also @ TechSpot: Weekend Open Forum: Imagining Google's own country

TechSpot

TechSpot News Products Downloads Forums

About
Sign in

Welcome to TechSpot

Why should I register?

Sign up for a new account or log in here:

Forgot your password?

Couldn't sign you in, please try again.

Internet not working after AVG cleaned out Netbt.sys

Discussion in 'Virus and Malware Removal' started by Fudd0828, Jun 3, 2012.

Post New Reply

Page 3 of 4

Broni Malware Annihilator Posts: 39,254 +175
Good.

We have a rootkit there.
That's why your computer is sluggish.

My bed time is coming, so I'll check on you tomorrow morning.

If you still have time...

Download TDSSKiller and save it to your desktop.

Extract (unzip) its contents to your desktop.

Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

If an infected file is detected, the default action will be Cure, click on Continue.

If a suspicious file is detected, the default action will be Skip, click on Continue.

It may ask you to reboot the computer to complete the process. Click on Reboot Now.

If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.

If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
Broni, Jun 5, 2012

#41
Fudd0828 Newcomer, in training Posts: 49

22:10:23.0687 0236 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
22:10:24.0187 0236 ============================================================
22:10:24.0187 0236 Current date / time: 2012/06/04 22:10:24.0187
22:10:24.0187 0236 SystemInfo:
22:10:24.0187 0236
22:10:24.0187 0236 OS Version: 5.1.2600 ServicePack: 3.0
22:10:24.0187 0236 Product type: Workstation
22:10:24.0343 0236 ComputerName: DESKTOP
22:10:24.0343 0236 UserName: Justin
22:10:24.0343 0236 Windows directory: C:\WINDOWS
22:10:24.0343 0236 System windows directory: C:\WINDOWS
22:10:24.0343 0236 Processor architecture: Intel x86
22:10:24.0343 0236 Number of processors: 1
22:10:24.0343 0236 Page size: 0x1000
22:10:24.0343 0236 Boot type: Normal boot
22:10:24.0343 0236 ============================================================
22:10:26.0562 0236 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:10:26.0562 0236 ============================================================
22:10:26.0562 0236 \Device\Harddisk0\DR0:
22:10:26.0562 0236 MBR partitions:
22:10:26.0562 0236 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1A4F3A
22:10:26.0562 0236 ============================================================
22:10:26.0609 0236 C: <-> \Device\Harddisk0\DR0\Partition0
22:10:26.0609 0236 ============================================================
22:10:26.0609 0236 Initialize success
22:10:26.0609 0236 ============================================================
22:10:30.0140 3188 ============================================================
22:10:30.0140 3188 Scan started
22:10:30.0140 3188 Mode: Manual;
22:10:30.0140 3188 ============================================================
22:10:31.0015 3188 Abiosdsk - ok
22:10:31.0031 3188 abp480n5 - ok
22:10:31.0031 3188 acermemusagecheckservice - ok
22:10:31.0109 3188 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:10:31.0109 3188 ACPI - ok
22:10:31.0140 3188 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:10:31.0140 3188 ACPIEC - ok
22:10:31.0156 3188 AcronisOSSReinstallSvc - ok
22:10:31.0156 3188 acs - ok
22:10:31.0187 3188 addfiltr - ok
22:10:31.0250 3188 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:10:31.0250 3188 AdobeFlashPlayerUpdateSvc - ok
22:10:31.0265 3188 adpu160m - ok
22:10:31.0265 3188 adpu320 - ok
22:10:31.0328 3188 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:10:31.0328 3188 aec - ok
22:10:31.0390 3188 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:10:31.0390 3188 AegisP - ok
22:10:31.0406 3188 aexnsclienttransport - ok
22:10:31.0453 3188 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
22:10:31.0453 3188 AFD - ok
22:10:31.0468 3188 AFGMp50 - ok
22:10:31.0468 3188 AGV - ok
22:10:31.0484 3188 Aha154x - ok
22:10:31.0500 3188 aic78u2 - ok
22:10:31.0515 3188 aic78xx - ok
22:10:31.0562 3188 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
22:10:31.0578 3188 Alerter - ok
22:10:31.0609 3188 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
22:10:31.0609 3188 ALG - ok
22:10:31.0609 3188 aliadwdm - ok
22:10:31.0625 3188 AliIde - ok
22:10:31.0640 3188 Alpham2 - ok
22:10:31.0687 3188 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
22:10:31.0703 3188 AmdK8 - ok
22:10:31.0703 3188 amsint - ok
22:10:31.0843 3188 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:10:31.0859 3188 Apple Mobile Device - ok
22:10:31.0906 3188 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
22:10:31.0906 3188 AppMgmt - ok
22:10:31.0921 3188 asc - ok
22:10:31.0921 3188 asc3350p - ok
22:10:31.0937 3188 asc3550 - ok
22:10:32.0109 3188 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:10:32.0109 3188 aspnet_state - ok
22:10:32.0171 3188 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:10:32.0171 3188 AsyncMac - ok
22:10:32.0187 3188 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:10:32.0187 3188 atapi - ok
22:10:32.0203 3188 Atdisk - ok
22:10:32.0250 3188 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:10:32.0250 3188 Atmarpc - ok
22:10:32.0281 3188 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
22:10:32.0281 3188 AudioSrv - ok
22:10:32.0328 3188 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:10:32.0328 3188 audstub - ok
22:10:32.0343 3188 automate6 - ok
22:10:32.0671 3188 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
22:10:32.0703 3188 AVGIDSAgent - ok
22:10:32.0859 3188 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
22:10:32.0859 3188 AVGIDSDriver - ok
22:10:32.0906 3188 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
22:10:32.0906 3188 AVGIDSEH - ok
22:10:32.0937 3188 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
22:10:32.0937 3188 AVGIDSFilter - ok
22:10:32.0953 3188 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
22:10:32.0953 3188 AVGIDSShim - ok
22:10:33.0000 3188 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:10:33.0015 3188 Avgldx86 - ok
22:10:33.0046 3188 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:10:33.0046 3188 Avgmfx86 - ok
22:10:33.0078 3188 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:10:33.0078 3188 Avgrkx86 - ok
22:10:33.0109 3188 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
22:10:33.0109 3188 Avgtdix - ok
22:10:33.0234 3188 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
22:10:33.0234 3188 avgwd - ok
22:10:33.0281 3188 b57w2k (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
22:10:33.0281 3188 b57w2k - ok
22:10:33.0328 3188 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:10:33.0328 3188 Beep - ok
22:10:33.0390 3188 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
22:10:33.0406 3188 BITS - ok
22:10:33.0468 3188 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:10:33.0484 3188 Bonjour Service - ok
22:10:33.0531 3188 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
22:10:33.0531 3188 Browser - ok
22:10:33.0546 3188 bthenum - ok
22:10:33.0546 3188 btnetfilter - ok
22:10:33.0578 3188 catchme - ok
22:10:33.0609 3188 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:10:33.0609 3188 cbidf2k - ok
22:10:33.0640 3188 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:10:33.0640 3188 CCDECODE - ok
22:10:33.0656 3188 ccpwdsvc - ok
22:10:33.0671 3188 cd20xrnt - ok
22:10:33.0687 3188 CdaD10BA - ok
22:10:33.0750 3188 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:10:33.0765 3188 Cdaudio - ok
22:10:33.0812 3188 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:10:33.0812 3188 Cdfs - ok
22:10:33.0828 3188 cdmservice - ok
22:10:33.0843 3188 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:10:33.0843 3188 Cdrom - ok
22:10:33.0859 3188 Changer - ok
22:10:33.0859 3188 cicssfs.scmmc223 - ok
22:10:33.0921 3188 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
22:10:33.0921 3188 CiSvc - ok
22:10:33.0968 3188 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
22:10:33.0968 3188 ClipSrv - ok
22:10:34.0093 3188 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:10:34.0093 3188 clr_optimization_v2.0.50727_32 - ok
22:10:34.0109 3188 CmdIde - ok
22:10:34.0109 3188 COMSysApp - ok
22:10:34.0140 3188 Cpqarray - ok
22:10:34.0203 3188 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
22:10:34.0203 3188 CryptSvc - ok
22:10:34.0203 3188 crystaloutputfileserver - ok
22:10:34.0218 3188 CTDevice_Srv - ok
22:10:34.0234 3188 CTEDSPSY.DLL - ok
22:10:34.0250 3188 CTEXFIFX.DLL - ok
22:10:34.0265 3188 ctsfm2k - ok
22:10:34.0281 3188 dac2w2k - ok
22:10:34.0296 3188 dac960nt - ok
22:10:34.0312 3188 db2 - ok
22:10:34.0328 3188 DCFS2K - ok
22:10:34.0406 3188 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
22:10:34.0406 3188 DcomLaunch - ok
22:10:34.0421 3188 Dell1100_FUService - ok
22:10:34.0468 3188 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
22:10:34.0468 3188 Dhcp - ok
22:10:34.0484 3188 digictrl - ok
22:10:34.0484 3188 digisptiservice - ok
22:10:34.0546 3188 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:10:34.0546 3188 Disk - ok
22:10:34.0546 3188 DivisCTP - ok
22:10:34.0562 3188 dklogger - ok
22:10:34.0578 3188 dlaifs_m - ok
22:10:34.0625 3188 dlaudfam (c62f76344cd3a3a6314055b4929e529d) C:\WINDOWS\system32\BrSerIf.dll
22:10:34.0625 3188 dlaudfam - ok
22:10:34.0625 3188 dmadmin - ok
22:10:34.0687 3188 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:10:34.0718 3188 dmboot - ok
22:10:34.0718 3188 DMICall - ok
22:10:34.0734 3188 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:10:34.0750 3188 dmio - ok
22:10:34.0765 3188 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:10:34.0765 3188 dmload - ok
22:10:34.0796 3188 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
22:10:34.0796 3188 dmserver - ok
22:10:34.0812 3188 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:10:34.0812 3188 DMusic - ok
22:10:34.0859 3188 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
22:10:34.0859 3188 Dnscache - ok
22:10:34.0859 3188 dnserver32 - ok
22:10:34.0875 3188 dntus26 - ok
22:10:34.0921 3188 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
22:10:34.0921 3188 Dot3svc - ok
22:10:34.0968 3188 Dot4Scan (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
22:10:34.0984 3188 Dot4Scan - ok
22:10:34.0984 3188 dpti2o - ok
22:10:35.0046 3188 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:10:35.0046 3188 drmkaud - ok
22:10:35.0046 3188 dtsagntsvc - ok
22:10:35.0062 3188 dvd_2K - ok
22:10:35.0078 3188 dxdebug - ok
22:10:35.0109 3188 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
22:10:35.0109 3188 EapHost - ok
22:10:35.0140 3188 EAPPkt (c47e7c5e7410c7de98f7219e3008c23d) C:\WINDOWS\system32\DRIVERS\EAPPkt.sys
22:10:35.0156 3188 EAPPkt - ok
22:10:35.0156 3188 ec2007service - ok
22:10:35.0171 3188 elaunidr - ok
22:10:35.0187 3188 eloggersvc6 - ok
22:10:35.0203 3188 EMCFILT - ok
22:10:35.0218 3188 EPOWER - ok
22:10:35.0234 3188 erecoveryservice - ok
22:10:35.0265 3188 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
22:10:35.0281 3188 ERSvc - ok
22:10:35.0328 3188 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
22:10:35.0328 3188 Eventlog - ok
22:10:35.0390 3188 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
22:10:35.0406 3188 EventSystem - ok
22:10:35.0484 3188 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:10:35.0484 3188 Fastfat - ok
22:10:35.0531 3188 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:10:35.0531 3188 FastUserSwitchingCompatibility - ok
22:10:35.0546 3188 fcprintservice - ok
22:10:35.0578 3188 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:10:35.0578 3188 Fdc - ok
22:10:35.0578 3188 FET5X86V - ok
22:10:35.0593 3188 fetnd5bv - ok
22:10:35.0625 3188 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:10:35.0625 3188 Fips - ok
22:10:35.0656 3188 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:10:35.0656 3188 Flpydisk - ok
22:10:35.0703 3188 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:10:35.0703 3188 FltMgr - ok
22:10:35.0828 3188 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:10:35.0828 3188 FontCache3.0.0.0 - ok
22:10:35.0890 3188 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:10:35.0890 3188 Fs_Rec - ok
22:10:35.0906 3188 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:10:35.0921 3188 Ftdisk - ok
22:10:35.0968 3188 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:10:35.0984 3188 GEARAspiWDM - ok
22:10:36.0031 3188 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:10:36.0031 3188 Gpc - ok
22:10:36.0031 3188 grmnusb - ok
22:10:36.0187 3188 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
22:10:36.0187 3188 gupdate - ok
22:10:36.0203 3188 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
22:10:36.0203 3188 gupdatem - ok
