-12-28 01:56 162 ----a-w- c:\program files (x86)\gs\gs8.71\lib\font2c.bat
2011-02-27 10:08 . 2005-12-28 01:56 271 ----a-w- c:\program files (x86)\gs\gs8.71\lib\font2c.cmd
2011-02-27 10:08 . 2007-10-03 00:37 4384 ----a-w- c:\program files (x86)\gs\gs8.71\lib\FCOfontmap-PS3
2011-02-27 10:08 . 2005-12-28 01:56 4581 ----a-w- c:\program files (x86)\gs\gs8.71\lib\fixmswrd.pl
2011-02-27 10:08 . 2006-08-17 11:42 762 ----a-w- c:\program files (x86)\gs\gs8.71\lib\FAPIconfig-FCO
2011-02-27 10:08 . 2006-06-19 23:31 1468 ----a-w- c:\program files (x86)\gs\gs8.71\lib\FAPIfontmap
2011-02-27 10:08 . 2007-10-03 00:37 5802 ----a-w- c:\program files (x86)\gs\gs8.71\lib\FCOfontmap-PCLPS3
2011-02-27 10:08 . 2005-12-28 01:56 720 ----a-w- c:\program files (x86)\gs\gs8.71\lib\eps2eps.cmd
2011-02-27 10:08 . 2006-05-30 22:29 1483 ----a-w- c:\program files (x86)\gs\gs8.71\lib\FAPIcidfmap
2011-02-27 10:08 . 2006-06-19 23:31 805 ----a-w- c:\program files (x86)\gs\gs8.71\lib\FAPIconfig
2011-02-27 10:08 . 2007-10-10 00:40 1 ----a-w- c:\program files (x86)\gs\gs8.71\lib\EndOfTask.ps
2011-02-27 10:08 . 2009-01-10 04:11 674 ----a-w- c:\program files (x86)\gs\gs8.71\lib\eps2eps
2011-02-27 10:08 . 2005-12-28 01:56 573 ----a-w- c:\program files (x86)\gs\gs8.71\lib\eps2eps.bat
2011-02-27 10:08 . 2005-12-28 01:56 371 ----a-w- c:\program files (x86)\gs\gs8.71\lib\dumphint.bat
2011-02-27 10:08 . 2007-10-10 00:40 20044 ----a-w- c:\program files (x86)\gs\gs8.71\lib\dumphint.ps
2011-02-27 10:08 . 2009-01-10 04:11 1054 ----a-w- c:\program files (x86)\gs\gs8.71\lib\dvipdf
2011-02-27 10:08 . 2000-03-15 09:01 2804 ----a-w- c:\program files (x86)\gs\gs8.71\lib\dnj750c.upp
2011-02-27 10:08 . 2000-03-15 09:01 1971 ----a-w- c:\program files (x86)\gs\gs8.71\lib\dnj750m.upp
2011-02-27 10:08 . 2007-11-28 00:40 7373 ----a-w- c:\program files (x86)\gs\gs8.71\lib\docie.ps
2011-02-27 10:08 . 2009-01-04 02:11 596 ----a-w- c:\program files (x86)\gs\gs8.71\lib\dumphint
2011-02-27 10:08 . 2000-03-15 09:01 2056 ----a-w- c:\program files (x86)\gs\gs8.71\lib\cdj690ec.upp
2011-02-27 10:08 . 2005-12-28 01:56 4475 ----a-w- c:\program files (x86)\gs\gs8.71\lib\cid2code.ps
2011-02-27 10:08 . 2005-12-28 01:56 350 ----a-w- c:\program files (x86)\gs\gs8.71\lib\decrypt.ps
2011-02-27 10:08 . 2000-09-19 01:29 11040 ----a-w- c:\program files (x86)\gs\gs8.71\lib\cbjc600.ppd
2011-02-27 10:08 . 2000-09-19 01:29 11383 ----a-w- c:\program files (x86)\gs\gs8.71\lib\cbjc800.ppd
2011-02-27 10:08 . 2000-03-15 09:01 1686 ----a-w- c:\program files (x86)\gs\gs8.71\lib\cdj550.upp
2011-02-27 10:08 . 2000-03-15 09:01 1995 ----a-w- c:\program files (x86)\gs\gs8.71\lib\cdj690.upp
2011-02-27 10:08 . 2000-03-15 09:01 1517 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610b7.upp
2011-02-27 10:08 . 2000-03-15 09:01 1522 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610b8.upp
2011-02-27 10:08 . 2005-12-28 01:56 1721 ----a-w- c:\program files (x86)\gs\gs8.71\lib\caption.ps
2011-02-27 10:08 . 2009-04-06 17:20 1908 ----a-w- c:\program files (x86)\gs\gs8.71\lib\cat.ps
2011-02-27 10:08 . 2000-03-15 09:01 1513 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610b2.upp
2011-02-27 10:08 . 2000-03-15 09:01 1518 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610b3.upp
2011-02-27 10:08 . 2000-03-15 09:01 1526 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610b4.upp
2011-02-27 10:08 . 2000-03-15 09:01 1513 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610b6.upp
2011-02-27 10:08 . 2000-03-15 09:01 1513 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610a6.upp
2011-02-27 10:08 . 2000-03-15 09:01 1516 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610a7.upp
2011-02-27 10:08 . 2000-03-15 09:01 1522 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610a8.upp
2011-02-27 10:08 . 2000-03-15 09:01 1512 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610b1.upp
2011-02-27 10:08 . 2000-03-15 09:01 1513 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610a2.upp
2011-02-27 10:08 . 2000-03-15 09:01 1518 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610a3.upp
2011-02-27 10:08 . 2000-03-15 09:01 1526 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610a4.upp
2011-02-27 10:08 . 2000-03-15 09:01 1513 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610a5.upp
2011-02-27 10:08 . 2000-04-13 10:59 1538 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bj8pp12f.upp
2011-02-27 10:08 . 2000-04-13 10:59 1526 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bj8ts06n.upp
2011-02-27 10:08 . 2000-03-15 09:01 1523 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610a0.upp
2011-02-27 10:08 . 2000-03-15 09:01 1512 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bjc610a1.upp
2011-02-27 10:08 . 2000-04-13 10:59 1528 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bj8gc12f.upp
2011-02-27 10:08 . 2000-04-13 10:59 1527 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bj8hg12f.upp
2011-02-27 10:08 . 2000-04-13 10:59 1513 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bj8oh06n.upp
2011-02-27 10:08 . 2000-04-13 10:59 1521 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bj8pa06n.upp
2011-02-27 10:08 . 2005-12-28 01:56 154 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bdftops.bat
2011-02-27 10:08 . 2005-12-28 01:56 263 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bdftops.cmd
2011-02-27 10:08 . 2005-12-28 01:56 23403 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bdftops.ps
2011-02-27 10:08 . 2000-04-13 10:59 639 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bj8.rpd
2011-02-27 10:08 . 2005-12-28 01:56 9848 ----a-w- c:\program files (x86)\gs\gs8.71\lib\addxchar.ps
2011-02-27 10:08 . 2007-07-06 09:59 5760 ----a-w- c:\program files (x86)\gs\gs8.71\lib\afmdiff.awk
2011-02-27 10:08 . 2005-12-28 01:56 2313 ----a-w- c:\program files (x86)\gs\gs8.71\lib\align.ps
2011-02-27 10:08 . 2007-07-05 02:04 334 ----a-w- c:\program files (x86)\gs\gs8.71\lib\bdftops
2011-02-27 10:08 . 2002-01-10 04:21 78599 ----a-w- c:\program files (x86)\gs\gs8.71\examples\tiger.eps
2011-02-27 10:08 . 2004-06-30 00:37 13217 ----a-w- c:\program files (x86)\gs\gs8.71\examples\vasarely.ps
2011-02-27 10:08 . 2005-12-28 01:56 2528 ----a-w- c:\program files (x86)\gs\gs8.71\examples\waterfal.ps
2011-02-27 10:08 . 2005-12-28 01:56 4324 ----a-w- c:\program files (x86)\gs\gs8.71\lib\acctest.ps
2011-02-27 10:08 . 2002-01-10 04:21 25574 ----a-w- c:\program files (x86)\gs\gs8.71\examples\golfer.eps
2011-02-27 10:08 . 2001-10-01 04:28 1624 ----a-w- c:\program files (x86)\gs\gs8.71\examples\grayalph.ps
2011-02-27 10:08 . 2000-03-08 14:40 3020 ----a-w- c:\program files (x86)\gs\gs8.71\examples\ridt91.eps
2011-02-27 10:08 . 2001-10-01 04:28 2165 ----a-w- c:\program files (x86)\gs\gs8.71\examples\snowflak.ps
2011-02-27 10:08 . 2001-10-01 04:28 137290 ----a-w- c:\program files (x86)\gs\gs8.71\examples\doretree.ps
2011-02-27 10:08 . 2001-10-01 04:28 10617 ----a-w- c:\program files (x86)\gs\gs8.71\examples\escher.ps
2011-02-27 10:08 . 2001-10-01 04:28 1973 ----a-w- c:\program files (x86)\gs\gs8.71\examples\colorcir.ps
2011-02-27 10:08 . 2009-01-04 20:02 3546 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\gscjk_ak.ps
2011-02-27 10:08 . 2009-01-04 20:02 49244 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\iso2022.ps
2011-02-27 10:08 . 2009-01-04 20:02 49243 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\iso2022v.ps
2011-02-27 10:08 . 2009-01-04 20:02 5800 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\all_ak1.ps
2011-02-27 10:08 . 2009-01-04 20:02 2688 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\article9.ps
2011-02-27 10:08 . 2009-01-04 20:02 3567 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\gscjk_ac.ps
