Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows XP Screen Freeses and restarts no bluescreen

Started by NooseLadder , Apr 22 2012 02:03 PM

  • This topic is locked This topic is locked
2 replies to this topic

#1 NooseLadder

NooseLadder

    New Member

  • Members
  • Pip
  • 1 posts

Posted 22 April 2012 - 02:03 PM

Hi, I'm new here and need some help.

I'm running Windows XP Home with SP3. I had a problem start today where the screen freezes intermittently so that I cannot do anyting, no mouse movement or response from the keyboard. I have to manually restart.

Other times the pc will restart on its own immediately after a screen freeze.

I have disabled automatic restart so that I could see a bluescreeen, but the pc restarted and o blue screen. It went through the complete restart cycle. I also down loaded Blue SCreen View and when I ran it the contents were empty i.e no data.

I ran Malwarebytes earlier today and it found PUP.Bundleinstaller which it removed.

The other thing i noticed is that the disk drive lamp is constantly working even when the pc is idle. It doesn't normally.

I have also run Combofix. During the first run I was out of the room and the pc restarted. Combofix continued but the screen froze so I had to restart manually.

I have run Combofix twice and include the logs data below. I also ran TDSKiller the log is underneath the two Combofix logs.

UPDATE: I have restarted in safe mode and so far it deos not freeze. I don't know if this tells you anything?