22:10:36.0265 3188 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:10:36.0281 3188 gusvc - ok
22:10:36.0281 3188 ha20x2k - ok
22:10:36.0296 3188 hap17v2k - ok
22:10:36.0343 3188 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:10:36.0343 3188 HDAudBus - ok
22:10:36.0390 3188 helpsvc - ok
22:10:36.0437 3188 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
22:10:36.0437 3188 HidServ - ok
22:10:36.0500 3188 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:10:36.0500 3188 hidusb - ok
22:10:36.0546 3188 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
22:10:36.0546 3188 hkmsvc - ok
22:10:36.0546 3188 hmonitor - ok
22:10:36.0562 3188 hpn - ok
22:10:36.0671 3188 hpqcxs08 (58d4765ab87347db835d5693adf652c1) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:10:36.0687 3188 hpqcxs08 - ok
22:10:36.0718 3188 hpqddsvc (99ed733f614660eb32199bf889dfb7e2) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:10:36.0718 3188 hpqddsvc - ok
22:10:36.0781 3188 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:10:36.0781 3188 HPZid412 - ok
22:10:36.0828 3188 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:10:36.0828 3188 HPZipr12 - ok
22:10:36.0875 3188 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:10:36.0875 3188 HPZius12 - ok
22:10:36.0875 3188 HSFHWICH - ok
22:10:36.0890 3188 HssDrv - ok
22:10:36.0953 3188 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:10:36.0984 3188 HTTP - ok
22:10:37.0046 3188 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
22:10:37.0046 3188 HTTPFilter - ok
22:10:37.0062 3188 i2omgmt - ok
22:10:37.0062 3188 i2omp - ok
22:10:37.0125 3188 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
22:10:37.0125 3188 i8042prt - ok
22:10:37.0125 3188 iaimfp2 - ok
22:10:37.0281 3188 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:10:37.0312 3188 idsvc - ok
22:10:37.0312 3188 igateway - ok
22:10:37.0328 3188 iirsp - ok
22:10:37.0375 3188 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:10:37.0375 3188 Imapi - ok
22:10:37.0421 3188 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
22:10:37.0437 3188 ImapiService - ok
22:10:37.0437 3188 ini910u - ok
22:10:37.0468 3188 IntelIde - ok
22:10:37.0484 3188 iolodmv - ok
22:10:37.0500 3188 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:10:37.0515 3188 ip6fw - ok
22:10:37.0531 3188 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:10:37.0531 3188 IpFilterDriver - ok
22:10:37.0546 3188 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:10:37.0546 3188 IpInIp - ok
22:10:37.0578 3188 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:10:37.0593 3188 IpNat - ok
22:10:37.0703 3188 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:10:37.0718 3188 iPod Service - ok
22:10:37.0734 3188 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:10:37.0734 3188 IPSec - ok
22:10:37.0765 3188 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:10:37.0765 3188 IRENUM - ok
22:10:37.0796 3188 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:10:37.0796 3188 isapnp - ok
22:10:37.0796 3188 issvc - ok
22:10:37.0906 3188 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
22:10:37.0906 3188 JavaQuickStarterService - ok
22:10:37.0953 3188 JL2005C (efe9fdc54ba6d55dcefe045062ad5c3f) C:\WINDOWS\system32\Drivers\jl2005c.sys
22:10:37.0968 3188 JL2005C - ok
22:10:38.0015 3188 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:10:38.0015 3188 Kbdclass - ok
22:10:38.0031 3188 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:10:38.0031 3188 kbdhid - ok
22:10:38.0078 3188 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:10:38.0078 3188 kmixer - ok
22:10:38.0125 3188 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
22:10:38.0125 3188 KMWDFILTER - ok
22:10:38.0125 3188 kodakccs - ok
22:10:38.0156 3188 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:10:38.0156 3188 KSecDD - ok
22:10:38.0156 3188 L1e - ok
22:10:38.0203 3188 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
22:10:38.0203 3188 lanmanserver - ok
22:10:38.0265 3188 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
22:10:38.0265 3188 lanmanworkstation - ok
22:10:38.0265 3188 lbrtfdc - ok
22:10:38.0328 3188 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
22:10:38.0328 3188 LmHosts - ok
22:10:38.0421 3188 LMIGuardianSvc (6e7d0424132a7c2113f7f0912045b137) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
22:10:38.0437 3188 LMIGuardianSvc - ok
22:10:38.0437 3188 LMIInfo - ok
22:10:38.0500 3188 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
22:10:38.0500 3188 lmimirr - ok
22:10:38.0515 3188 LMIRfsClientNP - ok
22:10:38.0531 3188 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
22:10:38.0531 3188 LMIRfsDriver - ok
22:10:38.0546 3188 LMouFilt - ok
22:10:38.0546 3188 LMS - ok
22:10:38.0562 3188 LVPrcMon - ok
22:10:38.0578 3188 lxcccustomerconnect - ok
22:10:38.0609 3188 maya70docserver - ok
22:10:38.0640 3188 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
22:10:38.0640 3188 MBAMProtector - ok
22:10:38.0687 3188 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:10:38.0687 3188 MBAMService - ok
22:10:38.0703 3188 mcrdsvc - ok
22:10:38.0796 3188 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
22:10:38.0812 3188 MDM - ok
22:10:38.0812 3188 mdvrmng - ok
22:10:38.0843 3188 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
22:10:38.0859 3188 Messenger - ok
22:10:38.0859 3188 mfeavfk - ok
22:10:38.0906 3188 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:10:38.0906 3188 mnmdd - ok
22:10:38.0953 3188 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
22:10:38.0953 3188 mnmsrvc - ok
22:10:38.0984 3188 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:10:38.0984 3188 Modem - ok
22:10:39.0015 3188 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:10:39.0015 3188 Mouclass - ok
22:10:39.0078 3188 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:10:39.0078 3188 mouhid - ok
22:10:39.0125 3188 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:10:39.0125 3188 MountMgr - ok
22:10:39.0125 3188 mraid35x - ok
22:10:39.0140 3188 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:10:39.0140 3188 MRxDAV - ok
22:10:39.0203 3188 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:10:39.0218 3188 MRxSmb - ok
22:10:39.0218 3188 MSCamSvc - ok
22:10:39.0265 3188 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
22:10:39.0265 3188 MSDTC - ok
22:10:39.0281 3188 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:10:39.0281 3188 Msfs - ok
22:10:39.0296 3188 MSIServer - ok
22:10:39.0343 3188 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:10:39.0343 3188 MSKSSRV - ok
22:10:39.0343 3188 msmframework - ok
22:10:39.0359 3188 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:10:39.0359 3188 MSPCLOCK - ok
22:10:39.0375 3188 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:10:39.0375 3188 MSPQM - ok
22:10:39.0421 3188 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:10:39.0421 3188 mssmbios - ok
22:10:39.0437 3188 mssql$microsoftbcm - ok
22:10:39.0468 3188 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:10:39.0468 3188 MSTEE - ok
22:10:39.0484 3188 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:10:39.0484 3188 Mup - ok
22:10:39.0546 3188 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:10:39.0562 3188 NABTSFEC - ok
22:10:39.0562 3188 naimagent32 - ok
22:10:39.0609 3188 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
22:10:39.0625 3188 napagent - ok
22:10:39.0687 3188 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:10:39.0703 3188 NDIS - ok
22:10:39.0734 3188 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:10:39.0734 3188 NdisIP - ok
22:10:39.0734 3188 Ndismeetro - ok
22:10:39.0781 3188 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:10:39.0781 3188 NdisTapi - ok
22:10:39.0796 3188 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:10:39.0796 3188 Ndisuio - ok
22:10:39.0828 3188 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:10:39.0843 3188 NdisWan - ok
22:10:39.0890 3188 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:10:39.0890 3188 NDProxy - ok
22:10:39.0937 3188 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\WINDOWS\system32\HPZinw12.dll
22:10:39.0937 3188 Net Driver HPZ12 - ok
22:10:39.0953 3188 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:10:39.0953 3188 NetBIOS - ok
22:10:40.0000 3188 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\drivers\netbt.sys
22:10:40.0015 3188 NetBT - ok
22:10:40.0078 3188 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
22:10:40.0078 3188 NetDDE - ok
22:10:40.0078 3188 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
22:10:40.0093 3188 NetDDEdsdm - ok
22:10:40.0140 3188 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:10:40.0140 3188 Netlogon - ok
22:10:40.0203 3188 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
22:10:40.0203 3188 Netman - ok
22:10:40.0218 3188 netmnt - ok
22:10:40.0218 3188 netsvc - ok
22:10:40.0359 3188 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:10:40.0359 3188 NetTcpPortSharing - ok
22:10:40.0375 3188 NETw4v32 - ok
22:10:40.0375 3188 nhcDriverDevice - ok
22:10:40.0390 3188 nic1394 - ok
22:10:40.0406 3188 nimcrpcsu - ok
22:10:40.0484 3188 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
22:10:40.0484 3188 Nla - ok
22:10:40.0484 3188 NMSAccessU - ok
22:10:40.0546 3188 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:10:40.0546 3188 Npfs - ok
22:10:40.0562 3188 nsengine - ok
22:10:40.0562 3188 nsm1serd - ok
22:10:40.0578 3188 Nsynas32 - ok
22:10:40.0640 3188 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:10:40.0656 3188 Ntfs - ok
22:10:40.0656 3188 NTIDrvr - ok
22:10:40.0671 3188 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
22:10:40.0671 3188 NtLmSsp - ok
22:10:40.0734 3188 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
22:10:40.0750 3188 NtmsSvc - ok
22:10:40.0796 3188 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
22:10:40.0796 3188 NuidFltr - ok
22:10:40.0843 3188 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:10:40.0843 3188 Null - ok
22:10:40.0984 3188 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:10:41.0031 3188 nv - ok
22:10:41.0156 3188 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:10:41.0156 3188 NwlnkFlt - ok
22:10:41.0156 3188 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:10:41.0171 3188 NwlnkFwd - ok
22:10:41.0171 3188 obvious - ok
22:10:41.0281 3188 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:10:41.0296 3188 odserv - ok
22:10:41.0312 3188 OEM02Dev - ok
22:10:41.0312 3188 omniserv - ok
22:10:41.0390 3188 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:10:41.0406 3188 ose - ok
22:10:41.0421 3188 pageserver - ok
22:10:41.0484 3188 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:10:41.0484 3188 Parport - ok
22:10:41.0546 3188 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:10:41.0546 3188 PartMgr - ok
22:10:41.0593 3188 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:10:41.0593 3188 ParVdm - ok
22:10:41.0609 3188 pcampr5 - ok
22:10:41.0609 3188 PcdrNt - ok
22:10:41.0656 3188 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:10:41.0656 3188 PCI - ok
22:10:41.0671 3188 PCIDump - ok
22:10:41.0718 3188 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:10:41.0718 3188 PCIIde - ok
22:10:41.0750 3188 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:10:41.0750 3188 Pcmcia - ok
22:10:41.0765 3188 PDCOMP - ok
22:10:41.0765 3188 PDFRAME - ok
22:10:41.0781 3188 PDRELI - ok
22:10:41.0812 3188 PDRFRAME - ok
22:10:41.0828 3188 pepifilter - ok
22:10:41.0843 3188 perc2 - ok
22:10:41.0859 3188 perc2hib - ok
22:10:41.0906 3188 pinnaclesys.mediaserver - ok
22:10:41.0968 3188 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
22:10:41.0968 3188 PlugPlay - ok
22:10:42.0015 3188 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll
22:10:42.0015 3188 Pml Driver HPZ12 - ok
22:10:42.0046 3188 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:10:42.0046 3188 PolicyAgent - ok
22:10:42.0109 3188 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:10:42.0125 3188 PptpMiniport - ok
22:10:42.0140 3188 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
22:10:42.0140 3188 Processor - ok
22:10:42.0140 3188 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:10:42.0140 3188 ProtectedStorage - ok
22:10:42.0156 3188 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:10:42.0156 3188 PSched - ok
22:10:42.0187 3188 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:10:42.0187 3188 Ptilink - ok
22:10:42.0187 3188 ql1080 - ok
22:10:42.0203 3188 Ql10wnt - ok
22:10:42.0218 3188 ql12160 - ok
22:10:42.0234 3188 ql1240 - ok
22:10:42.0250 3188 ql1280 - ok
22:10:42.0296 3188 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:10:42.0296 3188 RasAcd - ok
22:10:42.0343 3188 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
