HP Mini 1000 - 1151nr - Problems
- Thread starter Connor.S
- Start date
Connor.S
New Member
I managed to interrupt the reboot and get into safe mode and it finished.
Here is the log..
ComboFix 11-12-29.05 - Administrator 12/29/2011 18:43:19.3.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.610 [GMT -8:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-30 )))))))))))))))))))))))))))))))
.
.
2011-12-30 01:43 . 2011-12-30 01:43 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys
2011-12-30 00:36 . 2011-12-30 00:36 388096 ----a-r- c:\documents and settings\Allyson\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-30 00:35 . 2011-12-30 00:35 -------- d-----w- c:\program files\Trend Micro
2011-12-30 00:34 . 2011-12-30 00:34 0 ----a-w- c:\documents and settings\Allyson\HiJackThis.msi
2011-12-30 00:01 . 2011-12-30 00:01 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys
2011-12-29 23:38 . 2011-12-29 23:38 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys
2011-12-29 23:16 . 2011-12-29 23:16 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys
2011-12-29 22:53 . 2011-12-29 22:53 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys
2011-12-29 22:43 . 2011-12-29 22:43 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys
2011-12-29 22:30 . 2011-12-29 22:30 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys
2011-12-29 21:40 . 2011-12-29 21:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2011-12-28 04:54 . 2011-12-28 04:54 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys
2011-12-28 04:52 . 2011-12-28 04:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\DAEMON Tools Lite
2011-12-28 04:50 . 2011-12-28 04:50 -------- d-----w- c:\documents and settings\Allyson\Application Data\Malwarebytes
2011-12-28 04:31 . 2011-12-28 04:31 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys
2011-12-28 04:06 . 2011-12-28 04:05 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-28 04:05 . 2011-12-28 04:53 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-12-28 04:05 . 2011-12-28 04:05 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2011-12-28 02:18 . 2011-09-01 01:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-28 02:18 . 2011-12-28 04:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-28 02:15 . 2011-12-28 02:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\CrystalIdea Software
2011-12-28 02:12 . 2011-10-30 21:14 27600 ----a-w- c:\windows\system32\drivers\CisUtMonitor.sys
2011-12-28 02:11 . 2011-12-28 04:52 -------- d-----w- c:\program files\Uninstall Tool
2011-12-28 00:08 . 2011-12-28 04:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2011-12-26 00:16 . 2011-12-26 00:16 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl489071a3.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-15 . 2E17260C4889F47F71E2B33CD13F7F3D . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-12-29_22.15.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-24 17:26 . 2011-12-29 21:30 71488 c:\windows\system32\perfc009.dat
+ 2008-06-24 17:26 . 2011-12-30 02:35 71488 c:\windows\system32\perfc009.dat
+ 2008-06-24 17:26 . 2011-12-30 02:35 441552 c:\windows\system32\perfh009.dat
- 2008-06-24 17:26 . 2011-12-29 21:30 441552 c:\windows\system32\perfh009.dat
+ 2011-12-30 00:36 . 2011-12-30 00:36 1094656 c:\windows\Installer\211ed5.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTBFirstRun"="c:\program files\Hewlett-Packard\SDP\hprun.exe" [2008-11-07 24576]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Allyson^Start Menu^Programs^Startup^HP SimpleSave Monitor.lnk]
path=c:\documents and settings\Allyson\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
backup=c:\windows\pss\HP SimpleSave Monitor.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 12:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2008-12-03 02:57 729088 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppVodBurner]
2010-10-29 16:06 4980736 ----a-w- c:\program files\VodBurner\vodburner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CarboniteSetupLite]
2009-08-04 07:49 318096 ----a-w- c:\program files\Carbonite\CarbonitePreinstaller.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-15 04:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-15 13:46 159744 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2008-04-15 22:51 488752 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-15 13:46 135168 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-09-01 01:00 449608 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-12-18 18:24 197928 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2011-06-15 22:16 997920 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-15 13:46 131072 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-07-16 01:21 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-12-04 22:54 1410344 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2008-09-11 11:00 446556 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-03-17 07:27 273544 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [3/9/2009 3:00 AM 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [3/9/2009 3:00 AM 15856]
R0 SysCow;SysCow;c:\windows\system32\drivers\syscow32x.sys [9/24/2008 10:09 PM 103792]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [9/19/2011 3:48 PM 98392]
S1 MpKsl01511777;MpKsl01511777;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys [?]
S1 MpKsl024ee902;MpKsl024ee902;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys [?]
S1 MpKsl092cdcd0;MpKsl092cdcd0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys [?]
S1 MpKsl181274b3;MpKsl181274b3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys [?]
S1 MpKsl19d11d02;MpKsl19d11d02;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys [12/27/2011 8:54 PM 28752]
S1 MpKsl1bdaee21;MpKsl1bdaee21;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys [?]
S1 MpKsl2226132c;MpKsl2226132c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys [?]
S1 MpKsl25f89b5e;MpKsl25f89b5e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys [?]
S1 MpKsl2bef0671;MpKsl2bef0671;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys [12/29/2011 2:53 PM 28752]
S1 MpKsl316e2d3e;MpKsl316e2d3e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys [?]
S1 MpKsl34819e1d;MpKsl34819e1d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys [?]
S1 MpKsl370aecc5;MpKsl370aecc5;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys [12/29/2011 2:43 PM 28752]
S1 MpKsl401656f4;MpKsl401656f4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys [?]
S1 MpKsl4562e2df;MpKsl4562e2df;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys [?]
S1 MpKsl498fa5ba;MpKsl498fa5ba;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys [?]
S1 MpKsl556578ab;MpKsl556578ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys [?]
S1 MpKsl565317aa;MpKsl565317aa;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys [12/29/2011 4:01 PM 28752]
S1 MpKsl616a52d2;MpKsl616a52d2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys [?]
S1 MpKsl6456fd3c;MpKsl6456fd3c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys [?]
S1 MpKsl7371cd0c;MpKsl7371cd0c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys [?]
S1 MpKsl74924ba6;MpKsl74924ba6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys [?]
S1 MpKsl75a592a5;MpKsl75a592a5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys [?]
S1 MpKsl7f42012b;MpKsl7f42012b;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys [12/29/2011 2:30 PM 28752]
S1 MpKsl8372bc00;MpKsl8372bc00;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys [?]
S1 MpKsl840a4db8;MpKsl840a4db8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys [?]
S1 MpKsl86507b7a;MpKsl86507b7a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys [?]
S1 MpKsl88596b33;MpKsl88596b33;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys [?]
S1 MpKsl908689c5;MpKsl908689c5;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys [12/27/2011 8:31 PM 28752]
S1 MpKsla66a8685;MpKsla66a8685;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys [?]
S1 MpKsla95d4954;MpKsla95d4954;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys [?]
S1 MpKslbb585c08;MpKslbb585c08;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys [12/29/2011 3:38 PM 28752]
S1 MpKslc53defa1;MpKslc53defa1;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys [?]
S1 MpKsld12f1c17;MpKsld12f1c17;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys [?]
S1 MpKsld4feac4d;MpKsld4feac4d;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys [12/29/2011 3:16 PM 28752]
S1 MpKsldad52135;MpKsldad52135;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys [?]
S1 MpKsle330df6d;MpKsle330df6d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys [?]
S1 MpKsle43e50ca;MpKsle43e50ca;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys [12/29/2011 5:43 PM 28752]
S1 MpKsleaa2494a;MpKsleaa2494a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys [?]
S1 MpKsled8c18f8;MpKsled8c18f8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys [?]
S1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [3/9/2009 3:00 AM 25584]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [12/11/2008 10:46 PM 125424]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [12/18/2009 10:25 AM 189736]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/27/2011 6:18 PM 366152]
S2 QDLService;Qualcomm Gobi Download Service;c:\qualcomm\QDLService\QDLService.exe [1/14/2009 6:56 AM 345336]
S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [3/9/2009 2:33 AM 112128]
S3 CisUtMonitor;CisUtMonitor;c:\windows\system32\drivers\CisUtMonitor.sys [12/27/2011 6:12 PM 27600]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [9/20/2011 12:24 PM 23624]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/27/2011 6:18 PM 22216]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]
S3 QCFilterhp;HP USB Composite Device Filter Driver;c:\windows\system32\drivers\qcfilterhp.sys [3/9/2009 2:34 AM 5248]
S3 qcusbnethp;HP USB-NDIS miniport;c:\windows\system32\drivers\qcusbnethp.sys [3/9/2009 2:34 AM 115200]
S3 qcusbserhp;HP USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbserhp.sys [3/9/2009 2:34 AM 104448]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [4/14/2010 7:29 PM 32408]
S4 BackupService;BackupService;c:\documents and settings\Allyson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe [11/28/2010 8:44 AM 83512]
S4 BOTService;BOTService;c:\program files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [12/25/2008 6:28 PM 203248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-30 c:\windows\Tasks\BackOnTrack Instant Restore Idle.job
- c:\program files\Roxio\BackOnTrack\Instant Restore\RstIdle.exe [2008-12-26 02:28]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 22:39]
.
2011-12-30 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-08-04 18:19]
.
2011-06-11 c:\windows\Tasks\photopadShakeIcon.job
- c:\program files\NCH Software\PhotoPad\photopad.exe [2010-12-17 20:06]
.
2010-12-17 c:\windows\Tasks\photostageSevenDays.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2010-12-17 c:\windows\Tasks\photostageShakeIcon.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2011-06-25 c:\windows\Tasks\pixillionDowngrade.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-06-11 c:\windows\Tasks\pixillionShakeIcon.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-12-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2011-12-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2010-12-10 c:\windows\Tasks\videopadShakeIcon.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2010-11-30 04:06]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 205.171.3.25
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-29 19:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\system32\EXT.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\bwsjnqxo]
"ImagePath"="\??\c:\windows\TEMP\tddafwjp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\fwizvaqm]
"ImagePath"="\??\c:\windows\TEMP\ujrjfcmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\hmpbgvsn]
"ImagePath"="\??\c:\windows\TEMP\mbyovzzz"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\muaxuehl]
"ImagePath"="\??\c:\windows\TEMP\qeifkskq"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\rkyclvmm]
"ImagePath"="\??\c:\windows\TEMP\qgshpgsz"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\sebfozqy]
"ImagePath"="\??\c:\windows\TEMP\qonnlnko"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\wxsdfxrx]
"ImagePath"="\??\c:\windows\TEMP\vazfppos"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1648)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
.
**************************************************************************
.
Completion time: 2011-12-29 19:11:33 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-30 03:11
ComboFix2.txt 2011-12-29 22:20
.
Pre-Run: 41,626,845,184 bytes free
Post-Run: 41,577,406,464 bytes free
.
- - End Of File - - CFB6249E684E1BE6C117B694DB35F413
Here is the log..
ComboFix 11-12-29.05 - Administrator 12/29/2011 18:43:19.3.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.610 [GMT -8:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-30 )))))))))))))))))))))))))))))))
.
.
2011-12-30 01:43 . 2011-12-30 01:43 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys
2011-12-30 00:36 . 2011-12-30 00:36 388096 ----a-r- c:\documents and settings\Allyson\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-30 00:35 . 2011-12-30 00:35 -------- d-----w- c:\program files\Trend Micro
2011-12-30 00:34 . 2011-12-30 00:34 0 ----a-w- c:\documents and settings\Allyson\HiJackThis.msi
2011-12-30 00:01 . 2011-12-30 00:01 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys
2011-12-29 23:38 . 2011-12-29 23:38 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys
2011-12-29 23:16 . 2011-12-29 23:16 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys
2011-12-29 22:53 . 2011-12-29 22:53 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys
2011-12-29 22:43 . 2011-12-29 22:43 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys
2011-12-29 22:30 . 2011-12-29 22:30 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys
2011-12-29 21:40 . 2011-12-29 21:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2011-12-28 04:54 . 2011-12-28 04:54 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys
2011-12-28 04:52 . 2011-12-28 04:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\DAEMON Tools Lite
2011-12-28 04:50 . 2011-12-28 04:50 -------- d-----w- c:\documents and settings\Allyson\Application Data\Malwarebytes
2011-12-28 04:31 . 2011-12-28 04:31 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys
2011-12-28 04:06 . 2011-12-28 04:05 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-28 04:05 . 2011-12-28 04:53 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-12-28 04:05 . 2011-12-28 04:05 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2011-12-28 02:18 . 2011-09-01 01:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-28 02:18 . 2011-12-28 04:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-28 02:15 . 2011-12-28 02:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\CrystalIdea Software
2011-12-28 02:12 . 2011-10-30 21:14 27600 ----a-w- c:\windows\system32\drivers\CisUtMonitor.sys
2011-12-28 02:11 . 2011-12-28 04:52 -------- d-----w- c:\program files\Uninstall Tool
2011-12-28 00:08 . 2011-12-28 04:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2011-12-26 00:16 . 2011-12-26 00:16 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl489071a3.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-15 . 2E17260C4889F47F71E2B33CD13F7F3D . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-12-29_22.15.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-24 17:26 . 2011-12-29 21:30 71488 c:\windows\system32\perfc009.dat
+ 2008-06-24 17:26 . 2011-12-30 02:35 71488 c:\windows\system32\perfc009.dat
+ 2008-06-24 17:26 . 2011-12-30 02:35 441552 c:\windows\system32\perfh009.dat
- 2008-06-24 17:26 . 2011-12-29 21:30 441552 c:\windows\system32\perfh009.dat
+ 2011-12-30 00:36 . 2011-12-30 00:36 1094656 c:\windows\Installer\211ed5.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTBFirstRun"="c:\program files\Hewlett-Packard\SDP\hprun.exe" [2008-11-07 24576]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Allyson^Start Menu^Programs^Startup^HP SimpleSave Monitor.lnk]
path=c:\documents and settings\Allyson\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
backup=c:\windows\pss\HP SimpleSave Monitor.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 12:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2008-12-03 02:57 729088 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppVodBurner]
2010-10-29 16:06 4980736 ----a-w- c:\program files\VodBurner\vodburner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CarboniteSetupLite]
2009-08-04 07:49 318096 ----a-w- c:\program files\Carbonite\CarbonitePreinstaller.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-15 04:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-15 13:46 159744 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2008-04-15 22:51 488752 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-15 13:46 135168 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-09-01 01:00 449608 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-12-18 18:24 197928 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2011-06-15 22:16 997920 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-15 13:46 131072 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-07-16 01:21 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-12-04 22:54 1410344 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2008-09-11 11:00 446556 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-03-17 07:27 273544 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [3/9/2009 3:00 AM 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [3/9/2009 3:00 AM 15856]
R0 SysCow;SysCow;c:\windows\system32\drivers\syscow32x.sys [9/24/2008 10:09 PM 103792]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [9/19/2011 3:48 PM 98392]
S1 MpKsl01511777;MpKsl01511777;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys [?]
S1 MpKsl024ee902;MpKsl024ee902;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys [?]
S1 MpKsl092cdcd0;MpKsl092cdcd0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys [?]
S1 MpKsl181274b3;MpKsl181274b3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys [?]
S1 MpKsl19d11d02;MpKsl19d11d02;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys [12/27/2011 8:54 PM 28752]
S1 MpKsl1bdaee21;MpKsl1bdaee21;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys [?]
S1 MpKsl2226132c;MpKsl2226132c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys [?]
S1 MpKsl25f89b5e;MpKsl25f89b5e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys [?]
S1 MpKsl2bef0671;MpKsl2bef0671;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys [12/29/2011 2:53 PM 28752]
S1 MpKsl316e2d3e;MpKsl316e2d3e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys [?]
S1 MpKsl34819e1d;MpKsl34819e1d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys [?]
S1 MpKsl370aecc5;MpKsl370aecc5;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys [12/29/2011 2:43 PM 28752]
S1 MpKsl401656f4;MpKsl401656f4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys [?]
S1 MpKsl4562e2df;MpKsl4562e2df;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys [?]
S1 MpKsl498fa5ba;MpKsl498fa5ba;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys [?]
S1 MpKsl556578ab;MpKsl556578ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys [?]
S1 MpKsl565317aa;MpKsl565317aa;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys [12/29/2011 4:01 PM 28752]
S1 MpKsl616a52d2;MpKsl616a52d2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys [?]
S1 MpKsl6456fd3c;MpKsl6456fd3c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys [?]
S1 MpKsl7371cd0c;MpKsl7371cd0c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys [?]
S1 MpKsl74924ba6;MpKsl74924ba6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys [?]
S1 MpKsl75a592a5;MpKsl75a592a5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys [?]
S1 MpKsl7f42012b;MpKsl7f42012b;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys [12/29/2011 2:30 PM 28752]
S1 MpKsl8372bc00;MpKsl8372bc00;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys [?]
S1 MpKsl840a4db8;MpKsl840a4db8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys [?]
S1 MpKsl86507b7a;MpKsl86507b7a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys [?]
S1 MpKsl88596b33;MpKsl88596b33;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys [?]
S1 MpKsl908689c5;MpKsl908689c5;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys [12/27/2011 8:31 PM 28752]
S1 MpKsla66a8685;MpKsla66a8685;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys [?]
S1 MpKsla95d4954;MpKsla95d4954;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys [?]
S1 MpKslbb585c08;MpKslbb585c08;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys [12/29/2011 3:38 PM 28752]
S1 MpKslc53defa1;MpKslc53defa1;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys [?]
S1 MpKsld12f1c17;MpKsld12f1c17;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys [?]
S1 MpKsld4feac4d;MpKsld4feac4d;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys [12/29/2011 3:16 PM 28752]
S1 MpKsldad52135;MpKsldad52135;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys [?]
S1 MpKsle330df6d;MpKsle330df6d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys [?]
S1 MpKsle43e50ca;MpKsle43e50ca;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys [12/29/2011 5:43 PM 28752]
S1 MpKsleaa2494a;MpKsleaa2494a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys [?]
S1 MpKsled8c18f8;MpKsled8c18f8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys [?]
S1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [3/9/2009 3:00 AM 25584]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [12/11/2008 10:46 PM 125424]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [12/18/2009 10:25 AM 189736]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/27/2011 6:18 PM 366152]
S2 QDLService;Qualcomm Gobi Download Service;c:\qualcomm\QDLService\QDLService.exe [1/14/2009 6:56 AM 345336]
S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [3/9/2009 2:33 AM 112128]
S3 CisUtMonitor;CisUtMonitor;c:\windows\system32\drivers\CisUtMonitor.sys [12/27/2011 6:12 PM 27600]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [9/20/2011 12:24 PM 23624]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/27/2011 6:18 PM 22216]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]
S3 QCFilterhp;HP USB Composite Device Filter Driver;c:\windows\system32\drivers\qcfilterhp.sys [3/9/2009 2:34 AM 5248]
S3 qcusbnethp;HP USB-NDIS miniport;c:\windows\system32\drivers\qcusbnethp.sys [3/9/2009 2:34 AM 115200]
S3 qcusbserhp;HP USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbserhp.sys [3/9/2009 2:34 AM 104448]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [4/14/2010 7:29 PM 32408]
S4 BackupService;BackupService;c:\documents and settings\Allyson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe [11/28/2010 8:44 AM 83512]
S4 BOTService;BOTService;c:\program files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [12/25/2008 6:28 PM 203248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-30 c:\windows\Tasks\BackOnTrack Instant Restore Idle.job
- c:\program files\Roxio\BackOnTrack\Instant Restore\RstIdle.exe [2008-12-26 02:28]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 22:39]
.
2011-12-30 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-08-04 18:19]
.
2011-06-11 c:\windows\Tasks\photopadShakeIcon.job
- c:\program files\NCH Software\PhotoPad\photopad.exe [2010-12-17 20:06]
.