2011-02-27 10:08 . 2009-01-04 20:02 3609 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\gscjk_ag.ps
2011-02-27 10:08 . 2009-01-04 20:02 3389 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\gscjk_aj.ps
2011-02-27 10:08 . 2009-01-04 20:02 5969 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\all_ac1.ps
2011-02-27 10:08 . 2009-01-04 20:02 5873 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\all_ag1.ps
2011-02-27 10:08 . 2009-01-04 20:02 5877 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\all_aj1.ps
2011-02-27 10:08 . 2009-01-04 20:02 5756 ----a-w- c:\program files (x86)\gs\gs8.71\examples\cjk\all_aj2.ps
2011-02-27 10:08 . 2010-02-10 00:17 10329 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Xfonts.htm
2011-02-27 10:08 . 2010-01-06 16:31 1878 ----a-w- c:\program files (x86)\gs\gs8.71\examples\alphabet.ps
2011-02-27 10:08 . 2004-04-13 06:25 454126 ----a-w- c:\program files (x86)\gs\gs8.71\examples\annots.pdf
2011-02-27 10:08 . 2001-10-01 04:28 61791 ----a-w- c:\program files (x86)\gs\gs8.71\examples\chess.ps
2011-02-27 10:08 . 2010-02-10 00:17 155475 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Use.htm
2011-02-27 10:08 . 2010-02-10 00:17 13459 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Source.htm
2011-02-27 10:08 . 2010-02-10 00:17 10435 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Unix-lpr.htm
2011-02-27 10:08 . 2010-02-10 00:17 29428 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Psfiles.htm
2011-02-27 10:08 . 2010-02-10 00:17 20363 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Readme.htm
2011-02-27 10:08 . 2010-02-10 00:17 26368 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Release.htm
2011-02-27 10:08 . 2010-02-10 00:17 10404 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Ps2ps2.htm
2011-02-27 10:08 . 2007-04-08 00:55 149177 ----a-w- c:\program files (x86)\gs\gs8.71\doc\pscet_status.txt
2011-02-27 10:08 . 2010-02-10 00:17 6416 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Ps2epsi.htm
2011-02-27 10:08 . 2010-02-10 00:17 49229 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Ps2pdf.htm
2011-02-27 10:08 . 2010-02-10 00:17 29739 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Projects.htm
2011-02-27 10:08 . 2010-02-10 00:17 14956 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Ps-style.htm
2011-02-27 10:08 . 2010-02-10 00:17 107922 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Make.htm
2011-02-27 10:08 . 2010-02-10 00:17 4927 ----a-w- c:\program files (x86)\gs\gs8.71\doc\News.htm
2011-02-27 10:08 . 2010-02-10 00:17 32121 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Lib.htm
2011-02-27 10:08 . 2010-02-10 00:17 20773 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Issues.htm
2011-02-27 10:08 . 2010-02-10 00:17 91370 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Language.htm
2011-02-27 10:08 . 2009-09-28 00:14 453 ----a-w- c:\program files (x86)\gs\gs8.71\doc\index.html
2011-02-27 10:08 . 2010-02-10 00:17 19283 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Install.htm
2011-02-27 10:08 . 2010-02-10 00:17 2098176 ----a-w- c:\program files (x86)\gs\gs8.71\doc\History8.htm
2011-02-27 10:08 . 2010-02-10 00:17 822751 ----a-w- c:\program files (x86)\gs\gs8.71\doc\History7.htm
2011-02-27 10:08 . 2010-02-10 00:17 365193 ----a-w- c:\program files (x86)\gs\gs8.71\doc\History6.htm
2011-02-27 10:08 . 2010-02-10 00:17 564814 ----a-w- c:\program files (x86)\gs\gs8.71\doc\History5.htm
2011-02-27 10:08 . 2010-02-10 00:17 162079 ----a-w- c:\program files (x86)\gs\gs8.71\doc\History4.htm
2011-02-27 10:08 . 2010-02-10 00:17 348766 ----a-w- c:\program files (x86)\gs\gs8.71\doc\History3.htm
2011-02-27 10:08 . 2010-02-10 00:17 211120 ----a-w- c:\program files (x86)\gs\gs8.71\doc\History2.htm
2011-02-27 10:08 . 2010-02-10 00:17 15423 ----a-w- c:\program files (x86)\gs\gs8.71\doc\History1.htm
2011-02-27 10:08 . 2010-02-10 00:17 10310 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Helpers.htm
2011-02-27 10:08 . 2009-09-28 00:14 14202 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Hershey.htm
2011-02-27 10:08 . 2010-02-10 00:17 29045 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Fonts.htm
2011-02-27 10:08 . 2010-02-10 00:17 10846 ----a-w- c:\program files (x86)\gs\gs8.71\doc\gs-vms.hlp
2011-02-27 10:08 . 2009-09-28 00:16 1063 ----a-w- c:\program files (x86)\gs\gs8.71\doc\gs.css
2011-02-27 10:08 . 2007-05-08 17:12 22150 ----a-w- c:\program files (x86)\gs\gs8.71\doc\gsdoc.el
2011-02-27 10:08 . 2009-08-31 23:59 682270 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\XPS_Integer_Gray_RGB_Image.eps
2011-02-27 10:08 . 2009-08-31 23:59 975534 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\XPS_Render.eps
2011-02-27 10:08 . 2009-08-31 23:59 688182 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\XPS_RGB_Image_Float.eps
2011-02-27 10:08 . 2009-08-31 23:59 749566 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\XPS_Vector_Color.eps
2011-02-27 10:08 . 2009-08-31 23:59 905470 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\PDF_Render.eps
2011-02-27 10:08 . 2009-08-31 23:59 1020390 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\PDF_Spec.eps
2011-02-27 10:08 . 2009-08-31 23:59 910570 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\PS_Render.eps
2011-02-27 10:08 . 2009-08-31 23:59 1070162 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\PS_Spec.eps
2011-02-27 10:08 . 2009-08-31 23:59 679542 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\XPS_DeviceN.eps
2011-02-27 10:08 . 2010-02-10 00:17 137711 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Drivers.htm
2011-02-27 10:08 . 2009-08-31 23:59 246093 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\Ghost.eps
2011-02-27 10:08 . 2009-09-01 01:10 2397550 ----a-w- c:\program files (x86)\gs\gs8.71\doc\figures\Overview.eps
2011-02-27 10:08 . 2010-02-10 00:17 25048 ----a-w- c:\program files (x86)\gs\gs8.71\doc\DLL.htm
2011-02-27 10:08 . 2010-02-10 00:17 170551 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Develop.htm
2011-02-27 10:08 . 2010-02-10 00:17 61107 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Devices.htm
2011-02-27 10:08 . 2010-02-10 00:17 3325346 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Details8.htm
2011-02-27 10:08 . 2010-02-10 00:17 244649 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Details.htm
2011-02-27 10:08 . 2010-02-10 00:17 179216 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Deprecated.htm
2011-02-27 10:08 . 2009-07-30 05:31 35147 ----a-w- c:\program files (x86)\gs\gs8.71\doc\COPYING
2011-02-27 10:08 . 2010-02-10 00:17 205881 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Changes.htm
2011-02-27 10:08 . 2009-09-01 01:55 234270 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Color_Architecture.pdf
2011-02-27 10:08 . 2009-09-01 01:10 35689 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Color_Architecture.tex
2011-02-27 10:08 . 2010-02-10 00:17 10691 ----a-w- c:\program files (x86)\gs\gs8.71\doc\Commprod.htm
2011-02-27 10:08 . 2010-02-10 00:17 24461 ----a-w- c:\program files (x86)\gs\gs8.71\doc\API.htm
2011-02-27 10:08 . 2009-11-29 08:30 661 ----a-w- c:\program files (x86)\gs\gs8.71\doc\AUTHORS
2011-02-27 10:08 . 2010-02-10 00:17 53588 ----a-w- c:\program files (x86)\gs\gs8.71\doc\C-style.htm
2011-02-27 10:08 . 2010-02-16 04:03 147456 ----a-w- c:\program files (x86)\gs\gs8.71\bin\gswin32.exe
2011-02-27 10:08 . 2010-02-16 04:03 139264 ----a-w- c:\program files (x86)\gs\gs8.71\bin\gswin32c.exe
2011-02-27 10:08 . 2010-02-16 04:03 11575296 ----a-w- c:\program files (x86)\gs\gs8.71\bin\gsdll32.dll
2011-02-27 10:08 . 2010-02-16 04:03 8014 ----a-w- c:\program files (x86)\gs\gs8.71\bin\gsdll32.lib
.
 