22:10:42.0359 3188 RasAuto - ok
22:10:42.0375 3188 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:10:42.0375 3188 Rasl2tp - ok
22:10:42.0437 3188 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
22:10:42.0437 3188 RasMan - ok
22:10:42.0437 3188 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:10:42.0437 3188 RasPppoe - ok
22:10:42.0453 3188 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:10:42.0453 3188 Raspti - ok
22:10:42.0468 3188 raysatxsi5_0server - ok
22:10:42.0484 3188 rca - ok
22:10:42.0515 3188 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:10:42.0515 3188 Rdbss - ok
22:10:42.0531 3188 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:10:42.0531 3188 RDPCDD - ok
22:10:42.0562 3188 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:10:42.0578 3188 rdpdr - ok
22:10:42.0625 3188 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
22:10:42.0625 3188 RDPWD - ok
22:10:42.0687 3188 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
22:10:42.0687 3188 RDSessMgr - ok
22:10:42.0734 3188 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:10:42.0734 3188 redbook - ok
22:10:42.0781 3188 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
22:10:42.0781 3188 RemoteAccess - ok
22:10:42.0781 3188 remotelyanywhere - ok
22:10:42.0843 3188 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
22:10:42.0859 3188 RemoteRegistry - ok
22:10:42.0859 3188 RivaTuner32 - ok
22:10:42.0875 3188 ROB_V - ok
22:10:42.0906 3188 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
22:10:42.0906 3188 RpcLocator - ok
22:10:42.0953 3188 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
22:10:42.0968 3188 RpcSs - ok
22:10:42.0968 3188 rsvchost - ok
22:10:43.0000 3188 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
22:10:43.0015 3188 RSVP - ok
22:10:43.0078 3188 RTL8187B (de4635e8b7975d2b5d961299469a7462) C:\WINDOWS\system32\DRIVERS\wg111v3.sys
22:10:43.0078 3188 RTL8187B - ok
22:10:43.0093 3188 s3psddr - ok
22:10:43.0093 3188 s3savagenb - ok
22:10:43.0125 3188 s3twistr - ok
22:10:43.0140 3188 SABProcEnum - ok
22:10:43.0156 3188 SaiH040B - ok
22:10:43.0171 3188 SaiU040B - ok
22:10:43.0234 3188 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:10:43.0234 3188 SamSs - ok
22:10:43.0265 3188 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
22:10:43.0265 3188 SCardSvr - ok
22:10:43.0296 3188 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
22:10:43.0296 3188 Schedule - ok
22:10:43.0312 3188 se27unic - ok
22:10:43.0328 3188 SE2Bbus - ok
22:10:43.0343 3188 SE2Bmdm - ok
22:10:43.0359 3188 se44mdm - ok
22:10:43.0390 3188 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:10:43.0390 3188 Secdrv - ok
22:10:43.0421 3188 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
22:10:43.0421 3188 seclogon - ok
22:10:43.0437 3188 SecureStorageService - ok
22:10:43.0437 3188 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
22:10:43.0437 3188 SENS - ok
22:10:43.0453 3188 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:10:43.0468 3188 serenum - ok
22:10:43.0484 3188 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:10:43.0484 3188 Serial - ok
22:10:43.0515 3188 servidor - ok
22:10:43.0593 3188 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:10:43.0593 3188 Sfloppy - ok
22:10:43.0593 3188 SGHIDI - ok
22:10:43.0640 3188 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
22:10:43.0656 3188 SharedAccess - ok
22:10:43.0687 3188 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:10:43.0687 3188 ShellHWDetection - ok
22:10:43.0703 3188 Simbad - ok
22:10:43.0703 3188 Sk99202k - ok
22:10:43.0765 3188 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:10:43.0765 3188 SLIP - ok
22:10:43.0781 3188 SNP2UVC - ok
22:10:43.0796 3188 Sparrow - ok
22:10:43.0828 3188 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:10:43.0828 3188 splitter - ok
22:10:43.0875 3188 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
22:10:43.0875 3188 Spooler - ok
22:10:43.0875 3188 sprtsvc_ddoctorv2 - ok
22:10:43.0906 3188 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:10:43.0906 3188 sr - ok
22:10:43.0968 3188 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
22:10:43.0968 3188 srservice - ok
22:10:44.0000 3188 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:10:44.0015 3188 Srv - ok
22:10:44.0062 3188 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
22:10:44.0062 3188 SSDPSRV - ok
22:10:44.0062 3188 stacsv - ok
22:10:44.0078 3188 starwindservice - ok
22:10:44.0187 3188 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
22:10:44.0203 3188 STHDA - ok
22:10:44.0265 3188 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
22:10:44.0281 3188 stisvc - ok
22:10:44.0328 3188 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:10:44.0328 3188 streamip - ok
22:10:44.0328 3188 superproserver - ok
22:10:44.0375 3188 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:10:44.0375 3188 swenum - ok
22:10:44.0390 3188 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:10:44.0390 3188 swmidi - ok
22:10:44.0406 3188 SwPrv - ok
22:10:44.0421 3188 symantecantibotagent - ok
22:10:44.0437 3188 symc810 - ok
22:10:44.0453 3188 symc8xx - ok
22:10:44.0500 3188 symidsco - ok
22:10:44.0500 3188 symproxysvc - ok
22:10:44.0515 3188 sym_hi - ok
22:10:44.0531 3188 sym_u3 - ok
22:10:44.0593 3188 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:10:44.0593 3188 sysaudio - ok
22:10:44.0656 3188 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
22:10:44.0656 3188 SysmonLog - ok
22:10:44.0656 3188 szserver - ok
22:10:44.0671 3188 tabletservice - ok
22:10:44.0718 3188 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
22:10:44.0718 3188 TapiSrv - ok
22:10:44.0734 3188 tbaspi - ok
22:10:44.0796 3188 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:10:44.0843 3188 Tcpip - ok
22:10:44.0843 3188 tcpip6 - ok
22:10:44.0890 3188 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:10:44.0890 3188 TDPIPE - ok
22:10:44.0921 3188 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:10:44.0921 3188 TDTCP - ok
22:10:44.0984 3188 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:10:44.0984 3188 TermDD - ok
22:10:45.0015 3188 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
22:10:45.0015 3188 TermService - ok
22:10:45.0015 3188 tga - ok
22:10:45.0093 3188 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:10:45.0093 3188 Themes - ok
22:10:45.0093 3188 thkeys - ok
22:10:45.0156 3188 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\System32\tlntsvr.exe
22:10:45.0156 3188 TlntSvr - ok
22:10:45.0156 3188 TosIde - ok
22:10:45.0171 3188 tosrfnds - ok
22:10:45.0187 3188 TPM - ok
22:10:45.0218 3188 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
22:10:45.0218 3188 TrkWks - ok
22:10:45.0234 3188 truecrypt - ok
22:10:45.0281 3188 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:10:45.0281 3188 Udfs - ok
22:10:45.0296 3188 ultra - ok
22:10:45.0312 3188 umwdf - ok
22:10:45.0359 3188 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:10:45.0359 3188 Update - ok
22:10:45.0390 3188 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
22:10:45.0406 3188 upnphost - ok
22:10:45.0421 3188 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
22:10:45.0421 3188 UPS - ok
22:10:45.0437 3188 Usb20Scan - ok
22:10:45.0484 3188 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:10:45.0484 3188 USBAAPL - ok
22:10:45.0531 3188 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:10:45.0546 3188 usbccgp - ok
22:10:45.0562 3188 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:10:45.0562 3188 usbehci - ok
22:10:45.0609 3188 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:10:45.0625 3188 usbhub - ok
22:10:45.0625 3188 USBModem - ok
22:10:45.0656 3188 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:10:45.0656 3188 usbohci - ok
22:10:45.0703 3188 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:10:45.0703 3188 usbprint - ok
22:10:45.0750 3188 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:10:45.0750 3188 usbscan - ok
22:10:45.0796 3188 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:10:45.0796 3188 USBSTOR - ok
22:10:45.0796 3188 usb_rndisx - ok
22:10:45.0859 3188 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:10:45.0859 3188 VgaSave - ok
22:10:45.0875 3188 ViaIde - ok
22:10:45.0937 3188 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:10:45.0937 3188 VolSnap - ok
22:10:45.0953 3188 vpcbus - ok
22:10:45.0953 3188 vpcvmm - ok
22:10:46.0015 3188 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
22:10:46.0015 3188 VSS - ok
22:10:46.0031 3188 vstor2-ws60 - ok
22:10:46.0187 3188 vToolbarUpdater (49099f62da09c819ecc69e9d9267d3ac) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
22:10:46.0187 3188 vToolbarUpdater - ok
22:10:46.0203 3188 vvoice - ok
22:10:46.0203 3188 VX1000 - ok
22:10:46.0250 3188 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
22:10:46.0250 3188 W32Time - ok
22:10:46.0265 3188 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:10:46.0281 3188 Wanarp - ok
22:10:46.0281 3188 wap3gx - ok
22:10:46.0343 3188 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:10:46.0359 3188 Wdf01000 - ok
22:10:46.0359 3188 WDICA - ok
22:10:46.0421 3188 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:10:46.0421 3188 wdmaud - ok
22:10:46.0468 3188 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
22:10:46.0468 3188 WebClient - ok
22:10:46.0484 3188 wg5n - ok
22:10:46.0578 3188 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:10:46.0578 3188 winmgmt - ok
22:10:46.0656 3188 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
22:10:46.0656 3188 WmdmPmSN - ok
22:10:46.0718 3188 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
22:10:46.0718 3188 Wmi - ok
22:10:46.0765 3188 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
22:10:46.0765 3188 WmiApSrv - ok
22:10:46.0781 3188 wmp54gsvc - ok
22:10:46.0937 3188 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
22:10:46.0984 3188 WMPNetworkSvc - ok
22:10:47.0062 3188 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:10:47.0062 3188 WS2IFSL - ok
22:10:47.0109 3188 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
22:10:47.0109 3188 wscsvc - ok
22:10:47.0109 3188 WSearch - ok
22:10:47.0156 3188 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:10:47.0156 3188 WSTCODEC - ok
22:10:47.0187 3188 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
22:10:47.0187 3188 wuauserv - ok
22:10:47.0234 3188 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:10:47.0250 3188 WudfPf - ok
22:10:47.0281 3188 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:10:47.0281 3188 WudfRd - ok
22:10:47.0312 3188 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
22:10:47.0312 3188 WudfSvc - ok
22:10:47.0359 3188 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
22:10:47.0375 3188 WZCSVC - ok
22:10:47.0375 3188 x10nets - ok
22:10:47.0406 3188 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
22:10:47.0406 3188 xmlprov - ok
22:10:47.0421 3188 z800mdfl - ok
22:10:47.0421 3188 ZuneBusEnum - ok
22:10:47.0500 3188 MBR (0x1B8) (faee7e40dfb0440ad2cfc39befa1f4c2) \Device\Harddisk0\DR0
22:10:47.0515 3188 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
22:10:47.0515 3188 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
22:10:47.0531 3188 Boot (0x1200) (c69a59da315f79c8c8f07664fdc162b5) \Device\Harddisk0\DR0\Partition0
22:10:47.0531 3188 \Device\Harddisk0\DR0\Partition0 - ok
22:10:47.0531 3188 ============================================================
22:10:47.0531 3188 Scan finished
22:10:47.0531 3188 ============================================================
22:10:47.0562 3936 Detected object count: 1
22:10:47.0562 3936 Actual detected object count: 1
22:11:22.0750 3936 \Device\Harddisk0\DR0\# - copied to quarantine
22:11:22.0750 3936 \Device\Harddisk0\DR0 - copied to quarantine
22:11:22.0828 3936 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
22:11:22.0843 3936 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
22:11:22.0843 3936 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
22:11:22.0843 3936 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
22:11:22.0859 3936 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
22:11:22.0859 3936 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
22:11:22.0859 3936 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
22:11:22.0890 3936 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
22:11:22.0890 3936 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
22:11:22.0906 3936 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
22:11:22.0937 3936 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
22:11:22.0937 3936 \Device\Harddisk0\DR0 - ok
22:11:22.0937 3936 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
22:11:44.0000 1788 Deinitialize success