2010-12-17 c:\windows\Tasks\photostageSevenDays.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2010-12-17 c:\windows\Tasks\photostageShakeIcon.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2011-06-25 c:\windows\Tasks\pixillionDowngrade.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-06-11 c:\windows\Tasks\pixillionShakeIcon.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-12-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2011-12-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2010-12-10 c:\windows\Tasks\videopadShakeIcon.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2010-11-30 04:06]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 205.171.3.25
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-29 19:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\system32\EXT.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\bwsjnqxo]
"ImagePath"="\??\c:\windows\TEMP\tddafwjp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\fwizvaqm]
"ImagePath"="\??\c:\windows\TEMP\ujrjfcmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\hmpbgvsn]
"ImagePath"="\??\c:\windows\TEMP\mbyovzzz"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\muaxuehl]
"ImagePath"="\??\c:\windows\TEMP\qeifkskq"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\rkyclvmm]
"ImagePath"="\??\c:\windows\TEMP\qgshpgsz"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\sebfozqy]
"ImagePath"="\??\c:\windows\TEMP\qonnlnko"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\wxsdfxrx]
"ImagePath"="\??\c:\windows\TEMP\vazfppos"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1648)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
.
**************************************************************************
.
Completion time: 2011-12-29 19:11:33 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-30 03:11
ComboFix2.txt 2011-12-29 22:20
.
Pre-Run: 41,626,845,184 bytes free
Post-Run: 41,577,406,464 bytes free
.
- - End Of File - - CFB6249E684E1BE6C117B694DB35F413
Connor.S
New Member
I can log into windows normally and explorer is started and loaded, or so it seems. I give it plenty of time to load anything that opens on startup. Once I click anything to do with actual Windows, i.e start button, my computer, my documents, it's like explorer freezes up. The computer itself doesn't freeze as I can still move the mouse and click on things, but nothing happens upon clicking. Task Manager will not open either.
Sorry, I fell asleep for awhile.
I would like for you to do the following. There is more showing up in the log now. Please do all from safe mode.
1.
Please download and run TDSSkiller
When the program opens, click on the start scan button.
TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.
To remove the infection simply click on the Continue button and TDSSKiller will attempt to clean the infection.
When it has finished cleaning the infection you will see a report stating whether or not it was successful as shown below.
If the log says will be cured after reboot, please reboot the system by pressing the reboot now button.
After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it. Please open the log and copy and paste it back here.
2.
1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box
3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!
ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.
Edit... Going back to bed, will reply back in the morning.
I would like for you to do the following. There is more showing up in the log now. Please do all from safe mode.
1.
Please download and run TDSSkiller
When the program opens, click on the start scan button.
TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.
To remove the infection simply click on the Continue button and TDSSKiller will attempt to clean the infection.
When it has finished cleaning the infection you will see a report stating whether or not it was successful as shown below.
If the log says will be cured after reboot, please reboot the system by pressing the reboot now button.
After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it. Please open the log and copy and paste it back here.
2.
1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box
Code:
Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\bwsjnqxo]
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\fwizvaqm]
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\hmpbgvsn]
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\muaxuehl]
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\rkyclvmm]
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\sebfozqy]
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\wxsdfxrx]3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!
ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.
Edit... Going back to bed, will reply back in the morning.
Last edited:
Connor.S
New Member
TDSSKiller found no infections; here is the log..
21:26:51.0562 1012 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
21:26:52.0546 1012 ============================================================
21:26:52.0546 1012 Current date / time: 2011/12/29 21:26:52.0546
21:26:52.0546 1012 SystemInfo:
21:26:52.0546 1012
21:26:52.0546 1012 OS Version: 5.1.2600 ServicePack: 3.0
21:26:52.0546 1012 Product type: Workstation
21:26:52.0546 1012 ComputerName: PC114941193148
21:26:52.0546 1012 UserName: Administrator
21:26:52.0546 1012 Windows directory: C:\WINDOWS
21:26:52.0546 1012 System windows directory: C:\WINDOWS
21:26:52.0546 1012 Processor architecture: Intel x86
21:26:52.0546 1012 Number of processors: 2
21:26:52.0546 1012 Page size: 0x1000
21:26:52.0546 1012 Boot type: Safe boot with network
21:26:52.0546 1012 ============================================================
21:26:57.0437 1012 Initialize success
21:27:39.0093 1764 ============================================================
21:27:39.0093 1764 Scan started
21:27:39.0093 1764 Mode: Manual;
21:27:39.0093 1764 ============================================================
21:27:40.0546 1764 Abiosdsk - ok
21:27:40.0625 1764 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:27:40.0656 1764 abp480n5 - ok
21:27:40.0734 1764 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:27:40.0765 1764 ACPI - ok
21:27:40.0781 1764 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:27:40.0828 1764 ACPIEC - ok
21:27:40.0859 1764 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:27:40.0906 1764 adpu160m - ok
21:27:41.0000 1764 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:27:41.0031 1764 aec - ok
21:27:41.0078 1764 AESTAud (20f078136f3bdc4c0405c0527b769303) C:\WINDOWS\system32\drivers\AESTAud.sys
21:27:41.0125 1764 AESTAud - ok
21:27:41.0281 1764 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
21:27:41.0328 1764 AFD - ok
21:27:41.0375 1764 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
21:27:41.0437 1764 agp440 - ok
21:27:41.0453 1764 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:27:41.0500 1764 agpCPQ - ok
21:27:41.0515 1764 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:27:41.0546 1764 Aha154x - ok
21:27:41.0593 1764 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:27:41.0640 1764 aic78u2 - ok
21:27:41.0656 1764 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:27:41.0703 1764 aic78xx - ok
21:27:41.0765 1764 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
21:27:41.0796 1764 AliIde - ok
21:27:41.0812 1764 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:27:41.0859 1764 alim1541 - ok
21:27:41.0875 1764 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:27:41.0921 1764 amdagp - ok
21:27:41.0953 1764 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
21:27:41.0984 1764 amsint - ok
21:27:42.0046 1764 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:27:42.0093 1764 Arp1394 - ok
21:27:42.0218 1764 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
21:27:42.0250 1764 asc - ok
21:27:42.0265 1764 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:27:42.0312 1764 asc3350p - ok
21:27:42.0328 1764 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:27:42.0375 1764 asc3550 - ok
21:27:42.0484 1764 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:27:42.0515 1764 AsyncMac - ok
21:27:42.0546 1764 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:27:42.0593 1764 atapi - ok
21:27:42.0609 1764 Atdisk - ok
21:27:42.0656 1764 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:27:42.0687 1764 Atmarpc - ok
21:27:42.0750 1764 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:27:42.0781 1764 audstub - ok
21:27:42.0921 1764 BCM43XX (c89327377d4b62dc792e8930ea55f571) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
21:27:42.0984 1764 BCM43XX - ok
21:27:43.0140 1764 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:27:43.0171 1764 Beep - ok
21:27:43.0296 1764 btaudio (4b43dfe1c1fbb305a1dc5504ef9bb34e) C:\WINDOWS\system32\drivers\btaudio.sys
21:27:43.0390 1764 btaudio - ok
21:27:43.0421 1764 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
21:27:43.0484 1764 BTDriver - ok
21:27:43.0578 1764 BTKRNL (70455baffc078b6152d1e52376296467) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
21:27:43.0687 1764 BTKRNL - ok
21:27:43.0890 1764 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
21:27:43.0968 1764 BTWDNDIS - ok
21:27:43.0984 1764 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys
21:27:44.0062 1764 btwhid - ok
21:27:44.0078 1764 BTWUSB (2cfc2bd8785f82a42fcad83de1fa5a36) C:\WINDOWS\system32\Drivers\btwusb.sys
21:27:44.0156 1764 BTWUSB - ok
21:27:44.0203 1764 bwsjnqxo - ok
21:27:44.0234 1764 catchme - ok
21:27:44.0312 1764 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:27:44.0390 1764 cbidf - ok
21:27:44.0406 1764 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:27:44.0468 1764 cbidf2k - ok
21:27:44.0531 1764 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:27:44.0609 1764 CCDECODE - ok
21:27:44.0718 1764 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:27:44.0796 1764 cd20xrnt - ok
21:27:44.0843 1764 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:27:44.0921 1764 Cdaudio - ok
21:27:44.0968 1764 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:27:45.0046 1764 Cdfs - ok
21:27:45.0062 1764 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:27:45.0140 1764 Cdrom - ok
21:27:45.0156 1764 Changer - ok
21:27:45.0250 1764 CisUtMonitor (03809544b21d43b1f40de67215d4153a) C:\WINDOWS\system32\DRIVERS\CisUtMonitor.sys
21:27:45.0312 1764 CisUtMonitor - ok
21:27:45.0390 1764 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:27:45.0468 1764 CmBatt - ok
21:27:45.0515 1764 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:27:45.0593 1764 CmdIde - ok
21:27:45.0609 1764 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:27:45.0687 1764 Compbatt - ok
21:27:45.0859 1764 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:27:45.0937 1764 Cpqarray - ok
21:27:46.0000 1764 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:27:46.0078 1764 dac2w2k - ok
21:27:46.0109 1764 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:27:46.0171 1764 dac960nt - ok
21:27:46.0250 1764 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:27:46.0312 1764 Disk - ok
21:27:46.0406 1764 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:27:46.0484 1764 dmboot - ok
21:27:46.0515 1764 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:27:46.0593 1764 dmio - ok
21:27:46.0625 1764 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:27:46.0703 1764 dmload - ok
21:27:46.0765 1764 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:27:46.0875 1764 DMusic - ok
21:27:47.0062 1764 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:27:47.0171 1764 dpti2o - ok
21:27:47.0187 1764 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:27:47.0281 1764 drmkaud - ok
21:27:47.0437 1764 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:27:47.0531 1764 Fastfat - ok
21:27:47.0593 1764 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:27:47.0703 1764 Fdc - ok
21:27:47.0718 1764 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:27:47.0828 1764 Fips - ok
21:27:47.0859 1764 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:27:47.0953 1764 Flpydisk - ok
21:27:47.0984 1764 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:27:48.0093 1764 FltMgr - ok
21:27:48.0140 1764 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:27:48.0234 1764 Fs_Rec - ok
21:27:48.0265 1764 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:27:48.0375 1764 Ftdisk - ok
21:27:48.0421 1764 fwizvaqm - ok
21:27:48.0578 1764 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:27:48.0718 1764 Gpc - ok
21:27:48.0812 1764 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:27:48.0906 1764 HDAudBus - ok
21:27:49.0000 1764 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:27:49.0109 1764 HidUsb - ok
21:27:49.0171 1764 hitmanpro35 (72472b9ce5d02e443cff49a40355455d) C:\WINDOWS\system32\drivers\hitmanpro35.sys
21:27:49.0281 1764 hitmanpro35 - ok
21:27:49.0343 1764 hmpbgvsn - ok
21:27:49.0531 1764 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
21:27:49.0640 1764 hpn - ok
21:27:49.0750 1764 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:27:49.0859 1764 HPZid412 - ok
21:27:49.0937 1764 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:27:50.0046 1764 HPZipr12 - ok
21:27:50.0078 1764 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:27:50.0187 1764 HPZius12 - ok
21:27:50.0250 1764 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:27:50.0359 1764 HTTP - ok
21:27:50.0500 1764 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
21:27:50.0593 1764 i2omgmt - ok
21:27:50.0656 1764 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:27:50.0765 1764 i2omp - ok
21:27:50.0812 1764 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:27:50.0921 1764 i8042prt - ok
21:27:51.0250 1764 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:27:51.0656 1764 ialm - ok
21:27:51.0859 1764 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:27:51.0984 1764 Imapi - ok
21:27:52.0093 1764 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:27:52.0218 1764 ini910u - ok
21:27:52.0250 1764 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:27:52.0390 1764 IntelIde - ok
21:27:52.0421 1764 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:27:52.0562 1764 intelppm - ok
21:27:52.0640 1764 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:27:52.0765 1764 Ip6Fw - ok
21:27:52.0812 1764 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:27:52.0937 1764 IpFilterDriver - ok
21:27:52.0968 1764 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:27:53.0109 1764 IpInIp - ok
21:27:53.0156 1764 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:27:53.0296 1764 IpNat - ok
21:27:53.0421 1764 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:27:53.0562 1764 IPSec - ok
21:27:53.0593 1764 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:27:53.0734 1764 IRENUM - ok
21:27:53.0812 1764 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:27:53.0953 1764 isapnp - ok
21:27:53.0984 1764 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:27:54.0125 1764 Kbdclass - ok
21:27:54.0156 1764 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:27:54.0296 1764 kmixer - ok
21:27:54.0343 1764 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:27:54.0484 1764 KSecDD - ok
21:27:54.0609 1764 lbrtfdc - ok
21:27:54.0703 1764 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
21:27:54.0843 1764 MBAMProtector - ok
21:27:54.0937 1764 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:27:55.0062 1764 mnmdd - ok
21:27:55.0109 1764 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:27:55.0250 1764 Modem - ok
21:27:55.0312 1764 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:27:55.0437 1764 Mouclass - ok
21:27:55.0515 1764 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:27:55.0640 1764 mouhid - ok
21:27:55.0703 1764 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:27:55.0843 1764 MountMgr - ok
21:27:55.0937 1764 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:27:56.0078 1764 MpFilter - ok
21:27:56.0156 1764 MpKsl01511777 - ok
21:27:56.0187 1764 MpKsl024ee902 - ok
21:27:56.0218 1764 MpKsl092cdcd0 - ok
21:27:56.0250 1764 MpKsl181274b3 - ok
21:27:56.0296 1764 MpKsl19d11d02 - ok
21:27:56.0328 1764 MpKsl1bdaee21 - ok
21:27:56.0343 1764 MpKsl2226132c - ok
21:27:56.0375 1764 MpKsl25f89b5e - ok
21:27:56.0421 1764 MpKsl2bef0671 - ok
21:27:56.0453 1764 MpKsl316e2d3e - ok
21:27:56.0484 1764 MpKsl34819e1d - ok
21:27:56.0515 1764 MpKsl370aecc5 - ok
21:27:56.0562 1764 MpKsl401656f4 - ok
21:27:56.0593 1764 MpKsl4562e2df - ok
21:27:56.0625 1764 MpKsl498fa5ba - ok
21:27:56.0656 1764 MpKsl556578ab - ok
21:27:56.0687 1764 MpKsl565317aa - ok
21:27:56.0718 1764 MpKsl616a52d2 - ok
21:27:56.0750 1764 MpKsl6456fd3c - ok
21:27:56.0781 1764 MpKsl7371cd0c - ok
21:27:56.0812 1764 MpKsl74924ba6 - ok
21:27:56.0843 1764 MpKsl75a592a5 - ok
21:27:56.0875 1764 MpKsl7f42012b - ok
21:27:56.0890 1764 MpKsl8372bc00 - ok
21:27:56.0921 1764 MpKsl840a4db8 - ok
21:27:56.0953 1764 MpKsl86507b7a - ok
21:27:56.0984 1764 MpKsl88596b33 - ok
21:27:57.0015 1764 MpKsl908689c5 - ok
21:27:57.0093 1764 MpKsla66a8685 - ok
21:27:57.0125 1764 MpKsla95d4954 - ok
21:27:57.0156 1764 MpKslbb585c08 - ok
21:27:57.0187 1764 MpKslc53defa1 - ok
21:27:57.0250 1764 MpKslcb791dca (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKslcb791dca.sys
21:27:57.0265 1764 MpKslcb791dca - ok
21:27:57.0281 1764 MpKsld12f1c17 - ok
21:27:57.0312 1764 MpKsld4feac4d - ok
21:27:57.0359 1764 MpKsldad52135 - ok
21:27:57.0375 1764 MpKsle330df6d - ok
21:27:57.0406 1764 MpKsle43e50ca - ok
21:27:57.0437 1764 MpKsleaa2494a - ok
21:27:57.0468 1764 MpKsled8c18f8 - ok
21:27:57.0640 1764 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:27:57.0781 1764 mraid35x - ok
21:27:57.0812 1764 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:27:57.0953 1764 MRxDAV - ok
21:27:58.0031 1764 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:27:58.0187 1764 MRxSmb - ok
21:27:58.0218 1764 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:27:58.0359 1764 Msfs - ok
21:27:58.0437 1764 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:27:58.0609 1764 MSKSSRV - ok
21:27:58.0750 1764 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:27:58.0921 1764 MSPCLOCK - ok
21:27:58.0953 1764 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:27:59.0125 1764 MSPQM - ok
21:27:59.0187 1764 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:27:59.0359 1764 mssmbios - ok
21:27:59.0406 1764 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:27:59.0578 1764 MSTEE - ok
21:27:59.0640 1764 muaxuehl - ok
21:27:59.0750 1764 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:27:59.0921 1764 Mup - ok
21:28:00.0031 1764 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:28:00.0218 1764 NABTSFEC - ok
21:28:00.0296 1764 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:28:00.0468 1764 NDIS - ok
21:28:00.0515 1764 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:28:00.0687 1764 NdisIP - ok
21:28:00.0750 1764 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:28:00.0921 1764 NdisTapi - ok
21:28:00.0968 1764 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:28:01.0140 1764 Ndisuio - ok
21:28:01.0156 1764 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:28:01.0343 1764 NdisWan - ok
21:28:01.0406 1764 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:28:01.0562 1764 NDProxy - ok
21:28:01.0703 1764 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:28:01.0875 1764 NetBIOS - ok
21:28:01.0953 1764 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:28:02.0125 1764 NetBT - ok
21:28:02.0250 1764 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:28:02.0437 1764 NIC1394 - ok
21:28:02.0468 1764 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:28:02.0640 1764 Npfs - ok
21:28:02.0703 1764 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:28:02.0890 1764 Ntfs - ok
21:28:03.0031 1764 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
21:28:03.0203 1764 NuidFltr - ok
21:28:03.0250 1764 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:28:03.0421 1764 Null - ok
21:28:03.0453 1764 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:28:03.0625 1764 NwlnkFlt - ok
21:28:03.0656 1764 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:28:03.0828 1764 NwlnkFwd - ok
21:28:03.0875 1764 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:28:04.0046 1764 ohci1394 - ok
21:28:04.0125 1764 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
21:28:04.0296 1764 Parport - ok
21:28:04.0390 1764 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:28:04.0562 1764 PartMgr - ok
21:28:04.0593 1764 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:28:04.0765 1764 ParVdm - ok
21:28:04.0796 1764 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:28:04.0968 1764 PCI - ok
21:28:04.0984 1764 PCIDump - ok
21:28:05.0015 1764 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:28:05.0218 1764 PCIIde - ok
21:28:05.0250 1764 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:28:05.0468 1764 Pcmcia - ok
21:28:05.0484 1764 PDCOMP - ok
21:28:05.0515 1764 PDFRAME - ok
21:28:05.0546 1764 PDRELI - ok
21:28:05.0578 1764 PDRFRAME - ok
21:28:05.0593 1764 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
21:28:05.0796 1764 perc2 - ok
21:28:05.0812 1764 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:28:06.0015 1764 perc2hib - ok
21:28:06.0187 1764 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:28:06.0390 1764 PptpMiniport - ok
21:28:06.0421 1764 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:28:06.0640 1764 PSched - ok
21:28:06.0703 1764 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:28:06.0921 1764 Ptilink - ok
21:28:06.0968 1764 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:28:07.0171 1764 PxHelp20 - ok