combofix log Part 3

---- Directory of c:\program files\gs ----
.
2011-02-27 10:02 . 2010-03-30 07:39 113152 ----a-w- c:\program files\gs\uninstgs.exe
2011-02-27 10:02 . 2011-02-27 10:02 16420 ----a-w- c:\program files\gs\gs8.71\uninstal.txt
2011-02-27 10:02 . 2005-12-29 06:56 2563 ----a-w- c:\program files\gs\gs8.71\lib\zeroline.ps
2011-02-27 10:02 . 2005-12-29 06:56 202 ----a-w- c:\program files\gs\gs8.71\lib\wmakebat.bat
2011-02-27 10:02 . 2005-12-29 06:56 18833 ----a-w- c:\program files\gs\gs8.71\lib\wrfont.ps
2011-02-27 10:02 . 2007-07-06 05:04 339 ----a-w- c:\program files\gs\gs8.71\lib\wftopfa
2011-02-27 10:02 . 2005-12-29 06:56 9226 ----a-w- c:\program files\gs\gs8.71\lib\wftopfa.ps
2011-02-27 10:02 . 2006-06-15 07:03 3849 ----a-w- c:\program files\gs\gs8.71\lib\winmaps.ps
2011-02-27 10:02 . 2005-12-29 06:56 1314 ----a-w- c:\program files\gs\gs8.71\lib\viewps2a.ps
2011-02-27 10:02 . 2009-03-03 06:47 5460 ----a-w- c:\program files\gs\gs8.71\lib\viewrgb.ps
2011-02-27 10:02 . 2005-12-29 06:56 3902 ----a-w- c:\program files\gs\gs8.71\lib\viewmiff.ps
2011-02-27 10:02 . 2005-12-29 06:56 5491 ----a-w- c:\program files\gs\gs8.71\lib\viewpbm.ps
2011-02-27 10:02 . 2005-12-29 06:56 4495 ----a-w- c:\program files\gs\gs8.71\lib\viewpcx.ps
2011-02-27 10:02 . 2005-12-29 06:56 2176 ----a-w- c:\program files\gs\gs8.71\lib\viewcmyk.ps
2011-02-27 10:02 . 2005-12-29 06:56 4733 ----a-w- c:\program files\gs\gs8.71\lib\viewgif.ps
2011-02-27 10:02 . 2005-12-29 06:56 5108 ----a-w- c:\program files\gs\gs8.71\lib\viewjpeg.ps
2011-02-27 10:02 . 2005-12-29 06:56 6356 ----a-w- c:\program files\gs\gs8.71\lib\uninfo.ps
2011-02-27 10:02 . 2005-12-29 06:56 4372 ----a-w- c:\program files\gs\gs8.71\lib\unix-lpr.sh
2011-02-27 10:02 . 2005-12-29 06:56 1971 ----a-w- c:\program files\gs\gs8.71\lib\unprot.ps
2011-02-27 10:02 . 2005-12-29 06:56 2601 ----a-w- c:\program files\gs\gs8.71\lib\type1enc.ps
2011-02-27 10:02 . 2005-12-29 06:56 7813 ----a-w- c:\program files\gs\gs8.71\lib\type1ops.ps
2011-02-27 10:02 . 2007-06-06 08:23 2708 ----a-w- c:\program files\gs\gs8.71\lib\stocht.ps
2011-02-27 10:02 . 2005-12-29 06:56 1570 ----a-w- c:\program files\gs\gs8.71\lib\traceimg.ps
2011-02-27 10:02 . 2005-12-29 06:56 2817 ----a-w- c:\program files\gs\gs8.71\lib\traceop.ps
2011-02-27 10:02 . 2005-12-29 06:56 5392 ----a-w- c:\program files\gs\gs8.71\lib\stcolor.ps
2011-02-27 10:02 . 2002-05-08 16:26 1965 ----a-w- c:\program files\gs\gs8.71\lib\stc_h.upp
2011-02-27 10:02 . 2002-05-08 16:26 759 ----a-w- c:\program files\gs\gs8.71\lib\stc_l.upp
2011-02-27 10:02 . 2002-05-08 16:26 696 ----a-w- c:\program files\gs\gs8.71\lib\stcany.upp
2011-02-27 10:02 . 2002-05-08 16:26 704 ----a-w- c:\program files\gs\gs8.71\lib\stcany_h.upp
2011-02-27 10:02 . 2005-12-29 06:56 26532 ----a-w- c:\program files\gs\gs8.71\lib\stcinfo.ps
2011-02-27 10:02 . 2002-05-08 16:26 2215 ----a-w- c:\program files\gs\gs8.71\lib\stc800ih.upp
2011-02-27 10:02 . 2002-05-08 16:26 1148 ----a-w- c:\program files\gs\gs8.71\lib\stc800p.upp
2011-02-27 10:02 . 2002-05-08 16:26 1130 ----a-w- c:\program files\gs\gs8.71\lib\stc800pl.upp
2011-02-27 10:02 . 2002-05-08 16:26 1148 ----a-w- c:\program files\gs\gs8.71\lib\stc600pl.upp
2011-02-27 10:02 . 2002-05-08 16:26 1127 ----a-w- c:\program files\gs\gs8.71\lib\stc640p.upp
2011-02-27 10:02 . 2002-05-08 16:26 1950 ----a-w- c:\program files\gs\gs8.71\lib\stc500ph.upp
2011-02-27 10:02 . 2002-05-08 16:26 2338 ----a-w- c:\program files\gs\gs8.71\lib\stc600ih.upp
2011-02-27 10:02 . 2002-05-08 16:26 1184 ----a-w- c:\program files\gs\gs8.71\lib\stc600p.upp
2011-02-27 10:02 . 2002-05-08 16:26 1380 ----a-w- c:\program files\gs\gs8.71\lib\stc300bl.upp
2011-02-27 10:02 . 2002-05-08 16:26 1472 ----a-w- c:\program files\gs\gs8.71\lib\stc300bm.upp
2011-02-27 10:02 . 2002-05-08 16:26 1950 ----a-w- c:\program files\gs\gs8.71\lib\stc500p.upp
2011-02-27 10:02 . 2002-05-08 16:26 2328 ----a-w- c:\program files\gs\gs8.71\lib\stc2s_h.upp
2011-02-27 10:02 . 2002-05-08 16:26 1931 ----a-w- c:\program files\gs\gs8.71\lib\stc2_h.upp
2011-02-27 10:02 . 2002-05-08 16:26 2195 ----a-w- c:\program files\gs\gs8.71\lib\stc300.upp
2011-02-27 10:02 . 2002-05-08 16:26 2211 ----a-w- c:\program files\gs\gs8.71\lib\stc1520h.upp
2011-02-27 10:02 . 2002-05-08 16:26 1956 ----a-w- c:\program files\gs\gs8.71\lib\stc2.upp
2011-02-27 10:02 . 2002-05-08 16:26 1898 ----a-w- c:\program files\gs\gs8.71\lib\stc200_h.upp
2011-02-27 10:02 . 2002-05-08 16:26 1926 ----a-w- c:\program files\gs\gs8.71\lib\st640pl.upp
2011-02-27 10:02 . 2002-05-08 16:26 1138 ----a-w- c:\program files\gs\gs8.71\lib\st640plg.upp
2011-02-27 10:02 . 2002-05-08 16:26 1975 ----a-w- c:\program files\gs\gs8.71\lib\stc.upp
2011-02-27 10:02 . 2002-05-08 16:26 1549 ----a-w- c:\program files\gs\gs8.71\lib\st640ihg.upp
2011-02-27 10:02 . 2002-05-08 16:26 1962 ----a-w- c:\program files\gs\gs8.71\lib\st640p.upp
2011-02-27 10:02 . 2002-05-08 16:26 1174 ----a-w- c:\program files\gs\gs8.71\lib\st640pg.upp
2011-02-27 10:02 . 2005-12-29 06:56 3025 ----a-w- c:\program files\gs\gs8.71\lib\showchar.ps
2011-02-27 10:02 . 2000-03-09 19:40 10 ----a-w- c:\program files\gs\gs8.71\lib\showpage.ps
2011-02-27 10:02 . 2002-05-08 16:26 2337 ----a-w- c:\program files\gs\gs8.71\lib\st640ih.upp
2011-02-27 10:02 . 2000-03-09 19:40 213 ----a-w- c:\program files\gs\gs8.71\lib\ras8m.upp
2011-02-27 10:02 . 2004-05-29 09:58 3450 ----a-w- c:\program files\gs\gs8.71\lib\rinkj-2200-setup
2011-02-27 10:02 . 2005-12-29 06:56 12137 ----a-w- c:\program files\gs\gs8.71\lib\rollconv.ps
2011-02-27 10:02 . 2000-03-09 19:40 218 ----a-w- c:\program files\gs\gs8.71\lib\ras3.upp
2011-02-27 10:02 . 2000-03-16 13:01 200 ----a-w- c:\program files\gs\gs8.71\lib\ras32.upp
2011-02-27 10:02 . 2000-03-09 19:40 224 ----a-w- c:\program files\gs\gs8.71\lib\ras4.upp
2011-02-27 10:02 . 2000-03-09 19:40 6 ----a-w- c:\program files\gs\gs8.71\lib\quit.ps
2011-02-27 10:02 . 2000-03-09 19:40 219 ----a-w- c:\program files\gs\gs8.71\lib\ras1.upp
2011-02-27 10:02 . 2000-03-09 19:40 223 ----a-w- c:\program files\gs\gs8.71\lib\ras24.upp
2011-02-27 10:02 . 2005-12-29 12:11 555 ----a-w- c:\program files\gs\gs8.71\lib\ps2ps2.bat
2011-02-27 10:02 . 2005-12-29 06:56 730 ----a-w- c:\program files\gs\gs8.71\lib\ps2ps2.cmd
2011-02-27 10:02 . 2007-07-05 20:41 1462 ----a-w- c:\program files\gs\gs8.71\lib\pv.sh
2011-02-27 10:02 . 2005-12-29 06:56 728 ----a-w- c:\program files\gs\gs8.71\lib\ps2ps.cmd
2011-02-27 10:02 . 2009-01-11 09:11 731 ----a-w- c:\program files\gs\gs8.71\lib\ps2ps2
2011-02-27 10:02 . 2009-01-11 09:11 706 ----a-w- c:\program files\gs\gs8.71\lib\ps2ps
2011-02-27 10:02 . 2005-12-29 12:11 526 ----a-w- c:\program files\gs\gs8.71\lib\ps2ps.bat
2011-02-27 10:02 . 2005-12-29 06:56 341 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf14.cmd
2011-02-27 10:02 . 2009-01-11 09:11 1175 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdfwr
2011-02-27 10:02 . 2008-02-26 03:10 1446 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdfxx.bat
2011-02-27 10:02 . 2007-07-06 05:04 268 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf14
2011-02-27 10:02 . 2005-12-29 06:56 345 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf14.bat
2011-02-27 10:02 . 2007-07-06 05:04 268 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf13
2011-02-27 10:02 . 2005-12-29 06:56 345 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf13.bat
2011-02-27 10:02 . 2005-12-29 06:56 341 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf13.cmd