Fudd0828, Jun 5, 2012

#42
Broni Malware Annihilator Posts: 39,254 +175
Very good

Download Bootkit Remover to your desktop.

Unzip downloaded file to your Desktop.

Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).

It will show a Black screen with some data on it.

Right click on the screen and click Select All.

Press CTRL+C

Open a Notepad and press CTRL+V

Post the output back here.

========================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
Broni, Jun 5, 2012

#43
Fudd0828 Newcomer, in training Posts: 49

Here is bootkit results

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com
Program version: 1.2.0.1
OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)
System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)

Done;
Press any key to quit...

Fudd0828, Jun 5, 2012

#44
Fudd0828 Newcomer, in training Posts: 49

here is mbr

3ÀŽÐ¼ |ûPPü¾|¿PW¹åó¤Ë½¾±8n | uƒÅâôÍ‹õƒÆIt8,tö µ´‹ð¬< tü» ´ÍëòˆNèF s*þF€~t€~t ¶uÒ€FƒFƒV
è! s ¶ë¼>þ}Uªt€~ tÈ ·ë©‹üW‹õË¿ ŠV ´Ír#ŠÁ$?˜ŠÞŠüC÷ã‹Ñ†Ö±ÒîB÷â9V
w#r9Fs¸» |‹N‹V ÍsQOtN2äŠV ÍëäŠV `»ªU´AÍr6ûUªu0öÁt+a`j j ÿv
ÿvj h |jj´B‹ôÍaasOt2äŠV ÍëÖaùÃInvalid partition table Error loading operating system Missing operating system ,Dcde € þÿÿ? :O Uª

Fudd0828, Jun 5, 2012

#45

Fudd0828 Newcomer, in training Posts: 49

okay so can I start clearing some of these programs from my desktop.

Fudd0828, Jun 5, 2012

#46

Broni Malware Annihilator Posts: 39,254 +175

We're pretty far from being done.
For now I still need aswMBR log.

Broni, Jun 5, 2012

#47
Fudd0828 Newcomer, in training Posts: 49

Here it is sorry

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-05 17:02:49
-----------------------------
17:02:49.343 OS Version: Windows 5.1.2600 Service Pack 3
17:02:49.343 Number of processors: 1 586 0x5F02
17:02:49.343 ComputerName: DESKTOP UserName: Justin
17:02:51.796 Initialize success
17:04:38.546 AVAST engine defs: 12060501
17:04:45.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:04:45.468 Disk 0 Vendor: WDC_WD2500AAJS-75M0A0 02.03E02 Size: 238418MB BusType: 3
17:04:45.500 Disk 0 MBR read successfully
17:04:45.500 Disk 0 MBR scan
17:04:45.593 Disk 0 Windows XP default MBR code
17:04:45.609 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238409 MB offset 63
17:04:45.687 Disk 0 scanning sectors +488263545
17:04:45.875 Disk 0 scanning C:\WINDOWS\system32\drivers
17:05:18.656 Service scanning
17:06:04.359 Modules scanning
17:06:27.968 Disk 0 trace - called modules:
17:06:27.968 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
17:06:27.984 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ab42ab8]
17:06:27.984 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000068[0x8ab6bf18]
17:06:27.984 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8aaa9940]
17:06:29.218 AVAST engine scan C:\WINDOWS
17:06:45.015 AVAST engine scan C:\WINDOWS\system32
17:13:13.546 AVAST engine scan C:\WINDOWS\system32\drivers
17:13:51.859 AVAST engine scan C:\Documents and Settings\Justin
17:17:30.515 AVAST engine scan C:\Documents and Settings\All Users
17:18:46.343 Scan finished successfully
17:25:39.515 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Justin\Desktop\MBR.dat"
17:25:39.515 The log file has been saved successfully to "C:\Documents and Settings\Justin\Desktop\aswMBR.txt"

Fudd0828, Jun 5, 2012

#48
Broni Malware Annihilator Posts: 39,254 +175
Looks good.

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

Close any open browsers.

WARNING: Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: http://www.appremover.com/
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.exe

Double-click on the Rkill icon to run the tool.

If using Vista or Windows 7 right-click on it and choose Run As Administrator.

A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

If not, delete the file, then download and use the one provided in Link 2.

If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.

Do not reboot until instructed.

If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
Broni, Jun 5, 2012

#49
Fudd0828 Newcomer, in training Posts: 49

ComboFix 12-06-05.04 - Justin 06/05/2012 20:11:12.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2350 [GMT -7:00]
Running from: c:\documents and settings\Justin\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\AutoRun.inf
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2bafc65145f03497.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\drivers\npf.sys
.
.
((((((((((((((((((((((((( Files Created from 2012-05-06 to 2012-06-06 )))))))))))))))))))))))))))))))
.
.
2012-06-04 19:46 . 2012-06-05 23:53 -------- d-----w- c:\windows\system32\drivers\AVG
2012-05-31 06:41 . 2012-05-31 06:43 -------- d-----w- c:\windows\system32\NtmsData
2012-05-31 05:21 . 2012-05-31 05:21 -------- d-----w- c:\documents and settings\Justin\Application Data\Windows Search
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-05 02:41 . 2012-04-14 01:22 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-05 02:41 . 2012-03-22 01:57 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-18 01:09 . 2012-04-18 01:09 664 ----a-w- c:\documents and settings\NetworkService\Local Settings\Application Data\d3d9caps.tmp
.

Fudd0828, Jun 5, 2012

#50
Broni Malware Annihilator Posts: 39,254 +175

This is only partial log.

Broni, Jun 5, 2012

#51
Fudd0828 Newcomer, in training Posts: 49

((((((((((((((((((((((((((((( SnapShot@2012-06-04_20.22.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-19 05:51 . 2011-04-19 05:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
+ 2012-06-06 00:59 . 2012-06-06 00:59 16384 c:\windows\temp\Perflib_Perfdata_55c.dat
+ 2003-07-16 16:35 . 2012-06-06 00:08 79598 c:\windows\system32\perfc009.dat
+ 2012-06-05 03:23 . 2012-04-04 22:56 22344 c:\windows\system32\drivers\mbam.sys
+ 2009-10-22 02:52 . 2012-06-06 01:59 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-10-22 02:52 . 2012-03-18 21:00 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-22 02:52 . 2012-06-06 01:59 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-10-22 02:52 . 2012-03-18 21:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-10-22 02:52 . 2012-03-18 21:00 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-06-06 01:59 . 2012-06-06 01:59 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-12-25 10:49 . 2011-12-25 10:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2011-12-25 18:07 . 2011-12-25 18:07 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-12-25 06:49 . 2011-12-25 06:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-09-23 10:17 . 2010-09-23 10:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-12-25 06:49 . 2011-12-25 06:49 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2009-10-28 19:28 . 2012-06-06 00:21 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-10-27 21:08 . 2011-06-18 21:35 27136 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 27136 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-10-27 21:08 . 2011-06-18 21:35 11264 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 11264 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 12288 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-10-27 21:08 . 2011-06-18 21:35 12288 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2010-06-04 10:00 . 2011-06-18 21:36 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-04 10:00 . 2012-06-05 23:51 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-06-06 00:03 . 2012-06-06 00:03 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_8a40a75d\System.Drawing.Design.dll
+ 2012-06-06 00:03 . 2012-06-06 00:03 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_1054280d\CustomMarshalers.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\eb6fa156a42fd4d0c2ab54dfbba71381\System.Web.DynamicData.Design.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll
+ 2012-06-06 00:13 . 2012-06-06 00:13 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe
+ 2012-06-06 00:12 . 2012-06-06 00:12 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 30720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fa1766ce6fbf927624e4b2118140e884\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 45568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f40ddb31c797a5bcdcd8e3a0ee1f5834\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 31232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e01ee94632466f2458839fa0438676fd\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df0f9e62becd146283a17f02f97f4eb2\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dbdaadc3841c1e6f1ef927641d17ecea\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d5f43986e65475542869fbb89ea738d8\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c8fc74b6f19de1a403f0e557a11aa9ca\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b93f4e506eb8fd23b30ad954956ec8e8\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ad75781c24b0a9d72323d5ff7541e3a3\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ab4fbe080b6d4fe6f60d67bc80f9fa58\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 37376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a581b0284d6d2eb7c3e2853536501fb5\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a45e69ac59aae3b5db27ada6e6137a93\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a2bb2449699f12ceb3eaff60a5a0632d\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 33792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a175af016ffbbccc0b40e089c93b58e6\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 20992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9f3da386685843dddd4721bf97cc6675\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\996102da0d0648bd241a5a34462b084b\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\944a3bd4b7a67800bc98e7bddabe564f\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 30720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8ba4046cb5d23c5f187155b029a367c9\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8b3773bab2754e9fab083aa80d023a2f\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\897c7d996ed460cc574bc6c0dd7ad1a0\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 35840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\880616b5ef5863f84e01549f29cd427b\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7c52546bfbb412405e46095cebb78b67\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\77115f9656f80d671e045d07a9b8c566\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6d8e998bc3b165478bc273e5d22c11a0\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6bb73bec93b8720b83db612d83ab99cb\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\67ce98c5416d529fa4c05144169aa944\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 35840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5dd5a115c77d9c106b01760d513690ec\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\56f25b74dd86b76dd0b9e108229d4d63\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\50268b03cd1937ffa057898eff0a93c7\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4cf1dd46bc0d2c4726e991a50d43558c\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 33280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4bbbb9a3828953a24f121d534599bb02\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4ba7953d5145ecd3bf647461c505e0ea\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\453cf19a8604071f8af839bd8ce90310\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\401ecfe05551684ed5648759a7c3eeb1\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\39d62a940ab52f9f561ab11625a388f3\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 31232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3728be15d08a1e2571b3a62f88d686fb\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\34e0c2a95caca2e3562d21e4184ef7f2\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3056b7bb6c5f44fd998e89d397f6fc79\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 32768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2a3a165fbe1a673fd6c6fb6b36678b26\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\176a7ec9b1a597c84476561a7400eaf0\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 31232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\151c402b6cb7333947ae0c4aabfd042f\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0eb4dca57d9f8effb0f314393b4fce63\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0a5d8c3e21d8683958868496373bb435\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\067ad0d806bc060fb846447a82f3e7d0\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe
+ 2012-06-06 00:19 . 2012-06-06 00:19 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-10-06 10:00 . 2010-10-06 10:00 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-06 00:02 . 2012-06-06 00:02 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-10-27 21:08 . 2011-06-18 21:35 4096 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 4096 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2012-06-06 00:07 . 2012-06-06 00:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-06-18 21:40 . 2011-06-18 21:40 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
+ 2012-04-06 06:13 . 2012-04-06 06:13 299080 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2003-07-16 16:35 . 2012-06-06 00:08 465838 c:\windows\system32\perfh009.dat
+ 2012-06-05 02:41 . 2012-06-05 02:41 351904 c:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
+ 2012-06-05 02:41 . 2012-06-05 02:41 424096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.dll
+ 2012-04-14 01:22 . 2012-06-05 02:41 257696 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-04-06 06:52 . 2012-04-06 06:52 131168 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2011-12-25 10:49 . 2011-12-25 10:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 989968 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2011-12-25 05:53 . 2011-12-25 05:53 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-09-23 09:25 . 2010-09-23 09:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-12-25 06:49 . 2011-12-25 06:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-12-22 23:50 . 2011-12-22 23:50 256000 c:\windows\Installer\35692.msp
+ 2012-06-06 00:10 . 2012-06-06 00:10 223744 c:\windows\Installer\35679.msi
+ 2011-12-25 12:40 . 2011-12-25 12:40 819200 c:\windows\Installer\35631.msp