21:28:07.0218 1764 QCFilterhp (0cd1962f0577d96a076c499dbf9fee84) C:\WINDOWS\system32\DRIVERS\qcfilterhp.sys
21:28:07.0437 1764 QCFilterhp - ok
21:28:07.0468 1764 qcusbnethp (f6f7657639f8a5831e8e8d8cb4480a6c) C:\WINDOWS\system32\DRIVERS\qcusbnethp.sys
21:28:07.0687 1764 qcusbnethp - ok
21:28:07.0734 1764 qcusbserhp (b8030aeecdbdf68894810c6910291035) C:\WINDOWS\system32\DRIVERS\qcusbserhp.sys
21:28:07.0953 1764 qcusbserhp - ok
21:28:08.0000 1764 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:28:08.0218 1764 ql1080 - ok
21:28:08.0437 1764 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:28:08.0687 1764 Ql10wnt - ok
21:28:08.0765 1764 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:28:09.0046 1764 ql12160 - ok
21:28:09.0062 1764 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:28:09.0312 1764 ql1240 - ok
21:28:09.0453 1764 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:28:09.0734 1764 ql1280 - ok
21:28:09.0828 1764 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:28:10.0062 1764 RasAcd - ok
21:28:10.0218 1764 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:28:10.0500 1764 Rasl2tp - ok
21:28:10.0796 1764 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:28:11.0109 1764 RasPppoe - ok
21:28:11.0296 1764 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:28:11.0515 1764 Raspti - ok
21:28:11.0609 1764 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:28:11.0812 1764 Rdbss - ok
21:28:11.0859 1764 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:28:12.0062 1764 RDPCDD - ok
21:28:12.0140 1764 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:28:12.0343 1764 rdpdr - ok
21:28:12.0515 1764 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:28:12.0718 1764 RDPWD - ok
21:28:12.0781 1764 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:28:12.0984 1764 redbook - ok
21:28:13.0062 1764 rkyclvmm - ok
21:28:13.0171 1764 SahdIa32 (0b2d5d2341437d7d7e1a6c7bbce3786a) C:\WINDOWS\system32\Drivers\SahdIa32.sys
21:28:13.0406 1764 SahdIa32 - ok
21:28:13.0437 1764 SaibIa32 (7a5f65b16249af2bc9d18d815f5d7172) C:\WINDOWS\system32\Drivers\SaibIa32.sys
21:28:13.0671 1764 SaibIa32 - ok
21:28:13.0687 1764 SaibVd32 (e333c9515822de586a3ff759a0c9b7bf) C:\WINDOWS\system32\Drivers\SaibVd32.sys
21:28:13.0937 1764 SaibVd32 - ok
21:28:14.0031 1764 SBRE (c1ae5d1f53285d79a0b73a62af20734f) C:\WINDOWS\system32\drivers\SBREdrv.sys
21:28:14.0281 1764 SBRE - ok
21:28:14.0453 1764 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
21:28:14.0703 1764 sdbus - ok
21:28:14.0718 1764 sebfozqy - ok
21:28:14.0781 1764 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:28:15.0015 1764 Secdrv - ok
21:28:15.0093 1764 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
21:28:15.0328 1764 Serial - ok
21:28:15.0531 1764 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:28:15.0765 1764 Sfloppy - ok
21:28:15.0812 1764 Simbad - ok
21:28:15.0890 1764 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:28:16.0140 1764 sisagp - ok
21:28:16.0187 1764 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:28:16.0421 1764 SLIP - ok
21:28:16.0578 1764 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
21:28:16.0734 1764 SMSIVZAM5 - ok
21:28:16.0890 1764 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:28:17.0140 1764 Sparrow - ok
21:28:17.0203 1764 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:28:17.0437 1764 splitter - ok
21:28:17.0484 1764 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:28:17.0734 1764 sr - ok
21:28:17.0812 1764 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:28:18.0062 1764 Srv - ok
21:28:18.0218 1764 STHDA (0fa55f3ea8a0428ae296ab78a9a5067a) C:\WINDOWS\system32\drivers\sthda.sys
21:28:18.0484 1764 STHDA - ok
21:28:18.0640 1764 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:28:18.0875 1764 streamip - ok
21:28:18.0937 1764 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:28:19.0171 1764 swenum - ok
21:28:19.0234 1764 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:28:19.0468 1764 swmidi - ok
21:28:19.0531 1764 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
21:28:19.0765 1764 symc810 - ok
21:28:19.0796 1764 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:28:20.0031 1764 symc8xx - ok
21:28:20.0046 1764 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:28:20.0281 1764 sym_hi - ok
21:28:20.0312 1764 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:28:20.0546 1764 sym_u3 - ok
21:28:20.0609 1764 SynTP (aee6e411a915f50101895ba8dc5c15d4) C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:28:20.0843 1764 SynTP - ok
21:28:21.0015 1764 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:28:21.0250 1764 sysaudio - ok
21:28:21.0312 1764 SysCow (806284d876063ce0395c178124e708d3) C:\WINDOWS\system32\drivers\syscow32x.sys
21:28:21.0562 1764 SysCow - ok
21:28:21.0671 1764 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:28:22.0046 1764 Tcpip - ok
21:28:22.0156 1764 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:28:22.0421 1764 TDPIPE - ok
21:28:22.0453 1764 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:28:22.0734 1764 TDTCP - ok
21:28:22.0781 1764 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:28:23.0062 1764 TermDD - ok
21:28:23.0125 1764 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
21:28:23.0406 1764 TosIde - ok
21:28:23.0484 1764 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:28:23.0765 1764 Udfs - ok
21:28:23.0781 1764 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
21:28:24.0062 1764 ultra - ok
21:28:24.0109 1764 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:28:24.0406 1764 Update - ok
21:28:24.0656 1764 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:28:24.0921 1764 usbaudio - ok
21:28:24.0984 1764 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:28:25.0250 1764 usbccgp - ok
21:28:25.0328 1764 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:28:25.0593 1764 usbehci - ok
21:28:25.0609 1764 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:28:25.0890 1764 usbhub - ok
21:28:25.0937 1764 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:28:26.0203 1764 usbprint - ok
21:28:26.0312 1764 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:28:26.0593 1764 usbscan - ok
21:28:26.0656 1764 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:28:26.0921 1764 USBSTOR - ok
21:28:26.0984 1764 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:28:27.0250 1764 usbuhci - ok
21:28:27.0328 1764 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
21:28:27.0609 1764 usbvideo - ok
21:28:27.0671 1764 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:28:27.0937 1764 VgaSave - ok
21:28:28.0062 1764 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:28:28.0343 1764 viaagp - ok
21:28:28.0359 1764 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
21:28:28.0640 1764 ViaIde - ok
21:28:28.0656 1764 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:28:28.0953 1764 VolSnap - ok
21:28:29.0062 1764 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:28:29.0343 1764 Wanarp - ok
21:28:29.0437 1764 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
21:28:29.0718 1764 Wdf01000 - ok
21:28:29.0750 1764 WDICA - ok
21:28:29.0796 1764 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:28:30.0093 1764 wdmaud - ok
21:28:30.0312 1764 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:28:30.0593 1764 WmiAcpi - ok
21:28:30.0718 1764 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:28:31.0015 1764 WSTCODEC - ok
21:28:31.0078 1764 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:28:31.0375 1764 WudfPf - ok
21:28:31.0406 1764 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:28:31.0687 1764 WudfRd - ok
21:28:31.0750 1764 wxsdfxrx - ok
21:28:31.0890 1764 yukonwxp (849494d3f85a45231744ca7470246c71) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
21:28:32.0203 1764 yukonwxp - ok
21:28:32.0250 1764 zfmovjsv - ok
21:28:32.0375 1764 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk0\DR0
21:28:32.0671 1764 \Device\Harddisk0\DR0 - ok
21:28:32.0687 1764 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR2
21:28:33.0296 1764 \Device\Harddisk1\DR2 - ok
21:28:33.0312 1764 Boot (0x1200) (f2d1e6f246bcbabb69fd551bc737eb85) \Device\Harddisk0\DR0\Partition0
21:28:33.0312 1764 \Device\Harddisk0\DR0\Partition0 - ok
21:28:33.0343 1764 Boot (0x1200) (37470a7f5001d76331da9cdd243c5f57) \Device\Harddisk1\DR2\Partition0
21:28:33.0343 1764 \Device\Harddisk1\DR2\Partition0 - ok
21:28:33.0359 1764 ============================================================
21:28:33.0359 1764 Scan finished
21:28:33.0359 1764 ============================================================
21:28:33.0421 1752 Detected object count: 0
21:28:33.0421 1752 Actual detected object count: 0
21:28:39.0968 0900 Deinitialize success
21:26:51.0562 1012 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
21:26:52.0546 1012 ============================================================
21:26:52.0546 1012 Current date / time: 2011/12/29 21:26:52.0546
21:26:52.0546 1012 SystemInfo:
21:26:52.0546 1012
21:26:52.0546 1012 OS Version: 5.1.2600 ServicePack: 3.0
21:26:52.0546 1012 Product type: Workstation
21:26:52.0546 1012 ComputerName: PC114941193148
21:26:52.0546 1012 UserName: Administrator
21:26:52.0546 1012 Windows directory: C:\WINDOWS
21:26:52.0546 1012 System windows directory: C:\WINDOWS
21:26:52.0546 1012 Processor architecture: Intel x86
21:26:52.0546 1012 Number of processors: 2
21:26:52.0546 1012 Page size: 0x1000
21:26:52.0546 1012 Boot type: Safe boot with network
21:26:52.0546 1012 ============================================================
21:26:57.0437 1012 Initialize success
21:27:39.0093 1764 ============================================================
21:27:39.0093 1764 Scan started
21:27:39.0093 1764 Mode: Manual;
21:27:39.0093 1764 ============================================================
21:27:40.0546 1764 Abiosdsk - ok
21:27:40.0625 1764 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:27:40.0656 1764 abp480n5 - ok
21:27:40.0734 1764 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:27:40.0765 1764 ACPI - ok
21:27:40.0781 1764 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:27:40.0828 1764 ACPIEC - ok
21:27:40.0859 1764 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:27:40.0906 1764 adpu160m - ok
21:27:41.0000 1764 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:27:41.0031 1764 aec - ok
21:27:41.0078 1764 AESTAud (20f078136f3bdc4c0405c0527b769303) C:\WINDOWS\system32\drivers\AESTAud.sys
21:27:41.0125 1764 AESTAud - ok
21:27:41.0281 1764 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
21:27:41.0328 1764 AFD - ok
21:27:41.0375 1764 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
21:27:41.0437 1764 agp440 - ok
21:27:41.0453 1764 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:27:41.0500 1764 agpCPQ - ok
21:27:41.0515 1764 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:27:41.0546 1764 Aha154x - ok
21:27:41.0593 1764 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:27:41.0640 1764 aic78u2 - ok
21:27:41.0656 1764 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:27:41.0703 1764 aic78xx - ok
21:27:41.0765 1764 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
21:27:41.0796 1764 AliIde - ok
21:27:41.0812 1764 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:27:41.0859 1764 alim1541 - ok
21:27:41.0875 1764 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:27:41.0921 1764 amdagp - ok
21:27:41.0953 1764 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
21:27:41.0984 1764 amsint - ok
21:27:42.0046 1764 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:27:42.0093 1764 Arp1394 - ok
21:27:42.0218 1764 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
21:27:42.0250 1764 asc - ok
21:27:42.0265 1764 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:27:42.0312 1764 asc3350p - ok
21:27:42.0328 1764 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:27:42.0375 1764 asc3550 - ok
21:27:42.0484 1764 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:27:42.0515 1764 AsyncMac - ok
21:27:42.0546 1764 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:27:42.0593 1764 atapi - ok
21:27:42.0609 1764 Atdisk - ok
21:27:42.0656 1764 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:27:42.0687 1764 Atmarpc - ok
21:27:42.0750 1764 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:27:42.0781 1764 audstub - ok
21:27:42.0921 1764 BCM43XX (c89327377d4b62dc792e8930ea55f571) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
21:27:42.0984 1764 BCM43XX - ok
21:27:43.0140 1764 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:27:43.0171 1764 Beep - ok
21:27:43.0296 1764 btaudio (4b43dfe1c1fbb305a1dc5504ef9bb34e) C:\WINDOWS\system32\drivers\btaudio.sys
21:27:43.0390 1764 btaudio - ok
21:27:43.0421 1764 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
21:27:43.0484 1764 BTDriver - ok
21:27:43.0578 1764 BTKRNL (70455baffc078b6152d1e52376296467) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
21:27:43.0687 1764 BTKRNL - ok
21:27:43.0890 1764 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
21:27:43.0968 1764 BTWDNDIS - ok
21:27:43.0984 1764 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys
21:27:44.0062 1764 btwhid - ok
21:27:44.0078 1764 BTWUSB (2cfc2bd8785f82a42fcad83de1fa5a36) C:\WINDOWS\system32\Drivers\btwusb.sys
21:27:44.0156 1764 BTWUSB - ok
21:27:44.0203 1764 bwsjnqxo - ok
21:27:44.0234 1764 catchme - ok
21:27:44.0312 1764 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:27:44.0390 1764 cbidf - ok
21:27:44.0406 1764 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:27:44.0468 1764 cbidf2k - ok
21:27:44.0531 1764 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:27:44.0609 1764 CCDECODE - ok
21:27:44.0718 1764 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:27:44.0796 1764 cd20xrnt - ok
21:27:44.0843 1764 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:27:44.0921 1764 Cdaudio - ok
21:27:44.0968 1764 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:27:45.0046 1764 Cdfs - ok
21:27:45.0062 1764 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:27:45.0140 1764 Cdrom - ok
21:27:45.0156 1764 Changer - ok
21:27:45.0250 1764 CisUtMonitor (03809544b21d43b1f40de67215d4153a) C:\WINDOWS\system32\DRIVERS\CisUtMonitor.sys
21:27:45.0312 1764 CisUtMonitor - ok
21:27:45.0390 1764 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:27:45.0468 1764 CmBatt - ok
21:27:45.0515 1764 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:27:45.0593 1764 CmdIde - ok
21:27:45.0609 1764 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:27:45.0687 1764 Compbatt - ok
21:27:45.0859 1764 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:27:45.0937 1764 Cpqarray - ok
21:27:46.0000 1764 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:27:46.0078 1764 dac2w2k - ok
21:27:46.0109 1764 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:27:46.0171 1764 dac960nt - ok
21:27:46.0250 1764 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:27:46.0312 1764 Disk - ok
21:27:46.0406 1764 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:27:46.0484 1764 dmboot - ok
21:27:46.0515 1764 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:27:46.0593 1764 dmio - ok
21:27:46.0625 1764 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:27:46.0703 1764 dmload - ok
21:27:46.0765 1764 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:27:46.0875 1764 DMusic - ok
21:27:47.0062 1764 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:27:47.0171 1764 dpti2o - ok
21:27:47.0187 1764 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:27:47.0281 1764 drmkaud - ok
21:27:47.0437 1764 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:27:47.0531 1764 Fastfat - ok
21:27:47.0593 1764 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:27:47.0703 1764 Fdc - ok
21:27:47.0718 1764 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:27:47.0828 1764 Fips - ok
21:27:47.0859 1764 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:27:47.0953 1764 Flpydisk - ok
21:27:47.0984 1764 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:27:48.0093 1764 FltMgr - ok
21:27:48.0140 1764 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:27:48.0234 1764 Fs_Rec - ok
21:27:48.0265 1764 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:27:48.0375 1764 Ftdisk - ok
21:27:48.0421 1764 fwizvaqm - ok
21:27:48.0578 1764 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:27:48.0718 1764 Gpc - ok
21:27:48.0812 1764 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:27:48.0906 1764 HDAudBus - ok
21:27:49.0000 1764 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:27:49.0109 1764 HidUsb - ok
21:27:49.0171 1764 hitmanpro35 (72472b9ce5d02e443cff49a40355455d) C:\WINDOWS\system32\drivers\hitmanpro35.sys
21:27:49.0281 1764 hitmanpro35 - ok
21:27:49.0343 1764 hmpbgvsn - ok
21:27:49.0531 1764 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
21:27:49.0640 1764 hpn - ok
21:27:49.0750 1764 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:27:49.0859 1764 HPZid412 - ok
21:27:49.0937 1764 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:27:50.0046 1764 HPZipr12 - ok
21:27:50.0078 1764 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:27:50.0187 1764 HPZius12 - ok
21:27:50.0250 1764 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:27:50.0359 1764 HTTP - ok
21:27:50.0500 1764 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
21:27:50.0593 1764 i2omgmt - ok
21:27:50.0656 1764 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:27:50.0765 1764 i2omp - ok
21:27:50.0812 1764 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:27:50.0921 1764 i8042prt - ok
21:27:51.0250 1764 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:27:51.0656 1764 ialm - ok
21:27:51.0859 1764 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:27:51.0984 1764 Imapi - ok
21:27:52.0093 1764 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:27:52.0218 1764 ini910u - ok
21:27:52.0250 1764 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:27:52.0390 1764 IntelIde - ok
21:27:52.0421 1764 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:27:52.0562 1764 intelppm - ok
21:27:52.0640 1764 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:27:52.0765 1764 Ip6Fw - ok
21:27:52.0812 1764 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:27:52.0937 1764 IpFilterDriver - ok
21:27:52.0968 1764 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:27:53.0109 1764 IpInIp - ok
21:27:53.0156 1764 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:27:53.0296 1764 IpNat - ok
21:27:53.0421 1764 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:27:53.0562 1764 IPSec - ok
21:27:53.0593 1764 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:27:53.0734 1764 IRENUM - ok
21:27:53.0812 1764 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:27:53.0953 1764 isapnp - ok
21:27:53.0984 1764 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:27:54.0125 1764 Kbdclass - ok
21:27:54.0156 1764 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:27:54.0296 1764 kmixer - ok
21:27:54.0343 1764 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:27:54.0484 1764 KSecDD - ok
21:27:54.0609 1764 lbrtfdc - ok
21:27:54.0703 1764 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
21:27:54.0843 1764 MBAMProtector - ok
21:27:54.0937 1764 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:27:55.0062 1764 mnmdd - ok
21:27:55.0109 1764 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:27:55.0250 1764 Modem - ok
21:27:55.0312 1764 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:27:55.0437 1764 Mouclass - ok
21:27:55.0515 1764 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:27:55.0640 1764 mouhid - ok
21:27:55.0703 1764 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:27:55.0843 1764 MountMgr - ok
21:27:55.0937 1764 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:27:56.0078 1764 MpFilter - ok
21:27:56.0156 1764 MpKsl01511777 - ok
21:27:56.0187 1764 MpKsl024ee902 - ok
21:27:56.0218 1764 MpKsl092cdcd0 - ok
21:27:56.0250 1764 MpKsl181274b3 - ok
21:27:56.0296 1764 MpKsl19d11d02 - ok
21:27:56.0328 1764 MpKsl1bdaee21 - ok
21:27:56.0343 1764 MpKsl2226132c - ok
21:27:56.0375 1764 MpKsl25f89b5e - ok
21:27:56.0421 1764 MpKsl2bef0671 - ok
21:27:56.0453 1764 MpKsl316e2d3e - ok
21:27:56.0484 1764 MpKsl34819e1d - ok
21:27:56.0515 1764 MpKsl370aecc5 - ok
21:27:56.0562 1764 MpKsl401656f4 - ok
21:27:56.0593 1764 MpKsl4562e2df - ok
21:27:56.0625 1764 MpKsl498fa5ba - ok
21:27:56.0656 1764 MpKsl556578ab - ok
21:27:56.0687 1764 MpKsl565317aa - ok
21:27:56.0718 1764 MpKsl616a52d2 - ok
21:27:56.0750 1764 MpKsl6456fd3c - ok
21:27:56.0781 1764 MpKsl7371cd0c - ok
21:27:56.0812 1764 MpKsl74924ba6 - ok
21:27:56.0843 1764 MpKsl75a592a5 - ok
21:27:56.0875 1764 MpKsl7f42012b - ok
21:27:56.0890 1764 MpKsl8372bc00 - ok
21:27:56.0921 1764 MpKsl840a4db8 - ok
21:27:56.0953 1764 MpKsl86507b7a - ok
21:27:56.0984 1764 MpKsl88596b33 - ok
21:27:57.0015 1764 MpKsl908689c5 - ok
21:27:57.0093 1764 MpKsla66a8685 - ok
21:27:57.0125 1764 MpKsla95d4954 - ok
21:27:57.0156 1764 MpKslbb585c08 - ok
21:27:57.0187 1764 MpKslc53defa1 - ok
21:27:57.0250 1764 MpKslcb791dca (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKslcb791dca.sys
21:27:57.0265 1764 MpKslcb791dca - ok
21:27:57.0281 1764 MpKsld12f1c17 - ok
21:27:57.0312 1764 MpKsld4feac4d - ok
21:27:57.0359 1764 MpKsldad52135 - ok
21:27:57.0375 1764 MpKsle330df6d - ok
21:27:57.0406 1764 MpKsle43e50ca - ok
21:27:57.0437 1764 MpKsleaa2494a - ok
21:27:57.0468 1764 MpKsled8c18f8 - ok
21:27:57.0640 1764 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:27:57.0781 1764 mraid35x - ok
21:27:57.0812 1764 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:27:57.0953 1764 MRxDAV - ok
