Solved Internet not working after AVG cleaned out Netbt.sys

((((((((((((((((((((((((((((( SnapShot@2012-06-04_20.22.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-19 05:51 . 2011-04-19 05:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
+ 2012-06-06 00:59 . 2012-06-06 00:59 16384 c:\windows\temp\Perflib_Perfdata_55c.dat
+ 2003-07-16 16:35 . 2012-06-06 00:08 79598 c:\windows\system32\perfc009.dat
+ 2012-06-05 03:23 . 2012-04-04 22:56 22344 c:\windows\system32\drivers\mbam.sys
+ 2009-10-22 02:52 . 2012-06-06 01:59 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-10-22 02:52 . 2012-03-18 21:00 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-22 02:52 . 2012-06-06 01:59 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-10-22 02:52 . 2012-03-18 21:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-10-22 02:52 . 2012-03-18 21:00 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-06-06 01:59 . 2012-06-06 01:59 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-12-25 10:49 . 2011-12-25 10:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2011-12-25 18:07 . 2011-12-25 18:07 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-12-25 06:49 . 2011-12-25 06:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-09-23 10:17 . 2010-09-23 10:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-12-25 06:49 . 2011-12-25 06:49 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2009-10-28 19:28 . 2012-06-06 00:21 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-10-27 21:08 . 2011-06-18 21:35 27136 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 27136 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-10-27 21:08 . 2011-06-18 21:35 11264 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 11264 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 12288 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-10-27 21:08 . 2011-06-18 21:35 12288 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2010-06-04 10:00 . 2011-06-18 21:36 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-04 10:00 . 2012-06-05 23:51 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-06-06 00:03 . 2012-06-06 00:03 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_8a40a75d\System.Drawing.Design.dll
+ 2012-06-06 00:03 . 2012-06-06 00:03 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_1054280d\CustomMarshalers.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\eb6fa156a42fd4d0c2ab54dfbba71381\System.Web.DynamicData.Design.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll
+ 2012-06-06 00:13 . 2012-06-06 00:13 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe
+ 2012-06-06 00:12 . 2012-06-06 00:12 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 30720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fa1766ce6fbf927624e4b2118140e884\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 45568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f40ddb31c797a5bcdcd8e3a0ee1f5834\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 31232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e01ee94632466f2458839fa0438676fd\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df0f9e62becd146283a17f02f97f4eb2\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dbdaadc3841c1e6f1ef927641d17ecea\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d5f43986e65475542869fbb89ea738d8\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c8fc74b6f19de1a403f0e557a11aa9ca\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b93f4e506eb8fd23b30ad954956ec8e8\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ad75781c24b0a9d72323d5ff7541e3a3\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ab4fbe080b6d4fe6f60d67bc80f9fa58\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 37376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a581b0284d6d2eb7c3e2853536501fb5\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a45e69ac59aae3b5db27ada6e6137a93\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a2bb2449699f12ceb3eaff60a5a0632d\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 33792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a175af016ffbbccc0b40e089c93b58e6\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 20992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9f3da386685843dddd4721bf97cc6675\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\996102da0d0648bd241a5a34462b084b\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\944a3bd4b7a67800bc98e7bddabe564f\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 30720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8ba4046cb5d23c5f187155b029a367c9\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8b3773bab2754e9fab083aa80d023a2f\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\897c7d996ed460cc574bc6c0dd7ad1a0\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 35840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\880616b5ef5863f84e01549f29cd427b\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7c52546bfbb412405e46095cebb78b67\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\77115f9656f80d671e045d07a9b8c566\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6d8e998bc3b165478bc273e5d22c11a0\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6bb73bec93b8720b83db612d83ab99cb\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\67ce98c5416d529fa4c05144169aa944\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 35840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5dd5a115c77d9c106b01760d513690ec\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\56f25b74dd86b76dd0b9e108229d4d63\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\50268b03cd1937ffa057898eff0a93c7\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4cf1dd46bc0d2c4726e991a50d43558c\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 33280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4bbbb9a3828953a24f121d534599bb02\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4ba7953d5145ecd3bf647461c505e0ea\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\453cf19a8604071f8af839bd8ce90310\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\401ecfe05551684ed5648759a7c3eeb1\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\39d62a940ab52f9f561ab11625a388f3\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 31232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3728be15d08a1e2571b3a62f88d686fb\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\34e0c2a95caca2e3562d21e4184ef7f2\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3056b7bb6c5f44fd998e89d397f6fc79\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 32768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2a3a165fbe1a673fd6c6fb6b36678b26\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\176a7ec9b1a597c84476561a7400eaf0\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 31232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\151c402b6cb7333947ae0c4aabfd042f\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0eb4dca57d9f8effb0f314393b4fce63\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0a5d8c3e21d8683958868496373bb435\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\067ad0d806bc060fb846447a82f3e7d0\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe
+ 2012-06-06 00:19 . 2012-06-06 00:19 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-10-06 10:00 . 2010-10-06 10:00 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-06 00:02 . 2012-06-06 00:02 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-10-27 21:08 . 2011-06-18 21:35 4096 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 4096 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2012-06-06 00:07 . 2012-06-06 00:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-06-18 21:40 . 2011-06-18 21:40 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
+ 2012-04-06 06:13 . 2012-04-06 06:13 299080 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2003-07-16 16:35 . 2012-06-06 00:08 465838 c:\windows\system32\perfh009.dat
+ 2012-06-05 02:41 . 2012-06-05 02:41 351904 c:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
+ 2012-06-05 02:41 . 2012-06-05 02:41 424096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.dll
+ 2012-04-14 01:22 . 2012-06-05 02:41 257696 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-04-06 06:52 . 2012-04-06 06:52 131168 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2011-12-25 10:49 . 2011-12-25 10:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 989968 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2011-12-25 05:53 . 2011-12-25 05:53 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-09-23 09:25 . 2010-09-23 09:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-12-25 06:49 . 2011-12-25 06:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-12-22 23:50 . 2011-12-22 23:50 256000 c:\windows\Installer\35692.msp
+ 2012-06-06 00:10 . 2012-06-06 00:10 223744 c:\windows\Installer\35679.msi
+ 2011-12-25 12:40 . 2011-12-25 12:40 819200 c:\windows\Installer\35631.msp
 