Fudd0828, Jun 5, 2012

#52
Fudd0828 Newcomer, in training Posts: 49

- 2009-10-28 19:28 . 2011-06-21 01:15 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 794624 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-10-27 21:08 . 2011-06-18 21:35 794624 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 135168 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-10-27 21:08 . 2011-06-18 21:35 135168 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2012-06-06 00:06 . 2012-06-06 00:06 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7657c434\System.Drawing.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b41f465c\System.Drawing.Design.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_e5f3a161\CustomMarshalers.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe
+ 2012-06-06 00:16 . 2012-06-06 00:16 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\abc560ee41afeada750e6aa7afc534bb\WindowsFormsIntegration.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll
+ 2012-06-06 01:27 . 2012-06-06 01:27 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\504140c434a3a9ea1f5bf58a6e28af2b\System.Web.Routing.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\47f6d0737e0ed0540854243fa0481149\System.Web.Extensions.Design.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\d7ecdccf5ef761e19845370d94a82c29\System.Web.Entity.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\dc8a4dc6d7c6b5aae7592f10bf91a8c6\System.Web.Entity.Design.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ba570e80e06bb6fd24f9c33baf0e97cb\System.Web.DynamicData.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\92abde1a4b72a1d74056d3561cb7c546\System.Web.Abstractions.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\dff877744c0f7f8752eb356f27edfa59\System.ServiceProcess.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 181248 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\d36a7ee14f4e47a6ee9d85c5eddf4e89\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 221184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\ae6019337a83663300892f7387bb0fd8\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 169472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\a0731c0bc28020107b46a4691fd1be39\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 154624 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\6e33be3870327dcc6385c3bd2696943b\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 188928 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\672845c4cf9c1d7a3a8f292e9c0528e6\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 160256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\565bc89beb2fb404b1612721a9d56d3a\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 154112 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\55d12fa95a95610f7531f29cc3484cb1\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 177664 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\448bf5da7a40273ef40f4b7f6d8598c3\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 169984 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\34ab373a885bead89a21b33f247f5039\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 172544 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\33216de815244ebbfd69fee0b74642e3\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\06b44f53140c48f24ba5045155e59a04\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:18 . 2012-06-06 00:18 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cd9c60a35d4958e94d2e3dd2f778e2e9\System.IdentityModel.Selectors.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll
+ 2012-06-06 00:15 . 2012-06-06 00:15 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\21c7b80233c24b9726c04b23083e3087\System.Drawing.Design.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ca484772955bc4db03b5dcb611c09423\System.DirectoryServices.Protocols.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ba5e68dddfd3279a8469d39eded48f3\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a0109fce606a3110a5e7f9a4773f517e\System.Data.Services.Design.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3a68d0441f509ffa6f8f0fb9cfcc5780\System.Data.Services.Client.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04440b3dd5d822da4973a525ee04b05d\System.Data.Entity.Design.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\7bbb5d9e3b161b4d4b968e590442d3ae\System.Data.DataSetExtensions.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\bf7d6af03e1230ccad546a8659245ae9\System.Configuration.Install.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\931a2bece4668863db4f852401c828cf\System.AddIn.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6762f1ee780fa9c0b4ef66b285c64844\SMSvcHost.ni.exe
+ 2012-06-06 00:19 . 2012-06-06 00:19 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\660c4d6dd69ef22bc05587e1998cd135\SMDiagnostics.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\47ed5bc9f42ea0054ce9acfde5e640b8\ServiceModelReg.ni.exe
+ 2012-06-06 00:14 . 2012-06-06 00:14 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a4706b850df9a3483f2fc439b6abe616\PresentationFramework.Royale.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7416fe825e6e49a87fa8ff60c8971813\PresentationFramework.Classic.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\186c27fbd7b38b5551889274f6fa2ccd\PresentationFramework.Aero.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5a121969a115d11b6256eb960c145686\MSBuild.ni.exe
+ 2012-06-06 00:19 . 2012-06-06 00:19 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\97c613d3899b320a6765793bdf490272\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d4375675fc5879a48c22dc8d7c80e841\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\937d2550dddbd2e5995ec8f93083f357\Microsoft.PowerShell.Security.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\15b7846d6acc551a7afdf5cc3de7547b\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\115171c0145e7299825a569065923612\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\dec22fb7d6b8929a41380e5359741a07\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\1009b31c86a1b798fffa9e0127cec29c\Microsoft.Build.Utilities.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\21d88631ef629715d3eecdd08e62e0b8\Microsoft.Build.Engine.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a0f38c6478cca8297fb160291346c1c9\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bb26dd100d656605c576881a1a823667\CustomMarshalers.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\9869c02d18825fdd32e64135a3e7246b\ComSvcConfig.ni.exe
+ 2012-06-06 00:19 . 2012-06-06 00:19 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\cfc981788ef6ce161946ca948dad3522\AspNetMMCExt.ni.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-06 00:20 . 2012-06-06 00:20 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2009-10-22 04:14 . 2009-10-22 04:14 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-06-05 23:56 . 2012-06-05 23:56 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-10-22 04:13 . 2009-10-22 04:13 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-05 23:56 . 2012-06-05 23:56 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 350080 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5913360 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-12-25 18:07 . 2011-12-25 18:07 2064384 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2011-12-25 18:06 . 2011-12-25 18:06 1269760 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-12-25 18:06 . 2011-12-25 18:06 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-12-25 05:54 . 2011-12-25 05:54 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-12-25 05:53 . 2011-12-25 05:53 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-12-25 18:06 . 2011-12-25 18:06 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2012-04-05 05:38 . 2012-04-05 05:38 2831360 c:\windows\Installer\356da.msp
+ 2012-04-29 04:44 . 2012-04-29 04:44 9101824 c:\windows\Installer\356c9.msp
+ 2011-08-11 00:43 . 2011-08-11 00:43 3795968 c:\windows\Installer\356b8.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 4250112 c:\windows\Installer\3568b.msp
+ 2012-03-23 21:59 . 2012-03-23 21:59 7899648 c:\windows\Installer\35665.msp
+ 2012-04-29 04:44 . 2012-04-29 04:44 9586176 c:\windows\Installer\35655.msp
+ 2011-08-11 00:42 . 2011-08-11 00:42 7070208 c:\windows\Installer\35642.msp
+ 2011-12-26 16:59 . 2011-12-26 16:59 4368896 c:\windows\Installer\35612.msp
+ 2012-04-05 05:38 . 2012-04-05 05:38 3620864 c:\windows\Installer\35608.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 2247168 c:\windows\Installer\355f7.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 1169920 c:\windows\Installer\355e6.msp
+ 2012-03-20 05:02 . 2012-03-20 05:02 6695936 c:\windows\Installer\355c9.msp
+ 2012-03-15 09:24 . 2012-03-15 09:24 1795584 c:\windows\Installer\355bb.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 2531840 c:\windows\Installer\355aa.msp
+ 2012-04-27 22:09 . 2012-04-27 22:09 5521408 c:\windows\Installer\35599.msp
+ 2011-11-17 17:55 . 2011-11-17 17:55 5522944 c:\windows\Installer\3557d.msp
+ 2012-04-29 04:43 . 2012-04-29 04:43 8459264 c:\windows\Installer\3556f.msp
+ 2011-07-27 14:39 . 2011-07-27 14:39 9892352 c:\windows\Installer\3555e.msp
+ 2012-02-17 15:45 . 2012-02-17 15:45 2299392 c:\windows\Installer\3554d.msp
+ 2012-06-06 01:01 . 2012-06-06 01:01 2208768 c:\windows\Installer\24e3b.msi
- 2009-10-28 19:28 . 2011-06-21 01:15 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-04-04 02:21 . 2009-04-04 02:21 8543096 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\OARTCONV.DLL
+ 2009-04-03 05:44 . 2009-04-03 05:44 2532224 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\GRAPH.EXE
+ 2012-06-06 00:06 . 2012-06-06 00:06 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_77a5ddfc\System.dll
+ 2012-06-06 00:03 . 2012-06-06 00:03 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_37e934fe\System.dll
+ 2012-06-06 00:05 . 2012-06-06 00:05 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_8208565a\System.Xml.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_05065ff2\System.Xml.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_5e11f06c\System.Windows.Forms.dll
+ 2012-06-06 00:04 . 2012-06-06 00:04 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_4b1bb061\System.Windows.Forms.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_95df1bb4\System.Drawing.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_9ec0a488\System.Design.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_158ff7d9\System.Design.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b72f7900\mscorlib.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_20585136\mscorlib.dll
+ 2012-06-06 00:12 . 2012-06-06 00:12 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\41a81b97625c113b591ed082c95276e2\UIAutomationClientsideProviders.ni.dll
+ 2012-06-06 00:11 . 2012-06-06 00:11 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
+ 2012-06-06 01:27 . 2012-06-06 01:27 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\822f2304c46ad32739ae2927f213627f\System.WorkflowServices.ni.dll
+ 2012-06-06 01:26 . 2012-06-06 01:26 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5eccf6fef6bee8a2f93bc65ff33699bb\System.Workflow.Runtime.ni.dll
+ 2012-06-06 01:26 . 2012-06-06 01:26 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1878ea370cdc649a685e811219be42ec\System.Workflow.ComponentModel.ni.dll
+ 2012-06-06 01:26 . 2012-06-06 01:26 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\25ae5836e811c299670c47a27186d083\System.Workflow.Activities.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3e11aea7d742b5eddbd0b6bd1012f7df\System.Web.Services.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0916c7584cb912508bb6b67f529ac92b\System.Web.Mobile.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\68f1cf1c23e7eadb96645b0a79b892c9\System.Web.Extensions.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5efb50c91f3c5e49be2079f625d933b7\System.Speech.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\97d635f5c656ae43d94b55e67fc4ab50\System.ServiceModel.Web.ni.dll
+ 2012-06-06 00:18 . 2012-06-06 00:18 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\b4ba7d411af865e32e65855b45ceafb5\System.Printing.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 4950016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\c1b3a38c1e1528e22b8f5531d7b3700c\System.Management.Automation.ni.dll
+ 2012-06-06 00:18 . 2012-06-06 00:18 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e09496ddb2bf6f3b69707924f2e6b5ff\System.IdentityModel.ni.dll
+ 2012-06-06 00:15 . 2012-06-06 00:15 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7765146be2fa459c20856ff822f90d1e\System.Drawing.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b55887436d2cfbe1fb32dd18d554185b\System.DirectoryServices.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\012a3f10a4a04e27c6cf8a07726f1f6c\System.Deployment.ni.dll
+ 2012-06-06 00:15 . 2012-06-06 00:15 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\982b508698278c6ffb3d143bbe1e8bb8\System.Data.SqlXml.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de7666b1cd0a1bc363726c9553dc39c\System.Data.Services.ni.dll
+ 2012-06-06 00:15 . 2012-06-06 00:15 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\44a5fc9e7c71b1fe1e2c79b03ecc3bc7\System.Data.Linq.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\772c94f595cd87b7fa187d592ef46fcf\System.Data.Entity.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 2146304 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\63bfa6f83e026ba10e717180807f03cf\ReachFramework.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\efa4002ddfba6bd52845b512810938c1\PresentationUI.ni.dll
+ 2012-06-06 00:11 . 2012-06-06 00:11 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\8c509044eea2ab22689ea43926b30108\PresentationBuildTasks.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f650597531a91974514f58d36bdebaea\Microsoft.VisualBasic.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\42145ebf75f77cabad442f0801a81c64\Microsoft.Transactions.Bridge.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\cfe15312373b4668398404b5822bab7d\Microsoft.JScript.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\b055aa83b51064c970ce548b8a991651\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-06 00:20 . 2012-06-06 00:20 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\04c77ede2757e3b4a695a3b8cfb4f546\Microsoft.Build.Tasks.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5aa63a1cb41e3a5e1e8ed17072e60ec3\Microsoft.Build.Engine.ni.dll
+ 2012-06-05 23:56 . 2012-06-05 23:56 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2010-06-23 10:02 . 2010-06-23 10:02 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-06 00:02 . 2012-06-06 00:02 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-10-06 10:02 . 2010-10-06 10:02 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-05 23:56 . 2012-06-05 23:56 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-05 23:56 . 2012-06-05 23:56 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-06 00:02 . 2012-06-06 00:02 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2010-10-06 10:00 . 2010-10-06 10:00 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2012-06-06 00:02 . 2012-06-06 00:02 2064384 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-06 00:02 . 2012-06-06 00:02 1269760 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-22 03:33 . 2012-04-27 03:08 55656824 c:\windows\system32\MRT.exe
+ 2011-12-27 00:02 . 2011-12-27 00:02 12482048 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp
+ 2011-07-26 23:33 . 2011-07-26 23:33 10984448 c:\windows\Installer\356a7.msp
+ 2012-04-06 09:12 . 2012-04-06 09:12 15709696 c:\windows\Installer\35699.msp
+ 2012-01-04 09:25 . 2012-01-04 09:25 17751552 c:\windows\Installer\35672.msp
+ 2011-12-26 16:02 . 2011-12-26 16:02 19677184 c:\windows\Installer\3562b.msp
+ 2012-04-06 10:13 . 2012-04-06 10:13 16527872 c:\windows\Installer\355d5.msp
+ 2012-03-29 01:10 . 2012-03-29 01:10 12098048 c:\windows\Installer\3558b.msp
+ 2012-06-05 23:49 . 2012-06-05 23:49 20343808 c:\windows\Installer\3553e.msp
+ 2009-04-04 02:21 . 2009-04-04 02:21 16037736 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\OART.DLL
+ 2012-06-06 00:16 . 2012-06-06 00:16 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\32b169d0703541a18c987bd2dbf9fbd9\System.Windows.Forms.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\408a14028cdc4c24dfb8f241da428142\System.Web.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll
+ 2012-06-06 00:15 . 2012-06-06 00:15 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7dc928136c57efafae0845b7e8a83f45\System.Design.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b44d2b225cf6b7861e85b2e915db1f93\PresentationFramework.ni.dll
+ 2012-06-06 00:13 . 2012-06-06 00:13 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f4f33d28527d761c7483d6960862684\PresentationCore.ni.dll
+ 2012-06-06 00:10 . 2012-06-06 00:10 11492352 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
.
-- Snapshot reset to current date --