21:27:58.0031 1764 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:27:58.0187 1764 MRxSmb - ok
21:27:58.0218 1764 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:27:58.0359 1764 Msfs - ok
21:27:58.0437 1764 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:27:58.0609 1764 MSKSSRV - ok
21:27:58.0750 1764 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:27:58.0921 1764 MSPCLOCK - ok
21:27:58.0953 1764 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:27:59.0125 1764 MSPQM - ok
21:27:59.0187 1764 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:27:59.0359 1764 mssmbios - ok
21:27:59.0406 1764 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:27:59.0578 1764 MSTEE - ok
21:27:59.0640 1764 muaxuehl - ok
21:27:59.0750 1764 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:27:59.0921 1764 Mup - ok
21:28:00.0031 1764 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:28:00.0218 1764 NABTSFEC - ok
21:28:00.0296 1764 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:28:00.0468 1764 NDIS - ok
21:28:00.0515 1764 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:28:00.0687 1764 NdisIP - ok
21:28:00.0750 1764 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:28:00.0921 1764 NdisTapi - ok
21:28:00.0968 1764 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:28:01.0140 1764 Ndisuio - ok
21:28:01.0156 1764 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:28:01.0343 1764 NdisWan - ok
21:28:01.0406 1764 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:28:01.0562 1764 NDProxy - ok
21:28:01.0703 1764 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:28:01.0875 1764 NetBIOS - ok
21:28:01.0953 1764 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:28:02.0125 1764 NetBT - ok
21:28:02.0250 1764 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:28:02.0437 1764 NIC1394 - ok
21:28:02.0468 1764 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:28:02.0640 1764 Npfs - ok
21:28:02.0703 1764 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:28:02.0890 1764 Ntfs - ok
21:28:03.0031 1764 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
21:28:03.0203 1764 NuidFltr - ok
21:28:03.0250 1764 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:28:03.0421 1764 Null - ok
21:28:03.0453 1764 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:28:03.0625 1764 NwlnkFlt - ok
21:28:03.0656 1764 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:28:03.0828 1764 NwlnkFwd - ok
21:28:03.0875 1764 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:28:04.0046 1764 ohci1394 - ok
21:28:04.0125 1764 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
21:28:04.0296 1764 Parport - ok
21:28:04.0390 1764 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:28:04.0562 1764 PartMgr - ok
21:28:04.0593 1764 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:28:04.0765 1764 ParVdm - ok
21:28:04.0796 1764 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:28:04.0968 1764 PCI - ok
21:28:04.0984 1764 PCIDump - ok
21:28:05.0015 1764 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:28:05.0218 1764 PCIIde - ok
21:28:05.0250 1764 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:28:05.0468 1764 Pcmcia - ok
21:28:05.0484 1764 PDCOMP - ok
21:28:05.0515 1764 PDFRAME - ok
21:28:05.0546 1764 PDRELI - ok
21:28:05.0578 1764 PDRFRAME - ok
21:28:05.0593 1764 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
21:28:05.0796 1764 perc2 - ok
21:28:05.0812 1764 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:28:06.0015 1764 perc2hib - ok
21:28:06.0187 1764 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:28:06.0390 1764 PptpMiniport - ok
21:28:06.0421 1764 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:28:06.0640 1764 PSched - ok
21:28:06.0703 1764 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:28:06.0921 1764 Ptilink - ok
21:28:06.0968 1764 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:28:07.0171 1764 PxHelp20 - ok
21:28:07.0218 1764 QCFilterhp (0cd1962f0577d96a076c499dbf9fee84) C:\WINDOWS\system32\DRIVERS\qcfilterhp.sys
21:28:07.0437 1764 QCFilterhp - ok
21:28:07.0468 1764 qcusbnethp (f6f7657639f8a5831e8e8d8cb4480a6c) C:\WINDOWS\system32\DRIVERS\qcusbnethp.sys
21:28:07.0687 1764 qcusbnethp - ok
21:28:07.0734 1764 qcusbserhp (b8030aeecdbdf68894810c6910291035) C:\WINDOWS\system32\DRIVERS\qcusbserhp.sys
21:28:07.0953 1764 qcusbserhp - ok
21:28:08.0000 1764 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:28:08.0218 1764 ql1080 - ok
21:28:08.0437 1764 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:28:08.0687 1764 Ql10wnt - ok
21:28:08.0765 1764 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:28:09.0046 1764 ql12160 - ok
21:28:09.0062 1764 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:28:09.0312 1764 ql1240 - ok
21:28:09.0453 1764 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:28:09.0734 1764 ql1280 - ok
21:28:09.0828 1764 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:28:10.0062 1764 RasAcd - ok
21:28:10.0218 1764 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:28:10.0500 1764 Rasl2tp - ok
21:28:10.0796 1764 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:28:11.0109 1764 RasPppoe - ok
21:28:11.0296 1764 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:28:11.0515 1764 Raspti - ok
21:28:11.0609 1764 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:28:11.0812 1764 Rdbss - ok
21:28:11.0859 1764 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:28:12.0062 1764 RDPCDD - ok
21:28:12.0140 1764 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:28:12.0343 1764 rdpdr - ok
21:28:12.0515 1764 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:28:12.0718 1764 RDPWD - ok
21:28:12.0781 1764 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:28:12.0984 1764 redbook - ok
21:28:13.0062 1764 rkyclvmm - ok
21:28:13.0171 1764 SahdIa32 (0b2d5d2341437d7d7e1a6c7bbce3786a) C:\WINDOWS\system32\Drivers\SahdIa32.sys
21:28:13.0406 1764 SahdIa32 - ok
21:28:13.0437 1764 SaibIa32 (7a5f65b16249af2bc9d18d815f5d7172) C:\WINDOWS\system32\Drivers\SaibIa32.sys
21:28:13.0671 1764 SaibIa32 - ok
21:28:13.0687 1764 SaibVd32 (e333c9515822de586a3ff759a0c9b7bf) C:\WINDOWS\system32\Drivers\SaibVd32.sys
21:28:13.0937 1764 SaibVd32 - ok
21:28:14.0031 1764 SBRE (c1ae5d1f53285d79a0b73a62af20734f) C:\WINDOWS\system32\drivers\SBREdrv.sys
21:28:14.0281 1764 SBRE - ok
21:28:14.0453 1764 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
21:28:14.0703 1764 sdbus - ok
21:28:14.0718 1764 sebfozqy - ok
21:28:14.0781 1764 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:28:15.0015 1764 Secdrv - ok
21:28:15.0093 1764 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
21:28:15.0328 1764 Serial - ok
21:28:15.0531 1764 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:28:15.0765 1764 Sfloppy - ok
21:28:15.0812 1764 Simbad - ok
21:28:15.0890 1764 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:28:16.0140 1764 sisagp - ok
21:28:16.0187 1764 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:28:16.0421 1764 SLIP - ok
21:28:16.0578 1764 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
21:28:16.0734 1764 SMSIVZAM5 - ok
21:28:16.0890 1764 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:28:17.0140 1764 Sparrow - ok
21:28:17.0203 1764 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:28:17.0437 1764 splitter - ok
21:28:17.0484 1764 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:28:17.0734 1764 sr - ok
21:28:17.0812 1764 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:28:18.0062 1764 Srv - ok
21:28:18.0218 1764 STHDA (0fa55f3ea8a0428ae296ab78a9a5067a) C:\WINDOWS\system32\drivers\sthda.sys
21:28:18.0484 1764 STHDA - ok
21:28:18.0640 1764 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:28:18.0875 1764 streamip - ok
21:28:18.0937 1764 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:28:19.0171 1764 swenum - ok
21:28:19.0234 1764 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:28:19.0468 1764 swmidi - ok
21:28:19.0531 1764 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
21:28:19.0765 1764 symc810 - ok
21:28:19.0796 1764 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:28:20.0031 1764 symc8xx - ok
21:28:20.0046 1764 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:28:20.0281 1764 sym_hi - ok
21:28:20.0312 1764 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:28:20.0546 1764 sym_u3 - ok
21:28:20.0609 1764 SynTP (aee6e411a915f50101895ba8dc5c15d4) C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:28:20.0843 1764 SynTP - ok
21:28:21.0015 1764 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:28:21.0250 1764 sysaudio - ok
21:28:21.0312 1764 SysCow (806284d876063ce0395c178124e708d3) C:\WINDOWS\system32\drivers\syscow32x.sys
21:28:21.0562 1764 SysCow - ok
21:28:21.0671 1764 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:28:22.0046 1764 Tcpip - ok
21:28:22.0156 1764 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:28:22.0421 1764 TDPIPE - ok
21:28:22.0453 1764 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:28:22.0734 1764 TDTCP - ok
21:28:22.0781 1764 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:28:23.0062 1764 TermDD - ok
21:28:23.0125 1764 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
21:28:23.0406 1764 TosIde - ok
21:28:23.0484 1764 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:28:23.0765 1764 Udfs - ok
21:28:23.0781 1764 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
21:28:24.0062 1764 ultra - ok
21:28:24.0109 1764 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:28:24.0406 1764 Update - ok
21:28:24.0656 1764 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:28:24.0921 1764 usbaudio - ok
21:28:24.0984 1764 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:28:25.0250 1764 usbccgp - ok
21:28:25.0328 1764 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:28:25.0593 1764 usbehci - ok
21:28:25.0609 1764 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:28:25.0890 1764 usbhub - ok
21:28:25.0937 1764 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:28:26.0203 1764 usbprint - ok
21:28:26.0312 1764 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:28:26.0593 1764 usbscan - ok
21:28:26.0656 1764 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:28:26.0921 1764 USBSTOR - ok
21:28:26.0984 1764 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:28:27.0250 1764 usbuhci - ok
21:28:27.0328 1764 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
21:28:27.0609 1764 usbvideo - ok
21:28:27.0671 1764 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:28:27.0937 1764 VgaSave - ok
21:28:28.0062 1764 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:28:28.0343 1764 viaagp - ok
21:28:28.0359 1764 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
21:28:28.0640 1764 ViaIde - ok
21:28:28.0656 1764 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:28:28.0953 1764 VolSnap - ok
21:28:29.0062 1764 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:28:29.0343 1764 Wanarp - ok
21:28:29.0437 1764 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
21:28:29.0718 1764 Wdf01000 - ok
21:28:29.0750 1764 WDICA - ok
21:28:29.0796 1764 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:28:30.0093 1764 wdmaud - ok
21:28:30.0312 1764 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:28:30.0593 1764 WmiAcpi - ok
21:28:30.0718 1764 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:28:31.0015 1764 WSTCODEC - ok
21:28:31.0078 1764 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:28:31.0375 1764 WudfPf - ok
21:28:31.0406 1764 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:28:31.0687 1764 WudfRd - ok
21:28:31.0750 1764 wxsdfxrx - ok
21:28:31.0890 1764 yukonwxp (849494d3f85a45231744ca7470246c71) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
21:28:32.0203 1764 yukonwxp - ok
21:28:32.0250 1764 zfmovjsv - ok
21:28:32.0375 1764 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk0\DR0
21:28:32.0671 1764 \Device\Harddisk0\DR0 - ok
21:28:32.0687 1764 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR2
21:28:33.0296 1764 \Device\Harddisk1\DR2 - ok
21:28:33.0312 1764 Boot (0x1200) (f2d1e6f246bcbabb69fd551bc737eb85) \Device\Harddisk0\DR0\Partition0
21:28:33.0312 1764 \Device\Harddisk0\DR0\Partition0 - ok
21:28:33.0343 1764 Boot (0x1200) (37470a7f5001d76331da9cdd243c5f57) \Device\Harddisk1\DR2\Partition0
21:28:33.0343 1764 \Device\Harddisk1\DR2\Partition0 - ok
21:28:33.0359 1764 ============================================================
21:28:33.0359 1764 Scan finished
21:28:33.0359 1764 ============================================================
21:28:33.0421 1752 Detected object count: 0
21:28:33.0421 1752 Actual detected object count: 0
21:28:39.0968 0900 Deinitialize success
Connor.S
New Member
Here is the ComboFix log after running it with the last script you posted..
ComboFix 11-12-29.05 - Administrator 12/29/2011 21:32:40.4.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.772 [GMT -8:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-30 )))))))))))))))))))))))))))))))
.
.
2011-12-30 04:35 . 2011-12-30 04:35 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKslcb791dca.sys
2011-12-30 04:35 . 2011-12-30 05:24 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\offreg.dll
2011-12-30 03:16 . 2011-11-30 10:21 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\mpengine.dll
2011-12-30 00:36 . 2011-12-30 00:36 388096 ----a-r- c:\documents and settings\Allyson\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-30 00:35 . 2011-12-30 00:35 -------- d-----w- c:\program files\Trend Micro
2011-12-30 00:34 . 2011-12-30 00:34 0 ----a-w- c:\documents and settings\Allyson\HiJackThis.msi
2011-12-29 21:40 . 2011-12-29 21:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2011-12-28 00:08 . 2011-12-28 04:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-15 . 2E17260C4889F47F71E2B33CD13F7F3D . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-12-29_22.15.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-24 17:26 . 2011-12-29 21:30 71488 c:\windows\system32\perfc009.dat
+ 2008-06-24 17:26 . 2011-12-30 05:28 71488 c:\windows\system32\perfc009.dat
+ 2008-06-24 17:26 . 2011-12-30 05:28 441552 c:\windows\system32\perfh009.dat
- 2008-06-24 17:26 . 2011-12-29 21:30 441552 c:\windows\system32\perfh009.dat
+ 2011-12-30 00:36 . 2011-12-30 00:36 1094656 c:\windows\Installer\211ed5.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Allyson^Start Menu^Programs^Startup^HP SimpleSave Monitor.lnk]
path=c:\documents and settings\Allyson\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
backup=c:\windows\pss\HP SimpleSave Monitor.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 12:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2008-12-03 02:57 729088 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppVodBurner]
2010-10-29 16:06 4980736 ----a-w- c:\program files\VodBurner\vodburner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTBFirstRun]
2008-11-07 21:31 24576 ----a-w- c:\program files\Hewlett-Packard\SDP\HPRun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CarboniteSetupLite]
2009-08-04 07:49 318096 ----a-w- c:\program files\Carbonite\CarbonitePreinstaller.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-15 04:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-15 13:46 159744 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2008-04-15 22:51 488752 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-15 13:46 135168 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-09-01 01:00 449608 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-12-18 18:24 197928 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2011-06-15 22:16 997920 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-15 13:46 131072 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-07-16 01:21 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-12-04 22:54 1410344 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2008-09-11 11:00 446556 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-03-17 07:27 273544 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [3/9/2009 3:00 AM 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [3/9/2009 3:00 AM 15856]
R0 SysCow;SysCow;c:\windows\system32\drivers\syscow32x.sys [9/24/2008 10:09 PM 103792]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [9/19/2011 3:48 PM 98392]
S1 MpKsl01511777;MpKsl01511777;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys [?]
S1 MpKsl024ee902;MpKsl024ee902;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys [?]
S1 MpKsl092cdcd0;MpKsl092cdcd0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys [?]
S1 MpKsl181274b3;MpKsl181274b3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys [?]
S1 MpKsl19d11d02;MpKsl19d11d02;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys [?]
S1 MpKsl1bdaee21;MpKsl1bdaee21;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys [?]
S1 MpKsl2226132c;MpKsl2226132c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys [?]
S1 MpKsl25f89b5e;MpKsl25f89b5e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys [?]
S1 MpKsl2bef0671;MpKsl2bef0671;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys [?]
S1 MpKsl316e2d3e;MpKsl316e2d3e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys [?]
S1 MpKsl34819e1d;MpKsl34819e1d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys [?]
S1 MpKsl370aecc5;MpKsl370aecc5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys [?]
S1 MpKsl401656f4;MpKsl401656f4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys [?]
S1 MpKsl4562e2df;MpKsl4562e2df;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys [?]
S1 MpKsl498fa5ba;MpKsl498fa5ba;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys [?]
S1 MpKsl556578ab;MpKsl556578ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys [?]
S1 MpKsl565317aa;MpKsl565317aa;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys [?]
S1 MpKsl616a52d2;MpKsl616a52d2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys [?]
S1 MpKsl6456fd3c;MpKsl6456fd3c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys [?]
S1 MpKsl7371cd0c;MpKsl7371cd0c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys [?]
S1 MpKsl74924ba6;MpKsl74924ba6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys [?]
S1 MpKsl75a592a5;MpKsl75a592a5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys [?]
S1 MpKsl7f42012b;MpKsl7f42012b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys [?]
S1 MpKsl8372bc00;MpKsl8372bc00;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys [?]
S1 MpKsl840a4db8;MpKsl840a4db8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys [?]
S1 MpKsl86507b7a;MpKsl86507b7a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys [?]
S1 MpKsl88596b33;MpKsl88596b33;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys [?]
S1 MpKsl908689c5;MpKsl908689c5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys [?]
S1 MpKsla66a8685;MpKsla66a8685;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys [?]
S1 MpKsla95d4954;MpKsla95d4954;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys [?]
S1 MpKslbb585c08;MpKslbb585c08;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys [?]
S1 MpKslc53defa1;MpKslc53defa1;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys [?]
S1 MpKslcb791dca;MpKslcb791dca;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKslcb791dca.sys [12/29/2011 8:35 PM 29904]
S1 MpKsld12f1c17;MpKsld12f1c17;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys [?]
S1 MpKsld4feac4d;MpKsld4feac4d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys [?]
S1 MpKsldad52135;MpKsldad52135;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys [?]
S1 MpKsle330df6d;MpKsle330df6d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys [?]
S1 MpKsle43e50ca;MpKsle43e50ca;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys [?]
S1 MpKsleaa2494a;MpKsleaa2494a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys [?]
S1 MpKsled8c18f8;MpKsled8c18f8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys [?]
S1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [3/9/2009 3:00 AM 25584]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [12/11/2008 10:46 PM 125424]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [12/18/2009 10:25 AM 189736]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/27/2011 6:18 PM 366152]
S2 QDLService;Qualcomm Gobi Download Service;c:\qualcomm\QDLService\QDLService.exe [1/14/2009 6:56 AM 345336]
S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [3/9/2009 2:33 AM 112128]
S3 CisUtMonitor;CisUtMonitor;c:\windows\system32\drivers\CisUtMonitor.sys [12/27/2011 6:12 PM 27600]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [9/20/2011 12:24 PM 23624]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/27/2011 6:18 PM 22216]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]
S3 QCFilterhp;HP USB Composite Device Filter Driver;c:\windows\system32\drivers\qcfilterhp.sys [3/9/2009 2:34 AM 5248]
S3 qcusbnethp;HP USB-NDIS miniport;c:\windows\system32\drivers\qcusbnethp.sys [3/9/2009 2:34 AM 115200]
S3 qcusbserhp;HP USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbserhp.sys [3/9/2009 2:34 AM 104448]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [4/14/2010 7:29 PM 32408]
S4 BackupService;BackupService;c:\documents and settings\Allyson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe [11/28/2010 8:44 AM 83512]
S4 BOTService;BOTService;c:\program files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [12/25/2008 6:28 PM 203248]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 13365661
*NewlyCreated* - PXHELP20
*Deregistered* - 13365661
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-30 c:\windows\Tasks\BackOnTrack Instant Restore Idle.job
- c:\program files\Roxio\BackOnTrack\Instant Restore\RstIdle.exe [2008-12-26 02:28]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 22:39]
.