2011-02-27 10:02 . 2007-07-06 05:04 268 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf12
2011-02-27 10:02 . 2005-12-29 06:56 345 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf12.bat
2011-02-27 10:02 . 2005-12-29 06:56 341 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf12.cmd
2011-02-27 10:02 . 2007-09-19 05:01 527 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf.bat
2011-02-27 10:02 . 2007-09-19 05:01 996 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf.cmd
2011-02-27 10:02 . 2009-04-07 20:20 1252 ----a-w- c:\program files\gs\gs8.71\lib\ps2epsi.cmd
2011-02-27 10:02 . 2009-04-07 20:20 8434 ----a-w- c:\program files\gs\gs8.71\lib\ps2epsi.ps
2011-02-27 10:02 . 2007-07-06 05:04 328 ----a-w- c:\program files\gs\gs8.71\lib\ps2pdf
2011-02-27 10:02 . 2009-04-07 20:20 2944 ----a-w- c:\program files\gs\gs8.71\lib\ps2epsi
2011-02-27 10:02 . 2009-04-07 20:20 1277 ----a-w- c:\program files\gs\gs8.71\lib\ps2epsi.bat
2011-02-27 10:02 . 2005-12-29 06:56 448 ----a-w- c:\program files\gs\gs8.71\lib\ps2ascii.bat
2011-02-27 10:02 . 2005-12-29 06:56 545 ----a-w- c:\program files\gs\gs8.71\lib\ps2ascii.cmd
2011-02-27 10:02 . 2009-10-08 11:53 46147 ----a-w- c:\program files\gs\gs8.71\lib\ps2ascii.ps
2011-02-27 10:02 . 2008-05-28 03:07 3949 ----a-w- c:\program files\gs\gs8.71\lib\printafm.ps
2011-02-27 10:02 . 2009-05-17 01:29 23036 ----a-w- c:\program files\gs\gs8.71\lib\ps2ai.ps
2011-02-27 10:02 . 2005-12-29 06:56 808 ----a-w- c:\program files\gs\gs8.71\lib\ps2ascii
2011-02-27 10:02 . 2007-06-06 08:23 6735 ----a-w- c:\program files\gs\gs8.71\lib\prfont.ps
2011-02-27 10:02 . 2007-07-06 05:04 444 ----a-w- c:\program files\gs\gs8.71\lib\printafm
2011-02-27 10:02 . 2005-12-29 06:56 2028 ----a-w- c:\program files\gs\gs8.71\lib\ppath.ps
2011-02-27 10:02 . 2007-07-06 05:04 449 ----a-w- c:\program files\gs\gs8.71\lib\pphs
2011-02-27 10:02 . 2005-12-29 06:56 7143 ----a-w- c:\program files\gs\gs8.71\lib\pphs.ps
2011-02-27 10:02 . 2005-12-29 06:56 318 ----a-w- c:\program files\gs\gs8.71\lib\pfbtopfa.bat
2011-02-27 10:02 . 2005-12-29 06:56 1175 ----a-w- c:\program files\gs\gs8.71\lib\pfbtopfa.ps
2011-02-27 10:02 . 2005-12-29 06:56 1399 ----a-w- c:\program files\gs\gs8.71\lib\pftogsf.bat
2011-02-27 10:02 . 2009-06-14 00:33 15890 ----a-w- c:\program files\gs\gs8.71\lib\pf2afm.ps
2011-02-27 10:02 . 2007-07-06 05:04 578 ----a-w- c:\program files\gs\gs8.71\lib\pfbtopfa
2011-02-27 10:02 . 2007-07-06 05:04 554 ----a-w- c:\program files\gs\gs8.71\lib\pf2afm
2011-02-27 10:02 . 2005-12-29 06:56 332 ----a-w- c:\program files\gs\gs8.71\lib\pf2afm.bat
2011-02-27 10:02 . 2005-12-29 06:56 257 ----a-w- c:\program files\gs\gs8.71\lib\pf2afm.cmd
2011-02-27 10:02 . 2009-01-24 06:04 37788 ----a-w- c:\program files\gs\gs8.71\lib\pdfopt.ps
2011-02-27 10:02 . 2008-11-27 12:58 12073 ----a-w- c:\program files\gs\gs8.71\lib\pdfwrite.ps
2011-02-27 10:02 . 2007-10-11 03:40 1919 ----a-w- c:\program files\gs\gs8.71\lib\PDFX_def.ps
2011-02-27 10:02 . 2007-10-11 03:40 1473 ----a-w- c:\program files\gs\gs8.71\lib\PDFA_def.ps
2011-02-27 10:02 . 2008-05-25 12:17 618 ----a-w- c:\program files\gs\gs8.71\lib\pdfopt
2011-02-27 10:02 . 2005-12-29 06:56 418 ----a-w- c:\program files\gs\gs8.71\lib\pdfopt.bat
2011-02-27 10:02 . 2007-07-06 05:04 981 ----a-w- c:\program files\gs\gs8.71\lib\pdf2ps
2011-02-27 10:02 . 2005-12-29 06:56 516 ----a-w- c:\program files\gs\gs8.71\lib\pdf2ps.bat
2011-02-27 10:02 . 2005-12-29 06:56 853 ----a-w- c:\program files\gs\gs8.71\lib\pdf2ps.cmd
2011-02-27 10:02 . 2007-07-06 05:04 773 ----a-w- c:\program files\gs\gs8.71\lib\pdf2dsc
2011-02-27 10:02 . 2005-12-29 06:56 381 ----a-w- c:\program files\gs\gs8.71\lib\pdf2dsc.bat
2011-02-27 10:02 . 2008-02-25 16:48 8631 ----a-w- c:\program files\gs\gs8.71\lib\pdf2dsc.ps
2011-02-27 10:02 . 2000-03-09 19:40 1100 ----a-w- c:\program files\gs\gs8.71\lib\necp2x6.upp
2011-02-27 10:02 . 2005-12-29 06:56 10691 ----a-w- c:\program files\gs\gs8.71\lib\packfile.ps
2011-02-27 10:02 . 2005-12-29 06:56 3710 ----a-w- c:\program files\gs\gs8.71\lib\pcharstr.ps
2011-02-27 10:02 . 2005-12-29 06:56 3603 ----a-w- c:\program files\gs\gs8.71\lib\markhint.ps
2011-02-27 10:02 . 2005-12-29 06:56 1949 ----a-w- c:\program files\gs\gs8.71\lib\markpath.ps
2011-02-27 10:02 . 2007-06-06 08:23 7664 ----a-w- c:\program files\gs\gs8.71\lib\mkcidfm.ps
2011-02-27 10:02 . 2000-03-09 19:40 1076 ----a-w- c:\program files\gs\gs8.71\lib\necp2x.upp
2011-02-27 10:02 . 2005-12-29 06:56 184 ----a-w- c:\program files\gs\gs8.71\lib\lpgs.bat
2011-02-27 10:02 . 2005-12-29 06:56 177 ----a-w- c:\program files\gs\gs8.71\lib\lpr2.bat
2011-02-27 10:02 . 2005-12-29 06:56 4850 ----a-w- c:\program files\gs\gs8.71\lib\lprsetup.sh
2011-02-27 10:02 . 2005-12-29 06:56 4033 ----a-w- c:\program files\gs\gs8.71\lib\lines.ps
2011-02-27 10:02 . 2005-12-29 06:56 139 ----a-w- c:\program files\gs\gs8.71\lib\lp386.bat
2011-02-27 10:02 . 2005-12-29 06:56 134 ----a-w- c:\program files\gs\gs8.71\lib\lp386r2.bat
2011-02-27 10:02 . 2007-06-06 08:23 184 ----a-w- c:\program files\gs\gs8.71\lib\jobseparator.ps
2011-02-27 10:02 . 2005-12-29 06:56 1556 ----a-w- c:\program files\gs\gs8.71\lib\landscap.ps
2011-02-27 10:02 . 2005-12-29 06:56 113 ----a-w- c:\program files\gs\gs8.71\lib\level1.ps
2011-02-27 10:02 . 2005-12-29 06:56 75149 ----a-w- c:\program files\gs\gs8.71\lib\image-qa.ps
2011-02-27 10:02 . 2005-12-29 06:56 5717 ----a-w- c:\program files\gs\gs8.71\lib\impath.ps
2011-02-27 10:02 . 2001-12-04 11:02 483 ----a-w- c:\program files\gs\gs8.71\lib\Info-macos.plist
2011-02-27 10:02 . 2005-12-29 06:56 957 ----a-w- c:\program files\gs\gs8.71\lib\jispaper.ps
2011-02-27 10:02 . 2005-12-29 06:56 2594 ----a-w- c:\program files\gs\gs8.71\lib\gs_wl2_e.ps
2011-02-27 10:02 . 2005-12-29 06:56 2612 ----a-w- c:\program files\gs\gs8.71\lib\gs_wl5_e.ps
2011-02-27 10:02 . 2008-01-01 06:06 231747 ----a-w- c:\program files\gs\gs8.71\lib\ht_ccsto.ps
2011-02-27 10:02 . 2000-03-09 19:40 353 ----a-w- c:\program files\gs\gs8.71\lib\gs_t.xbm
2011-02-27 10:02 . 2000-03-09 19:40 633 ----a-w- c:\program files\gs\gs8.71\lib\gs_t.xpm
2011-02-27 10:02 . 2000-03-09 19:40 363 ----a-w- c:\program files\gs\gs8.71\lib\gs_t_m.xbm
2011-02-27 10:02 . 2005-12-29 06:56 2596 ----a-w- c:\program files\gs\gs8.71\lib\gs_wl1_e.ps
2011-02-27 10:02 . 2000-03-09 19:40 605 ----a-w- c:\program files\gs\gs8.71\lib\gs_s.xbm
2011-02-27 10:02 . 2000-03-09 19:40 993 ----a-w- c:\program files\gs\gs8.71\lib\gs_s.xpm
2011-02-27 10:02 . 2000-03-09 19:40 615 ----a-w- c:\program files\gs\gs8.71\lib\gs_s_m.xbm
2011-02-27 10:02 . 2000-03-09 19:40 1481 ----a-w- c:\program files\gs\gs8.71\lib\gs_m.xpm
2011-02-27 10:02 . 2000-03-09 19:40 971 ----a-w- c:\program files\gs\gs8.71\lib\gs_m_m.xbm
2011-02-27 10:02 . 2005-12-29 06:56 4476 ----a-w- c:\program files\gs\gs8.71\lib\gs_pfile.ps
2011-02-27 10:02 . 2005-12-29 06:56 882 ----a-w- c:\program files\gs\gs8.71\lib\gs_rdlin.ps
2011-02-27 10:02 . 2005-12-29 06:56 2977 ----a-w- c:\program files\gs\gs8.71\lib\gs_lgo_e.ps
2011-02-27 10:02 . 2005-12-29 06:56 1972 ----a-w- c:\program files\gs\gs8.71\lib\gs_lgx_e.ps
2011-02-27 10:02 . 2000-03-09 19:40 1984 ----a-w- c:\program files\gs\gs8.71\lib\gs_l_m.xbm
2011-02-27 10:02 . 2000-03-09 19:40 961 ----a-w- c:\program files\gs\gs8.71\lib\gs_m.xbm
2011-02-27 10:02 . 2005-12-29 06:56 4100 ----a-w- c:\program files\gs\gs8.71\lib\gs_kanji.ps
2011-02-27 10:02 . 2005-12-29 06:56 3355 ----a-w- c:\program files\gs\gs8.71\lib\gs_ksb_e.ps
2011-02-27 10:02 . 2000-03-09 19:40 1974 ----a-w- c:\program files\gs\gs8.71\lib\gs_l.xbm