- 2009-10-28 19:28 . 2011-06-21 01:15 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
- 2009-10-28 19:28 . 2011-06-21 01:15 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 794624 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-10-27 21:08 . 2011-06-18 21:35 794624 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-10-27 21:08 . 2012-06-06 00:20 135168 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-10-27 21:08 . 2011-06-18 21:35 135168 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2012-06-06 00:06 . 2012-06-06 00:06 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7657c434\System.Drawing.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b41f465c\System.Drawing.Design.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_e5f3a161\CustomMarshalers.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe
+ 2012-06-06 00:16 . 2012-06-06 00:16 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\abc560ee41afeada750e6aa7afc534bb\WindowsFormsIntegration.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll
+ 2012-06-06 01:27 . 2012-06-06 01:27 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\504140c434a3a9ea1f5bf58a6e28af2b\System.Web.Routing.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\47f6d0737e0ed0540854243fa0481149\System.Web.Extensions.Design.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\d7ecdccf5ef761e19845370d94a82c29\System.Web.Entity.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\dc8a4dc6d7c6b5aae7592f10bf91a8c6\System.Web.Entity.Design.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ba570e80e06bb6fd24f9c33baf0e97cb\System.Web.DynamicData.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\92abde1a4b72a1d74056d3561cb7c546\System.Web.Abstractions.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\dff877744c0f7f8752eb356f27edfa59\System.ServiceProcess.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 181248 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\d36a7ee14f4e47a6ee9d85c5eddf4e89\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 221184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\ae6019337a83663300892f7387bb0fd8\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 169472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\a0731c0bc28020107b46a4691fd1be39\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 154624 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\6e33be3870327dcc6385c3bd2696943b\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 188928 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\672845c4cf9c1d7a3a8f292e9c0528e6\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 160256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\565bc89beb2fb404b1612721a9d56d3a\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 154112 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\55d12fa95a95610f7531f29cc3484cb1\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 177664 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\448bf5da7a40273ef40f4b7f6d8598c3\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 169984 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\34ab373a885bead89a21b33f247f5039\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 172544 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\33216de815244ebbfd69fee0b74642e3\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\06b44f53140c48f24ba5045155e59a04\System.Management.Automation.resources.ni.dll
+ 2012-06-06 00:18 . 2012-06-06 00:18 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cd9c60a35d4958e94d2e3dd2f778e2e9\System.IdentityModel.Selectors.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll
+ 2012-06-06 00:15 . 2012-06-06 00:15 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\21c7b80233c24b9726c04b23083e3087\System.Drawing.Design.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ca484772955bc4db03b5dcb611c09423\System.DirectoryServices.Protocols.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ba5e68dddfd3279a8469d39eded48f3\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a0109fce606a3110a5e7f9a4773f517e\System.Data.Services.Design.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3a68d0441f509ffa6f8f0fb9cfcc5780\System.Data.Services.Client.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04440b3dd5d822da4973a525ee04b05d\System.Data.Entity.Design.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\7bbb5d9e3b161b4d4b968e590442d3ae\System.Data.DataSetExtensions.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\bf7d6af03e1230ccad546a8659245ae9\System.Configuration.Install.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\931a2bece4668863db4f852401c828cf\System.AddIn.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6762f1ee780fa9c0b4ef66b285c64844\SMSvcHost.ni.exe
+ 2012-06-06 00:19 . 2012-06-06 00:19 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\660c4d6dd69ef22bc05587e1998cd135\SMDiagnostics.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\47ed5bc9f42ea0054ce9acfde5e640b8\ServiceModelReg.ni.exe
+ 2012-06-06 00:14 . 2012-06-06 00:14 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a4706b850df9a3483f2fc439b6abe616\PresentationFramework.Royale.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7416fe825e6e49a87fa8ff60c8971813\PresentationFramework.Classic.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\186c27fbd7b38b5551889274f6fa2ccd\PresentationFramework.Aero.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5a121969a115d11b6256eb960c145686\MSBuild.ni.exe
+ 2012-06-06 00:19 . 2012-06-06 00:19 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\97c613d3899b320a6765793bdf490272\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d4375675fc5879a48c22dc8d7c80e841\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\937d2550dddbd2e5995ec8f93083f357\Microsoft.PowerShell.Security.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\15b7846d6acc551a7afdf5cc3de7547b\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\115171c0145e7299825a569065923612\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\dec22fb7d6b8929a41380e5359741a07\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\1009b31c86a1b798fffa9e0127cec29c\Microsoft.Build.Utilities.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\21d88631ef629715d3eecdd08e62e0b8\Microsoft.Build.Engine.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a0f38c6478cca8297fb160291346c1c9\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bb26dd100d656605c576881a1a823667\CustomMarshalers.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\9869c02d18825fdd32e64135a3e7246b\ComSvcConfig.ni.exe
+ 2012-06-06 00:19 . 2012-06-06 00:19 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\cfc981788ef6ce161946ca948dad3522\AspNetMMCExt.ni.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-06 00:20 . 2012-06-06 00:20 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2009-10-22 04:14 . 2009-10-22 04:14 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-06-05 23:56 . 2012-06-05 23:56 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-10-22 04:13 . 2009-10-22 04:13 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-05 23:56 . 2012-06-05 23:56 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 350080 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5913360 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-12-25 18:07 . 2011-12-25 18:07 2064384 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2011-12-25 18:06 . 2011-12-25 18:06 1269760 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-12-25 18:06 . 2011-12-25 18:06 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-12-25 05:54 . 2011-12-25 05:54 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-12-25 05:53 . 2011-12-25 05:53 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-12-25 18:06 . 2011-12-25 18:06 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2012-04-05 05:38 . 2012-04-05 05:38 2831360 c:\windows\Installer\356da.msp
+ 2012-04-29 04:44 . 2012-04-29 04:44 9101824 c:\windows\Installer\356c9.msp
+ 2011-08-11 00:43 . 2011-08-11 00:43 3795968 c:\windows\Installer\356b8.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 4250112 c:\windows\Installer\3568b.msp
+ 2012-03-23 21:59 . 2012-03-23 21:59 7899648 c:\windows\Installer\35665.msp
+ 2012-04-29 04:44 . 2012-04-29 04:44 9586176 c:\windows\Installer\35655.msp
+ 2011-08-11 00:42 . 2011-08-11 00:42 7070208 c:\windows\Installer\35642.msp
+ 2011-12-26 16:59 . 2011-12-26 16:59 4368896 c:\windows\Installer\35612.msp
+ 2012-04-05 05:38 . 2012-04-05 05:38 3620864 c:\windows\Installer\35608.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 2247168 c:\windows\Installer\355f7.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 1169920 c:\windows\Installer\355e6.msp
+ 2012-03-20 05:02 . 2012-03-20 05:02 6695936 c:\windows\Installer\355c9.msp
+ 2012-03-15 09:24 . 2012-03-15 09:24 1795584 c:\windows\Installer\355bb.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 2531840 c:\windows\Installer\355aa.msp
+ 2012-04-27 22:09 . 2012-04-27 22:09 5521408 c:\windows\Installer\35599.msp
+ 2011-11-17 17:55 . 2011-11-17 17:55 5522944 c:\windows\Installer\3557d.msp
+ 2012-04-29 04:43 . 2012-04-29 04:43 8459264 c:\windows\Installer\3556f.msp
+ 2011-07-27 14:39 . 2011-07-27 14:39 9892352 c:\windows\Installer\3555e.msp
+ 2012-02-17 15:45 . 2012-02-17 15:45 2299392 c:\windows\Installer\3554d.msp
+ 2012-06-06 01:01 . 2012-06-06 01:01 2208768 c:\windows\Installer\24e3b.msi
- 2009-10-28 19:28 . 2011-06-21 01:15 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-10-28 19:28 . 2012-06-06 00:21 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-04-04 02:21 . 2009-04-04 02:21 8543096 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\OARTCONV.DLL
+ 2009-04-03 05:44 . 2009-04-03 05:44 2532224 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\GRAPH.EXE
+ 2012-06-06 00:06 . 2012-06-06 00:06 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_77a5ddfc\System.dll
+ 2012-06-06 00:03 . 2012-06-06 00:03 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_37e934fe\System.dll
+ 2012-06-06 00:05 . 2012-06-06 00:05 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_8208565a\System.Xml.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_05065ff2\System.Xml.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_5e11f06c\System.Windows.Forms.dll
+ 2012-06-06 00:04 . 2012-06-06 00:04 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_4b1bb061\System.Windows.Forms.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_95df1bb4\System.Drawing.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_9ec0a488\System.Design.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_158ff7d9\System.Design.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b72f7900\mscorlib.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_20585136\mscorlib.dll
+ 2012-06-06 00:12 . 2012-06-06 00:12 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\41a81b97625c113b591ed082c95276e2\UIAutomationClientsideProviders.ni.dll
+ 2012-06-06 00:11 . 2012-06-06 00:11 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
+ 2012-06-06 01:27 . 2012-06-06 01:27 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\822f2304c46ad32739ae2927f213627f\System.WorkflowServices.ni.dll
+ 2012-06-06 01:26 . 2012-06-06 01:26 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5eccf6fef6bee8a2f93bc65ff33699bb\System.Workflow.Runtime.ni.dll
+ 2012-06-06 01:26 . 2012-06-06 01:26 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1878ea370cdc649a685e811219be42ec\System.Workflow.ComponentModel.ni.dll
+ 2012-06-06 01:26 . 2012-06-06 01:26 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\25ae5836e811c299670c47a27186d083\System.Workflow.Activities.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3e11aea7d742b5eddbd0b6bd1012f7df\System.Web.Services.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0916c7584cb912508bb6b67f529ac92b\System.Web.Mobile.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\68f1cf1c23e7eadb96645b0a79b892c9\System.Web.Extensions.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5efb50c91f3c5e49be2079f625d933b7\System.Speech.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\97d635f5c656ae43d94b55e67fc4ab50\System.ServiceModel.Web.ni.dll
+ 2012-06-06 00:18 . 2012-06-06 00:18 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
+ 2012-06-06 00:16 . 2012-06-06 00:16 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\b4ba7d411af865e32e65855b45ceafb5\System.Printing.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 4950016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\c1b3a38c1e1528e22b8f5531d7b3700c\System.Management.Automation.ni.dll
+ 2012-06-06 00:18 . 2012-06-06 00:18 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e09496ddb2bf6f3b69707924f2e6b5ff\System.IdentityModel.ni.dll
+ 2012-06-06 00:15 . 2012-06-06 00:15 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7765146be2fa459c20856ff822f90d1e\System.Drawing.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b55887436d2cfbe1fb32dd18d554185b\System.DirectoryServices.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\012a3f10a4a04e27c6cf8a07726f1f6c\System.Deployment.ni.dll
+ 2012-06-06 00:15 . 2012-06-06 00:15 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\982b508698278c6ffb3d143bbe1e8bb8\System.Data.SqlXml.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de7666b1cd0a1bc363726c9553dc39c\System.Data.Services.ni.dll
+ 2012-06-06 00:15 . 2012-06-06 00:15 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\44a5fc9e7c71b1fe1e2c79b03ecc3bc7\System.Data.Linq.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\772c94f595cd87b7fa187d592ef46fcf\System.Data.Entity.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 2146304 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\63bfa6f83e026ba10e717180807f03cf\ReachFramework.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\efa4002ddfba6bd52845b512810938c1\PresentationUI.ni.dll
+ 2012-06-06 00:11 . 2012-06-06 00:11 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\8c509044eea2ab22689ea43926b30108\PresentationBuildTasks.ni.dll
+ 2012-06-06 00:23 . 2012-06-06 00:23 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f650597531a91974514f58d36bdebaea\Microsoft.VisualBasic.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\42145ebf75f77cabad442f0801a81c64\Microsoft.Transactions.Bridge.ni.dll
+ 2012-06-06 00:24 . 2012-06-06 00:24 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\cfe15312373b4668398404b5822bab7d\Microsoft.JScript.ni.dll
+ 2012-06-06 00:22 . 2012-06-06 00:22 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\b055aa83b51064c970ce548b8a991651\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-06 00:20 . 2012-06-06 00:20 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\04c77ede2757e3b4a695a3b8cfb4f546\Microsoft.Build.Tasks.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5aa63a1cb41e3a5e1e8ed17072e60ec3\Microsoft.Build.Engine.ni.dll
+ 2012-06-05 23:56 . 2012-06-05 23:56 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2010-06-23 10:02 . 2010-06-23 10:02 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-06 00:02 . 2012-06-06 00:02 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-10-06 10:02 . 2010-10-06 10:02 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-05 23:56 . 2012-06-05 23:56 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-06-06 00:06 . 2012-06-06 00:06 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-06-06 00:08 . 2012-06-06 00:08 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-05 23:56 . 2012-06-05 23:56 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-06-18 21:40 . 2011-06-18 21:40 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-06 00:07 . 2012-06-06 00:07 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-06 00:02 . 2012-06-06 00:02 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2010-10-06 10:00 . 2010-10-06 10:00 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2012-06-06 00:02 . 2012-06-06 00:02 2064384 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-06 00:02 . 2012-06-06 00:02 1269760 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-22 03:33 . 2012-04-27 03:08 55656824 c:\windows\system32\MRT.exe
+ 2011-12-27 00:02 . 2011-12-27 00:02 12482048 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp
+ 2011-07-26 23:33 . 2011-07-26 23:33 10984448 c:\windows\Installer\356a7.msp
+ 2012-04-06 09:12 . 2012-04-06 09:12 15709696 c:\windows\Installer\35699.msp
+ 2012-01-04 09:25 . 2012-01-04 09:25 17751552 c:\windows\Installer\35672.msp
+ 2011-12-26 16:02 . 2011-12-26 16:02 19677184 c:\windows\Installer\3562b.msp
+ 2012-04-06 10:13 . 2012-04-06 10:13 16527872 c:\windows\Installer\355d5.msp
+ 2012-03-29 01:10 . 2012-03-29 01:10 12098048 c:\windows\Installer\3558b.msp
+ 2012-06-05 23:49 . 2012-06-05 23:49 20343808 c:\windows\Installer\3553e.msp
+ 2009-04-04 02:21 . 2009-04-04 02:21 16037736 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\OART.DLL
+ 2012-06-06 00:16 . 2012-06-06 00:16 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\32b169d0703541a18c987bd2dbf9fbd9\System.Windows.Forms.ni.dll
+ 2012-06-06 00:25 . 2012-06-06 00:25 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\408a14028cdc4c24dfb8f241da428142\System.Web.ni.dll
+ 2012-06-06 00:19 . 2012-06-06 00:19 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll
+ 2012-06-06 00:15 . 2012-06-06 00:15 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7dc928136c57efafae0845b7e8a83f45\System.Design.ni.dll
+ 2012-06-06 00:14 . 2012-06-06 00:14 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b44d2b225cf6b7861e85b2e915db1f93\PresentationFramework.ni.dll
+ 2012-06-06 00:13 . 2012-06-06 00:13 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f4f33d28527d761c7483d6960862684\PresentationCore.ni.dll
+ 2012-06-06 00:10 . 2012-06-06 00:10 11492352 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
.
-- Snapshot reset to current date --
 