2011-12-30 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-08-04 18:19]
.
2011-06-11 c:\windows\Tasks\photopadShakeIcon.job
- c:\program files\NCH Software\PhotoPad\photopad.exe [2010-12-17 20:06]
.
2010-12-17 c:\windows\Tasks\photostageSevenDays.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2010-12-17 c:\windows\Tasks\photostageShakeIcon.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2011-06-25 c:\windows\Tasks\pixillionDowngrade.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-06-11 c:\windows\Tasks\pixillionShakeIcon.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-12-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2011-12-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2010-12-10 c:\windows\Tasks\videopadShakeIcon.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2010-11-30 04:06]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 205.171.3.25
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-29 21:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\system32\EXT.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\zfmovjsv]
"ImagePath"="\??\c:\windows\TEMP\ttmiqokr"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(544)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
Completion time: 2011-12-29 21:57:17
ComboFix-quarantined-files.txt 2011-12-30 05:57
ComboFix2.txt 2011-12-30 03:11
ComboFix3.txt 2011-12-29 22:20
.
Pre-Run: 41,429,274,624 bytes free
Post-Run: 41,396,285,440 bytes free
.
- - End Of File - - 015CC3DBBFF7970FA5F62A1194854B67
Again, thank you very much John. The comp isn't fixed yet, but definitely looking better than what I started at. This is all greatly appreciated.
ComboFix 11-12-29.05 - Administrator 12/29/2011 21:32:40.4.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.772 [GMT -8:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-30 )))))))))))))))))))))))))))))))
.
.
2011-12-30 04:35 . 2011-12-30 04:35 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKslcb791dca.sys
2011-12-30 04:35 . 2011-12-30 05:24 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\offreg.dll
2011-12-30 03:16 . 2011-11-30 10:21 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\mpengine.dll
2011-12-30 00:36 . 2011-12-30 00:36 388096 ----a-r- c:\documents and settings\Allyson\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-30 00:35 . 2011-12-30 00:35 -------- d-----w- c:\program files\Trend Micro
2011-12-30 00:34 . 2011-12-30 00:34 0 ----a-w- c:\documents and settings\Allyson\HiJackThis.msi
2011-12-29 21:40 . 2011-12-29 21:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2011-12-28 00:08 . 2011-12-28 04:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-15 . 2E17260C4889F47F71E2B33CD13F7F3D . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-12-29_22.15.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-24 17:26 . 2011-12-29 21:30 71488 c:\windows\system32\perfc009.dat
+ 2008-06-24 17:26 . 2011-12-30 05:28 71488 c:\windows\system32\perfc009.dat
+ 2008-06-24 17:26 . 2011-12-30 05:28 441552 c:\windows\system32\perfh009.dat
- 2008-06-24 17:26 . 2011-12-29 21:30 441552 c:\windows\system32\perfh009.dat
+ 2011-12-30 00:36 . 2011-12-30 00:36 1094656 c:\windows\Installer\211ed5.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Allyson^Start Menu^Programs^Startup^HP SimpleSave Monitor.lnk]
path=c:\documents and settings\Allyson\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
backup=c:\windows\pss\HP SimpleSave Monitor.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 12:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2008-12-03 02:57 729088 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppVodBurner]
2010-10-29 16:06 4980736 ----a-w- c:\program files\VodBurner\vodburner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTBFirstRun]
2008-11-07 21:31 24576 ----a-w- c:\program files\Hewlett-Packard\SDP\HPRun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CarboniteSetupLite]
2009-08-04 07:49 318096 ----a-w- c:\program files\Carbonite\CarbonitePreinstaller.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-15 04:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-15 13:46 159744 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2008-04-15 22:51 488752 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-15 13:46 135168 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-09-01 01:00 449608 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-12-18 18:24 197928 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2011-06-15 22:16 997920 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-15 13:46 131072 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-07-16 01:21 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-12-04 22:54 1410344 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2008-09-11 11:00 446556 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-03-17 07:27 273544 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [3/9/2009 3:00 AM 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [3/9/2009 3:00 AM 15856]
R0 SysCow;SysCow;c:\windows\system32\drivers\syscow32x.sys [9/24/2008 10:09 PM 103792]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [9/19/2011 3:48 PM 98392]
S1 MpKsl01511777;MpKsl01511777;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys [?]
S1 MpKsl024ee902;MpKsl024ee902;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys [?]
S1 MpKsl092cdcd0;MpKsl092cdcd0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys [?]
S1 MpKsl181274b3;MpKsl181274b3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys [?]
S1 MpKsl19d11d02;MpKsl19d11d02;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys [?]
S1 MpKsl1bdaee21;MpKsl1bdaee21;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys [?]
S1 MpKsl2226132c;MpKsl2226132c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys [?]
S1 MpKsl25f89b5e;MpKsl25f89b5e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys [?]
S1 MpKsl2bef0671;MpKsl2bef0671;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys [?]
S1 MpKsl316e2d3e;MpKsl316e2d3e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys [?]
S1 MpKsl34819e1d;MpKsl34819e1d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys [?]
S1 MpKsl370aecc5;MpKsl370aecc5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys [?]
S1 MpKsl401656f4;MpKsl401656f4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys [?]
S1 MpKsl4562e2df;MpKsl4562e2df;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys [?]
S1 MpKsl498fa5ba;MpKsl498fa5ba;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys [?]
S1 MpKsl556578ab;MpKsl556578ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys [?]
S1 MpKsl565317aa;MpKsl565317aa;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys [?]
S1 MpKsl616a52d2;MpKsl616a52d2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys [?]
S1 MpKsl6456fd3c;MpKsl6456fd3c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys [?]
S1 MpKsl7371cd0c;MpKsl7371cd0c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys [?]
S1 MpKsl74924ba6;MpKsl74924ba6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys [?]
S1 MpKsl75a592a5;MpKsl75a592a5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys [?]
S1 MpKsl7f42012b;MpKsl7f42012b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys [?]
S1 MpKsl8372bc00;MpKsl8372bc00;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys [?]
S1 MpKsl840a4db8;MpKsl840a4db8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys [?]
S1 MpKsl86507b7a;MpKsl86507b7a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys [?]
S1 MpKsl88596b33;MpKsl88596b33;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys [?]
S1 MpKsl908689c5;MpKsl908689c5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys [?]
S1 MpKsla66a8685;MpKsla66a8685;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys [?]
S1 MpKsla95d4954;MpKsla95d4954;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys [?]
S1 MpKslbb585c08;MpKslbb585c08;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys [?]
S1 MpKslc53defa1;MpKslc53defa1;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys [?]
S1 MpKslcb791dca;MpKslcb791dca;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKslcb791dca.sys [12/29/2011 8:35 PM 29904]
S1 MpKsld12f1c17;MpKsld12f1c17;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys [?]
S1 MpKsld4feac4d;MpKsld4feac4d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys [?]
S1 MpKsldad52135;MpKsldad52135;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys [?]
S1 MpKsle330df6d;MpKsle330df6d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys [?]
S1 MpKsle43e50ca;MpKsle43e50ca;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys [?]
S1 MpKsleaa2494a;MpKsleaa2494a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys [?]
S1 MpKsled8c18f8;MpKsled8c18f8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys [?]
S1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [3/9/2009 3:00 AM 25584]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [12/11/2008 10:46 PM 125424]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [12/18/2009 10:25 AM 189736]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/27/2011 6:18 PM 366152]
S2 QDLService;Qualcomm Gobi Download Service;c:\qualcomm\QDLService\QDLService.exe [1/14/2009 6:56 AM 345336]
S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [3/9/2009 2:33 AM 112128]
S3 CisUtMonitor;CisUtMonitor;c:\windows\system32\drivers\CisUtMonitor.sys [12/27/2011 6:12 PM 27600]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [9/20/2011 12:24 PM 23624]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/27/2011 6:18 PM 22216]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]
S3 QCFilterhp;HP USB Composite Device Filter Driver;c:\windows\system32\drivers\qcfilterhp.sys [3/9/2009 2:34 AM 5248]
S3 qcusbnethp;HP USB-NDIS miniport;c:\windows\system32\drivers\qcusbnethp.sys [3/9/2009 2:34 AM 115200]
S3 qcusbserhp;HP USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbserhp.sys [3/9/2009 2:34 AM 104448]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [4/14/2010 7:29 PM 32408]
S4 BackupService;BackupService;c:\documents and settings\Allyson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe [11/28/2010 8:44 AM 83512]
S4 BOTService;BOTService;c:\program files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [12/25/2008 6:28 PM 203248]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 13365661
*NewlyCreated* - PXHELP20
*Deregistered* - 13365661
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-30 c:\windows\Tasks\BackOnTrack Instant Restore Idle.job
- c:\program files\Roxio\BackOnTrack\Instant Restore\RstIdle.exe [2008-12-26 02:28]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 22:39]
.
2011-12-30 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-08-04 18:19]
.
2011-06-11 c:\windows\Tasks\photopadShakeIcon.job
- c:\program files\NCH Software\PhotoPad\photopad.exe [2010-12-17 20:06]
.
2010-12-17 c:\windows\Tasks\photostageSevenDays.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2010-12-17 c:\windows\Tasks\photostageShakeIcon.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2011-06-25 c:\windows\Tasks\pixillionDowngrade.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-06-11 c:\windows\Tasks\pixillionShakeIcon.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-12-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2011-12-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2010-12-10 c:\windows\Tasks\videopadShakeIcon.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2010-11-30 04:06]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 205.171.3.25
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-29 21:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\system32\EXT.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\zfmovjsv]
"ImagePath"="\??\c:\windows\TEMP\ttmiqokr"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(544)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
Completion time: 2011-12-29 21:57:17
ComboFix-quarantined-files.txt 2011-12-30 05:57
ComboFix2.txt 2011-12-30 03:11
ComboFix3.txt 2011-12-29 22:20
.
Pre-Run: 41,429,274,624 bytes free
Post-Run: 41,396,285,440 bytes free
.
- - End Of File - - 015CC3DBBFF7970FA5F62A1194854B67
Again, thank you very much John. The comp isn't fixed yet, but definitely looking better than what I started at. This is all greatly appreciated.
Connor.S
New Member
A couple more notes so you know where I'm at.
Windows explorer will start almost every time; if it doesn't then I reboot and it does.
It will work properly for anywhere from a half minute to about four min so far.
I can access Task Manager. I try to open control panel from Run through Task Manager, it shows it running in the processes but doesn't display the actual window; it does this for most things. And, I try to end the process but it fails to do so.
It will let me open non-windows applications. i.e. I can open things like Internet Explorer and HiJackThis..
I'll update with any further info.
Windows explorer will start almost every time; if it doesn't then I reboot and it does.
It will work properly for anywhere from a half minute to about four min so far.
I can access Task Manager. I try to open control panel from Run through Task Manager, it shows it running in the processes but doesn't display the actual window; it does this for most things. And, I try to end the process but it fails to do so.
It will let me open non-windows applications. i.e. I can open things like Internet Explorer and HiJackThis..
I'll update with any further info.
We still have one more entry still showing. A couple more things for you to do.
1.
1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box
3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!
ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.
2.
Please upload this file to www.virustotal.com and click on submit. When you get the results back, copy and paste the link in your address bar in your next reply.
c:\windows\system32\winlogon.exe
3.
See if you can run an eset online scan.
Please download and run the ESET Online Scanner
Disable any antivirus/security programs.
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates, install and then start scanning your system.
When the scan is done, push list of found threats
Click on Export to text file , and save the file to your desktop using a file name, such as ESETlog. Include the contents of this report in your next reply.
If no threats are found then it won't produce a log.
1.
1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box
Code:
Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\zfmovjsv]3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!
ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.
2.
Please upload this file to www.virustotal.com and click on submit. When you get the results back, copy and paste the link in your address bar in your next reply.
c:\windows\system32\winlogon.exe
3.
See if you can run an eset online scan.
Please download and run the ESET Online Scanner
Disable any antivirus/security programs.
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates, install and then start scanning your system.
When the scan is done, push list of found threats
Click on Export to text file , and save the file to your desktop using a file name, such as ESETlog. Include the contents of this report in your next reply.
If no threats are found then it won't produce a log.
Connor.S
New Member
ComboFix is scanning right now, but before the scan started a window popped up saying something about two files. It had me jot down the file names. One of the files ended with ntos.exe. After looking that up it appears to be a virus/trojan/malware. After writing down the names it rebooted the comp.
The exact names are..
C:\Documents and Settings\Allyson\Application Data\nots.exe
C:\Documents
Another note, if you recall from yesterday I mentioned Allyson was a User name in task manager. No one created Allyson..I guess she just appeared and was linked to the main user account. Last night I went into control panel->system->properties->user profiles (or something close to that) and deleted Allyson all together.
The exact names are..
C:\Documents and Settings\Allyson\Application Data\nots.exe
C:\Documents
Another note, if you recall from yesterday I mentioned Allyson was a User name in task manager. No one created Allyson..I guess she just appeared and was linked to the main user account. Last night I went into control panel->system->properties->user profiles (or something close to that) and deleted Allyson all together.
Connor.S
New Member
Still waiting on ESET to finish. Here are the others though.
ComboFix log was much too big this time around so I had to break it up.
ComboFix 11-12-30.01 - Administrator 12/30/2011 10:14:02.5.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.789 [GMT -8:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Allyson\Application Data\64dlls.exe
c:\documents and settings\Allyson\Application Data\intel64.exe
c:\documents and settings\Allyson\Application Data\Kernel32.exe
c:\documents and settings\Allyson\Application Data\localsys64.exe
c:\documents and settings\Allyson\Application Data\ntos.exe
c:\documents and settings\Allyson\Application Data\oembios.exe
c:\documents and settings\Allyson\Application Data\sdra64.exe
c:\documents and settings\Allyson\Application Data\sdra73.exe
c:\documents and settings\Allyson\Application Data\swin32.exe
c:\documents and settings\Allyson\Application Data\twex.exe
c:\documents and settings\Allyson\Application Data\twext.exe
c:\documents and settings\Allyson\Application Data\wsnpoema.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-30 )))))))))))))))))))))))))))))))
.
.
2011-12-30 18:11 . 2011-12-30 18:11 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\offreg.dll
2011-12-30 17:50 . 2011-12-30 17:51 -------- d-----w- C:\20192eeaed92b0c434
2011-12-30 17:48 . 2011-12-30 17:48 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKslcf1ad0b5.sys
2011-12-30 12:41 . 2011-12-30 12:41 -------- d-----w- C:\efe8d2be00926c1aa0fca140e4f273ae
2011-12-30 12:00 . 2011-12-30 12:00 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsled0bee8c.sys
2011-12-30 11:21 . 2011-12-30 11:21 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl3a0cb047.sys
2011-12-30 11:20 . 2011-12-30 12:03 -------- d-----w- c:\documents and settings\DeeDee
2011-12-30 11:02 . 2011-12-30 11:02 -------- d-----w- c:\documents and settings\Administrator\DeeDee
2011-12-30 10:47 . 2011-12-30 10:47 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl878f0f92.sys
2011-12-30 09:49 . 2011-12-30 09:49 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsla16e91a0.sys
2011-12-30 09:34 . 2011-12-30 09:34 -------- d-----w- C:\System Rollback Data
2011-12-30 09:32 . 2011-12-30 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2011-12-30 09:16 . 2011-12-30 09:16 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\VS Revo Group
2011-12-30 09:16 . 2009-12-30 18:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-12-30 09:16 . 2011-12-30 09:16 -------- d-----w- c:\program files\VS Revo Group
2011-12-30 07:38 . 2011-12-30 07:38 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl635138d3.sys
2011-12-30 07:17 . 2011-12-30 07:17 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl62b89e81.sys
2011-12-30 03:16 . 2011-11-30 10:21 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\mpengine.dll
2011-12-30 00:35 . 2011-12-30 00:35 -------- d-----w- c:\program files\Trend Micro
2011-12-29 21:40 . 2011-12-29 21:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2011-12-28 04:52 . 2011-12-28 04:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\DAEMON Tools Lite
2011-12-28 04:06 . 2011-12-28 04:05 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-28 04:05 . 2011-12-28 04:53 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-12-28 04:05 . 2011-12-28 04:05 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2011-12-28 02:18 . 2011-09-01 01:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-28 02:18 . 2011-12-28 04:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-28 02:15 . 2011-12-28 02:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\CrystalIdea Software
2011-12-28 00:08 . 2011-12-30 09:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:25 . 2011-06-02 14:02 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:20 . 2011-08-11 03:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2011-08-11 03:18 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2011-08-11 03:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2011-08-11 03:18 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2010-07-16 12:05 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2011-04-26 11:07 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2011-02-09 02:47 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2011-02-09 02:47 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2011-02-09 13:53 186880 ----a-w- c:\windows\system32\encdec.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-15 . 2E17260C4889F47F71E2B33CD13F7F3D . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-12-29_22.15.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-08-24 20:10 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
+ 2011-08-24 20:10 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
- 2008-06-24 17:26 . 2011-12-29 21:30 71488 c:\windows\system32\perfc009.dat
+ 2008-06-24 17:26 . 2011-12-30 18:15 71488 c:\windows\system32\perfc009.dat
- 2011-08-11 03:18 . 2011-06-23 18:36 66560 c:\windows\system32\mshtmled.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 66560 c:\windows\system32\mshtmled.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 55296 c:\windows\system32\msfeedsbs.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 25600 c:\windows\system32\jsproxy.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2011-04-26 11:07 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-04-26 11:07 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Web.RegularExpressions.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Drawing.Design.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Configuration.Install.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Vsa.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.VisualBasic.Vsa.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Build.Utilities.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Build.Framework.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\ISymWrapper.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\IEHost.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\CustomMarshalers.dll
+ 2011-12-30 12:44 . 2008-07-25 18:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\cscompmgd.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Accessibility.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-07-08 22:00 . 2011-07-08 22:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-07-07 20:04 . 2011-07-07 20:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-07-07 20:04 . 2011-07-07 20:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-07-07 20:03 . 2011-07-07 20:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-07-07 21:09 . 2011-07-07 21:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-09-23 10:17 . 2010-09-23 10:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-07-07 21:09 . 2011-07-07 21:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2011-06-12 01:29 . 2011-09-26 20:31 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-12-30 12:18 . 2011-12-30 12:18 35600 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2011-09-26 20:21 . 2011-09-26 20:21 35600 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-02-25 18:07 . 2010-02-25 18:07 49488 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\VBAJET32.DLL
+ 2010-01-10 04:47 . 2010-01-10 04:47 29528 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\THOCRAPI.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 82848 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\PEOPLEDATAHANDLER.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 15776 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OMUOPTINPS.DLL
+ 2010-02-28 09:13 . 2010-02-28 09:13 20880 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MUOPTIN.DLL
+ 2010-03-01 12:17 . 2010-03-01 12:17 14736 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOCFUIU.DLL
+ 2010-01-11 02:48 . 2010-01-11 02:48 18832 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOCFU.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 58232 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\EXP_XPS.DLL
+ 2010-03-23 03:51 . 2010-03-23 03:51 44480 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACERCLR.DLL
+ 2011-12-30 12:27 . 2011-06-23 18:36 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c37d0bd1\System.Drawing.Design.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_356095d8\CustomMarshalers.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-08-11 15:12 . 2011-08-11 15:12 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 83896 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 41408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 63408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 77752 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 23976 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 62392 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 32688 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 35256 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 24496 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 41408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-10-17 15:46 . 2010-10-17 15:46 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-30 12:03 . 2011-12-30 12:03 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft_VsaVb.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.VisualC.Dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\IIEHost.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\IEExecRemote.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
ComboFix log was much too big this time around so I had to break it up.