2011-02-27 10:02 . 2000-03-09 19:40 2809 ----a-w- c:\program files\gs\gs8.71\lib\gs_l.xpm
2011-02-27 10:02 . 2005-12-29 06:56 2411 ----a-w- c:\program files\gs\gs8.71\lib\gs_ce_e.ps
2011-02-27 10:02 . 2005-12-29 06:56 5024 ----a-w- c:\program files\gs\gs8.71\lib\gs_cmdl.ps
2011-02-27 10:02 . 2005-12-29 06:56 3254 ----a-w- c:\program files\gs\gs8.71\lib\gs_fform.ps
2011-02-27 10:02 . 2005-12-29 06:56 2840 ----a-w- c:\program files\gs\gs8.71\lib\gs_il2_e.ps
2011-02-27 10:02 . 2005-12-29 06:56 248 ----a-w- c:\program files\gs\gs8.71\lib\gssetgs.bat
2011-02-27 10:02 . 2005-12-29 06:56 120 ----a-w- c:\program files\gs\gs8.71\lib\gst.bat
2011-02-27 10:02 . 2005-12-29 06:56 122 ----a-w- c:\program files\gs\gs8.71\lib\gstt.bat
2011-02-27 10:02 . 2005-12-29 06:56 131 ----a-w- c:\program files\gs\gs8.71\lib\gsnd.bat
2011-02-27 10:02 . 2005-12-29 06:56 135 ----a-w- c:\program files\gs\gs8.71\lib\gsndt.bat
2011-02-27 10:02 . 2005-12-29 06:56 2818 ----a-w- c:\program files\gs\gs8.71\lib\gsnup.ps
2011-02-27 10:02 . 2007-07-06 05:04 392 ----a-w- c:\program files\gs\gs8.71\lib\gslp
2011-02-27 10:02 . 2005-12-29 06:56 180 ----a-w- c:\program files\gs\gs8.71\lib\gslp.bat
2011-02-27 10:02 . 2005-12-29 06:56 20338 ----a-w- c:\program files\gs\gs8.71\lib\gslp.ps
2011-02-27 10:02 . 2007-07-06 05:04 319 ----a-w- c:\program files\gs\gs8.71\lib\gsnd
2011-02-27 10:02 . 2005-12-29 06:56 188 ----a-w- c:\program files\gs\gs8.71\lib\gsdj500.bat
2011-02-27 10:02 . 2007-07-06 05:04 395 ----a-w- c:\program files\gs\gs8.71\lib\gslj
2011-02-27 10:02 . 2005-12-29 06:56 183 ----a-w- c:\program files\gs\gs8.71\lib\gslj.bat
2011-02-27 10:02 . 2007-07-06 05:04 394 ----a-w- c:\program files\gs\gs8.71\lib\gsdj
2011-02-27 10:02 . 2005-12-29 06:56 182 ----a-w- c:\program files\gs\gs8.71\lib\gsdj.bat
2011-02-27 10:02 . 2007-07-06 05:04 397 ----a-w- c:\program files\gs\gs8.71\lib\gsdj500
2011-02-27 10:02 . 2009-10-23 04:24 26165 ----a-w- c:\program files\gs\gs8.71\lib\ghostpdf.ppd
2011-02-27 10:02 . 2007-07-06 05:04 392 ----a-w- c:\program files\gs\gs8.71\lib\gsbj
2011-02-27 10:02 . 2005-12-29 06:56 180 ----a-w- c:\program files\gs\gs8.71\lib\gsbj.bat
2011-02-27 10:02 . 2005-12-29 06:56 16952 ----a-w- c:\program files\gs\gs8.71\lib\Fontmap.Sol
2011-02-27 10:02 . 2005-12-29 06:56 6226 ----a-w- c:\program files\gs\gs8.71\lib\Fontmap.Ult
2011-02-27 10:02 . 2000-09-22 13:30 14833 ----a-w- c:\program files\gs\gs8.71\lib\Fontmap.VMS
2011-02-27 10:02 . 2007-01-02 22:36 971 ----a-w- c:\program files\gs\gs8.71\lib\ghostpdf.inf
2011-02-27 10:02 . 2005-12-29 06:56 5872 ----a-w- c:\program files\gs\gs8.71\lib\Fontmap.ATM
2011-02-27 10:02 . 2005-12-29 06:56 7485 ----a-w- c:\program files\gs\gs8.71\lib\Fontmap.OS2
2011-02-27 10:02 . 2000-03-09 19:40 6695 ----a-w- c:\program files\gs\gs8.71\lib\Fontmap.OSF
2011-02-27 10:02 . 2005-12-29 06:56 14192 ----a-w- c:\program files\gs\gs8.71\lib\Fontmap.SGI
2011-02-27 10:02 . 2005-12-29 06:56 278 ----a-w- c:\program files\gs\gs8.71\lib\font2c.cmd
2011-02-27 10:02 . 2005-12-29 06:56 20266 ----a-w- c:\program files\gs\gs8.71\lib\font2c.ps
2011-02-27 10:02 . 2005-12-29 06:56 18171 ----a-w- c:\program files\gs\gs8.71\lib\font2pcl.ps
2011-02-27 10:02 . 2005-12-29 06:56 6079 ----a-w- c:\program files\gs\gs8.71\lib\Fontmap.ATB
2011-02-27 10:02 . 2005-12-29 06:56 4787 ----a-w- c:\program files\gs\gs8.71\lib\fixmswrd.pl
2011-02-27 10:02 . 2007-07-06 05:04 355 ----a-w- c:\program files\gs\gs8.71\lib\font2c
2011-02-27 10:02 . 2005-12-29 06:56 167 ----a-w- c:\program files\gs\gs8.71\lib\font2c.bat
2011-02-27 10:02 . 2006-08-18 14:42 776 ----a-w- c:\program files\gs\gs8.71\lib\FAPIconfig-FCO
2011-02-27 10:02 . 2006-06-21 02:31 1501 ----a-w- c:\program files\gs\gs8.71\lib\FAPIfontmap
2011-02-27 10:02 . 2007-10-04 03:37 6000 ----a-w- c:\program files\gs\gs8.71\lib\FCOfontmap-PCLPS3
2011-02-27 10:02 . 2007-10-04 03:37 4543 ----a-w- c:\program files\gs\gs8.71\lib\FCOfontmap-PS3
2011-02-27 10:02 . 2005-12-29 06:56 756 ----a-w- c:\program files\gs\gs8.71\lib\eps2eps.cmd
2011-02-27 10:02 . 2006-06-01 01:29 1515 ----a-w- c:\program files\gs\gs8.71\lib\FAPIcidfmap
2011-02-27 10:02 . 2006-06-21 02:31 819 ----a-w- c:\program files\gs\gs8.71\lib\FAPIconfig
2011-02-27 10:02 . 2009-01-11 09:11 1101 ----a-w- c:\program files\gs\gs8.71\lib\dvipdf
2011-02-27 10:02 . 2007-10-11 03:40 1 ----a-w- c:\program files\gs\gs8.71\lib\EndOfTask.ps
2011-02-27 10:02 . 2009-01-11 09:11 703 ----a-w- c:\program files\gs\gs8.71\lib\eps2eps
2011-02-27 10:02 . 2005-12-29 06:56 599 ----a-w- c:\program files\gs\gs8.71\lib\eps2eps.bat
2011-02-27 10:02 . 2009-01-05 07:11 626 ----a-w- c:\program files\gs\gs8.71\lib\dumphint
2011-02-27 10:02 . 2005-12-29 06:56 393 ----a-w- c:\program files\gs\gs8.71\lib\dumphint.bat
2011-02-27 10:02 . 2007-10-11 03:40 20800 ----a-w- c:\program files\gs\gs8.71\lib\dumphint.ps
2011-02-27 10:02 . 2005-12-29 06:56 365 ----a-w- c:\program files\gs\gs8.71\lib\decrypt.ps
2011-02-27 10:02 . 2000-03-16 13:01 2851 ----a-w- c:\program files\gs\gs8.71\lib\dnj750c.upp
2011-02-27 10:02 . 2000-03-16 13:01 2030 ----a-w- c:\program files\gs\gs8.71\lib\dnj750m.upp
2011-02-27 10:02 . 2007-11-29 05:40 7593 ----a-w- c:\program files\gs\gs8.71\lib\docie.ps
2011-02-27 10:02 . 2000-09-20 04:29 11772 ----a-w- c:\program files\gs\gs8.71\lib\cbjc800.ppd
2011-02-27 10:02 . 2000-03-16 13:01 1734 ----a-w- c:\program files\gs\gs8.71\lib\cdj550.upp
2011-02-27 10:02 . 2000-03-16 13:01 2047 ----a-w- c:\program files\gs\gs8.71\lib\cdj690.upp
2011-02-27 10:02 . 2000-03-16 13:01 2110 ----a-w- c:\program files\gs\gs8.71\lib\cdj690ec.upp
2011-02-27 10:02 . 2005-12-29 06:56 4635 ----a-w- c:\program files\gs\gs8.71\lib\cid2code.ps
2011-02-27 10:02 . 2000-03-16 13:01 1566 ----a-w- c:\program files\gs\gs8.71\lib\bjc610b8.upp
2011-02-27 10:02 . 2005-12-29 06:56 1777 ----a-w- c:\program files\gs\gs8.71\lib\caption.ps
2011-02-27 10:02 . 2009-04-07 20:20 1908 ----a-w- c:\program files\gs\gs8.71\lib\cat.ps
2011-02-27 10:02 . 2000-09-20 04:29 11444 ----a-w- c:\program files\gs\gs8.71\lib\cbjc600.ppd
2011-02-27 10:02 . 2000-03-16 13:01 1562 ----a-w- c:\program files\gs\gs8.71\lib\bjc610b3.upp
2011-02-27 10:02 . 2000-03-16 13:01 1571 ----a-w- c:\program files\gs\gs8.71\lib\bjc610b4.upp
2011-02-27 10:02 . 2000-03-16 13:01 1557 ----a-w- c:\program files\gs\gs8.71\lib\bjc610b6.upp
2011-02-27 10:02 . 2000-03-16 13:01 1561 ----a-w- c:\program files\gs\gs8.71\lib\bjc610b7.upp
2011-02-27 10:02 . 2000-03-16 13:01 1557 ----a-w- c:\program files\gs\gs8.71\lib\bjc610a6.upp
2011-02-27 10:02 . 2000-03-16 13:01 1560 ----a-w- c:\program files\gs\gs8.71\lib\bjc610a7.upp
2011-02-27 10:02 . 2000-03-16 13:01 1566 ----a-w- c:\program files\gs\gs8.71\lib\bjc610a8.upp
2011-02-27 10:02 . 2000-03-16 13:01 1556 ----a-w- c:\program files\gs\gs8.71\lib\bjc610b1.upp
2011-02-27 10:02 . 2000-03-16 13:01 1557 ----a-w- c:\program files\gs\gs8.71\lib\bjc610b2.upp
2011-02-27 10:02 . 2000-03-16 13:01 1556 ----a-w- c:\program files\gs\gs8.71\lib\bjc610a1.upp
2011-02-27 10:02 . 2000-03-16 13:01 1557 ----a-w- c:\program files\gs\gs8.71\lib\bjc610a2.upp
2011-02-27 10:02 . 2000-03-16 13:01 1562 ----a-w- c:\program files\gs\gs8.71\lib\bjc610a3.upp
2011-02-27 10:02 . 2000-03-16 13:01 1571 ----a-w- c:\program files\gs\gs8.71\lib\bjc610a4.upp
2011-02-27 10:02 . 2000-03-16 13:01 1557 ----a-w- c:\program files\gs\gs8.71\lib\bjc610a5.upp
2011-02-27 10:02 . 2000-04-14 13:59 1557 ----a-w- c:\program files\gs\gs8.71\lib\bj8oh06n.upp
2011-02-27 10:02 . 2000-04-14 13:59 1565 ----a-w- c:\program files\gs\gs8.71\lib\bj8pa06n.upp