Fudd0828, Jun 5, 2012

#53
Fudd0828 Newcomer, in training Posts: 49

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-06-06 01:59 1869152 ----a-w- c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-06-06 1869152]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-09 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 282624]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"\\GDC2.gdc.local\EPSON Stylus C86 Series/ERICPA"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I2R1.EXE" [2003-11-25 99840]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-06 982880]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\documents and settings\warranty\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2009-12-23 2330624]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-06-10 00:16 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-1580\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-1771\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-4178\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-4410\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-5715\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-5800\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-5929\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [10/7/2011 7:23 AM 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7/11/2011 2:14 AM 295248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 7:09 AM 192776]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [10/9/2007 2:13 PM 38144]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6/4/2012 8:23 PM 654408]
R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [6/5/2012 6:59 PM 918880]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [7/11/2011 2:14 AM 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [7/11/2011 2:14 AM 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/4/2011 7:21 AM 16720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/4/2012 8:23 PM 22344]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [10/12/2011 7:25 AM 4433248]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 10:31 AM 135664]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [1/25/2011 5:58 PM 374152]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/13/2012 6:22 PM 257696]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 10:31 AM 135664]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [7/31/2009 4:12 PM 341504]
S4 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [7/11/2011 2:14 AM 23120]
S4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/13/2011 7:30 AM 32592]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - VTOOLBARUPDATER10.2.0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
NETSVCS REQUIRES REPAIRS - current entries shown
6to4
AppMgmt
AudioSrv
Browser
CryptSvc
DMServer
DHCP
ERSvc
EventSystem
FastUserSwitchingCompatibility
HidServ
Ias
Iprip
Irmon
LanmanServer
LanmanWorkstation
Messenger
Netman
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
se27unic
dlaifs_m
SGHIDI
mcrdsvc
usb_rndisx
msmframework
RivaTuner32
L1e
LMouFilt
bthenum
se44mdm
LVPrcMon
dnserver32
acs
wmp54gsvc
iaimfp2
nimcrpcsu
dxdebug
dvd_2K
dlaudfam
cicssfs.scmmc223
vpcvmm
digictrl
nic1394
cdmservice
truecrypt
CTEXFIFX.DLL
Alpham2
iolodmv
NETw4v32
wg5n
CTDevice_Srv
igateway
aliadwdm
HssDrv
nsengine
pinnaclesys.mediaserver
fetnd5bv
vpcbus
obvious
SaiH040B
Nsynas32
TPM
pageserver
dtsagntsvc
issvc
ctsfm2k
symproxysvc
ha20x2k
Ndismeetro
fcprintservice
ec2007service
s3savagenb
AcronisOSSReinstallSvc
ZuneBusEnum
superproserver
rsvchost
DCFS2K
omniserv
SABProcEnum
servidor
tbaspi
USBModem
DivisCTP
wap3gx
Dell1100_FUService
tcpip6
thkeys
SecureStorageService
remotelyanywhere
umwdf
maya70docserver
DMICall
naimagent32
btnetfilter
automate6
SE2Bbus
hap17v2k
starwindservice
Usb20Scan
raysatxsi5_0server
szserver
nhcDriverDevice
netmnt
tga
SE2Bmdm
digisptiservice
symidsco
PcdrNt
SNP2UVC
AFGMp50
CTEDSPSY.DLL
lxcccustomerconnect
stacsv
pcampr5
ROB_V
VX1000
crystaloutputfileserver
acermemusagecheckservice
NTIDrvr
hmonitor
EMCFILT
eloggersvc6
vstor2-ws60
aexnsclienttransport
db2
FET5X86V
symantecantibotagent
x10nets
adpu320
dntus26
ccpwdsvc
EPOWER
SaiU040B
netsvc
Sk99202k
vvoice
MSCamSvc
iirsp
grmnusb
tosrfnds
s3psddr
rca
sprtsvc_ddoctorv2
s3twistr
kodakccs
NMSAccessU
AGV
dklogger
elaunidr
retrowdsvc
mssql$microsoftbcm
CdaD10BA
nsm1serd
mdvrmng
mfeavfk
HSFHWICH
addfiltr
tabletservice
pepifilter
z800mdfl
OEM02Dev
erecoveryservice
LMS
Remoteaccess
Schedule
Seclogon
SENS
Sharedaccess
SRService
Tapisrv
Themes
TrkWks
W32Time
WZCSVC
Wmi
WmdmPmSp
winmgmt
TermService
wuauserv
BITS
ShellHWDetection
helpsvc
xmlprov
wscsvc
WmdmPmSN
napagent
hkmsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 02:41]
.
2012-03-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 20:34]
.
2012-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 17:31]
.
2012-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 17:31]
.
2012-06-06 c:\windows\Tasks\User_Feed_Synchronization-{8A3459F9-14E8-4158-ACAA-18BF359ED386}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 12:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-05 20:17
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Completion time: 2012-06-05 20:18:29
ComboFix-quarantined-files.txt 2012-06-06 03:18
ComboFix2.txt 2012-06-04 20:29
.
Pre-Run: 227,691,933,696 bytes free
Post-Run: 227,876,524,032 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 28B1FB91B646C5FB06D2B3999CDC9F78

Fudd0828, Jun 5, 2012

#54
Broni Malware Annihilator Posts: 39,254 +175
Looks good

How is computer doing?

You can reinstall AVG now.

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

Click the Scan All Users checkbox.

Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\tasks\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /I " " /c
dir /b "%systemroot%\*.exe" | find /I " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
Broni, Jun 5, 2012

#55
Fudd0828 Newcomer, in training Posts: 49

OTL logfile created on: 6/5/2012 8:55:58 PM - Run 2
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Documents and Settings\Justin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.12 Gb Available Physical Memory | 70.71% Memory free
4.84 Gb Paging File | 4.03 Gb Available in Paging File | 83.31% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.82 Gb Total Space | 212.28 Gb Free Space | 91.18% Space Free | Partition Type: NTFS

Computer Name: DESKTOP | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/05 18:59:26 | 000,918,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012/06/05 18:59:23 | 000,982,880 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/06/04 13:50:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Justin\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/11/28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/08 21:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 07:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/02/18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/12/23 12:45:16 | 002,330,624 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/27 14:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe

========== Modules (No Company Name) ==========

MOD - [2012/06/05 18:59:26 | 000,918,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
MOD - [2012/06/05 18:59:23 | 001,869,152 | ---- | M] () -- C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
MOD - [2012/06/05 18:59:23 | 000,982,880 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/12/23 12:45:16 | 002,330,624 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
MOD - [2009/12/23 11:56:34 | 000,053,248 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WlanDll.dll
MOD - [2009/07/14 18:31:30 | 000,335,872 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.dll
MOD - [2007/12/15 02:30:54 | 001,167,360 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\acAuth.dll
MOD - [2007/09/14 11:27:14 | 000,024,576 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\CheckSessions.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LHidUsbK.dll -- (ZuneBusEnum)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VMAUDIO.dll -- (z800mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\l8042pr2.dll -- (x10nets)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emproxy.dll -- (wmp54gsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xusb21.dll -- (wg5n)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmpnetworksvc.dll -- (wap3gx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpqalert.dll -- (VX1000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vmnetuserif.dll -- (vvoice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RDID1027.dll -- (vstor2-ws60)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w300mdfl.dll -- (vpcvmm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iaimtv3.dll -- (vpcbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\starwindserviceae.dll -- (USBModem)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\yukonwxp.dll -- (Usb20Scan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ET5Drv.dll -- (usb_rndisx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PID_08A0.dll -- (umwdf)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ctaud2k.dll -- (truecrypt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smservaz.dll -- (TPM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MRV6X32P.dll -- (tosrfnds)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aclient.dll -- (thkeys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UMAXPCLS.dll -- (tga)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mssql$microsoftbcm.dll -- (tcpip6)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\OEM02Dev.dll -- (tbaspi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SerTVOutCtlr.dll -- (tabletservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ATNT40K.dll -- (szserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sympxsvc.dll -- (symproxysvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LVRS.dll -- (symidsco)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SNPSTD3.dll -- (symantecantibotagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassP.dll -- (superproserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQTECH9080.dll -- (starwindservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dobex.dll -- (stacsv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ss_bus.dll -- (sprtsvc_ddoctorv2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bthidmgr.dll -- (SNP2UVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FiltUSBEMPIA.dll -- (Sk99202k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hpzius12.dll -- (SGHIDI)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\update.dll -- (servidor)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Sk9920nt.dll -- (SecureStorageService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dbus.dll -- (se44mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omniusb.dll -- (SE2Bmdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MTC0001_ESB.dll -- (SE2Bbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\venturi2.dll -- (se27unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emu10k.dll -- (SaiU040B)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Shockprf.dll -- (SaiH040B)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aic78u2.dll -- (SABProcEnum)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\gotomypc.dll -- (s3twistr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\i2omp.dll -- (s3savagenb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ibmcicstransactiongateway.dll -- (s3psddr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avg7alrt.dll -- (rsvchost)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Slpsvdr.dll -- (ROB_V)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pctfw1.dll -- (RivaTuner32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\awecho.dll -- (remotelyanywhere)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SiS300i.dll -- (rca)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleformsserver-forms60server-oraform.dll -- (raysatxsi5_0server)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vulfntrs.dll -- (pinnaclesys.mediaserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxbx_device.dll -- (pepifilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PSSdk23.dll -- (PcdrNt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DcLps.dll -- (pcampr5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EU3_USB.dll -- (pageserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SaiNtHid.dll -- (omniserv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w810mdfl.dll -- (OEM02Dev)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlbu_device.dll -- (obvious)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Uim_IM.dll -- (NTIDrvr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MMRTKRNL.dll -- (Nsynas32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmpnetworksvc.dll -- (nsm1serd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mouhid.dll -- (nsengine)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\amdk8.dll -- (NMSAccessU)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirmultiplexor.dll -- (nimcrpcsu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\purendis.dll -- (nic1394)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\p17xfilt.dll -- (nhcDriverDevice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PGPwded.dll -- (NETw4v32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ddxgb.dll -- (netsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MagicTune.dll -- (netmnt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NAL.dll -- (Ndismeetro)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avp.dll -- (naimagent32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FireTDI.dll -- (mssql$microsoftbcm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Sunkfiltp.dll -- (msmframework)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slssvc.dll -- (MSCamSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RR2IOMod.dll -- (mfeavfk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DfwWebAgent.dll -- (mdvrmng)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ikhfile.dll -- (mcrdsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlluc48b.dll -- (maya70docserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\prepdrvr.dll -- (lxcccustomerconnect)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\idebusdr.dll -- (LVPrcMon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lvsrvlauncher.dll -- (LMS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rrrspy.dll -- (LMouFilt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\imap4d32.dll -- (L1e)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nuvvid2.dll -- (kodakccs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rrspy.dll -- (issvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vsserv.dll -- (iolodmv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tsmapip.dll -- (iirsp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\OVT511Plus.dll -- (igateway)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wacomkey.dll -- (iaimfp2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\regservice.dll -- (HssDrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pccsmcfd.dll -- (HSFHWICH)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTAudSvcService.dll -- (hmonitor)
SRV - File not found [Auto | Stopped] -- %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll -- (helpsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\agnfilt.dll -- (hap17v2k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcnfltr.dll -- (ha20x2k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE27mdfl.dll -- (grmnusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cobbmservice.dll -- (fetnd5bv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\riomsc.dll -- (FET5X86V)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdr4_2k.dll -- (fcprintservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SWNC8U20.dll -- (erecoveryservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\outpostfirewall.dll -- (EPOWER)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdrframe.dll -- (EMCFILT)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZDCNDIS5.dll -- (eloggersvc6)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vet-filt.dll -- (elaunidr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfrem01.dll -- (ec2007service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dmprimer.dll -- (dxdebug)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\6to4.dll -- (dvd_2K)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\StillCam.dll -- (dtsagntsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EL90X.dll -- (dntus26)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\thotkey.dll -- (dnserver32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcidump.dll -- (DMICall)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\outpostfirewall.dll -- (dlaifs_m)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tme3srv.dll -- (dklogger)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symantecantibotshim.dll -- (DivisCTP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wg5n.dll -- (digisptiservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\websensecommunicationagent.dll -- (digictrl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\curtainssyssvc.dll -- (Dell1100_FUService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\clsched.dll -- (DCFS2K)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\spcstb.dll -- (db2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avidstartup.dll -- (ctsfm2k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s125obex.dll -- (CTEXFIFX.DLL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UpdateCenterService.dll -- (CTEDSPSY.DLL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RR2Mjpeg.dll -- (CTDevice_Srv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnshay.dll -- (crystaloutputfileserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lvupdtio.dll -- (cicssfs.scmmc223)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome90agent.dll -- (cdmservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HSFHWALI.dll -- (CdaD10BA)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trufos.dll -- (ccpwdsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w300bus.dll -- (btnetfilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\papycpu2.dll -- (bthenum)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlcc_device.dll -- (automate6)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\3combootp.dll -- (Alpham2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZuneBusEnum.dll -- (aliadwdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\L8042mou.dll -- (AGV)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HssSrv.dll -- (AFGMp50)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\W8100PCI.dll -- (aexnsclienttransport)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\awservice.dll -- (adpu320)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dbmang.dll -- (addfiltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pinnacleupdatesvc.dll -- (acs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracle_load_balancer_60_server-forms6i.dll -- (AcronisOSSReinstallSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MREMP50.dll -- (acermemusagecheckservice)
SRV - [2012/06/05 18:59:26 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012/06/04 19:41:11 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/27 14:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2008/07/29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/04/13 17:12:35 | 000,089,600 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/13 17:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 17:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 17:12:25 | 000,032,768 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/13 17:12:04 | 000,059,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/04/13 17:11:59 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 17:11:57 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 17:11:49 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2001/08/17 22:36:10 | 000,009,728 | ---- | M] (Brother Industries, Ltd.) [Auto | Stopped] -- C:\WINDOWS\system32\brserif.dll -- (dlaudfam)