ComboFix 11-12-30.01 - Administrator 12/30/2011 10:14:02.5.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.789 [GMT -8:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Allyson\Application Data\64dlls.exe
c:\documents and settings\Allyson\Application Data\intel64.exe
c:\documents and settings\Allyson\Application Data\Kernel32.exe
c:\documents and settings\Allyson\Application Data\localsys64.exe
c:\documents and settings\Allyson\Application Data\ntos.exe
c:\documents and settings\Allyson\Application Data\oembios.exe
c:\documents and settings\Allyson\Application Data\sdra64.exe
c:\documents and settings\Allyson\Application Data\sdra73.exe
c:\documents and settings\Allyson\Application Data\swin32.exe
c:\documents and settings\Allyson\Application Data\twex.exe
c:\documents and settings\Allyson\Application Data\twext.exe
c:\documents and settings\Allyson\Application Data\wsnpoema.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-30 )))))))))))))))))))))))))))))))
.
.
2011-12-30 18:11 . 2011-12-30 18:11 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\offreg.dll
2011-12-30 17:50 . 2011-12-30 17:51 -------- d-----w- C:\20192eeaed92b0c434
2011-12-30 17:48 . 2011-12-30 17:48 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKslcf1ad0b5.sys
2011-12-30 12:41 . 2011-12-30 12:41 -------- d-----w- C:\efe8d2be00926c1aa0fca140e4f273ae
2011-12-30 12:00 . 2011-12-30 12:00 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsled0bee8c.sys
2011-12-30 11:21 . 2011-12-30 11:21 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl3a0cb047.sys
2011-12-30 11:20 . 2011-12-30 12:03 -------- d-----w- c:\documents and settings\DeeDee
2011-12-30 11:02 . 2011-12-30 11:02 -------- d-----w- c:\documents and settings\Administrator\DeeDee
2011-12-30 10:47 . 2011-12-30 10:47 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl878f0f92.sys
2011-12-30 09:49 . 2011-12-30 09:49 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsla16e91a0.sys
2011-12-30 09:34 . 2011-12-30 09:34 -------- d-----w- C:\System Rollback Data
2011-12-30 09:32 . 2011-12-30 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2011-12-30 09:16 . 2011-12-30 09:16 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\VS Revo Group
2011-12-30 09:16 . 2009-12-30 18:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-12-30 09:16 . 2011-12-30 09:16 -------- d-----w- c:\program files\VS Revo Group
2011-12-30 07:38 . 2011-12-30 07:38 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl635138d3.sys
2011-12-30 07:17 . 2011-12-30 07:17 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl62b89e81.sys
2011-12-30 03:16 . 2011-11-30 10:21 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\mpengine.dll
2011-12-30 00:35 . 2011-12-30 00:35 -------- d-----w- c:\program files\Trend Micro
2011-12-29 21:40 . 2011-12-29 21:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2011-12-28 04:52 . 2011-12-28 04:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\DAEMON Tools Lite
2011-12-28 04:06 . 2011-12-28 04:05 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-28 04:05 . 2011-12-28 04:53 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-12-28 04:05 . 2011-12-28 04:05 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2011-12-28 02:18 . 2011-09-01 01:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-28 02:18 . 2011-12-28 04:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-28 02:15 . 2011-12-28 02:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\CrystalIdea Software
2011-12-28 00:08 . 2011-12-30 09:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:25 . 2011-06-02 14:02 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:20 . 2011-08-11 03:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2011-08-11 03:18 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2011-08-11 03:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2011-08-11 03:18 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2010-07-16 12:05 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2011-04-26 11:07 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2011-02-09 02:47 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2011-02-09 02:47 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2011-02-09 13:53 186880 ----a-w- c:\windows\system32\encdec.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-15 . 2E17260C4889F47F71E2B33CD13F7F3D . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-12-29_22.15.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-08-24 20:10 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
+ 2011-08-24 20:10 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
- 2008-06-24 17:26 . 2011-12-29 21:30 71488 c:\windows\system32\perfc009.dat
+ 2008-06-24 17:26 . 2011-12-30 18:15 71488 c:\windows\system32\perfc009.dat
- 2011-08-11 03:18 . 2011-06-23 18:36 66560 c:\windows\system32\mshtmled.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 66560 c:\windows\system32\mshtmled.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 55296 c:\windows\system32\msfeedsbs.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 25600 c:\windows\system32\jsproxy.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2011-04-26 11:07 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-04-26 11:07 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Web.RegularExpressions.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Drawing.Design.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Configuration.Install.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Vsa.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.VisualBasic.Vsa.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Build.Utilities.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Build.Framework.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\ISymWrapper.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\IEHost.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\CustomMarshalers.dll
+ 2011-12-30 12:44 . 2008-07-25 18:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\cscompmgd.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Accessibility.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-07-08 22:00 . 2011-07-08 22:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-07-07 20:04 . 2011-07-07 20:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-07-07 20:04 . 2011-07-07 20:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-07-07 20:03 . 2011-07-07 20:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-07-07 21:09 . 2011-07-07 21:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-09-23 10:17 . 2010-09-23 10:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-07-07 21:09 . 2011-07-07 21:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2011-06-12 01:29 . 2011-09-26 20:31 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-12-30 12:18 . 2011-12-30 12:18 35600 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2011-09-26 20:21 . 2011-09-26 20:21 35600 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-02-25 18:07 . 2010-02-25 18:07 49488 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\VBAJET32.DLL
+ 2010-01-10 04:47 . 2010-01-10 04:47 29528 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\THOCRAPI.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 82848 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\PEOPLEDATAHANDLER.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 15776 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OMUOPTINPS.DLL
+ 2010-02-28 09:13 . 2010-02-28 09:13 20880 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MUOPTIN.DLL
+ 2010-03-01 12:17 . 2010-03-01 12:17 14736 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOCFUIU.DLL
+ 2010-01-11 02:48 . 2010-01-11 02:48 18832 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOCFU.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 58232 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\EXP_XPS.DLL
+ 2010-03-23 03:51 . 2010-03-23 03:51 44480 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACERCLR.DLL
+ 2011-12-30 12:27 . 2011-06-23 18:36 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c37d0bd1\System.Drawing.Design.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_356095d8\CustomMarshalers.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-08-11 15:12 . 2011-08-11 15:12 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 83896 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 41408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 63408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 77752 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 23976 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 62392 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 32688 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 35256 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 24496 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 41408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-10-17 15:46 . 2010-10-17 15:46 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-30 12:03 . 2011-12-30 12:03 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft_VsaVb.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.VisualC.Dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\IIEHost.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\IEExecRemote.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
Connor.S
New Member
+ 2011-08-11 03:18 . 2011-11-04 19:20 105984 c:\windows\system32\url.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 105984 c:\windows\system32\url.dll
+ 2008-06-24 17:26 . 2011-12-30 18:15 441552 c:\windows\system32\perfh009.dat
- 2008-06-24 17:26 . 2011-12-29 21:30 441552 c:\windows\system32\perfh009.dat
+ 2011-08-11 03:18 . 2011-11-04 19:20 206848 c:\windows\system32\occache.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 206848 c:\windows\system32\occache.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 611840 c:\windows\system32\mstime.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 611840 c:\windows\system32\mstime.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 602112 c:\windows\system32\msfeeds.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 602112 c:\windows\system32\msfeeds.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 184320 c:\windows\system32\iepeers.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 184320 c:\windows\system32\iepeers.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 387584 c:\windows\system32\iedkcs32.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 387584 c:\windows\system32\iedkcs32.dll
+ 2011-08-11 03:18 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
- 2008-06-24 17:16 . 2011-07-14 15:46 287704 c:\windows\system32\FNTCACHE.DAT
+ 2008-06-24 17:16 . 2011-12-30 17:33 287704 c:\windows\system32\FNTCACHE.DAT
- 2011-06-16 20:09 . 2011-02-16 13:22 138496 c:\windows\system32\drivers\afd.sys
+ 2011-06-16 20:09 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys
+ 2011-08-11 03:18 . 2011-11-04 19:20 916992 c:\windows\system32\dllcache\wininet.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 105984 c:\windows\system32\dllcache\url.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 105984 c:\windows\system32\dllcache\url.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 206848 c:\windows\system32\dllcache\occache.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 206848 c:\windows\system32\dllcache\occache.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 611840 c:\windows\system32\dllcache\mstime.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 611840 c:\windows\system32\dllcache\mstime.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2011-08-11 03:18 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2011-02-09 13:53 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
- 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2011-09-09 09:12 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
- 2011-09-09 09:12 . 2011-09-09 09:12 599040 c:\windows\system32\dllcache\crypt32.dll
- 2011-06-16 20:09 . 2011-02-16 13:22 138496 c:\windows\system32\dllcache\afd.sys
+ 2011-06-16 20:09 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
- 2011-09-09 09:12 . 2011-09-09 09:12 599040 c:\windows\system32\crypt32.dll
+ 2011-09-09 09:12 . 2011-09-28 07:06 599040 c:\windows\system32\crypt32.dll
+ 2011-07-07 13:18 . 2011-07-07 13:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 13:18 . 2011-07-07 13:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Web.Services.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Web.Mobile.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Transactions.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.ServiceProcess.dll
+ 2011-12-30 12:45 . 2010-02-09 19:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Security.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Runtime.Remoting.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Messaging.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Management.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.EnterpriseServices.Wrapper.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.EnterpriseServices.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Drawing.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.DirectoryServices.Protocols.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.DirectoryServices.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Deployment.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Data.SqlXml.dll
+ 2011-12-30 12:45 . 2008-11-25 11:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Data.OracleClient.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.configuration.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\sysglobl.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.VisualBasic.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.JScript.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Build.Tasks.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Build.Engine.dll
+ 2011-12-30 12:44 . 2008-07-25 18:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\AspNetMMCExt.dll
+ 2011-07-07 20:04 . 2011-07-07 20:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2011-07-07 20:01 . 2011-07-07 20:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-09-23 09:25 . 2010-09-23 09:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-07-07 21:09 . 2011-07-07 21:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-04-29 04:27 . 2011-04-29 04:27 608768 c:\windows\Installer\30d13.msp
+ 2011-10-27 07:23 . 2011-10-27 07:23 925696 c:\windows\Installer\30b93.msp
+ 2011-10-27 06:46 . 2011-10-27 06:46 794112 c:\windows\Installer\30b83.msp
+ 2011-10-27 06:51 . 2011-10-27 06:51 592896 c:\windows\Installer\30b6e.msp
+ 2011-12-30 12:32 . 2011-12-30 12:32 571232 c:\windows\Installer\{90140000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2011-06-12 01:12 . 2011-06-12 01:12 571232 c:\windows\Installer\{90140000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-02-13 13:25 . 2010-02-13 13:25 128384 c:\windows\Installer\$PatchCache$\Managed\00004109E60090400000000000F01FEC\14.0.4763\FPLACE.DLL
+ 2010-02-28 10:13 . 2010-02-28 10:13 579968 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\VPREVIEW.EXE
+ 2010-01-10 04:47 . 2010-01-10 04:47 133512 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\TWCUTCHR.DLL
+ 2010-02-28 09:13 . 2010-02-28 09:13 521616 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\SELFCERT.EXE
+ 2010-02-28 11:41 . 2010-02-28 11:41 615800 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONWORDADDIN.DLL
+ 2010-02-28 11:41 . 2010-02-28 11:41 560512 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONPPTADDIN.DLL
+ 2010-03-30 03:26 . 2010-03-30 03:26 227712 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONENOTEM.EXE
+ 2010-02-28 11:41 . 2010-02-28 11:41 533368 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONBTTNWD.DLL
+ 2010-02-28 11:41 . 2010-02-28 11:41 533376 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONBTTNPPT.DLL
+ 2010-03-01 12:19 . 2010-03-01 12:19 697728 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONBTTNOL.DLL
+ 2010-02-28 09:21 . 2010-02-28 09:21 259960 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OISGRAPH.DLL
+ 2010-02-28 09:21 . 2010-02-28 09:21 886640 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OISAPP.DLL
+ 2010-02-28 09:21 . 2010-02-28 09:21 274280 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OIS.EXE
+ 2010-02-28 09:09 . 2010-02-28 09:09 401784 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OFFXML.DLL
+ 2010-01-10 04:23 . 2010-01-10 04:23 169352 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OARPMANY.EXE
+ 2010-02-28 09:15 . 2010-02-28 09:15 702312 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSTORDB.EXE
+ 2010-03-30 04:47 . 2010-03-30 04:47 218464 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSPROOF6.DLL
+ 2010-03-16 09:58 . 2010-03-16 09:58 360824 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOUC.EXE
+ 2010-03-16 09:58 . 2010-03-16 09:58 718208 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOSYNC.EXE
+ 2010-03-25 03:28 . 2010-03-25 03:28 473952 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOICONS.EXE
+ 2010-03-06 12:29 . 2010-03-06 12:29 501088 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSODCW.DLL
+ 2010-03-01 12:17 . 2010-03-01 12:17 152952 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOCF.DLL
+ 2009-09-04 16:02 . 2009-09-04 16:02 591680 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSLID.DLL
+ 2010-03-25 03:28 . 2010-03-25 03:28 571232 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MISC.EXE
+ 2010-02-28 09:15 . 2010-02-28 09:15 698216 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MEDCAT.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 178560 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\IETAG.DLL
+ 2010-02-28 11:41 . 2010-02-28 11:41 578472 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\IECONTENTSERVICE.EXE
+ 2010-02-04 11:41 . 2010-02-04 11:41 120160 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\FLTLDR.EXE
+ 2010-02-25 18:07 . 2010-02-25 18:07 452936 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\EXPSRV.DLL
+ 2010-03-23 18:03 . 2010-03-23 18:03 104824 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\EXP_PDF.DLL
+ 2010-02-28 09:09 . 2010-02-28 09:09 519584 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\DWTRIG20.EXE
+ 2010-02-28 09:09 . 2010-02-28 09:09 526176 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\DWDCW20.DLL
+ 2010-03-01 12:18 . 2010-03-01 12:18 397656 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\CDLMSO.DLL
+ 2010-01-19 03:59 . 2010-01-19 03:59 998776 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ASMAIN.DLL
+ 2010-01-19 03:59 . 2010-01-19 03:59 100280 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ASLTS.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 362904 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEXBE.DLL
+ 2010-03-23 17:54 . 2010-03-23 17:54 220560 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACETXT.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 527776 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEREP.DLL
+ 2010-03-23 03:51 . 2010-03-23 03:51 329624 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACER3X.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 383904 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEOLEDB.DLL
+ 2010-03-23 03:51 . 2010-03-23 03:51 278448 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEODBC.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 643992 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEEXCL.DLL
+ 2010-03-23 17:54 . 2010-03-23 17:54 334752 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEEXCH.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 686504 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEES.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 548792 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEDAO.DLL
+ 2010-02-28 09:15 . 2010-02-28 09:15 991072 c:\windows\Installer\$PatchCache$\Managed\00004109010090400000000000F01FEC\14.0.4763\MSONSEXT.DLL
+ 2011-12-30 12:27 . 2011-06-23 18:36 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2011-12-30 12:27 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2011-12-30 12:27 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2011-12-30 12:27 . 2011-06-23 18:36 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2011-12-30 12:27 . 2011-06-23 12:05 173568 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2011-12-30 12:04 . 2011-12-30 12:04 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_a72ae9dd\System.Drawing.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_8535382d\System.Drawing.Design.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_ac553554\CustomMarshalers.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 363936 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 193472 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 153008 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-08-11 15:12 . 2011-08-11 15:12 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 1212416 c:\windows\system32\urlmon.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 1212416 c:\windows\system32\urlmon.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 5978112 c:\windows\system32\mshtml.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 2000384 c:\windows\system32\iertutil.dll
+ 2010-10-20 20:44 . 2010-10-20 20:44 1207656 c:\windows\system32\FM20.DLL
+ 2011-06-02 14:02 . 2011-11-23 13:25 1859584 c:\windows\system32\dllcache\win32k.sys
- 2011-08-11 03:18 . 2011-06-23 18:36 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2010-07-16 12:05 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
+ 2011-02-09 02:47 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
- 2011-02-09 02:47 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
- 2011-02-09 02:47 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2011-02-09 02:47 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2011-02-09 02:47 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2011-02-09 02:47 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2011-02-09 02:47 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2011-02-09 02:47 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2011-08-11 03:18 . 2011-11-04 19:20 5978112 c:\windows\system32\dllcache\mshtml.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-07-07 13:18 . 2011-07-07 13:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-07-07 13:18 . 2011-07-07 13:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-12-30 12:45 . 2008-11-25 11:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.XML.dll
+ 2011-12-30 12:44 . 2011-03-25 13:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Windows.Forms.dll
+ 2011-12-30 12:44 . 2010-09-22 16:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Web.dll
+ 2011-12-30 12:45 . 2011-04-29 04:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Design.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Data.dll
+ 2011-12-30 12:45 . 2011-03-25 13:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\mscorlib.dll
+ 2011-07-08 21:59 . 2011-07-08 21:59 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2011-07-08 21:59 . 2011-07-08 21:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 20:02 . 2011-07-07 20:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 20:02 . 2011-07-07 20:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-07-08 21:59 . 2011-07-08 21:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-04-29 04:26 . 2011-04-29 04:26 3994624 c:\windows\Installer\30c10.msp
+ 2011-10-16 22:45 . 2011-10-16 22:45 4966912 c:\windows\Installer\30c01.msp
+ 2011-10-16 22:28 . 2011-10-16 22:28 1138688 c:\windows\Installer\30bea.msp
+ 2011-12-02 00:16 . 2011-12-02 00:16 3464704 c:\windows\Installer\30bd5.msp
+ 2011-10-27 06:45 . 2011-10-27 06:45 9177600 c:\windows\Installer\30bc0.msp
+ 2011-10-27 07:23 . 2011-10-27 07:23 8821760 c:\windows\Installer\30ba8.msp
+ 2011-11-01 21:34 . 2011-11-01 21:34 2531840 c:\windows\Installer\30b8b.msp
+ 2011-10-27 06:46 . 2011-10-27 06:46 1833472 c:\windows\Installer\30b48.msp
+ 2011-11-12 00:16 . 2011-11-12 00:16 8458240 c:\windows\Installer\30aff.msp
- 2011-06-12 01:29 . 2011-09-26 20:31 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 4525408 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-02-18 04:56 . 2010-02-18 04:56 1199008 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\WKCONV.EXE
+ 2010-02-25 18:07 . 2010-02-25 18:07 2672456 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\VBE7.DLL
+ 2010-03-01 12:07 . 2010-03-01 12:07 2831768 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\STSLIST.DLL
+ 2010-03-11 07:44 . 2010-03-11 07:44 1100664 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\SETUP.EXE
+ 2010-02-28 09:14 . 2010-02-28 09:14 4520288 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\PROMO.EXE
+ 2010-03-09 16:57 . 2010-03-09 16:57 2162024 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\POWERPNT.EXE
+ 2010-03-11 07:44 . 2010-03-11 07:44 5789544 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OSETUP.DLL
+ 2010-03-30 15:29 . 2010-03-30 15:29 1177968 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONFILTER.DLL
+ 2010-03-30 15:29 . 2010-03-30 15:29 1676128 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONENOTE.EXE
+ 2010-01-10 04:24 . 2010-01-10 04:24 3483000 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OIMG.DLL
+ 2010-01-11 02:48 . 2010-01-11 02:48 1647984 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OGL.DLL
+ 2010-02-28 09:19 . 2010-02-28 09:19 7277440 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OFFOWC.DLL
+ 2010-03-30 15:36 . 2010-03-30 15:36 5496688 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\IPEDITOR.DLL
+ 2010-03-13 05:45 . 2010-03-13 05:45 4299648 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\GRAPH.EXE
+ 2010-03-01 12:08 . 2010-03-01 12:08 1746280 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\GFX.DLL
+ 2010-02-21 00:20 . 2010-02-21 00:20 1207144 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\FM20.DLL
+ 2010-01-19 03:59 . 2010-01-19 03:59 2182040 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ASSAPIFE.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 3049376 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEWDAT.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 2193800 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACECORE.DLL
+ 2011-12-30 12:27 . 2011-06-23 18:36 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2011-12-30 12:27 . 2011-07-25 15:17 5969920 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 1991680 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
- 2011-02-09 02:47 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2011-02-09 02:47 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2011-02-09 02:47 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2011-02-09 02:47 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2011-02-09 02:47 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2011-02-09 02:47 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2011-02-09 02:47 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-02-09 02:47 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-12-30 12:04 . 2011-12-30 12:04 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_a96425c7\System.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_073b154b\System.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_f1227b33\System.Xml.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_2f923ac4\System.Xml.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f05a6372\System.Windows.Forms.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_136acba1\System.Windows.Forms.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_aeb9cc84\System.Drawing.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_c02fc889\System.Design.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7ce63a2e\System.Design.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7fcf3eb2\mscorlib.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1f957c71\mscorlib.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-11 15:12 . 2011-08-11 15:12 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-11 15:12 . 2011-08-11 15:12 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-08-11 15:11 . 2011-08-11 15:11 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-12-30 12:03 . 2011-12-30 12:03 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2010-10-17 15:46 . 2010-10-17 15:46 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2010-10-17 15:46 . 2010-10-17 15:46 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-12-30 12:03 . 2011-12-30 12:03 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-11-27 20:57 . 2011-12-07 19:44 52988224 c:\windows\system32\MRT.exe
+ 2011-08-11 03:18 . 2011-11-04 19:20 11081728 c:\windows\system32\ieframe.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 11081728 c:\windows\system32\ieframe.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 11081728 c:\windows\system32\dllcache\ieframe.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-07-13 06:49 . 2011-07-13 06:49 11459584 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp
+ 2011-07-12 04:43 . 2011-07-12 04:43 11641344 c:\windows\Installer\30d2e.msp
+ 2011-04-29 07:28 . 2011-04-29 07:28 16972800 c:\windows\Installer\30d2c.msp
+ 2011-04-29 07:28 . 2011-04-29 07:28 11056128 c:\windows\Installer\30d23.msp
+ 2011-04-29 04:34 . 2011-04-29 04:34 11155456 c:\windows\Installer\30d1b.msp
+ 2011-04-29 04:27 . 2011-04-29 04:27 14467072 c:\windows\Installer\30c1e.msp
+ 2011-10-27 06:51 . 2011-10-27 06:51 16885760 c:\windows\Installer\30b67.msp
+ 2011-10-27 06:47 . 2011-10-27 06:47 10328064 c:\windows\Installer\30b33.msp
+ 2011-10-27 06:49 . 2011-10-27 06:49 16245760 c:\windows\Installer\30b22.msp
+ 2011-10-27 06:49 . 2011-10-27 06:49 10427392 c:\windows\Installer\30b10.msp
+ 2011-10-27 06:46 . 2011-10-27 06:46 11580928 c:\windows\Installer\30af7.msp
+ 2011-10-22 23:21 . 2011-10-22 23:21 21515264 c:\windows\Installer\30ae2.msp
+ 2011-07-12 23:50 . 2011-07-12 23:50 17555968 c:\windows\Installer\30ac5.msp
+ 2011-07-12 04:43 . 2011-07-12 04:43 11641344 c:\windows\Installer\16ae5.msp
+ 2011-07-12 04:43 . 2011-07-12 04:43 11641344 c:\windows\Installer\16add.msp
+ 2010-03-23 03:36 . 2010-03-23 03:36 72521600 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSORES.DLL
+ 2011-12-30 12:27 . 2011-06-23 18:36 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2011-04-29 04:33 . 2011-04-29 04:33 425345024 c:\windows\Installer\30d0d.msp
+ 2011-10-16 22:38 . 2011-10-16 22:38 100966912 c:\windows\Installer\30adb.msp
.