2011-02-27 10:02 . 2000-04-14 13:59 1582 ----a-w- c:\program files\gs\gs8.71\lib\bj8pp12f.upp
2011-02-27 10:02 . 2000-04-14 13:59 1570 ----a-w- c:\program files\gs\gs8.71\lib\bj8ts06n.upp
2011-02-27 10:02 . 2000-03-16 13:01 1567 ----a-w- c:\program files\gs\gs8.71\lib\bjc610a0.upp
2011-02-27 10:02 . 2005-12-29 06:56 270 ----a-w- c:\program files\gs\gs8.71\lib\bdftops.cmd
2011-02-27 10:02 . 2005-12-29 06:56 24198 ----a-w- c:\program files\gs\gs8.71\lib\bdftops.ps
2011-02-27 10:02 . 2000-04-14 13:59 656 ----a-w- c:\program files\gs\gs8.71\lib\bj8.rpd
2011-02-27 10:02 . 2000-04-14 13:59 1572 ----a-w- c:\program files\gs\gs8.71\lib\bj8gc12f.upp
2011-02-27 10:02 . 2000-04-14 13:59 1571 ----a-w- c:\program files\gs\gs8.71\lib\bj8hg12f.upp
2011-02-27 10:02 . 2007-07-07 12:59 5911 ----a-w- c:\program files\gs\gs8.71\lib\afmdiff.awk
2011-02-27 10:02 . 2005-12-29 06:56 2386 ----a-w- c:\program files\gs\gs8.71\lib\align.ps
2011-02-27 10:02 . 2007-07-06 05:04 347 ----a-w- c:\program files\gs\gs8.71\lib\bdftops
2011-02-27 10:02 . 2005-12-29 06:56 159 ----a-w- c:\program files\gs\gs8.71\lib\bdftops.bat
2011-02-27 10:02 . 2002-01-11 09:21 81336 ----a-w- c:\program files\gs\gs8.71\examples\tiger.eps
2011-02-27 10:02 . 2004-07-01 03:37 13805 ----a-w- c:\program files\gs\gs8.71\examples\vasarely.ps
2011-02-27 10:02 . 2005-12-29 06:56 2607 ----a-w- c:\program files\gs\gs8.71\examples\waterfal.ps
2011-02-27 10:02 . 2005-12-29 06:56 4424 ----a-w- c:\program files\gs\gs8.71\lib\acctest.ps
2011-02-27 10:02 . 2005-12-29 06:56 10205 ----a-w- c:\program files\gs\gs8.71\lib\addxchar.ps
2011-02-27 10:02 . 2001-10-02 07:28 11001 ----a-w- c:\program files\gs\gs8.71\examples\escher.ps
2011-02-27 10:02 . 2002-01-11 09:21 26975 ----a-w- c:\program files\gs\gs8.71\examples\golfer.eps
2011-02-27 10:02 . 2001-10-02 07:28 1689 ----a-w- c:\program files\gs\gs8.71\examples\grayalph.ps
2011-02-27 10:02 . 2000-03-09 19:40 3155 ----a-w- c:\program files\gs\gs8.71\examples\ridt91.eps
2011-02-27 10:02 . 2001-10-02 07:28 2258 ----a-w- c:\program files\gs\gs8.71\examples\snowflak.ps
2011-02-27 10:02 . 2001-10-02 07:28 2098 ----a-w- c:\program files\gs\gs8.71\examples\colorcir.ps
2011-02-27 10:02 . 2001-10-02 07:28 139775 ----a-w- c:\program files\gs\gs8.71\examples\doretree.ps
2011-02-27 10:02 . 2009-01-06 01:02 3662 ----a-w- c:\program files\gs\gs8.71\examples\cjk\gscjk_ak.ps
2011-02-27 10:02 . 2009-01-06 01:02 50500 ----a-w- c:\program files\gs\gs8.71\examples\cjk\iso2022.ps
2011-02-27 10:02 . 2009-01-06 01:02 50499 ----a-w- c:\program files\gs\gs8.71\examples\cjk\iso2022v.ps
2011-02-27 10:02 . 2009-01-06 01:02 6015 ----a-w- c:\program files\gs\gs8.71\examples\cjk\all_ak1.ps
2011-02-27 10:02 . 2009-01-06 01:02 2791 ----a-w- c:\program files\gs\gs8.71\examples\cjk\article9.ps
2011-02-27 10:02 . 2009-01-06 01:02 3687 ----a-w- c:\program files\gs\gs8.71\examples\cjk\gscjk_ac.ps
2011-02-27 10:02 . 2009-01-06 01:02 3729 ----a-w- c:\program files\gs\gs8.71\examples\cjk\gscjk_ag.ps
2011-02-27 10:02 . 2009-01-06 01:02 3503 ----a-w- c:\program files\gs\gs8.71\examples\cjk\gscjk_aj.ps
2011-02-27 10:02 . 2004-04-14 09:25 454126 ----a-w- c:\program files\gs\gs8.71\examples\annots.pdf
2011-02-27 10:02 . 2001-10-02 07:28 62843 ----a-w- c:\program files\gs\gs8.71\examples\chess.ps
2011-02-27 10:02 . 2009-01-06 01:02 6190 ----a-w- c:\program files\gs\gs8.71\examples\cjk\all_ac1.ps
2011-02-27 10:02 . 2009-01-06 01:02 6091 ----a-w- c:\program files\gs\gs8.71\examples\cjk\all_ag1.ps
2011-02-27 10:02 . 2009-01-06 01:02 6095 ----a-w- c:\program files\gs\gs8.71\examples\cjk\all_aj1.ps
2011-02-27 10:02 . 2009-01-06 01:02 5970 ----a-w- c:\program files\gs\gs8.71\examples\cjk\all_aj2.ps
2011-02-27 10:02 . 2010-02-11 05:17 159168 ----a-w- c:\program files\gs\gs8.71\doc\Use.htm
2011-02-27 10:02 . 2010-02-11 05:17 10595 ----a-w- c:\program files\gs\gs8.71\doc\Xfonts.htm
2011-02-27 10:02 . 2010-01-07 21:31 1952 ----a-w- c:\program files\gs\gs8.71\examples\alphabet.ps
2011-02-27 10:02 . 2010-02-11 05:17 10703 ----a-w- c:\program files\gs\gs8.71\doc\Unix-lpr.htm
2011-02-27 10:02 . 2010-02-11 05:17 27205 ----a-w- c:\program files\gs\gs8.71\doc\Release.htm
2011-02-27 10:02 . 2010-02-11 05:17 13843 ----a-w- c:\program files\gs\gs8.71\doc\Source.htm
2011-02-27 10:02 . 2010-02-11 05:17 30450 ----a-w- c:\program files\gs\gs8.71\doc\Psfiles.htm
2011-02-27 10:02 . 2010-02-11 07:31 14743 ----a-w- c:\program files\gs\gs8.71\doc\README
2011-02-27 10:02 . 2010-02-11 05:17 20954 ----a-w- c:\program files\gs\gs8.71\doc\Readme.htm
2011-02-27 10:02 . 2010-02-11 05:17 50298 ----a-w- c:\program files\gs\gs8.71\doc\Ps2pdf.htm
2011-02-27 10:02 . 2010-02-11 05:17 10680 ----a-w- c:\program files\gs\gs8.71\doc\Ps2ps2.htm
2011-02-27 10:02 . 2007-04-09 03:55 154593 ----a-w- c:\program files\gs\gs8.71\doc\pscet_status.txt
2011-02-27 10:02 . 2010-02-11 05:17 30416 ----a-w- c:\program files\gs\gs8.71\doc\Projects.htm
2011-02-27 10:02 . 2010-02-11 05:17 15469 ----a-w- c:\program files\gs\gs8.71\doc\Ps-style.htm
2011-02-27 10:02 . 2010-02-11 05:17 6600 ----a-w- c:\program files\gs\gs8.71\doc\Ps2epsi.htm
2011-02-27 10:02 . 2010-02-11 05:17 110737 ----a-w- c:\program files\gs\gs8.71\doc\Make.htm
2011-02-27 10:02 . 2010-02-11 05:17 5053 ----a-w- c:\program files\gs\gs8.71\doc\News.htm
2011-02-27 10:02 . 2010-02-11 05:17 32990 ----a-w- c:\program files\gs\gs8.71\doc\Lib.htm
2011-02-27 10:02 . 2010-02-11 05:17 93745 ----a-w- c:\program files\gs\gs8.71\doc\Language.htm
2011-02-27 10:02 . 2010-02-11 05:17 19824 ----a-w- c:\program files\gs\gs8.71\doc\Install.htm
2011-02-27 10:02 . 2010-02-11 05:17 21369 ----a-w- c:\program files\gs\gs8.71\doc\Issues.htm
2011-02-27 10:02 . 2010-02-11 05:17 2160233 ----a-w- c:\program files\gs\gs8.71\doc\History8.htm
2011-02-27 10:02 . 2009-09-29 03:14 467 ----a-w- c:\program files\gs\gs8.71\doc\index.html
2011-02-27 10:02 . 2010-02-11 05:17 838474 ----a-w- c:\program files\gs\gs8.71\doc\History7.htm
2011-02-27 10:02 . 2010-02-11 05:17 372530 ----a-w- c:\program files\gs\gs8.71\doc\History6.htm
2011-02-27 10:02 . 2010-02-11 05:17 578269 ----a-w- c:\program files\gs\gs8.71\doc\History5.htm
2011-02-27 10:02 . 2010-02-11 05:17 166060 ----a-w- c:\program files\gs\gs8.71\doc\History4.htm
2011-02-27 10:02 . 2010-02-11 05:17 357364 ----a-w- c:\program files\gs\gs8.71\doc\History3.htm
2011-02-27 10:02 . 2010-02-11 05:17 216352 ----a-w- c:\program files\gs\gs8.71\doc\History2.htm
2011-02-27 10:02 . 2010-02-11 05:17 10618 ----a-w- c:\program files\gs\gs8.71\doc\Helpers.htm
2011-02-27 10:02 . 2009-09-29 03:14 14507 ----a-w- c:\program files\gs\gs8.71\doc\Hershey.htm
2011-02-27 10:02 . 2010-02-11 05:17 15861 ----a-w- c:\program files\gs\gs8.71\doc\History1.htm
2011-02-27 10:02 . 2010-02-11 05:17 29827 ----a-w- c:\program files\gs\gs8.71\doc\Fonts.htm
2011-02-27 10:02 . 2010-02-11 05:17 11139 ----a-w- c:\program files\gs\gs8.71\doc\gs-vms.hlp
2011-02-27 10:02 . 2009-09-29 03:16 1149 ----a-w- c:\program files\gs\gs8.71\doc\gs.css
2011-02-27 10:02 . 2007-05-09 20:12 22854 ----a-w- c:\program files\gs\gs8.71\doc\gsdoc.el
2011-02-27 10:02 . 2009-09-02 02:59 976229 ----a-w- c:\program files\gs\gs8.71\doc\figures\XPS_Render.eps
2011-02-27 10:02 . 2009-09-02 02:59 688854 ----a-w- c:\program files\gs\gs8.71\doc\figures\XPS_RGB_Image_Float.eps
2011-02-27 10:02 . 2009-09-02 02:59 750253 ----a-w- c:\program files\gs\gs8.71\doc\figures\XPS_Vector_Color.eps
2011-02-27 10:02 . 2009-09-02 02:59 906146 ----a-w- c:\program files\gs\gs8.71\doc\figures\PDF_Render.eps