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-06-06 01:59 1869152 ----a-w- c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-06-06 1869152]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-09 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 282624]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"\\GDC2.gdc.local\EPSON Stylus C86 Series/ERICPA"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I2R1.EXE" [2003-11-25 99840]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-06 982880]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\documents and settings\warranty\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2009-12-23 2330624]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-06-10 00:16 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-1580\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-1771\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-4178\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-4410\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-5715\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-5800\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2465215518-1757617005-1003324922-5929\Scripts\Logon\0\0]
"Script"=Map Public Drive.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [10/7/2011 7:23 AM 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7/11/2011 2:14 AM 295248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 7:09 AM 192776]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [10/9/2007 2:13 PM 38144]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6/4/2012 8:23 PM 654408]
R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [6/5/2012 6:59 PM 918880]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [7/11/2011 2:14 AM 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [7/11/2011 2:14 AM 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/4/2011 7:21 AM 16720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/4/2012 8:23 PM 22344]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [10/12/2011 7:25 AM 4433248]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 10:31 AM 135664]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [1/25/2011 5:58 PM 374152]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/13/2012 6:22 PM 257696]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 10:31 AM 135664]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [7/31/2009 4:12 PM 341504]
S4 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [7/11/2011 2:14 AM 23120]
S4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/13/2011 7:30 AM 32592]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - VTOOLBARUPDATER10.2.0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
NETSVCS REQUIRES REPAIRS - current entries shown
6to4
AppMgmt
AudioSrv
Browser
CryptSvc
DMServer
DHCP
ERSvc
EventSystem
FastUserSwitchingCompatibility
HidServ
Ias
Iprip
Irmon
LanmanServer
LanmanWorkstation
Messenger
Netman
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
se27unic
dlaifs_m
SGHIDI
mcrdsvc
usb_rndisx
msmframework
RivaTuner32
L1e
LMouFilt
bthenum
se44mdm
LVPrcMon
dnserver32
acs
wmp54gsvc
iaimfp2
nimcrpcsu
dxdebug
dvd_2K
dlaudfam
cicssfs.scmmc223
vpcvmm
digictrl
nic1394
cdmservice
truecrypt
CTEXFIFX.DLL
Alpham2
iolodmv
NETw4v32
wg5n
CTDevice_Srv
igateway
aliadwdm
HssDrv
nsengine
pinnaclesys.mediaserver
fetnd5bv
vpcbus
obvious
SaiH040B
Nsynas32
TPM
pageserver
dtsagntsvc
issvc
ctsfm2k
symproxysvc
ha20x2k
Ndismeetro
fcprintservice
ec2007service
s3savagenb
AcronisOSSReinstallSvc
ZuneBusEnum
superproserver
rsvchost
DCFS2K
omniserv
SABProcEnum
servidor
tbaspi
USBModem
DivisCTP
wap3gx
Dell1100_FUService
tcpip6
thkeys
SecureStorageService
remotelyanywhere
umwdf
maya70docserver
DMICall
naimagent32
btnetfilter
automate6
SE2Bbus
hap17v2k
starwindservice
Usb20Scan
raysatxsi5_0server
szserver
nhcDriverDevice
netmnt
tga
SE2Bmdm
digisptiservice
symidsco
PcdrNt
SNP2UVC
AFGMp50
CTEDSPSY.DLL
lxcccustomerconnect
stacsv
pcampr5
ROB_V
VX1000
crystaloutputfileserver
acermemusagecheckservice
NTIDrvr
hmonitor
EMCFILT
eloggersvc6
vstor2-ws60
aexnsclienttransport
db2
FET5X86V
symantecantibotagent
x10nets
adpu320
dntus26
ccpwdsvc
EPOWER
SaiU040B
netsvc
Sk99202k
vvoice
MSCamSvc
iirsp
grmnusb
tosrfnds
s3psddr
rca
sprtsvc_ddoctorv2
s3twistr
kodakccs
NMSAccessU
AGV
dklogger
elaunidr
retrowdsvc
mssql$microsoftbcm
CdaD10BA
nsm1serd
mdvrmng
mfeavfk
HSFHWICH
addfiltr
tabletservice
pepifilter
z800mdfl
OEM02Dev
erecoveryservice
LMS
Remoteaccess
Schedule
Seclogon
SENS
Sharedaccess
SRService
Tapisrv
Themes
TrkWks
W32Time
WZCSVC
Wmi
WmdmPmSp
winmgmt
TermService
wuauserv
BITS
ShellHWDetection
helpsvc
xmlprov
wscsvc
WmdmPmSN
napagent
hkmsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 02:41]
.
2012-03-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 20:34]
.
2012-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 17:31]
.
2012-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 17:31]
.
2012-06-06 c:\windows\Tasks\User_Feed_Synchronization-{8A3459F9-14E8-4158-ACAA-18BF359ED386}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 12:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-05 20:17
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Completion time: 2012-06-05 20:18:29
ComboFix-quarantined-files.txt 2012-06-06 03:18
ComboFix2.txt 2012-06-04 20:29
.
Pre-Run: 227,691,933,696 bytes free
Post-Run: 227,876,524,032 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 28B1FB91B646C5FB06D2B3999CDC9F78
 