- 2011-08-11 03:18 . 2011-06-23 18:36 105984 c:\windows\system32\url.dll
+ 2008-06-24 17:26 . 2011-12-30 18:15 441552 c:\windows\system32\perfh009.dat
- 2008-06-24 17:26 . 2011-12-29 21:30 441552 c:\windows\system32\perfh009.dat
+ 2011-08-11 03:18 . 2011-11-04 19:20 206848 c:\windows\system32\occache.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 206848 c:\windows\system32\occache.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 611840 c:\windows\system32\mstime.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 611840 c:\windows\system32\mstime.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 602112 c:\windows\system32\msfeeds.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 602112 c:\windows\system32\msfeeds.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 184320 c:\windows\system32\iepeers.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 184320 c:\windows\system32\iepeers.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 387584 c:\windows\system32\iedkcs32.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 387584 c:\windows\system32\iedkcs32.dll
+ 2011-08-11 03:18 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
- 2008-06-24 17:16 . 2011-07-14 15:46 287704 c:\windows\system32\FNTCACHE.DAT
+ 2008-06-24 17:16 . 2011-12-30 17:33 287704 c:\windows\system32\FNTCACHE.DAT
- 2011-06-16 20:09 . 2011-02-16 13:22 138496 c:\windows\system32\drivers\afd.sys
+ 2011-06-16 20:09 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys
+ 2011-08-11 03:18 . 2011-11-04 19:20 916992 c:\windows\system32\dllcache\wininet.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 105984 c:\windows\system32\dllcache\url.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 105984 c:\windows\system32\dllcache\url.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 206848 c:\windows\system32\dllcache\occache.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 206848 c:\windows\system32\dllcache\occache.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 611840 c:\windows\system32\dllcache\mstime.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 611840 c:\windows\system32\dllcache\mstime.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2011-08-11 03:18 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2011-02-09 13:53 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
- 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2011-09-09 09:12 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
- 2011-09-09 09:12 . 2011-09-09 09:12 599040 c:\windows\system32\dllcache\crypt32.dll
- 2011-06-16 20:09 . 2011-02-16 13:22 138496 c:\windows\system32\dllcache\afd.sys
+ 2011-06-16 20:09 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
- 2011-09-09 09:12 . 2011-09-09 09:12 599040 c:\windows\system32\crypt32.dll
+ 2011-09-09 09:12 . 2011-09-28 07:06 599040 c:\windows\system32\crypt32.dll
+ 2011-07-07 13:18 . 2011-07-07 13:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 13:18 . 2011-07-07 13:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Web.Services.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Web.Mobile.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Transactions.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.ServiceProcess.dll
+ 2011-12-30 12:45 . 2010-02-09 19:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Security.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Runtime.Remoting.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Messaging.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Management.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.EnterpriseServices.Wrapper.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.EnterpriseServices.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Drawing.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.DirectoryServices.Protocols.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.DirectoryServices.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Deployment.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Data.SqlXml.dll
+ 2011-12-30 12:45 . 2008-11-25 11:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Data.OracleClient.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.configuration.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\sysglobl.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.VisualBasic.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.JScript.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Build.Tasks.dll
+ 2011-12-30 12:45 . 2008-07-25 18:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\Microsoft.Build.Engine.dll
+ 2011-12-30 12:44 . 2008-07-25 18:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\AspNetMMCExt.dll
+ 2011-07-07 20:04 . 2011-07-07 20:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2011-07-07 20:01 . 2011-07-07 20:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-09-23 09:25 . 2010-09-23 09:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-07-07 21:09 . 2011-07-07 21:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-04-29 04:27 . 2011-04-29 04:27 608768 c:\windows\Installer\30d13.msp
+ 2011-10-27 07:23 . 2011-10-27 07:23 925696 c:\windows\Installer\30b93.msp
+ 2011-10-27 06:46 . 2011-10-27 06:46 794112 c:\windows\Installer\30b83.msp
+ 2011-10-27 06:51 . 2011-10-27 06:51 592896 c:\windows\Installer\30b6e.msp
+ 2011-12-30 12:32 . 2011-12-30 12:32 571232 c:\windows\Installer\{90140000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2011-06-12 01:12 . 2011-06-12 01:12 571232 c:\windows\Installer\{90140000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-02-13 13:25 . 2010-02-13 13:25 128384 c:\windows\Installer\$PatchCache$\Managed\00004109E60090400000000000F01FEC\14.0.4763\FPLACE.DLL
+ 2010-02-28 10:13 . 2010-02-28 10:13 579968 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\VPREVIEW.EXE
+ 2010-01-10 04:47 . 2010-01-10 04:47 133512 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\TWCUTCHR.DLL
+ 2010-02-28 09:13 . 2010-02-28 09:13 521616 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\SELFCERT.EXE
+ 2010-02-28 11:41 . 2010-02-28 11:41 615800 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONWORDADDIN.DLL
+ 2010-02-28 11:41 . 2010-02-28 11:41 560512 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONPPTADDIN.DLL
+ 2010-03-30 03:26 . 2010-03-30 03:26 227712 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONENOTEM.EXE
+ 2010-02-28 11:41 . 2010-02-28 11:41 533368 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONBTTNWD.DLL
+ 2010-02-28 11:41 . 2010-02-28 11:41 533376 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONBTTNPPT.DLL
+ 2010-03-01 12:19 . 2010-03-01 12:19 697728 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONBTTNOL.DLL
+ 2010-02-28 09:21 . 2010-02-28 09:21 259960 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OISGRAPH.DLL
+ 2010-02-28 09:21 . 2010-02-28 09:21 886640 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OISAPP.DLL
+ 2010-02-28 09:21 . 2010-02-28 09:21 274280 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OIS.EXE
+ 2010-02-28 09:09 . 2010-02-28 09:09 401784 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OFFXML.DLL
+ 2010-01-10 04:23 . 2010-01-10 04:23 169352 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OARPMANY.EXE
+ 2010-02-28 09:15 . 2010-02-28 09:15 702312 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSTORDB.EXE
+ 2010-03-30 04:47 . 2010-03-30 04:47 218464 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSPROOF6.DLL
+ 2010-03-16 09:58 . 2010-03-16 09:58 360824 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOUC.EXE
+ 2010-03-16 09:58 . 2010-03-16 09:58 718208 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOSYNC.EXE
+ 2010-03-25 03:28 . 2010-03-25 03:28 473952 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOICONS.EXE
+ 2010-03-06 12:29 . 2010-03-06 12:29 501088 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSODCW.DLL
+ 2010-03-01 12:17 . 2010-03-01 12:17 152952 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOCF.DLL
+ 2009-09-04 16:02 . 2009-09-04 16:02 591680 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSLID.DLL
+ 2010-03-25 03:28 . 2010-03-25 03:28 571232 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MISC.EXE
+ 2010-02-28 09:15 . 2010-02-28 09:15 698216 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MEDCAT.DLL
+ 2010-03-23 03:36 . 2010-03-23 03:36 178560 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\IETAG.DLL
+ 2010-02-28 11:41 . 2010-02-28 11:41 578472 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\IECONTENTSERVICE.EXE
+ 2010-02-04 11:41 . 2010-02-04 11:41 120160 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\FLTLDR.EXE
+ 2010-02-25 18:07 . 2010-02-25 18:07 452936 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\EXPSRV.DLL
+ 2010-03-23 18:03 . 2010-03-23 18:03 104824 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\EXP_PDF.DLL
+ 2010-02-28 09:09 . 2010-02-28 09:09 519584 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\DWTRIG20.EXE
+ 2010-02-28 09:09 . 2010-02-28 09:09 526176 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\DWDCW20.DLL
+ 2010-03-01 12:18 . 2010-03-01 12:18 397656 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\CDLMSO.DLL
+ 2010-01-19 03:59 . 2010-01-19 03:59 998776 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ASMAIN.DLL
+ 2010-01-19 03:59 . 2010-01-19 03:59 100280 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ASLTS.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 362904 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEXBE.DLL
+ 2010-03-23 17:54 . 2010-03-23 17:54 220560 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACETXT.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 527776 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEREP.DLL
+ 2010-03-23 03:51 . 2010-03-23 03:51 329624 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACER3X.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 383904 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEOLEDB.DLL
+ 2010-03-23 03:51 . 2010-03-23 03:51 278448 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEODBC.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 643992 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEEXCL.DLL
+ 2010-03-23 17:54 . 2010-03-23 17:54 334752 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEEXCH.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 686504 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEES.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 548792 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEDAO.DLL
+ 2010-02-28 09:15 . 2010-02-28 09:15 991072 c:\windows\Installer\$PatchCache$\Managed\00004109010090400000000000F01FEC\14.0.4763\MSONSEXT.DLL
+ 2011-12-30 12:27 . 2011-06-23 18:36 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2011-12-30 12:27 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2011-12-30 12:27 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2011-12-30 12:27 . 2011-06-23 18:36 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2011-12-30 12:27 . 2011-06-23 12:05 173568 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2011-12-30 12:04 . 2011-12-30 12:04 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_a72ae9dd\System.Drawing.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_8535382d\System.Drawing.Design.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_ac553554\CustomMarshalers.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 363936 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 193472 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
+ 2011-12-30 12:36 . 2011-12-30 12:36 153008 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-08-11 15:12 . 2011-08-11 15:12 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-08-11 15:13 . 2011-08-11 15:13 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 1212416 c:\windows\system32\urlmon.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 1212416 c:\windows\system32\urlmon.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 5978112 c:\windows\system32\mshtml.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 2000384 c:\windows\system32\iertutil.dll
+ 2010-10-20 20:44 . 2010-10-20 20:44 1207656 c:\windows\system32\FM20.DLL
+ 2011-06-02 14:02 . 2011-11-23 13:25 1859584 c:\windows\system32\dllcache\win32k.sys
- 2011-08-11 03:18 . 2011-06-23 18:36 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2010-07-16 12:05 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
+ 2011-02-09 02:47 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
- 2011-02-09 02:47 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
- 2011-02-09 02:47 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2011-02-09 02:47 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2011-02-09 02:47 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2011-02-09 02:47 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2011-02-09 02:47 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2011-02-09 02:47 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2011-08-11 03:18 . 2011-11-04 19:20 5978112 c:\windows\system32\dllcache\mshtml.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-07-07 13:18 . 2011-07-07 13:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-07-07 13:18 . 2011-07-07 13:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-12-30 12:45 . 2008-11-25 11:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.XML.dll
+ 2011-12-30 12:44 . 2011-03-25 13:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Windows.Forms.dll
+ 2011-12-30 12:44 . 2010-09-22 16:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Web.dll
+ 2011-12-30 12:45 . 2011-04-29 04:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.dll
+ 2011-12-30 12:44 . 2008-07-25 18:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Design.dll
+ 2011-12-30 12:45 . 2008-07-25 18:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\System.Data.dll
+ 2011-12-30 12:45 . 2011-03-25 13:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC13081\mscorlib.dll
+ 2011-07-08 21:59 . 2011-07-08 21:59 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2011-07-08 21:59 . 2011-07-08 21:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 20:02 . 2011-07-07 20:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 20:02 . 2011-07-07 20:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-07-08 21:59 . 2011-07-08 21:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-04-29 04:26 . 2011-04-29 04:26 3994624 c:\windows\Installer\30c10.msp
+ 2011-10-16 22:45 . 2011-10-16 22:45 4966912 c:\windows\Installer\30c01.msp
+ 2011-10-16 22:28 . 2011-10-16 22:28 1138688 c:\windows\Installer\30bea.msp
+ 2011-12-02 00:16 . 2011-12-02 00:16 3464704 c:\windows\Installer\30bd5.msp
+ 2011-10-27 06:45 . 2011-10-27 06:45 9177600 c:\windows\Installer\30bc0.msp
+ 2011-10-27 07:23 . 2011-10-27 07:23 8821760 c:\windows\Installer\30ba8.msp
+ 2011-11-01 21:34 . 2011-11-01 21:34 2531840 c:\windows\Installer\30b8b.msp
+ 2011-10-27 06:46 . 2011-10-27 06:46 1833472 c:\windows\Installer\30b48.msp
+ 2011-11-12 00:16 . 2011-11-12 00:16 8458240 c:\windows\Installer\30aff.msp
- 2011-06-12 01:29 . 2011-09-26 20:31 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 4525408 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-06-12 01:29 . 2011-12-30 12:38 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
- 2011-06-12 01:29 . 2011-09-26 20:31 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-02-18 04:56 . 2010-02-18 04:56 1199008 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\WKCONV.EXE
+ 2010-02-25 18:07 . 2010-02-25 18:07 2672456 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\VBE7.DLL
+ 2010-03-01 12:07 . 2010-03-01 12:07 2831768 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\STSLIST.DLL
+ 2010-03-11 07:44 . 2010-03-11 07:44 1100664 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\SETUP.EXE
+ 2010-02-28 09:14 . 2010-02-28 09:14 4520288 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\PROMO.EXE
+ 2010-03-09 16:57 . 2010-03-09 16:57 2162024 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\POWERPNT.EXE
+ 2010-03-11 07:44 . 2010-03-11 07:44 5789544 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OSETUP.DLL
+ 2010-03-30 15:29 . 2010-03-30 15:29 1177968 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONFILTER.DLL
+ 2010-03-30 15:29 . 2010-03-30 15:29 1676128 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONENOTE.EXE
+ 2010-01-10 04:24 . 2010-01-10 04:24 3483000 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OIMG.DLL
+ 2010-01-11 02:48 . 2010-01-11 02:48 1647984 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OGL.DLL
+ 2010-02-28 09:19 . 2010-02-28 09:19 7277440 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OFFOWC.DLL
+ 2010-03-30 15:36 . 2010-03-30 15:36 5496688 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\IPEDITOR.DLL
+ 2010-03-13 05:45 . 2010-03-13 05:45 4299648 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\GRAPH.EXE
+ 2010-03-01 12:08 . 2010-03-01 12:08 1746280 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\GFX.DLL
+ 2010-02-21 00:20 . 2010-02-21 00:20 1207144 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\FM20.DLL
+ 2010-01-19 03:59 . 2010-01-19 03:59 2182040 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ASSAPIFE.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 3049376 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACEWDAT.DLL
+ 2010-03-23 17:55 . 2010-03-23 17:55 2193800 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ACECORE.DLL
+ 2011-12-30 12:27 . 2011-06-23 18:36 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2011-12-30 12:27 . 2011-07-25 15:17 5969920 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2011-12-30 12:27 . 2011-06-23 18:36 1991680 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
- 2011-02-09 02:47 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2011-02-09 02:47 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2011-02-09 02:47 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2011-02-09 02:47 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2011-02-09 02:47 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2011-02-09 02:47 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2011-02-09 02:47 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-02-09 02:47 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-12-30 12:04 . 2011-12-30 12:04 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_a96425c7\System.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_073b154b\System.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_f1227b33\System.Xml.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_2f923ac4\System.Xml.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f05a6372\System.Windows.Forms.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_136acba1\System.Windows.Forms.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_aeb9cc84\System.Drawing.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_c02fc889\System.Design.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7ce63a2e\System.Design.dll
+ 2011-12-30 12:04 . 2011-12-30 12:04 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7fcf3eb2\mscorlib.dll
+ 2011-12-30 12:05 . 2011-12-30 12:05 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1f957c71\mscorlib.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-11 15:12 . 2011-08-11 15:12 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-11 15:12 . 2011-08-11 15:12 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-08-11 15:11 . 2011-08-11 15:11 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-12-30 17:58 . 2011-12-30 17:58 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-08-11 15:14 . 2011-08-11 15:14 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-12-30 17:57 . 2011-12-30 17:57 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-12-30 12:03 . 2011-12-30 12:03 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2010-10-17 15:46 . 2010-10-17 15:46 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2010-10-17 15:46 . 2010-10-17 15:46 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-12-30 12:03 . 2011-12-30 12:03 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-11-27 20:57 . 2011-12-07 19:44 52988224 c:\windows\system32\MRT.exe
+ 2011-08-11 03:18 . 2011-11-04 19:20 11081728 c:\windows\system32\ieframe.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 11081728 c:\windows\system32\ieframe.dll
+ 2011-08-11 03:18 . 2011-11-04 19:20 11081728 c:\windows\system32\dllcache\ieframe.dll
- 2011-08-11 03:18 . 2011-06-23 18:36 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-07-13 06:49 . 2011-07-13 06:49 11459584 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp
+ 2011-07-12 04:43 . 2011-07-12 04:43 11641344 c:\windows\Installer\30d2e.msp
+ 2011-04-29 07:28 . 2011-04-29 07:28 16972800 c:\windows\Installer\30d2c.msp
+ 2011-04-29 07:28 . 2011-04-29 07:28 11056128 c:\windows\Installer\30d23.msp
+ 2011-04-29 04:34 . 2011-04-29 04:34 11155456 c:\windows\Installer\30d1b.msp
+ 2011-04-29 04:27 . 2011-04-29 04:27 14467072 c:\windows\Installer\30c1e.msp
+ 2011-10-27 06:51 . 2011-10-27 06:51 16885760 c:\windows\Installer\30b67.msp
+ 2011-10-27 06:47 . 2011-10-27 06:47 10328064 c:\windows\Installer\30b33.msp
+ 2011-10-27 06:49 . 2011-10-27 06:49 16245760 c:\windows\Installer\30b22.msp
+ 2011-10-27 06:49 . 2011-10-27 06:49 10427392 c:\windows\Installer\30b10.msp
+ 2011-10-27 06:46 . 2011-10-27 06:46 11580928 c:\windows\Installer\30af7.msp
+ 2011-10-22 23:21 . 2011-10-22 23:21 21515264 c:\windows\Installer\30ae2.msp
+ 2011-07-12 23:50 . 2011-07-12 23:50 17555968 c:\windows\Installer\30ac5.msp
+ 2011-07-12 04:43 . 2011-07-12 04:43 11641344 c:\windows\Installer\16ae5.msp
+ 2011-07-12 04:43 . 2011-07-12 04:43 11641344 c:\windows\Installer\16add.msp
+ 2010-03-23 03:36 . 2010-03-23 03:36 72521600 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSORES.DLL
+ 2011-12-30 12:27 . 2011-06-23 18:36 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2011-04-29 04:33 . 2011-04-29 04:33 425345024 c:\windows\Installer\30d0d.msp
+ 2011-10-16 22:38 . 2011-10-16 22:38 100966912 c:\windows\Installer\30adb.msp
.