Fudd0828, Jun 6, 2012

#56
Fudd0828 Newcomer, in training Posts: 49

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\Justin\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/07 07:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 07:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 07:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 07:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 02:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 02:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/07/11 02:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/06/09 17:16:41 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/07/31 16:12:18 | 000,341,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/07/09 18:31:58 | 000,068,826 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2008/04/13 12:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 11:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 11:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 11:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2007/06/06 12:51:04 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/07/27 14:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2003/07/16 09:19:14 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2003/07/16 09:17:50 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=1
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 AF 89 2C D1 52 CA 01 [binary data]
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&sourceid=ie7&rlz=1I7ADRA_enUS353
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={...b4ed79d189a&lang=en&ds=AVG&pr=fr&d=2012-06-04 12:47:50&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/06/04 12:46:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\ [2012/06/05 18:59:32 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2012/06/05 20:16:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [\\GDC2.gdc.local\EPSON Stylus C86 Series/ERICPA] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2R1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1256181309562 (WUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D105FAA-3EF2-43AA-8AC1-1C71D603FC0B}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2FDB885-C33B-45A8-BEF8-BC07CD686C36}: DhcpNameServer = 192.168.1.1 68.238.64.12
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/21 19:49:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: se27unic - %systemroot%\system32\venturi2.dll File not found
NetSvcs: dlaifs_m - %systemroot%\system32\outpostfirewall.dll File not found
NetSvcs: SGHIDI - %systemroot%\system32\hpzius12.dll File not found
NetSvcs: mcrdsvc - %systemroot%\system32\ikhfile.dll File not found
NetSvcs: usb_rndisx - %systemroot%\system32\ET5Drv.dll File not found
NetSvcs: msmframework - %systemroot%\system32\Sunkfiltp.dll File not found
NetSvcs: RivaTuner32 - %systemroot%\system32\pctfw1.dll File not found
NetSvcs: L1e - %systemroot%\system32\imap4d32.dll File not found
NetSvcs: LMouFilt - %systemroot%\system32\rrrspy.dll File not found
NetSvcs: bthenum - %systemroot%\system32\papycpu2.dll File not found
NetSvcs: se44mdm - %systemroot%\system32\SE2Dbus.dll File not found
NetSvcs: LVPrcMon - %systemroot%\system32\idebusdr.dll File not found
NetSvcs: dnserver32 - %systemroot%\system32\thotkey.dll File not found
NetSvcs: acs - %systemroot%\system32\pinnacleupdatesvc.dll File not found
NetSvcs: wmp54gsvc - %systemroot%\system32\emproxy.dll File not found
NetSvcs: iaimfp2 - %systemroot%\system32\wacomkey.dll File not found
NetSvcs: nimcrpcsu - %systemroot%\system32\rnadirmultiplexor.dll File not found
NetSvcs: dxdebug - %systemroot%\system32\dmprimer.dll File not found
NetSvcs: dvd_2K - %systemroot%\system32\6to4.dll File not found
NetSvcs: dlaudfam - C:\WINDOWS\system32\brserif.dll (Brother Industries, Ltd.)
NetSvcs: cicssfs.scmmc223 - %systemroot%\system32\lvupdtio.dll File not found
NetSvcs: vpcvmm - %systemroot%\system32\w300mdfl.dll File not found
NetSvcs: digictrl - %systemroot%\system32\websensecommunicationagent.dll File not found
NetSvcs: nic1394 - %systemroot%\system32\purendis.dll File not found
NetSvcs: cdmservice - %systemroot%\system32\oracleorahome90agent.dll File not found
NetSvcs: truecrypt - %systemroot%\system32\ctaud2k.dll File not found
NetSvcs: CTEXFIFX.DLL - %systemroot%\system32\s125obex.dll File not found
NetSvcs: Alpham2 - %systemroot%\system32\3combootp.dll File not found
NetSvcs: iolodmv - %systemroot%\system32\vsserv.dll File not found
NetSvcs: NETw4v32 - %systemroot%\system32\PGPwded.dll File not found
NetSvcs: wg5n - %systemroot%\system32\xusb21.dll File not found
NetSvcs: CTDevice_Srv - %systemroot%\system32\RR2Mjpeg.dll File not found
NetSvcs: igateway - %systemroot%\system32\OVT511Plus.dll File not found
NetSvcs: aliadwdm - %systemroot%\system32\ZuneBusEnum.dll File not found
NetSvcs: HssDrv - %systemroot%\system32\regservice.dll File not found
NetSvcs: nsengine - %systemroot%\system32\mouhid.dll File not found
NetSvcs: pinnaclesys.mediaserver - %systemroot%\system32\vulfntrs.dll File not found
NetSvcs: fetnd5bv - %systemroot%\system32\cobbmservice.dll File not found
NetSvcs: vpcbus - %systemroot%\system32\iaimtv3.dll File not found
NetSvcs: obvious - %systemroot%\system32\dlbu_device.dll File not found
NetSvcs: SaiH040B - %systemroot%\system32\Shockprf.dll File not found
NetSvcs: Nsynas32 - %systemroot%\system32\MMRTKRNL.dll File not found
NetSvcs: TPM - %systemroot%\system32\smservaz.dll File not found
NetSvcs: pageserver - %systemroot%\system32\EU3_USB.dll File not found
NetSvcs: dtsagntsvc - %systemroot%\system32\StillCam.dll File not found
NetSvcs: issvc - %systemroot%\system32\rrspy.dll File not found
NetSvcs: ctsfm2k - %systemroot%\system32\avidstartup.dll File not found
NetSvcs: symproxysvc - %systemroot%\system32\sympxsvc.dll File not found
NetSvcs: ha20x2k - %systemroot%\system32\vpcnfltr.dll File not found
NetSvcs: Ndismeetro - %systemroot%\system32\NAL.dll File not found
NetSvcs: fcprintservice - %systemroot%\system32\cdr4_2k.dll File not found
NetSvcs: ec2007service - %systemroot%\system32\sfrem01.dll File not found
NetSvcs: s3savagenb - %systemroot%\system32\i2omp.dll File not found
NetSvcs: AcronisOSSReinstallSvc - %systemroot%\system32\oracle_load_balancer_60_server-forms6i.dll File not found
NetSvcs: ZuneBusEnum - %systemroot%\system32\LHidUsbK.dll File not found
NetSvcs: superproserver - %systemroot%\system32\iPassP.dll File not found
NetSvcs: rsvchost - %systemroot%\system32\avg7alrt.dll File not found
NetSvcs: DCFS2K - %systemroot%\system32\clsched.dll File not found
NetSvcs: omniserv - %systemroot%\system32\SaiNtHid.dll File not found
NetSvcs: SABProcEnum - %systemroot%\system32\aic78u2.dll File not found
NetSvcs: servidor - %systemroot%\system32\update.dll File not found
NetSvcs: tbaspi - %systemroot%\system32\OEM02Dev.dll File not found
NetSvcs: USBModem - %systemroot%\system32\starwindserviceae.dll File not found
NetSvcs: DivisCTP - %systemroot%\system32\symantecantibotshim.dll File not found
NetSvcs: wap3gx - %systemroot%\system32\wmpnetworksvc.dll File not found
NetSvcs: Dell1100_FUService - %systemroot%\system32\curtainssyssvc.dll File not found
NetSvcs: tcpip6 - %systemroot%\system32\mssql$microsoftbcm.dll File not found
NetSvcs: thkeys - %systemroot%\system32\aclient.dll File not found
NetSvcs: SecureStorageService - %systemroot%\system32\Sk9920nt.dll File not found
NetSvcs: remotelyanywhere - %systemroot%\system32\awecho.dll File not found
NetSvcs: umwdf - %systemroot%\system32\PID_08A0.dll File not found
NetSvcs: maya70docserver - %systemroot%\system32\wlluc48b.dll File not found
NetSvcs: DMICall - %systemroot%\system32\pcidump.dll File not found
NetSvcs: naimagent32 - %systemroot%\system32\avp.dll File not found
NetSvcs: btnetfilter - %systemroot%\system32\w300bus.dll File not found
NetSvcs: automate6 - %systemroot%\system32\dlcc_device.dll File not found
NetSvcs: SE2Bbus - %systemroot%\system32\MTC0001_ESB.dll File not found
NetSvcs: hap17v2k - %systemroot%\system32\agnfilt.dll File not found
NetSvcs: starwindservice - %systemroot%\system32\SQTECH9080.dll File not found
NetSvcs: Usb20Scan - %systemroot%\system32\yukonwxp.dll File not found
NetSvcs: raysatxsi5_0server - %systemroot%\system32\oracleformsserver-forms60server-oraform.dll File not found
NetSvcs: szserver - %systemroot%\system32\ATNT40K.dll File not found
NetSvcs: nhcDriverDevice - %systemroot%\system32\p17xfilt.dll File not found
NetSvcs: netmnt - %systemroot%\system32\MagicTune.dll File not found
NetSvcs: tga - %systemroot%\system32\UMAXPCLS.dll File not found
NetSvcs: SE2Bmdm - %systemroot%\system32\omniusb.dll File not found
NetSvcs: digisptiservice - %systemroot%\system32\wg5n.dll File not found
NetSvcs: symidsco - %systemroot%\system32\LVRS.dll File not found
NetSvcs: PcdrNt - %systemroot%\system32\PSSdk23.dll File not found
NetSvcs: SNP2UVC - %systemroot%\system32\bthidmgr.dll File not found
NetSvcs: AFGMp50 - %systemroot%\system32\HssSrv.dll File not found
NetSvcs: CTEDSPSY.DLL - %systemroot%\system32\UpdateCenterService.dll File not found
NetSvcs: lxcccustomerconnect - %systemroot%\system32\prepdrvr.dll File not found
NetSvcs: stacsv - %systemroot%\system32\SE2Dobex.dll File not found
NetSvcs: pcampr5 - %systemroot%\system32\DcLps.dll File not found
NetSvcs: ROB_V - %systemroot%\system32\Slpsvdr.dll File not found
NetSvcs: VX1000 - %systemroot%\system32\cpqalert.dll File not found
NetSvcs: crystaloutputfileserver - %systemroot%\system32\pdlnshay.dll File not found
NetSvcs: acermemusagecheckservice - %systemroot%\system32\MREMP50.dll File not found
NetSvcs: NTIDrvr - %systemroot%\system32\Uim_IM.dll File not found
NetSvcs: hmonitor - %systemroot%\system32\CTAudSvcService.dll File not found
NetSvcs: EMCFILT - %systemroot%\system32\pdrframe.dll File not found
NetSvcs: eloggersvc6 - %systemroot%\system32\ZDCNDIS5.dll File not found
NetSvcs: vstor2-ws60 - %systemroot%\system32\RDID1027.dll File not found
NetSvcs: aexnsclienttransport - %systemroot%\system32\W8100PCI.dll File not found
NetSvcs: db2 - %systemroot%\system32\spcstb.dll File not found
NetSvcs: FET5X86V - %systemroot%\system32\riomsc.dll File not found
NetSvcs: symantecantibotagent - %systemroot%\system32\SNPSTD3.dll File not found
NetSvcs: x10nets - %systemroot%\system32\l8042pr2.dll File not found
NetSvcs: adpu320 - %systemroot%\system32\awservice.dll File not found
NetSvcs: dntus26 - %systemroot%\system32\EL90X.dll File not found
NetSvcs: ccpwdsvc - %systemroot%\system32\trufos.dll File not found
NetSvcs: EPOWER - %systemroot%\system32\outpostfirewall.dll File not found
NetSvcs: SaiU040B - %systemroot%\system32\emu10k.dll File not found
NetSvcs: netsvc - %systemroot%\system32\ddxgb.dll File not found
NetSvcs: Sk99202k - %systemroot%\system32\FiltUSBEMPIA.dll File not found
NetSvcs: vvoice - %systemroot%\system32\vmnetuserif.dll File not found
NetSvcs: MSCamSvc - %systemroot%\system32\slssvc.dll File not found
NetSvcs: iirsp - %systemroot%\system32\tsmapip.dll File not found
NetSvcs: grmnusb - %systemroot%\system32\SE27mdfl.dll File not found
NetSvcs: tosrfnds - %systemroot%\system32\MRV6X32P.dll File not found
NetSvcs: s3psddr - %systemroot%\system32\ibmcicstransactiongateway.dll File not found
NetSvcs: rca - %systemroot%\system32\SiS300i.dll File not found
NetSvcs: sprtsvc_ddoctorv2 - %systemroot%\system32\ss_bus.dll File not found
NetSvcs: s3twistr - %systemroot%\system32\gotomypc.dll File not found
NetSvcs: kodakccs - %systemroot%\system32\nuvvid2.dll File not found
NetSvcs: NMSAccessU - %systemroot%\system32\amdk8.dll File not found
NetSvcs: AGV - %systemroot%\system32\L8042mou.dll File not found
NetSvcs: dklogger - %systemroot%\system32\tme3srv.dll File not found
NetSvcs: elaunidr - %systemroot%\system32\vet-filt.dll File not found
NetSvcs: retrowdsvc - File not found
NetSvcs: mssql$microsoftbcm - %systemroot%\system32\FireTDI.dll File not found
NetSvcs: CdaD10BA - %systemroot%\system32\HSFHWALI.dll File not found
NetSvcs: nsm1serd - %systemroot%\system32\wmpnetworksvc.dll File not found
NetSvcs: mdvrmng - %systemroot%\system32\DfwWebAgent.dll File not found
NetSvcs: mfeavfk - %systemroot%\system32\RR2IOMod.dll File not found
NetSvcs: HSFHWICH - %systemroot%\system32\pccsmcfd.dll File not found
NetSvcs: addfiltr - %systemroot%\system32\dbmang.dll File not found
NetSvcs: tabletservice - %systemroot%\system32\SerTVOutCtlr.dll File not found
NetSvcs: pepifilter - %systemroot%\system32\lxbx_device.dll File not found
NetSvcs: z800mdfl - %systemroot%\system32\VMAUDIO.dll File not found
NetSvcs: OEM02Dev - %systemroot%\system32\w810mdfl.dll File not found
NetSvcs: erecoveryservice - %systemroot%\system32\SWNC8U20.dll File not found
NetSvcs: LMS - %systemroot%\system32\lvsrvlauncher.dll File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll File not found