Looks good :)

How is computer doing?

You can reinstall AVG now.

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\tasks\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /I " " /c
dir /b "%systemroot%\*.exe" | find /I " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
OTL logfile created on: 6/5/2012 8:55:58 PM - Run 2
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Documents and Settings\Justin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.12 Gb Available Physical Memory | 70.71% Memory free
4.84 Gb Paging File | 4.03 Gb Available in Paging File | 83.31% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.82 Gb Total Space | 212.28 Gb Free Space | 91.18% Space Free | Partition Type: NTFS

Computer Name: DESKTOP | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/05 18:59:26 | 000,918,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012/06/05 18:59:23 | 000,982,880 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/06/04 13:50:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Justin\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/11/28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/08 21:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 07:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/02/18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/12/23 12:45:16 | 002,330,624 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/27 14:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/05 18:59:26 | 000,918,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
MOD - [2012/06/05 18:59:23 | 001,869,152 | ---- | M] () -- C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
MOD - [2012/06/05 18:59:23 | 000,982,880 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/12/23 12:45:16 | 002,330,624 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
MOD - [2009/12/23 11:56:34 | 000,053,248 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WlanDll.dll
MOD - [2009/07/14 18:31:30 | 000,335,872 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.dll
MOD - [2007/12/15 02:30:54 | 001,167,360 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\acAuth.dll
MOD - [2007/09/14 11:27:14 | 000,024,576 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\CheckSessions.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LHidUsbK.dll -- (ZuneBusEnum)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VMAUDIO.dll -- (z800mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\l8042pr2.dll -- (x10nets)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emproxy.dll -- (wmp54gsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xusb21.dll -- (wg5n)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmpnetworksvc.dll -- (wap3gx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpqalert.dll -- (VX1000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vmnetuserif.dll -- (vvoice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RDID1027.dll -- (vstor2-ws60)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w300mdfl.dll -- (vpcvmm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iaimtv3.dll -- (vpcbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\starwindserviceae.dll -- (USBModem)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\yukonwxp.dll -- (Usb20Scan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ET5Drv.dll -- (usb_rndisx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PID_08A0.dll -- (umwdf)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ctaud2k.dll -- (truecrypt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smservaz.dll -- (TPM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MRV6X32P.dll -- (tosrfnds)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aclient.dll -- (thkeys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UMAXPCLS.dll -- (tga)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mssql$microsoftbcm.dll -- (tcpip6)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\OEM02Dev.dll -- (tbaspi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SerTVOutCtlr.dll -- (tabletservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ATNT40K.dll -- (szserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sympxsvc.dll -- (symproxysvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LVRS.dll -- (symidsco)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SNPSTD3.dll -- (symantecantibotagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassP.dll -- (superproserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQTECH9080.dll -- (starwindservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dobex.dll -- (stacsv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ss_bus.dll -- (sprtsvc_ddoctorv2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bthidmgr.dll -- (SNP2UVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FiltUSBEMPIA.dll -- (Sk99202k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hpzius12.dll -- (SGHIDI)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\update.dll -- (servidor)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Sk9920nt.dll -- (SecureStorageService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dbus.dll -- (se44mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omniusb.dll -- (SE2Bmdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MTC0001_ESB.dll -- (SE2Bbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\venturi2.dll -- (se27unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emu10k.dll -- (SaiU040B)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Shockprf.dll -- (SaiH040B)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aic78u2.dll -- (SABProcEnum)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\gotomypc.dll -- (s3twistr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\i2omp.dll -- (s3savagenb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ibmcicstransactiongateway.dll -- (s3psddr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avg7alrt.dll -- (rsvchost)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Slpsvdr.dll -- (ROB_V)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pctfw1.dll -- (RivaTuner32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\awecho.dll -- (remotelyanywhere)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SiS300i.dll -- (rca)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleformsserver-forms60server-oraform.dll -- (raysatxsi5_0server)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vulfntrs.dll -- (pinnaclesys.mediaserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxbx_device.dll -- (pepifilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PSSdk23.dll -- (PcdrNt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DcLps.dll -- (pcampr5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EU3_USB.dll -- (pageserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SaiNtHid.dll -- (omniserv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w810mdfl.dll -- (OEM02Dev)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlbu_device.dll -- (obvious)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Uim_IM.dll -- (NTIDrvr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MMRTKRNL.dll -- (Nsynas32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmpnetworksvc.dll -- (nsm1serd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mouhid.dll -- (nsengine)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\amdk8.dll -- (NMSAccessU)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirmultiplexor.dll -- (nimcrpcsu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\purendis.dll -- (nic1394)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\p17xfilt.dll -- (nhcDriverDevice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PGPwded.dll -- (NETw4v32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ddxgb.dll -- (netsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MagicTune.dll -- (netmnt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NAL.dll -- (Ndismeetro)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avp.dll -- (naimagent32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FireTDI.dll -- (mssql$microsoftbcm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Sunkfiltp.dll -- (msmframework)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slssvc.dll -- (MSCamSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RR2IOMod.dll -- (mfeavfk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DfwWebAgent.dll -- (mdvrmng)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ikhfile.dll -- (mcrdsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlluc48b.dll -- (maya70docserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\prepdrvr.dll -- (lxcccustomerconnect)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\idebusdr.dll -- (LVPrcMon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lvsrvlauncher.dll -- (LMS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rrrspy.dll -- (LMouFilt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\imap4d32.dll -- (L1e)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nuvvid2.dll -- (kodakccs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rrspy.dll -- (issvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vsserv.dll -- (iolodmv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tsmapip.dll -- (iirsp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\OVT511Plus.dll -- (igateway)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wacomkey.dll -- (iaimfp2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\regservice.dll -- (HssDrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pccsmcfd.dll -- (HSFHWICH)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTAudSvcService.dll -- (hmonitor)
SRV - File not found [Auto | Stopped] -- %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll -- (helpsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\agnfilt.dll -- (hap17v2k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcnfltr.dll -- (ha20x2k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE27mdfl.dll -- (grmnusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cobbmservice.dll -- (fetnd5bv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\riomsc.dll -- (FET5X86V)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdr4_2k.dll -- (fcprintservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SWNC8U20.dll -- (erecoveryservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\outpostfirewall.dll -- (EPOWER)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdrframe.dll -- (EMCFILT)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZDCNDIS5.dll -- (eloggersvc6)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vet-filt.dll -- (elaunidr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfrem01.dll -- (ec2007service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dmprimer.dll -- (dxdebug)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\6to4.dll -- (dvd_2K)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\StillCam.dll -- (dtsagntsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EL90X.dll -- (dntus26)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\thotkey.dll -- (dnserver32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcidump.dll -- (DMICall)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\outpostfirewall.dll -- (dlaifs_m)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tme3srv.dll -- (dklogger)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symantecantibotshim.dll -- (DivisCTP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wg5n.dll -- (digisptiservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\websensecommunicationagent.dll -- (digictrl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\curtainssyssvc.dll -- (Dell1100_FUService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\clsched.dll -- (DCFS2K)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\spcstb.dll -- (db2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avidstartup.dll -- (ctsfm2k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s125obex.dll -- (CTEXFIFX.DLL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UpdateCenterService.dll -- (CTEDSPSY.DLL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RR2Mjpeg.dll -- (CTDevice_Srv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnshay.dll -- (crystaloutputfileserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lvupdtio.dll -- (cicssfs.scmmc223)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome90agent.dll -- (cdmservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HSFHWALI.dll -- (CdaD10BA)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trufos.dll -- (ccpwdsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w300bus.dll -- (btnetfilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\papycpu2.dll -- (bthenum)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlcc_device.dll -- (automate6)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\3combootp.dll -- (Alpham2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZuneBusEnum.dll -- (aliadwdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\L8042mou.dll -- (AGV)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HssSrv.dll -- (AFGMp50)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\W8100PCI.dll -- (aexnsclienttransport)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\awservice.dll -- (adpu320)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dbmang.dll -- (addfiltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pinnacleupdatesvc.dll -- (acs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracle_load_balancer_60_server-forms6i.dll -- (AcronisOSSReinstallSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MREMP50.dll -- (acermemusagecheckservice)
SRV - [2012/06/05 18:59:26 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012/06/04 19:41:11 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/27 14:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2008/07/29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/04/13 17:12:35 | 000,089,600 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/13 17:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 17:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 17:12:25 | 000,032,768 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/13 17:12:04 | 000,059,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/04/13 17:11:59 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 17:11:57 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 17:11:49 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2001/08/17 22:36:10 | 000,009,728 | ---- | M] (Brother Industries, Ltd.) [Auto | Stopped] -- C:\WINDOWS\system32\brserif.dll -- (dlaudfam)
 