Connor.S
New Member
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-12-21 519584]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Allyson^Start Menu^Programs^Startup^HP SimpleSave Monitor.lnk]
path=c:\documents and settings\Allyson\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
backup=c:\windows\pss\HP SimpleSave Monitor.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 12:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2008-12-03 02:57 729088 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppVodBurner]
2010-10-29 16:06 4980736 ----a-w- c:\program files\VodBurner\vodburner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTBFirstRun]
2008-11-07 21:31 24576 ----a-w- c:\program files\Hewlett-Packard\SDP\HPRun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CarboniteSetupLite]
2009-08-04 07:49 318096 ----a-w- c:\program files\Carbonite\CarbonitePreinstaller.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-15 04:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-15 13:46 159744 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2008-04-15 22:51 488752 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-15 13:46 135168 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-09-01 01:00 449608 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-12-18 18:24 197928 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2011-06-15 22:16 997920 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-15 13:46 131072 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-07-16 01:21 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-12-04 22:54 1410344 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2008-09-11 11:00 446556 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-03-17 07:27 273544 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [3/9/2009 3:00 AM 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [3/9/2009 3:00 AM 15856]
R0 SysCow;SysCow;c:\windows\system32\drivers\syscow32x.sys [9/24/2008 10:09 PM 103792]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [9/19/2011 3:48 PM 98392]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [12/27/2011 8:06 PM 232512]
S1 MpKsl01511777;MpKsl01511777;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys [?]
S1 MpKsl024ee902;MpKsl024ee902;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys [?]
S1 MpKsl092cdcd0;MpKsl092cdcd0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys [?]
S1 MpKsl181274b3;MpKsl181274b3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys [?]
S1 MpKsl19d11d02;MpKsl19d11d02;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys [?]
S1 MpKsl1bdaee21;MpKsl1bdaee21;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys [?]
S1 MpKsl2226132c;MpKsl2226132c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys [?]
S1 MpKsl25f89b5e;MpKsl25f89b5e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys [?]
S1 MpKsl2bef0671;MpKsl2bef0671;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys [?]
S1 MpKsl316e2d3e;MpKsl316e2d3e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys [?]
S1 MpKsl34819e1d;MpKsl34819e1d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys [?]
S1 MpKsl370aecc5;MpKsl370aecc5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys [?]
S1 MpKsl3a0cb047;MpKsl3a0cb047;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl3a0cb047.sys [12/30/2011 3:21 AM 29904]
S1 MpKsl401656f4;MpKsl401656f4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys [?]
S1 MpKsl4562e2df;MpKsl4562e2df;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys [?]
S1 MpKsl498fa5ba;MpKsl498fa5ba;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys [?]
S1 MpKsl556578ab;MpKsl556578ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys [?]
S1 MpKsl565317aa;MpKsl565317aa;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys [?]
S1 MpKsl616a52d2;MpKsl616a52d2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys [?]
S1 MpKsl62b89e81;MpKsl62b89e81;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl62b89e81.sys [12/29/2011 11:17 PM 29904]
S1 MpKsl635138d3;MpKsl635138d3;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl635138d3.sys [12/29/2011 11:38 PM 29904]
S1 MpKsl6456fd3c;MpKsl6456fd3c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys [?]
S1 MpKsl7371cd0c;MpKsl7371cd0c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys [?]
S1 MpKsl74924ba6;MpKsl74924ba6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys [?]
S1 MpKsl75a592a5;MpKsl75a592a5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys [?]
S1 MpKsl7f42012b;MpKsl7f42012b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys [?]
S1 MpKsl8372bc00;MpKsl8372bc00;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys [?]
S1 MpKsl840a4db8;MpKsl840a4db8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys [?]
S1 MpKsl86507b7a;MpKsl86507b7a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys [?]
S1 MpKsl88596b33;MpKsl88596b33;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys [?]
S1 MpKsl908689c5;MpKsl908689c5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys [?]
S1 MpKsla16e91a0;MpKsla16e91a0;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsla16e91a0.sys [12/30/2011 1:49 AM 29904]
S1 MpKsla66a8685;MpKsla66a8685;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys [?]
S1 MpKsla95d4954;MpKsla95d4954;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys [?]
S1 MpKslbb585c08;MpKslbb585c08;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys [?]
S1 MpKslc53defa1;MpKslc53defa1;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys [?]
S1 MpKslcf1ad0b5;MpKslcf1ad0b5;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKslcf1ad0b5.sys [12/30/2011 9:48 AM 29904]
S1 MpKsld12f1c17;MpKsld12f1c17;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys [?]
S1 MpKsld4feac4d;MpKsld4feac4d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys [?]
S1 MpKsldad52135;MpKsldad52135;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys [?]
S1 MpKsle330df6d;MpKsle330df6d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys [?]
S1 MpKsle43e50ca;MpKsle43e50ca;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys [?]
S1 MpKsleaa2494a;MpKsleaa2494a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys [?]
S1 MpKsled0bee8c;MpKsled0bee8c;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsled0bee8c.sys [12/30/2011 4:00 AM 29904]
S1 MpKsled8c18f8;MpKsled8c18f8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys [?]
S1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [3/9/2009 3:00 AM 25584]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [12/18/2009 10:25 AM 189736]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/27/2011 6:18 PM 366152]
S2 QDLService;Qualcomm Gobi Download Service;c:\qualcomm\QDLService\QDLService.exe [1/14/2009 6:56 AM 345336]
S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [3/9/2009 2:33 AM 112128]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [9/20/2011 12:24 PM 23624]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/27/2011 6:18 PM 22216]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]
S3 QCFilterhp;HP USB Composite Device Filter Driver;c:\windows\system32\drivers\qcfilterhp.sys [3/9/2009 2:34 AM 5248]
S3 qcusbnethp;HP USB-NDIS miniport;c:\windows\system32\drivers\qcusbnethp.sys [3/9/2009 2:34 AM 115200]
S3 qcusbserhp;HP USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbserhp.sys [3/9/2009 2:34 AM 104448]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [12/30/2011 1:16 AM 27064]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [4/14/2010 7:29 PM 32408]
S4 BackupService;BackupService;c:\documents and settings\Allyson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe --> c:\documents and settings\Allyson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 22:39]
.
2011-12-30 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-08-04 18:19]
.
2011-06-11 c:\windows\Tasks\photopadShakeIcon.job
- c:\program files\NCH Software\PhotoPad\photopad.exe [2010-12-17 20:06]
.
2010-12-17 c:\windows\Tasks\photostageSevenDays.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2010-12-17 c:\windows\Tasks\photostageShakeIcon.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2011-06-25 c:\windows\Tasks\pixillionDowngrade.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-06-11 c:\windows\Tasks\pixillionShakeIcon.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-12-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2011-12-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2010-12-10 c:\windows\Tasks\videopadShakeIcon.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2010-11-30 04:06]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 205.171.3.25
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-30 10:23
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\system32\EXT.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\bdevahoj]
"ImagePath"="\??\c:\windows\TEMP\pzolnmnd"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\blrksgwe]
"ImagePath"="\??\c:\windows\TEMP\hlfgzylo"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\chfujsan]
"ImagePath"="\??\c:\windows\TEMP\htaxjbdf"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\mccgswot]
"ImagePath"="\??\c:\windows\TEMP\sfcxgbnw"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\melcwvnb]
"ImagePath"="\??\c:\windows\TEMP\grzyagxw"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\mkdifeuc]
"ImagePath"="\??\c:\windows\TEMP\dnkffngq"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pyorzegw]
"ImagePath"="\??\c:\windows\TEMP\raheelrc"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\todzwhjd]
"ImagePath"="\??\c:\windows\TEMP\cajzensq"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ueibcgcj]
"ImagePath"="\??\c:\windows\TEMP\ajbfvjkv"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\vzxjuooi]
"ImagePath"="\??\c:\windows\TEMP\dpixmjmz"
.
Completion time: 2011-12-30 10:25:50
ComboFix-quarantined-files.txt 2011-12-30 18:25
ComboFix2.txt 2011-12-30 05:57
ComboFix3.txt 2011-12-30 03:11
ComboFix4.txt 2011-12-29 22:20
.
Pre-Run: 61,985,259,520 bytes free
Post-Run: 61,987,971,072 bytes free
.
- - End Of File - - 6A236DD66307B8A8B4DFEBA02738A8CE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-12-21 519584]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Allyson^Start Menu^Programs^Startup^HP SimpleSave Monitor.lnk]
path=c:\documents and settings\Allyson\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
backup=c:\windows\pss\HP SimpleSave Monitor.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 12:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2008-12-03 02:57 729088 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppVodBurner]
2010-10-29 16:06 4980736 ----a-w- c:\program files\VodBurner\vodburner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTBFirstRun]
2008-11-07 21:31 24576 ----a-w- c:\program files\Hewlett-Packard\SDP\HPRun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CarboniteSetupLite]
2009-08-04 07:49 318096 ----a-w- c:\program files\Carbonite\CarbonitePreinstaller.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-15 04:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-15 13:46 159744 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2008-04-15 22:51 488752 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-15 13:46 135168 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-09-01 01:00 449608 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-12-18 18:24 197928 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2011-06-15 22:16 997920 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-15 13:46 131072 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-07-16 01:21 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-12-04 22:54 1410344 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2008-09-11 11:00 446556 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-03-17 07:27 273544 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [3/9/2009 3:00 AM 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [3/9/2009 3:00 AM 15856]
R0 SysCow;SysCow;c:\windows\system32\drivers\syscow32x.sys [9/24/2008 10:09 PM 103792]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [9/19/2011 3:48 PM 98392]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [12/27/2011 8:06 PM 232512]
S1 MpKsl01511777;MpKsl01511777;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl01511777.sys [?]
S1 MpKsl024ee902;MpKsl024ee902;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl024ee902.sys [?]
S1 MpKsl092cdcd0;MpKsl092cdcd0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl092cdcd0.sys [?]
S1 MpKsl181274b3;MpKsl181274b3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl181274b3.sys [?]
S1 MpKsl19d11d02;MpKsl19d11d02;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl19d11d02.sys [?]
S1 MpKsl1bdaee21;MpKsl1bdaee21;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl1bdaee21.sys [?]
S1 MpKsl2226132c;MpKsl2226132c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl2226132c.sys [?]
S1 MpKsl25f89b5e;MpKsl25f89b5e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7A1D977-51A5-42E9-AA9A-487C08F9BE0F}\MpKsl25f89b5e.sys [?]
S1 MpKsl2bef0671;MpKsl2bef0671;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl2bef0671.sys [?]
S1 MpKsl316e2d3e;MpKsl316e2d3e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl316e2d3e.sys [?]
S1 MpKsl34819e1d;MpKsl34819e1d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl34819e1d.sys [?]
S1 MpKsl370aecc5;MpKsl370aecc5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl370aecc5.sys [?]
S1 MpKsl3a0cb047;MpKsl3a0cb047;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl3a0cb047.sys [12/30/2011 3:21 AM 29904]
S1 MpKsl401656f4;MpKsl401656f4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl401656f4.sys [?]
S1 MpKsl4562e2df;MpKsl4562e2df;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl4562e2df.sys [?]
S1 MpKsl498fa5ba;MpKsl498fa5ba;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A6179837-3CD9-4DA2-AE81-2DC883441A95}\MpKsl498fa5ba.sys [?]
S1 MpKsl556578ab;MpKsl556578ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl556578ab.sys [?]
S1 MpKsl565317aa;MpKsl565317aa;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl565317aa.sys [?]
S1 MpKsl616a52d2;MpKsl616a52d2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl616a52d2.sys [?]
S1 MpKsl62b89e81;MpKsl62b89e81;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl62b89e81.sys [12/29/2011 11:17 PM 29904]
S1 MpKsl635138d3;MpKsl635138d3;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsl635138d3.sys [12/29/2011 11:38 PM 29904]
S1 MpKsl6456fd3c;MpKsl6456fd3c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl6456fd3c.sys [?]
S1 MpKsl7371cd0c;MpKsl7371cd0c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA037EF8-C1CE-48AF-B0EA-4031F72484BC}\MpKsl7371cd0c.sys [?]
S1 MpKsl74924ba6;MpKsl74924ba6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl74924ba6.sys [?]
S1 MpKsl75a592a5;MpKsl75a592a5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl75a592a5.sys [?]
S1 MpKsl7f42012b;MpKsl7f42012b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl7f42012b.sys [?]
S1 MpKsl8372bc00;MpKsl8372bc00;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl8372bc00.sys [?]
S1 MpKsl840a4db8;MpKsl840a4db8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl840a4db8.sys [?]
S1 MpKsl86507b7a;MpKsl86507b7a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsl86507b7a.sys [?]
S1 MpKsl88596b33;MpKsl88596b33;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAC6AA66-28EB-4BF2-A7C0-C2440681C11E}\MpKsl88596b33.sys [?]
S1 MpKsl908689c5;MpKsl908689c5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsl908689c5.sys [?]
S1 MpKsla16e91a0;MpKsla16e91a0;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsla16e91a0.sys [12/30/2011 1:49 AM 29904]
S1 MpKsla66a8685;MpKsla66a8685;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla66a8685.sys [?]
S1 MpKsla95d4954;MpKsla95d4954;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsla95d4954.sys [?]
S1 MpKslbb585c08;MpKslbb585c08;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKslbb585c08.sys [?]
S1 MpKslc53defa1;MpKslc53defa1;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKslc53defa1.sys [?]
S1 MpKslcf1ad0b5;MpKslcf1ad0b5;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKslcf1ad0b5.sys [12/30/2011 9:48 AM 29904]
S1 MpKsld12f1c17;MpKsld12f1c17;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsld12f1c17.sys [?]
S1 MpKsld4feac4d;MpKsld4feac4d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsld4feac4d.sys [?]
S1 MpKsldad52135;MpKsldad52135;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsldad52135.sys [?]
S1 MpKsle330df6d;MpKsle330df6d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsle330df6d.sys [?]
S1 MpKsle43e50ca;MpKsle43e50ca;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{45C1D8D8-C40E-4ED2-8D2D-0D8145F0C668}\MpKsle43e50ca.sys [?]
S1 MpKsleaa2494a;MpKsleaa2494a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsleaa2494a.sys [?]
S1 MpKsled0bee8c;MpKsled0bee8c;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED1D4C57-3793-4615-BFB9-86C2E135B01D}\MpKsled0bee8c.sys [12/30/2011 4:00 AM 29904]
S1 MpKsled8c18f8;MpKsled8c18f8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{782E3E85-79B4-4C7E-A0E0-CA7EB4499800}\MpKsled8c18f8.sys [?]
S1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [3/9/2009 3:00 AM 25584]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [12/18/2009 10:25 AM 189736]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/27/2011 6:18 PM 366152]
S2 QDLService;Qualcomm Gobi Download Service;c:\qualcomm\QDLService\QDLService.exe [1/14/2009 6:56 AM 345336]
S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [3/9/2009 2:33 AM 112128]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/17/2010 8:43 AM 135664]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [9/20/2011 12:24 PM 23624]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/27/2011 6:18 PM 22216]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]
S3 QCFilterhp;HP USB Composite Device Filter Driver;c:\windows\system32\drivers\qcfilterhp.sys [3/9/2009 2:34 AM 5248]
S3 qcusbnethp;HP USB-NDIS miniport;c:\windows\system32\drivers\qcusbnethp.sys [3/9/2009 2:34 AM 115200]
S3 qcusbserhp;HP USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbserhp.sys [3/9/2009 2:34 AM 104448]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [12/30/2011 1:16 AM 27064]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [4/14/2010 7:29 PM 32408]
S4 BackupService;BackupService;c:\documents and settings\Allyson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe --> c:\documents and settings\Allyson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 16:43]
.
2011-12-30 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 22:39]
.
2011-12-30 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-08-04 18:19]
.
2011-06-11 c:\windows\Tasks\photopadShakeIcon.job
- c:\program files\NCH Software\PhotoPad\photopad.exe [2010-12-17 20:06]
.
2010-12-17 c:\windows\Tasks\photostageSevenDays.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2010-12-17 c:\windows\Tasks\photostageShakeIcon.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-12-17 20:08]
.
2011-06-25 c:\windows\Tasks\pixillionDowngrade.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-06-11 c:\windows\Tasks\pixillionShakeIcon.job
- c:\program files\NCH Software\Pixillion\pixillion.exe [2010-12-17 20:07]
.
2011-12-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2011-12-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3776529232-2776693366-2901217791-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2010-12-10 c:\windows\Tasks\videopadShakeIcon.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2010-11-30 04:06]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 205.171.3.25
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-30 10:23
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\system32\EXT.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\bdevahoj]
"ImagePath"="\??\c:\windows\TEMP\pzolnmnd"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\blrksgwe]
"ImagePath"="\??\c:\windows\TEMP\hlfgzylo"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\chfujsan]
"ImagePath"="\??\c:\windows\TEMP\htaxjbdf"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\mccgswot]
"ImagePath"="\??\c:\windows\TEMP\sfcxgbnw"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\melcwvnb]
"ImagePath"="\??\c:\windows\TEMP\grzyagxw"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\mkdifeuc]
"ImagePath"="\??\c:\windows\TEMP\dnkffngq"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pyorzegw]
"ImagePath"="\??\c:\windows\TEMP\raheelrc"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\todzwhjd]
"ImagePath"="\??\c:\windows\TEMP\cajzensq"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ueibcgcj]
"ImagePath"="\??\c:\windows\TEMP\ajbfvjkv"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\vzxjuooi]
"ImagePath"="\??\c:\windows\TEMP\dpixmjmz"
.
Completion time: 2011-12-30 10:25:50
ComboFix-quarantined-files.txt 2011-12-30 18:25
ComboFix2.txt 2011-12-30 05:57
ComboFix3.txt 2011-12-30 03:11
ComboFix4.txt 2011-12-29 22:20
.
Pre-Run: 61,985,259,520 bytes free
Post-Run: 61,987,971,072 bytes free
.
- - End Of File - - 6A236DD66307B8A8B4DFEBA02738A8CE