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.JDCT - C:\WINDOWS\System32\jl_jdct.drv (JEILIN Tech.)

Fudd0828, Jun 6, 2012

#57
Fudd0828 Newcomer, in training Posts: 49

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/06/05 20:07:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/06/05 20:03:14 | 004,537,562 | R--- | C] (Swearware) -- C:\Documents and Settings\Justin\Desktop\ComboFix.exe
[2012/06/05 17:01:35 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Justin\Desktop\aswMBR.exe
[2012/06/05 16:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Desktop\bootkit_remover
[2012/06/04 22:11:22 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/06/04 22:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Desktop\tdsskiller
[2012/06/04 21:38:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Desktop\Tools used
[2012/06/04 20:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Application Data\Malwarebytes
[2012/06/04 20:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/04 20:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/06/04 20:23:47 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/04 20:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/04 20:22:21 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Justin\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/04 14:05:10 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Justin\Desktop\OTL.exe
[2012/06/04 13:29:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/06/04 12:48:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/06/04 12:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Application Data\AVG Secure Search
[2012/06/04 12:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/06/04 12:47:39 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/06/04 12:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012
[2012/06/04 12:46:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012/06/04 01:11:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/06/04 01:11:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/06/04 01:11:06 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/06/04 01:11:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/06/04 01:10:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/06/04 01:10:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/04 01:10:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Justin\My Documents\My Videos
[2012/06/04 01:10:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Justin\Start Menu\Programs\Administrative Tools
[2012/05/30 23:41:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/05/30 23:14:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012/05/30 22:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Application Data\Windows Search
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\NetworkService\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/05 20:52:04 | 099,830,459 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/06/05 20:45:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/05 20:41:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/05 20:16:56 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/06/05 20:07:26 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/06/05 20:03:20 | 004,537,562 | R--- | M] (Swearware) -- C:\Documents and Settings\Justin\Desktop\ComboFix.exe
[2012/06/05 19:49:39 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8A3459F9-14E8-4158-ACAA-18BF359ED386}.job
[2012/06/05 19:45:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/05 18:03:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/05 17:59:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/05 17:25:39 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\MBR.dat
[2012/06/05 17:08:54 | 000,465,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/05 17:08:53 | 000,079,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/05 17:01:51 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Justin\Desktop\aswMBR.exe
[2012/06/05 16:57:01 | 000,044,607 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\bootkit_remover.zip
[2012/06/04 22:08:41 | 002,108,959 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\tdsskiller.zip
[2012/06/04 20:45:39 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\0ku07dcu.exe
[2012/06/04 20:23:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/04 20:22:35 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Justin\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/04 13:50:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Justin\Desktop\OTL.exe
[2012/05/30 23:20:16 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/05 20:52:04 | 099,830,459 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/06/05 20:07:26 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/06/05 20:07:24 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/06/05 17:25:39 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Justin\Desktop\MBR.dat
[2012/06/05 16:56:59 | 000,044,607 | ---- | C] () -- C:\Documents and Settings\Justin\Desktop\bootkit_remover.zip
[2012/06/04 22:08:37 | 002,108,959 | ---- | C] () -- C:\Documents and Settings\Justin\Desktop\tdsskiller.zip
[2012/06/04 20:45:39 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Justin\Desktop\0ku07dcu.exe
[2012/06/04 20:23:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/04 01:11:07 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/06/04 01:11:06 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/06/04 01:11:06 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/06/04 01:11:06 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/06/04 01:11:06 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/03/31 19:13:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\MuV8FNR.dat
[2012/01/29 11:11:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/23 17:04:49 | 000,016,422 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\opvmuvsx3808675
[2010/06/30 07:58:48 | 000,141,186 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2010/06/30 07:58:48 | 000,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat

========== LOP Check ==========

[2012/06/05 18:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/06/04 12:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/11/28 19:53:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/11/28 19:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/06/05 20:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/03/29 16:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/11 13:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/05/17 20:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dschuelke\Application Data\Exact
[2010/05/17 20:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dschuelke\Application Data\Windows Desktop Search
[2010/11/16 14:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dschuelke\Application Data\Windows Search
[2009/12/03 11:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\gdcsuper\Application Data\Exact
[2009/10/27 13:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\gdcsuper\Application Data\Windows Desktop Search
[2009/10/27 14:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johnny\Application Data\Exact
[2009/10/27 14:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johnny\Application Data\Windows Desktop Search
[2010/02/25 16:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johnny\Application Data\Windows Search
[2010/06/01 08:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Exact
[2010/06/01 08:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Windows Desktop Search
[2012/06/04 12:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\AVG Secure Search
[2011/11/29 19:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\AVG2012
[2011/12/27 08:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\ICAClient
[2011/11/28 20:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\IObit
[2009/10/21 21:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\Windows Desktop Search
[2012/05/30 22:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\Windows Search
[2010/03/26 18:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\justinf\Application Data\Exact
[2010/03/26 17:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\justinf\Application Data\Windows Desktop Search
[2010/04/06 15:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\justinf\Application Data\Windows Search
[2009/10/27 14:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\plockwood\Application Data\Exact
[2009/10/27 14:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\plockwood\Application Data\Windows Desktop Search
[2010/02/08 09:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\salesadmin\Application Data\Windows Desktop Search
[2010/01/12 15:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\warranty\Application Data\Exact
[2010/01/12 12:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\warranty\Application Data\Windows Desktop Search
[2010/05/17 16:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\warranty\Application Data\Windows Search
[2009/10/27 13:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\__sbs_netsetup__\Application Data\Windows Desktop Search
[2012/06/05 19:49:39 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{8A3459F9-14E8-4158-ACAA-18BF359ED386}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2009/11/05 12:18:25 | 000,001,024 | ---- | M] () -- C:\.rnd
[2009/10/21 19:49:54 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/05/30 23:20:16 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/06/05 20:07:26 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2012/06/05 20:18:30 | 000,085,260 | ---- | M] () -- C:\ComboFix.txt
[2009/10/21 19:49:54 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/10/21 19:49:54 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/21 19:49:54 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/10/21 20:25:05 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/10/21 20:47:22 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/06/05 17:58:58 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2012/06/04 22:11:44 | 000,095,302 | ---- | M] () -- C:\TDSSKiller.2.7.36.0_04.06.2012_22.10.23_log.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/10/21 19:49:43 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/03/28 13:57:34 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha.dll
[2010/06/09 17:16:41 | 000,053,632 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LMIproc.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/10/21 12:42:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/10/21 12:42:14 | 000,626,688 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/10/21 12:42:14 | 000,430,080 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/10/21 20:50:59 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/10/21 20:59:42 | 000,000,177 | -HS- | M] () -- C:\Documents and Settings\Justin\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/10/21 19:54:57 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Justin\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2012/06/04 20:45:39 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\0ku07dcu.exe
[2012/06/05 17:01:51 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Justin\Desktop\aswMBR.exe
[2012/06/05 20:03:20 | 004,537,562 | R--- | M] (Swearware) -- C:\Documents and Settings\Justin\Desktop\ComboFix.exe
[2012/06/04 20:22:35 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Justin\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/04 13:50:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Justin\Desktop\OTL.exe

Fudd0828, Jun 6, 2012

#58
Fudd0828 Newcomer, in training Posts: 49

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\tasks\*.* >
[2012/06/05 20:41:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/03/29 16:17:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2003/07/16 09:31:17 | 000,000,065 | RH-- | M] () -- C:\WINDOWS\tasks\desktop.ini
[2012/06/05 19:45:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/05 20:45:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/05 20:18:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012/06/05 19:49:39 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8A3459F9-14E8-4158-ACAA-18BF359ED386}.job

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2012/03/29 16:06:05 | 074,982,768 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Justin\My Documents\iTunesSetup.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/10/21 20:59:42 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Justin\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/11/28 18:30:47 | 000,000,008 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /I " " /c >

< dir /b "%systemroot%\*.exe" | find /I " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2012/06/05 20:53:55 | 000,180,224 | ---- | M] () -- C:\Documents and Settings\Justin\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 17:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2003/07/16 09:26:44 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2002/08/20 12:32:18 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2002/08/20 12:32:22 | 000,000,807 | ---- | M] () -- C:\Program Files\Messenger\mailtmpl.txt
[2008/05/02 07:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 10:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 17:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2002/08/20 15:08:38 | 000,069,663 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgsin.exe
[2003/07/16 09:32:59 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2003/07/16 09:33:00 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2003/07/16 09:34:32 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2002/08/20 12:32:20 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/07/17 11:41:04 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-06-06 00:22:04

< >
< End of report >

Fudd0828, Jun 6, 2012

#59
Fudd0828 Newcomer, in training Posts: 49

I didnt get a extra.txt

Fudd0828, Jun 6, 2012

#60

Page 3 of 4

Add New Comment

	Social Login & Guest Posting			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.