========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\Justin\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/07 07:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 07:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 07:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 07:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 02:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 02:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/07/11 02:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/06/09 17:16:41 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/07/31 16:12:18 | 000,341,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/07/09 18:31:58 | 000,068,826 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2008/04/13 12:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 11:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 11:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 11:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2007/06/06 12:51:04 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/07/27 14:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2003/07/16 09:19:14 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2003/07/16 09:17:50 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=1
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 AF 89 2C D1 52 CA 01 [binary data]
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&sourceid=ie7&rlz=1I7ADRA_enUS353
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={...b4ed79d189a&lang=en&ds=AVG&pr=fr&d=2012-06-04 12:47:50&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-507921405-1035525444-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/06/04 12:46:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\ [2012/06/05 18:59:32 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/06/05 20:16:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [\\GDC2.gdc.local\EPSON Stylus C86 Series/ERICPA] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2R1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-507921405-1035525444-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1256181309562 (WUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D105FAA-3EF2-43AA-8AC1-1C71D603FC0B}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2FDB885-C33B-45A8-BEF8-BC07CD686C36}: DhcpNameServer = 192.168.1.1 68.238.64.12
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/21 19:49:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: se27unic - %systemroot%\system32\venturi2.dll File not found
NetSvcs: dlaifs_m - %systemroot%\system32\outpostfirewall.dll File not found
NetSvcs: SGHIDI - %systemroot%\system32\hpzius12.dll File not found
NetSvcs: mcrdsvc - %systemroot%\system32\ikhfile.dll File not found
NetSvcs: usb_rndisx - %systemroot%\system32\ET5Drv.dll File not found
NetSvcs: msmframework - %systemroot%\system32\Sunkfiltp.dll File not found
NetSvcs: RivaTuner32 - %systemroot%\system32\pctfw1.dll File not found
NetSvcs: L1e - %systemroot%\system32\imap4d32.dll File not found
NetSvcs: LMouFilt - %systemroot%\system32\rrrspy.dll File not found
NetSvcs: bthenum - %systemroot%\system32\papycpu2.dll File not found
NetSvcs: se44mdm - %systemroot%\system32\SE2Dbus.dll File not found
NetSvcs: LVPrcMon - %systemroot%\system32\idebusdr.dll File not found
NetSvcs: dnserver32 - %systemroot%\system32\thotkey.dll File not found
NetSvcs: acs - %systemroot%\system32\pinnacleupdatesvc.dll File not found
NetSvcs: wmp54gsvc - %systemroot%\system32\emproxy.dll File not found
NetSvcs: iaimfp2 - %systemroot%\system32\wacomkey.dll File not found
NetSvcs: nimcrpcsu - %systemroot%\system32\rnadirmultiplexor.dll File not found
NetSvcs: dxdebug - %systemroot%\system32\dmprimer.dll File not found
NetSvcs: dvd_2K - %systemroot%\system32\6to4.dll File not found
NetSvcs: dlaudfam - C:\WINDOWS\system32\brserif.dll (Brother Industries, Ltd.)
NetSvcs: cicssfs.scmmc223 - %systemroot%\system32\lvupdtio.dll File not found
NetSvcs: vpcvmm - %systemroot%\system32\w300mdfl.dll File not found
NetSvcs: digictrl - %systemroot%\system32\websensecommunicationagent.dll File not found
NetSvcs: nic1394 - %systemroot%\system32\purendis.dll File not found
NetSvcs: cdmservice - %systemroot%\system32\oracleorahome90agent.dll File not found
NetSvcs: truecrypt - %systemroot%\system32\ctaud2k.dll File not found
NetSvcs: CTEXFIFX.DLL - %systemroot%\system32\s125obex.dll File not found
NetSvcs: Alpham2 - %systemroot%\system32\3combootp.dll File not found
NetSvcs: iolodmv - %systemroot%\system32\vsserv.dll File not found
NetSvcs: NETw4v32 - %systemroot%\system32\PGPwded.dll File not found
NetSvcs: wg5n - %systemroot%\system32\xusb21.dll File not found
NetSvcs: CTDevice_Srv - %systemroot%\system32\RR2Mjpeg.dll File not found
NetSvcs: igateway - %systemroot%\system32\OVT511Plus.dll File not found
NetSvcs: aliadwdm - %systemroot%\system32\ZuneBusEnum.dll File not found
NetSvcs: HssDrv - %systemroot%\system32\regservice.dll File not found
NetSvcs: nsengine - %systemroot%\system32\mouhid.dll File not found
NetSvcs: pinnaclesys.mediaserver - %systemroot%\system32\vulfntrs.dll File not found
NetSvcs: fetnd5bv - %systemroot%\system32\cobbmservice.dll File not found
NetSvcs: vpcbus - %systemroot%\system32\iaimtv3.dll File not found
NetSvcs: obvious - %systemroot%\system32\dlbu_device.dll File not found
NetSvcs: SaiH040B - %systemroot%\system32\Shockprf.dll File not found
NetSvcs: Nsynas32 - %systemroot%\system32\MMRTKRNL.dll File not found
NetSvcs: TPM - %systemroot%\system32\smservaz.dll File not found
NetSvcs: pageserver - %systemroot%\system32\EU3_USB.dll File not found
NetSvcs: dtsagntsvc - %systemroot%\system32\StillCam.dll File not found
NetSvcs: issvc - %systemroot%\system32\rrspy.dll File not found
NetSvcs: ctsfm2k - %systemroot%\system32\avidstartup.dll File not found
NetSvcs: symproxysvc - %systemroot%\system32\sympxsvc.dll File not found
NetSvcs: ha20x2k - %systemroot%\system32\vpcnfltr.dll File not found
NetSvcs: Ndismeetro - %systemroot%\system32\NAL.dll File not found
NetSvcs: fcprintservice - %systemroot%\system32\cdr4_2k.dll File not found
NetSvcs: ec2007service - %systemroot%\system32\sfrem01.dll File not found
NetSvcs: s3savagenb - %systemroot%\system32\i2omp.dll File not found
NetSvcs: AcronisOSSReinstallSvc - %systemroot%\system32\oracle_load_balancer_60_server-forms6i.dll File not found
NetSvcs: ZuneBusEnum - %systemroot%\system32\LHidUsbK.dll File not found
NetSvcs: superproserver - %systemroot%\system32\iPassP.dll File not found
NetSvcs: rsvchost - %systemroot%\system32\avg7alrt.dll File not found
NetSvcs: DCFS2K - %systemroot%\system32\clsched.dll File not found
NetSvcs: omniserv - %systemroot%\system32\SaiNtHid.dll File not found
NetSvcs: SABProcEnum - %systemroot%\system32\aic78u2.dll File not found
NetSvcs: servidor - %systemroot%\system32\update.dll File not found
NetSvcs: tbaspi - %systemroot%\system32\OEM02Dev.dll File not found
NetSvcs: USBModem - %systemroot%\system32\starwindserviceae.dll File not found
NetSvcs: DivisCTP - %systemroot%\system32\symantecantibotshim.dll File not found
NetSvcs: wap3gx - %systemroot%\system32\wmpnetworksvc.dll File not found
NetSvcs: Dell1100_FUService - %systemroot%\system32\curtainssyssvc.dll File not found
NetSvcs: tcpip6 - %systemroot%\system32\mssql$microsoftbcm.dll File not found
NetSvcs: thkeys - %systemroot%\system32\aclient.dll File not found
NetSvcs: SecureStorageService - %systemroot%\system32\Sk9920nt.dll File not found
NetSvcs: remotelyanywhere - %systemroot%\system32\awecho.dll File not found
NetSvcs: umwdf - %systemroot%\system32\PID_08A0.dll File not found
NetSvcs: maya70docserver - %systemroot%\system32\wlluc48b.dll File not found
NetSvcs: DMICall - %systemroot%\system32\pcidump.dll File not found
NetSvcs: naimagent32 - %systemroot%\system32\avp.dll File not found
NetSvcs: btnetfilter - %systemroot%\system32\w300bus.dll File not found
NetSvcs: automate6 - %systemroot%\system32\dlcc_device.dll File not found
NetSvcs: SE2Bbus - %systemroot%\system32\MTC0001_ESB.dll File not found
NetSvcs: hap17v2k - %systemroot%\system32\agnfilt.dll File not found
NetSvcs: starwindservice - %systemroot%\system32\SQTECH9080.dll File not found
NetSvcs: Usb20Scan - %systemroot%\system32\yukonwxp.dll File not found
NetSvcs: raysatxsi5_0server - %systemroot%\system32\oracleformsserver-forms60server-oraform.dll File not found
NetSvcs: szserver - %systemroot%\system32\ATNT40K.dll File not found
NetSvcs: nhcDriverDevice - %systemroot%\system32\p17xfilt.dll File not found
NetSvcs: netmnt - %systemroot%\system32\MagicTune.dll File not found
NetSvcs: tga - %systemroot%\system32\UMAXPCLS.dll File not found
NetSvcs: SE2Bmdm - %systemroot%\system32\omniusb.dll File not found
NetSvcs: digisptiservice - %systemroot%\system32\wg5n.dll File not found
NetSvcs: symidsco - %systemroot%\system32\LVRS.dll File not found
NetSvcs: PcdrNt - %systemroot%\system32\PSSdk23.dll File not found
NetSvcs: SNP2UVC - %systemroot%\system32\bthidmgr.dll File not found
NetSvcs: AFGMp50 - %systemroot%\system32\HssSrv.dll File not found
NetSvcs: CTEDSPSY.DLL - %systemroot%\system32\UpdateCenterService.dll File not found
NetSvcs: lxcccustomerconnect - %systemroot%\system32\prepdrvr.dll File not found
NetSvcs: stacsv - %systemroot%\system32\SE2Dobex.dll File not found
NetSvcs: pcampr5 - %systemroot%\system32\DcLps.dll File not found
NetSvcs: ROB_V - %systemroot%\system32\Slpsvdr.dll File not found
NetSvcs: VX1000 - %systemroot%\system32\cpqalert.dll File not found
NetSvcs: crystaloutputfileserver - %systemroot%\system32\pdlnshay.dll File not found
NetSvcs: acermemusagecheckservice - %systemroot%\system32\MREMP50.dll File not found
NetSvcs: NTIDrvr - %systemroot%\system32\Uim_IM.dll File not found
NetSvcs: hmonitor - %systemroot%\system32\CTAudSvcService.dll File not found
NetSvcs: EMCFILT - %systemroot%\system32\pdrframe.dll File not found
NetSvcs: eloggersvc6 - %systemroot%\system32\ZDCNDIS5.dll File not found
NetSvcs: vstor2-ws60 - %systemroot%\system32\RDID1027.dll File not found
NetSvcs: aexnsclienttransport - %systemroot%\system32\W8100PCI.dll File not found
NetSvcs: db2 - %systemroot%\system32\spcstb.dll File not found
NetSvcs: FET5X86V - %systemroot%\system32\riomsc.dll File not found
NetSvcs: symantecantibotagent - %systemroot%\system32\SNPSTD3.dll File not found
NetSvcs: x10nets - %systemroot%\system32\l8042pr2.dll File not found
NetSvcs: adpu320 - %systemroot%\system32\awservice.dll File not found
NetSvcs: dntus26 - %systemroot%\system32\EL90X.dll File not found
NetSvcs: ccpwdsvc - %systemroot%\system32\trufos.dll File not found
NetSvcs: EPOWER - %systemroot%\system32\outpostfirewall.dll File not found
NetSvcs: SaiU040B - %systemroot%\system32\emu10k.dll File not found
NetSvcs: netsvc - %systemroot%\system32\ddxgb.dll File not found
NetSvcs: Sk99202k - %systemroot%\system32\FiltUSBEMPIA.dll File not found
NetSvcs: vvoice - %systemroot%\system32\vmnetuserif.dll File not found
NetSvcs: MSCamSvc - %systemroot%\system32\slssvc.dll File not found
NetSvcs: iirsp - %systemroot%\system32\tsmapip.dll File not found
NetSvcs: grmnusb - %systemroot%\system32\SE27mdfl.dll File not found
NetSvcs: tosrfnds - %systemroot%\system32\MRV6X32P.dll File not found
NetSvcs: s3psddr - %systemroot%\system32\ibmcicstransactiongateway.dll File not found
NetSvcs: rca - %systemroot%\system32\SiS300i.dll File not found
NetSvcs: sprtsvc_ddoctorv2 - %systemroot%\system32\ss_bus.dll File not found
NetSvcs: s3twistr - %systemroot%\system32\gotomypc.dll File not found
NetSvcs: kodakccs - %systemroot%\system32\nuvvid2.dll File not found
NetSvcs: NMSAccessU - %systemroot%\system32\amdk8.dll File not found
NetSvcs: AGV - %systemroot%\system32\L8042mou.dll File not found
NetSvcs: dklogger - %systemroot%\system32\tme3srv.dll File not found
NetSvcs: elaunidr - %systemroot%\system32\vet-filt.dll File not found
NetSvcs: retrowdsvc - File not found
NetSvcs: mssql$microsoftbcm - %systemroot%\system32\FireTDI.dll File not found
NetSvcs: CdaD10BA - %systemroot%\system32\HSFHWALI.dll File not found
NetSvcs: nsm1serd - %systemroot%\system32\wmpnetworksvc.dll File not found
NetSvcs: mdvrmng - %systemroot%\system32\DfwWebAgent.dll File not found
NetSvcs: mfeavfk - %systemroot%\system32\RR2IOMod.dll File not found
NetSvcs: HSFHWICH - %systemroot%\system32\pccsmcfd.dll File not found
NetSvcs: addfiltr - %systemroot%\system32\dbmang.dll File not found
NetSvcs: tabletservice - %systemroot%\system32\SerTVOutCtlr.dll File not found
NetSvcs: pepifilter - %systemroot%\system32\lxbx_device.dll File not found
NetSvcs: z800mdfl - %systemroot%\system32\VMAUDIO.dll File not found
NetSvcs: OEM02Dev - %systemroot%\system32\w810mdfl.dll File not found
NetSvcs: erecoveryservice - %systemroot%\system32\SWNC8U20.dll File not found
NetSvcs: LMS - %systemroot%\system32\lvsrvlauncher.dll File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll File not found