2011-02-27 10:02 . 2009-09-02 02:59 1021322 ----a-w- c:\program files\gs\gs8.71\doc\figures\PDF_Spec.eps
2011-02-27 10:02 . 2009-09-02 02:59 911288 ----a-w- c:\program files\gs\gs8.71\doc\figures\PS_Render.eps
2011-02-27 10:02 . 2009-09-02 02:59 1070874 ----a-w- c:\program files\gs\gs8.71\doc\figures\PS_Spec.eps
2011-02-27 10:02 . 2009-09-02 02:59 680226 ----a-w- c:\program files\gs\gs8.71\doc\figures\XPS_DeviceN.eps
2011-02-27 10:02 . 2009-09-02 02:59 682943 ----a-w- c:\program files\gs\gs8.71\doc\figures\XPS_Integer_Gray_RGB_Image.eps
2011-02-27 10:02 . 2010-02-11 05:17 140980 ----a-w- c:\program files\gs\gs8.71\doc\Drivers.htm
2011-02-27 10:02 . 2009-09-02 02:59 246212 ----a-w- c:\program files\gs\gs8.71\doc\figures\Ghost.eps
2011-02-27 10:02 . 2009-09-02 04:10 2398613 ----a-w- c:\program files\gs\gs8.71\doc\figures\Overview.eps
2011-02-27 10:02 . 2010-02-11 05:17 62734 ----a-w- c:\program files\gs\gs8.71\doc\Devices.htm
2011-02-27 10:02 . 2010-02-11 05:17 25758 ----a-w- c:\program files\gs\gs8.71\doc\DLL.htm
2011-02-27 10:02 . 2010-02-11 05:17 175425 ----a-w- c:\program files\gs\gs8.71\doc\Develop.htm
2011-02-27 10:02 . 2010-02-11 05:17 3429544 ----a-w- c:\program files\gs\gs8.71\doc\Details8.htm
2011-02-27 10:02 . 2010-02-11 05:17 250738 ----a-w- c:\program files\gs\gs8.71\doc\Details.htm
2011-02-27 10:02 . 2010-02-11 05:17 184818 ----a-w- c:\program files\gs\gs8.71\doc\Deprecated.htm
2011-02-27 10:02 . 2010-02-11 05:17 10950 ----a-w- c:\program files\gs\gs8.71\doc\Commprod.htm
2011-02-27 10:02 . 2009-07-31 08:31 35821 ----a-w- c:\program files\gs\gs8.71\doc\COPYING
2011-02-27 10:02 . 2010-02-11 05:17 211073 ----a-w- c:\program files\gs\gs8.71\doc\Changes.htm
2011-02-27 10:02 . 2009-09-02 04:55 234270 ----a-w- c:\program files\gs\gs8.71\doc\Color_Architecture.pdf
2011-02-27 10:02 . 2009-09-02 04:10 35689 ----a-w- c:\program files\gs\gs8.71\doc\Color_Architecture.tex
2011-02-27 10:02 . 2010-02-11 05:17 55174 ----a-w- c:\program files\gs\gs8.71\doc\C-style.htm
2011-02-27 10:02 . 2010-02-11 05:17 25230 ----a-w- c:\program files\gs\gs8.71\doc\API.htm
2011-02-27 10:02 . 2009-11-30 13:30 695 ----a-w- c:\program files\gs\gs8.71\doc\AUTHORS
2011-02-27 10:02 . 2010-03-30 07:39 7424 ----a-w- c:\program files\gs\gs8.71\bin\gsdll32.lib
2011-02-27 10:02 . 2010-03-30 07:39 172544 ----a-w- c:\program files\gs\gs8.71\bin\gswin32.exe
2011-02-27 10:02 . 2010-03-30 07:39 163328 ----a-w- c:\program files\gs\gs8.71\bin\gswin32c.exe
2011-02-27 10:02 . 2010-03-30 07:39 13103104 ----a-w- c:\program files\gs\gs8.71\bin\gsdll32.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-03-19_01.36.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-12 03:28 . 2011-03-19 23:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-03-12 03:28 . 2011-03-12 03:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:54 . 2011-03-19 23:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-03-18 12:41 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-03-19 23:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-03-18 12:41 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-03-18 12:41 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-03-19 23:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-25 22:59 . 2011-03-19 23:52 38464 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-03-19 23:52 41344 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-25 22:51 . 2011-03-19 23:52 10186 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4147138077-339876506-419275175-1001_UserData.bin
- 2009-07-14 05:30 . 2011-03-04 07:02 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-03-19 01:41 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2010-09-01 08:30 . 2010-09-01 08:30 17976 c:\windows\system32\drivers\psi_mf.sys
- 2011-02-26 16:45 . 2011-03-19 01:21 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-26 16:45 . 2011-03-19 23:13 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-03-19 23:13 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-03-19 01:21 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-25 22:51 . 2011-03-19 01:29 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-25 22:51 . 2011-03-19 23:51 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-25 22:51 . 2011-03-19 23:51 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-02-25 22:51 . 2011-03-19 01:29 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-02-25 22:51 . 2011-03-19 01:29 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-25 22:51 . 2011-03-19 23:51 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-25 22:51 . 2011-03-19 01:36 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-25 22:51 . 2011-03-20 00:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-25 22:51 . 2011-03-20 00:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-25 22:51 . 2011-03-19 01:36 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-19 23:50 . 2011-03-19 23:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-03-19 01:29 . 2011-03-19 01:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-03-19 23:50 . 2011-03-19 23:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-03-19 01:29 . 2011-03-19 01:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-03-19 03:50 . 2011-03-19 03:50 234656 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10n_ActiveX.exe
+ 2011-03-19 03:50 . 2011-03-19 03:50 311456 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10n_ActiveX.dll
- 2009-07-14 02:36 . 2011-03-19 01:33 630154 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-03-19 23:55 630154 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-03-19 23:55 111328 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-03-19 01:33 111328 c:\windows\system32\perfc009.dat
- 2009-07-14 05:30 . 2011-03-04 07:02 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-03-19 01:41 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-03-04 07:01 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-03-19 01:41 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:12 . 2011-03-19 09:39 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2011-03-17 19:40 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2011-03-19 01:27 383812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-03-19 23:49 383812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-26 00:38 . 2011-03-19 23:49 1423176 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-02-26 00:38 . 2011-03-19 01:27 1423176 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-03-19 01:45 . 2011-03-19 01:45 1956864 c:\windows\Installer\26e45.msi
+ 2011-03-19 04:22 . 2011-03-19 04:22 1261056 c:\windows\Installer\267503.msi
+ 2011-01-25 11:37 . 2011-01-25 11:37 4920832 c:\windows\Installer\2529b.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-19 18:20 442880 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-02-26 39408]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-15 718208]
"MysticThumbs"="c:\program files\MysticCoder\MysticThumbs\MysticThumbsTray.exe" [2011-01-04 537088]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-07-07 24576]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-11-15 2536448]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-02-01 5546376]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 336384]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-2-27 113664]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-1-11 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
 