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.JDCT - C:\WINDOWS\System32\jl_jdct.drv (JEILIN Tech.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/06/05 20:07:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/06/05 20:03:14 | 004,537,562 | R--- | C] (Swearware) -- C:\Documents and Settings\Justin\Desktop\ComboFix.exe
[2012/06/05 17:01:35 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Justin\Desktop\aswMBR.exe
[2012/06/05 16:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Desktop\bootkit_remover
[2012/06/04 22:11:22 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/06/04 22:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Desktop\tdsskiller
[2012/06/04 21:38:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Desktop\Tools used
[2012/06/04 20:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Application Data\Malwarebytes
[2012/06/04 20:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/04 20:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/06/04 20:23:47 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/04 20:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/04 20:22:21 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Justin\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/04 14:05:10 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Justin\Desktop\OTL.exe
[2012/06/04 13:29:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/06/04 12:48:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/06/04 12:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Application Data\AVG Secure Search
[2012/06/04 12:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/06/04 12:47:39 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/06/04 12:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012
[2012/06/04 12:46:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012/06/04 01:11:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/06/04 01:11:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/06/04 01:11:06 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/06/04 01:11:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/06/04 01:10:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/06/04 01:10:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/04 01:10:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Justin\My Documents\My Videos
[2012/06/04 01:10:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Justin\Start Menu\Programs\Administrative Tools
[2012/05/30 23:41:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/05/30 23:14:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012/05/30 22:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Application Data\Windows Search
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\NetworkService\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/05 20:52:04 | 099,830,459 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/06/05 20:45:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/05 20:41:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/05 20:16:56 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/06/05 20:07:26 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/06/05 20:03:20 | 004,537,562 | R--- | M] (Swearware) -- C:\Documents and Settings\Justin\Desktop\ComboFix.exe
[2012/06/05 19:49:39 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8A3459F9-14E8-4158-ACAA-18BF359ED386}.job
[2012/06/05 19:45:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/05 18:03:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/05 17:59:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/05 17:25:39 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\MBR.dat
[2012/06/05 17:08:54 | 000,465,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/05 17:08:53 | 000,079,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/05 17:01:51 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Justin\Desktop\aswMBR.exe
[2012/06/05 16:57:01 | 000,044,607 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\bootkit_remover.zip
[2012/06/04 22:08:41 | 002,108,959 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\tdsskiller.zip
[2012/06/04 20:45:39 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\0ku07dcu.exe
[2012/06/04 20:23:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/04 20:22:35 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Justin\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/04 13:50:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Justin\Desktop\OTL.exe
[2012/05/30 23:20:16 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/05 20:52:04 | 099,830,459 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/06/05 20:07:26 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/06/05 20:07:24 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/06/05 17:25:39 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Justin\Desktop\MBR.dat
[2012/06/05 16:56:59 | 000,044,607 | ---- | C] () -- C:\Documents and Settings\Justin\Desktop\bootkit_remover.zip
[2012/06/04 22:08:37 | 002,108,959 | ---- | C] () -- C:\Documents and Settings\Justin\Desktop\tdsskiller.zip
[2012/06/04 20:45:39 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Justin\Desktop\0ku07dcu.exe
[2012/06/04 20:23:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/04 01:11:07 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/06/04 01:11:06 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/06/04 01:11:06 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/06/04 01:11:06 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/06/04 01:11:06 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/03/31 19:13:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\MuV8FNR.dat
[2012/01/29 11:11:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/23 17:04:49 | 000,016,422 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\opvmuvsx3808675
[2010/06/30 07:58:48 | 000,141,186 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2010/06/30 07:58:48 | 000,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat

========== LOP Check ==========

[2012/06/05 18:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/06/04 12:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/11/28 19:53:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/11/28 19:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/06/05 20:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/03/29 16:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/11 13:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/05/17 20:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dschuelke\Application Data\Exact
[2010/05/17 20:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dschuelke\Application Data\Windows Desktop Search
[2010/11/16 14:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dschuelke\Application Data\Windows Search
[2009/12/03 11:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\gdcsuper\Application Data\Exact
[2009/10/27 13:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\gdcsuper\Application Data\Windows Desktop Search
[2009/10/27 14:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johnny\Application Data\Exact
[2009/10/27 14:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johnny\Application Data\Windows Desktop Search
[2010/02/25 16:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johnny\Application Data\Windows Search
[2010/06/01 08:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Exact
[2010/06/01 08:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Windows Desktop Search
[2012/06/04 12:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\AVG Secure Search
[2011/11/29 19:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\AVG2012
[2011/12/27 08:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\ICAClient
[2011/11/28 20:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\IObit
[2009/10/21 21:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\Windows Desktop Search
[2012/05/30 22:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\Windows Search
[2010/03/26 18:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\justinf\Application Data\Exact
[2010/03/26 17:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\justinf\Application Data\Windows Desktop Search
[2010/04/06 15:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\justinf\Application Data\Windows Search
[2009/10/27 14:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\plockwood\Application Data\Exact
[2009/10/27 14:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\plockwood\Application Data\Windows Desktop Search
[2010/02/08 09:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\salesadmin\Application Data\Windows Desktop Search
[2010/01/12 15:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\warranty\Application Data\Exact
[2010/01/12 12:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\warranty\Application Data\Windows Desktop Search
[2010/05/17 16:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\warranty\Application Data\Windows Search
[2009/10/27 13:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\__sbs_netsetup__\Application Data\Windows Desktop Search
[2012/06/05 19:49:39 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{8A3459F9-14E8-4158-ACAA-18BF359ED386}.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2009/11/05 12:18:25 | 000,001,024 | ---- | M] () -- C:\.rnd
[2009/10/21 19:49:54 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/05/30 23:20:16 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/06/05 20:07:26 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2012/06/05 20:18:30 | 000,085,260 | ---- | M] () -- C:\ComboFix.txt
[2009/10/21 19:49:54 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/10/21 19:49:54 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/21 19:49:54 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/10/21 20:25:05 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/10/21 20:47:22 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/06/05 17:58:58 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2012/06/04 22:11:44 | 000,095,302 | ---- | M] () -- C:\TDSSKiller.2.7.36.0_04.06.2012_22.10.23_log.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/10/21 19:49:43 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/03/28 13:57:34 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha.dll
[2010/06/09 17:16:41 | 000,053,632 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LMIproc.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/10/21 12:42:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/10/21 12:42:14 | 000,626,688 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/10/21 12:42:14 | 000,430,080 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/10/21 20:50:59 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/10/21 20:59:42 | 000,000,177 | -HS- | M] () -- C:\Documents and Settings\Justin\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/10/21 19:54:57 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Justin\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2012/06/04 20:45:39 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\0ku07dcu.exe
[2012/06/05 17:01:51 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Justin\Desktop\aswMBR.exe
[2012/06/05 20:03:20 | 004,537,562 | R--- | M] (Swearware) -- C:\Documents and Settings\Justin\Desktop\ComboFix.exe
[2012/06/04 20:22:35 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Justin\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/04 13:50:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Justin\Desktop\OTL.exe
 
< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\tasks\*.* >
[2012/06/05 20:41:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/03/29 16:17:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2003/07/16 09:31:17 | 000,000,065 | RH-- | M] () -- C:\WINDOWS\tasks\desktop.ini
[2012/06/05 19:45:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/05 20:45:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/05 20:18:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012/06/05 19:49:39 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8A3459F9-14E8-4158-ACAA-18BF359ED386}.job

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2012/03/29 16:06:05 | 074,982,768 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Justin\My Documents\iTunesSetup.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/10/21 20:59:42 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Justin\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/11/28 18:30:47 | 000,000,008 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /I " " /c >

< dir /b "%systemroot%\*.exe" | find /I " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2012/06/05 20:53:55 | 000,180,224 | ---- | M] () -- C:\Documents and Settings\Justin\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 17:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2003/07/16 09:26:44 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2002/08/20 12:32:18 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2002/08/20 12:32:22 | 000,000,807 | ---- | M] () -- C:\Program Files\Messenger\mailtmpl.txt
[2008/05/02 07:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 10:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 17:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2002/08/20 15:08:38 | 000,069,663 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgsin.exe
[2003/07/16 09:32:59 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2003/07/16 09:33:00 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2003/07/16 09:34:32 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2002/08/20 12:32:20 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/07/17 11:41:04 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-06-06 00:22:04

< >
< End of report >
 
I'm glad to hear it :)

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
[2011/06/23 17:04:49 | 000,016,422 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\opvmuvsx3808675

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

==============================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


3. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


4. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Documents and Settings\All Users\Application Data\opvmuvsx3808675 moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41044 bytes

User: dschuelke
->Temp folder emptied: 61339831 bytes
->Temporary Internet Files folder emptied: 1290082192 bytes
->Java cache emptied: 10889043 bytes
->Flash cache emptied: 180727 bytes

User: gdcsuper
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: johnny
->Temp folder emptied: 28364124 bytes
->Temporary Internet Files folder emptied: 406209571 bytes
->Java cache emptied: 60485032 bytes
->Flash cache emptied: 89812 bytes

User: josh
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 3411 bytes
->Flash cache emptied: 41478 bytes

User: Justin
->Temp folder emptied: 422877 bytes
->Temporary Internet Files folder emptied: 12564186 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 566 bytes

User: justinf
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 3267 bytes
->Flash cache emptied: 41478 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 17565 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 447 bytes
->Flash cache emptied: 74945 bytes

User: plockwood
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5540870 bytes
->Java cache emptied: 25493434 bytes
->Flash cache emptied: 762 bytes

User: purchasing
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: salesadmin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 3747 bytes
->Flash cache emptied: 41478 bytes

User: warranty
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 528519 bytes
->Java cache emptied: 37920966 bytes
->Flash cache emptied: 70957 bytes

User: __sbs_netsetup__
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1145933 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25852 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 153634 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,852.00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: dschuelke
->Java cache emptied: 0 bytes

User: gdcsuper

User: johnny
->Java cache emptied: 0 bytes

User: josh

User: Justin
->Java cache emptied: 0 bytes

User: justinf

User: LocalService

User: NetworkService
->Java cache emptied: 0 bytes

User: plockwood
->Java cache emptied: 0 bytes

User: purchasing

User: salesadmin

User: warranty
->Java cache emptied: 0 bytes

User: __sbs_netsetup__

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: dschuelke
->Flash cache emptied: 0 bytes

User: gdcsuper

User: johnny
->Flash cache emptied: 0 bytes

User: josh
->Flash cache emptied: 0 bytes

User: Justin
->Flash cache emptied: 0 bytes

User: justinf
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: plockwood
->Flash cache emptied: 0 bytes

User: purchasing

User: salesadmin
->Flash cache emptied: 0 bytes

User: warranty
->Flash cache emptied: 0 bytes

User: __sbs_netsetup__

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.46.0 log created on 06062012_165329
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
 
Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG 2012
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 20
Out of date Java installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````
 
Farbar Service Scanner Version: 27-05-2012
Ran by Justin (administrator) on 06-06-2012 at 17:09:38
Running from "C:\Documents and Settings\Justin\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
Firewall Disabled Policy:
==================

System Restore:
============
System Restore Disabled Policy:
========================

Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

**** End of log ****
 
1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Do NOT post JavaRa log.

....and Eset....
 
Getting user folders.

Stopping running processes.

Emptying Temp folders.


User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: dschuelke
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: gdcsuper
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: johnny
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: josh
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Justin
->Temp folder emptied: 284872 bytes
->Temporary Internet Files folder emptied: 9852653 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: justinf
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: plockwood
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: purchasing
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: salesadmin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: warranty
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: __sbs_netsetup__
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32294 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 0 bytes
Process complete!

Total Files Cleaned = 10.00 mb
 
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123422.exe a variant of Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123423.exe Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123424.dll probably a variant of Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123429.dll a variant of Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123449.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123451.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123453.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123455.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123457.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123459.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123461.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123463.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123465.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123467.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123471.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123473.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123475.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123477.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123479.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123481.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123483.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123487.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123489.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123491.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123493.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123495.ini Win32/RegistryReviver application cleaned by deleting - quarantined
C:\System Volume Information\_restore{8024A087-D162-4D62-A7E4-CF551CE2EB8A}\RP474\A0123497.ini Win32/RegistryReviver application cleaned by deleting - quarantined
 
do I check the delete quarentined files box and the eset uninstall
Click to expand...
You may as well.

Did you update Java?

===================================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code: 
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.
 
All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: dschuelke
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: gdcsuper
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: johnny
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: josh
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Justin
->Temp folder emptied: 17016663 bytes
->Temporary Internet Files folder emptied: 98074455 bytes
->Java cache emptied: 2027 bytes
->Flash cache emptied: 784 bytes

User: justinf
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: plockwood
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: purchasing
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: salesadmin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: warranty
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: __sbs_netsetup__
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34552 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 110.00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: dschuelke
->Flash cache emptied: 0 bytes

User: gdcsuper

User: johnny
->Flash cache emptied: 0 bytes

User: josh
->Flash cache emptied: 0 bytes

User: Justin
->Flash cache emptied: 0 bytes

User: justinf
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: plockwood
->Flash cache emptied: 0 bytes

User: purchasing

User: salesadmin
->Flash cache emptied: 0 bytes

User: warranty
->Flash cache emptied: 0 bytes

User: __sbs_netsetup__

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: dschuelke
->Java cache emptied: 0 bytes

User: gdcsuper

User: johnny
->Java cache emptied: 0 bytes

User: josh

User: Justin
->Java cache emptied: 0 bytes

User: justinf

User: LocalService

User: NetworkService
->Java cache emptied: 0 bytes

User: plockwood
->Java cache emptied: 0 bytes

User: purchasing

User: salesadmin

User: warranty
->Java cache emptied: 0 bytes

User: __sbs_netsetup__

Total Java Files Cleaned = 0.00 mb

Unable to start System Restore Service. Error code 10

OTL by OldTimer - Version 3.2.46.0 log created on 06062012_193623
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
 
You must log in or register to reply here.

Similar threads

M
Web Meeting disconnects even though internet is connected
Replies
1
Views
612
madhav04
M
midian182
Microsoft rolls out fix for Windows 11 File Explorer bug after 15-month wait
Replies
9
Views
342
zamroni111
Z
H
Freezes after BSOD
Replies
10
Views
1K
bazz2004
B

Latest posts

Back