and combofix Part 4

.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-26 136176]
R2 sppsvc;Software Protection;c:\windows\system32\sppsvc.exe [x]
R3 1394ohci;1394 OHCI Compliant Host Controller;c:\windows\system32\drivers\1394ohci.sys [x]
R3 AcpiPmi;ACPI Power Meter Driver;c:\windows\system32\drivers\acpipmi.sys [x]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [x]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [x]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [x]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [x]
R3 AppID;AppID Driver;c:\windows\system32\drivers\appid.sys [x]
R3 AppIDSvc;Application Identity;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [x]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [x]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [x]
R3 BDESVC;BitLocker Drive Encryption Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [x]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [x]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [x]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [x]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [x]
R3 CertPropSvc;Certificate Propagation;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-02-26 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]
R3 defragsvc;Disk Defragmenter;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [x]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [x]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [x]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [x]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [x]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [x]
R3 IPBusEnum;PnP-X IP Bus Enumerator;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [x]
R3 iScsiPrt;iScsiPort Driver;c:\windows\system32\drivers\msiscsi.sys [x]
R3 KtmRm;KtmRm for Distributed Transaction Coordinator;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 lltdsvc;Link-Layer Topology Discovery Mapper;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [x]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [x]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [x]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [x]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 mpio;Microsoft Multi-Path Bus Driver;c:\windows\system32\drivers\mpio.sys [x]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [x]
R3 msdsm;Microsoft Multi-Path Device Specific Module;c:\windows\system32\drivers\msdsm.sys [x]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [x]
R3 MSiSCSI;Microsoft iSCSI Initiator Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [x]
R3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [x]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [x]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [x]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PerfHost;Performance Counter DLL Host;c:\windows\SysWow64\perfhost.exe [2009-07-14 20992]
R3 pla;Performance Logs & Alerts;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PNRPAutoReg;PNRP Machine Name Publication Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [x]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [x]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [x]
R3 scfilter;Smart card PnP Class Filter Driver;c:\windows\system32\DRIVERS\scfilter.sys [x]
R3 SCPolicySvc;Smart Card Removal Policy;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SensrSvc;Adaptive Brightness;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SessionEnv;Remote Desktop Configuration;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\drivers\sffp_mmc.sys [x]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [x]
R3 Smb;Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session);c:\windows\system32\DRIVERS\smb.sys [x]
R3 sppuinotify;SPP Notification Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [x]
R3 StorSvc;Storage Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [x]
R3 TabletInputService;Tablet PC Input Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 TBS;TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 THREADORDER;Thread Ordering Server;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [2010-11-19 194048]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UI0Detect;Interactive Services Detection;c:\windows\system32\UI0Detect.exe [x]
R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\drivers\uliagpkx.sys [x]
R3 UmRdpService;Remote Desktop Services UserMode Port Redirector;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\system32\drivers\usbcir.sys [x]
R3 VaultSvc;Credential Manager;c:\windows\system32\lsass.exe [x]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [x]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys [x]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [x]
R3 vwifibus;Virtual WiFi Bus Driver;c:\windows\System32\drivers\vwifibus.sys [x]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wbengine;Block Level Backup Engine Service;c:\windows\system32\wbengine.exe [x]
R3 WbioSrvc;Windows Biometric Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wcncsvc;Windows Connect Now - Config Registrar;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WcsPlugInService;Windows Color System;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [x]
R3 Wecsvc;Windows Event Collector;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wercplsupport;Problem Reports and Solutions Control Panel Support;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WerSvc;Windows Error Reporting Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 22096]
R3 WinRM;Windows Remote Management (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 Wlansvc;WLAN AutoConfig;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WPDBusEnum;Portable Device Enumerator Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WwanSvc;WWAN AutoConfig;c:\windows\system32\svchost.exe [2009-07-14 27136]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
R4 Mcx2Svc;Media Center Extender Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [x]
S0 CLFS;Common Log (CLFS);c:\windows\System32\CLFS.sys [x]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [x]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [x]
S0 fvevol;Bitlocker Drive Encryption Filter Driver;c:\windows\System32\DRIVERS\fvevol.sys [x]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [x]
S0 iaStorV;Intel RAID Controller Windows 7;c:\windows\system32\drivers\iaStorV.sys [x]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [x]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [x]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [x]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [x]
S0 spldr;Security Processor Loader Driver; [x]
S0 storflt;Disk Virtual Machine Bus Acceleration Filter Driver;c:\windows\system32\drivers\vmstorfl.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [x]
S0 vdrvroot;Microsoft Virtual Drive Enumerator Driver;c:\windows\system32\drivers\vdrvroot.sys [x]
S0 vmbus;Virtual Machine Bus;c:\windows\system32\drivers\vmbus.sys [x]
S0 volmgr;Volume Manager Driver;c:\windows\system32\drivers\volmgr.sys [x]
S0 volmgrx;Dynamic Volume Manager;c:\windows\System32\drivers\volmgrx.sys [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [x]
S1 CSC;Offline Files Driver;c:\windows\system32\drivers\csc.sys [x]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [x]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [x]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [x]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [x]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [x]
S1 tdx;NetIO Legacy TDI Support Driver;c:\windows\system32\DRIVERS\tdx.sys [x]
S1 Wanarpv6;Remote Access IPv6 ARP Driver;c:\windows\system32\DRIVERS\wanarp.sys [x]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-03-01 3246040]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AudioEndpointBuilder;Windows Audio Endpoint Builder;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BFE;Base Filtering Engine;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 CscService;Offline Files;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 DPS;Diagnostic Policy Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 FDResPub;Function Discovery Resource Publication;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 gpsvc;Group Policy Client;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IKEEXT;IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 iphlpsvc;IP Helper;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [x]
S2 luafv;UAC File Virtualization;c:\windows\system32\drivers\luafv.sys [x]
S2 MMCSS;Multimedia Class Scheduler;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MpsSvc;Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NlaSvc;Network Location Awareness;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 nsi;Network Store Interface Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [x]
S2 Power;Power;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 ProfSvc;User Profile Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RpcEptMapper;RPC Endpoint Mapper;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-01-10 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-01-10 399416]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [x]
S2 UxSms;Desktop Window Manager Session Manager;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 Appinfo;Application Information;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 bowser;Browser Support Driver;c:\windows\system32\DRIVERS\bowser.sys [x]
S3 CompositeBus;Composite Bus Enumerator Driver;c:\windows\system32\drivers\CompositeBus.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [x]
S3 fdPHost;Function Discovery Provider Host;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys [x]
S3 HomeGroupListener;HomeGroup Listener;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 HomeGroupProvider;HomeGroup Provider;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 KeyIso;CNG Key Isolation;c:\windows\system32\lsass.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
S3 monitor;Microsoft Monitor Class Function Driver Service;c:\windows\system32\DRIVERS\monitor.sys [x]
S3 mpsdrv;Windows Firewall Authorization Driver;c:\windows\system32\drivers\mpsdrv.sys [x]
S3 mrxsmb10;SMB 1.x MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb10.sys [x]
S3 mrxsmb20;SMB 2.0 MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb20.sys [x]
S3 netprofm;Network List Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [x]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [x]
S3 SDRSVC;Windows Backup;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 srv2;Server SMB 2.xxx Driver;c:\windows\system32\DRIVERS\srv2.sys [x]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [x]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [x]
S3 umbus;UMBus Enumerator Driver;c:\windows\system32\DRIVERS\umbus.sys [x]
S3 WdiServiceHost;Diagnostic Service Host;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WdiSystemHost;Diagnostic System Host;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
wcssvc REG_MULTI_SZ WcsPlugInService
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-26 01:04]
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-26 01:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-19 19:27 509952 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2010-11-16 104008]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-02-01 390720]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
winmgmt
SessionEnv
browser
EapHost
schedule
hkmsvc
wercplsupport
ProfSvc
Themes
BDESVC
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
StorSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-03-20 10:09:18
ComboFix-quarantined-files.txt 2011-03-20 00:09
ComboFix2.txt 2011-03-19 01:37
.
Pre-Run: 770,728,464,384 bytes free
Post-Run: 770,698,129,408 bytes free
.
- - End Of File - - BD78F9BC26E95401AF88313C0AE048E5


Very long file

Again I do appreciate you and thank you for your help.

Cheers G
 
Bobbye further to my earlier post on not having illegitimate software on my system.

Amendment: I no longer have that file that I kinda suspected of being illegitimate.
I shredded it with a six pass file shredder that comes with Spybot S&D.

I feel I can now be indignant.

I appreciate your assistant but please don't acusse me of being a thief in an open forum.
 
You might find this program helpful or as an adjunct to Ghostscript
It is called GSview> http://pages.cs.wisc.edu/~ghost/gsview/index.htm

I don't see any further evidence of malware. If the original problem has been resolved:

Removing all of the tools we used and the files and folders they created
  • Uninstall ComboFix and all Backups of the files it deleted
  • Click START> then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    CF_Uninstall-1.jpg
  • Download OTCleanIt by OldTimer and save it to your Desktop.
  • Double click OTCleanIt.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.
======================================
You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.

Creating a Restore Point in Windows 7:
  1. Click on Start> right click on Computer> Properties
  2. Select System Protection
  3. Click on the Create button (near bottom)
  4. Type a name for the Restore Point
  5. Click on Create again to save the restore point.

Deleting all but the most recent System Protection point in Windows 7
  1. Click Start> Computer> right click the C Drive and choose Properties> enter.
  2. Click Disk Cleanup from there.
    image2.png
  3. Click Clean up system files
    This restarts Disk Cleanup to run in elevated mode.
  4. Click the More Options tab
    w7-srp2.png
  5. Click the Clean up under System Restore and Shadow Copies.
  6. Click OK.
  7. You will get a confirmation screen> Just click Delete.
  8. Click OK on the Disk Cleanup Screen.
  9. Click Delete Files on the Confirmation screen.
image6.png

It will run the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
Images courtesy lytebyte.

Empty the Recycle Bin
Let me know if you have any further questions.
 
G'day Bobbye,

I have carried out the cleanup tasks and another complete scan of the system using Avira (chose to install Avira as the "temp" AV).

The system has come up "squeeky" clean.

Many, many thanks for your assist.

The world is a much better place when kind people such as yourself help others.

Two last questions if I may.
1. AVG, worth reinstalling? (My paid subsript is good till Nov 11)
2. Could you suggest/direct me to a forum to help solve BSOD Stop: 0x0A errors? (I have much respect for your suggestions)

Cheers,

G
 
You're very welcome! Love that 'squeak'!

About AVG: No, I don't renewing it. I also don't believe in wasting money. Let the subscription run out, then make a change if you want. This board was full of the Win32/Heur False Positives by AVG- and it's not the first time. In addition, They have removed any way to just disable the program when needed to run scans. To have to uninstall the entire program in order to run a program so frequently used as Combofix is ridiculous! And occasionally, when someone leaves an AVG scan log, most of it is just Tracking Cookies!

I used AVG until it went to v8- something changed the program when they bundled the spyware program and upgraded the engine from 7 to 8. Guess they never heard 'if it ain't broke....'!
I don't use any 'suites' as I prefer the free standing programs. I'm using the paid Eset Nod32 AV and am very please with the performance, ease of use and configuration.

But both Avast and Avira are free and good, if you want to go that route.

For the BSOD Stop: 0x0A errors Win 7, have a look here: http://www.winvistaclub.com/t3.html There is a great troubleshooting write up and explanation. See if you can work it out. The description of the Error along with the Corresponding Error and Source can be found in the Event Viewer:

Start> Run> type in eventvwr > enter to open the Event Viewer. Event are time coded, so if you check the computer clock when you get the BSOD, you can look for the time in the Event Viewer and see if there is a corresponding error. That will give you-and anyone who helps you-the information needed to try and pin down a cause.

Note: If you've never opened the Event Viewer before, know that the only entries you're interested in are Errors. The Information events are normal and Warnings will become Errors if they can't be resolved. Let me know if you need more help. I'll keep the thread open.
 
Thanks Bobbye,

Also, thanks for the additional info on BSODs,

I'm fairly certain that its either the ATI driver or something to do with ATI Catalyst.

I seem to update all the graphics drivers and eventually get a stable system and no sooner than I do; windows 7 updates something and then the BSODs start all over again, and then I wait for new ATI driver/catalyst and then around we go again and again.

I have done memtests till the memory dosen't want "no more testing" and I even sent back one of my 5970 cards for a return. Whilst the BSODs may have seemed a little less frequent with only one card. When I got the replacement re-installed you guesssed it...... it was BSOD time again.

I have seen on one of the forums here that the ATI 11.4 Beta preview drivers seem to be a fair crack at a working set.

Now that I have eliminated AVG from being the cause, (system BSODed after AVG was removed) I will download the trial drives and give them a whirl. When I had the 10.12 Beta preview drivers I don't think I had any BSODs until SP1. Then happy happy BSOD time came back.

Again thank you very much for all your help.

:wave:
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
797
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back