1st RUN
ComboFix 12-04-22.01 - Keith 22/04/2012 15:39:46.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1418 [GMT 1:00]
Running from: c:\documents and settings\Keith\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Keith\Application Data\ImgBurn.exe
c:\documents and settings\Keith\g2mdlhlpx.exe
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EPSONSTATUSAGENT2
-------\Service_EPSONStatusAgent2
.
.
((((((((((((((((((((((((( Files Created from 2012-03-22 to 2012-04-22 )))))))))))))))))))))))))))))))
.
.
2012-04-19 18:59 . 2012-04-19 18:59 -------- d-----w- c:\documents and settings\Keith\Application Data\FireShot
2012-04-18 10:08 . 2012-04-18 10:08 -------- d-----w- c:\program files\Market Samurai
2012-04-09 10:37 . 2012-04-09 10:37 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-04-09 10:37 . 2012-04-09 10:37 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-04-08 10:11 . 2012-04-08 10:11 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer
2012-03-30 11:22 . 2012-03-30 11:22 -------- d-----w- c:\documents and settings\Keith\Application Data\com.springbox.mobilizer
2012-03-30 11:22 . 2012-03-30 11:22 -------- d-----w- c:\program files\Mobilizer
2012-03-28 16:17 . 2007-11-27 02:24 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2012-03-28 16:02 . 2012-03-29 07:52 -------- d-----w- c:\documents and settings\Keith\Local Settings\Application Data\Htc
2012-03-28 16:01 . 2012-03-28 16:02 -------- d-----w- c:\documents and settings\Keith\Application Data\HTC
2012-03-28 15:59 . 2012-03-28 15:59 -------- d-----w- c:\documents and settings\Keith\Local Settings\Application Data\Downloaded Installations
2012-03-28 15:59 . 2009-06-10 14:49 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys
2012-03-28 15:59 . 2009-06-09 12:41 1122664 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-03-28 15:58 . 2012-03-28 15:58 -------- d-----w- c:\program files\Spirent Communications
2012-03-28 15:57 . 2012-03-28 16:01 -------- d-----w- c:\program files\HTC
2012-03-28 15:18 . 2008-04-13 23:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2012-03-28 15:18 . 2008-04-13 23:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 14:56 . 2010-11-11 15:20 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-11 13:48 . 2012-03-11 13:48 56208 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2012-03-01 11:01 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2008-04-14 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2008-04-14 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-02-03 09:22 . 2008-04-14 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2002-11-12 14:24 . 2002-11-12 14:24 987136 ----a-w- c:\program files\Heat Loss Calculator.exe
1997-07-25 17:11 . 2010-11-17 11:27 304128 ----a-w- c:\program files\mozilla firefox\plugins\Pngdll.dll
2012-04-09 10:37 . 2011-09-22 15:15 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 11:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 12:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 14:30 216064 --sha-r- c:\windows\system32\nbDX.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-01-30_17.13.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-12-01 23:46 . 2006-12-01 23:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2011-05-13 20:17 . 2011-05-13 20:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
+ 2011-05-13 19:45 . 2011-05-13 19:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-13 19:45 . 2011-05-13 19:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-13 19:45 . 2011-05-13 19:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-13 19:45 . 2011-05-13 19:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-13 19:45 . 2011-05-13 19:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-13 19:45 . 2011-05-13 19:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-13 19:45 . 2011-05-13 19:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-13 19:45 . 2011-05-13 19:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-13 19:45 . 2011-05-13 19:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
+ 2011-05-14 01:06 . 2011-05-14 01:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-14 01:23 . 2011-05-14 01:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
+ 2011-05-13 18:37 . 2011-05-13 18:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2009-01-22 02:16 . 2009-01-22 02:16 88904 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.30.2100.0_x-ww_30941067\msxml4r.dll
+ 2012-04-22 14:34 . 2012-04-22 14:34 16384 c:\windows\Temp\Perflib_Perfdata_14c.dat
+ 2006-02-28 12:00 . 2012-04-11 19:02 68672 c:\windows\system32\perfc009.dat
- 2006-02-28 12:00 . 2012-01-11 18:27 68672 c:\windows\system32\perfc009.dat
+ 2009-01-22 02:12 . 2009-01-22 02:12 88904 c:\windows\system32\msxml4r.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 66560 c:\windows\system32\mshtmled.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 66560 c:\windows\system32\mshtmled.dll
- 2006-11-07 20:03 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll
+ 2006-11-07 20:03 . 2012-03-01 11:01 55296 c:\windows\system32\msfeedsbs.dll
+ 2010-06-09 15:53 . 2012-04-08 19:25 34660 c:\windows\system32\mlfcache.dat
- 2008-04-14 12:00 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 25600 c:\windows\system32\jsproxy.dll
+ 2010-03-18 12:16 . 2010-03-18 12:16 70472 c:\windows\system32\dxva2.dll
+ 2012-03-28 15:59 . 2010-06-22 17:01 21248 c:\windows\system32\DRVSTORE\htcnprot_8432F999F96EB7EAE7DEAD12A28023CD1A1D9D27\htcnprot.sys
+ 2012-03-28 15:59 . 2009-06-10 14:49 24576 c:\windows\system32\DRVSTORE\androidusb_F8E53F6F8F4568D53EDC82173C048C4CABFEC42F\ANDROIDUSB.sys
+ 2008-01-19 09:45 . 2008-01-19 09:45 35176 c:\windows\system32\drivers\wdfldr.sys
+ 2010-01-07 09:06 . 2010-09-28 15:44 41984 c:\windows\system32\drivers\usbaapl.sys
+ 2010-06-22 17:01 . 2010-06-22 17:01 21248 c:\windows\system32\drivers\htcnprot.sys
- 2011-06-13 08:58 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2011-06-13 08:58 . 2012-03-01 11:01 12800 c:\windows\system32\dllcache\xpshims.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2011-06-13 08:58 . 2012-03-01 11:01 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2011-06-13 08:58 . 2011-11-04 19:20 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-06-26 11:12 . 2012-03-17 10:45 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-06-26 11:12 . 2012-01-11 14:39 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2007-06-26 11:12 . 2012-03-17 10:45 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2007-06-26 11:12 . 2012-01-11 14:39 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2011-06-06 09:18 . 2012-01-11 14:39 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-02-18 11:46 . 2012-03-17 10:45 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-03-18 12:16 . 2010-03-18 12:16 13648 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2010-03-18 12:16 . 2010-03-18 12:16 13648 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2010-03-18 12:16 . 2010-03-18 12:16 13648 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2010-03-18 12:16 . 2010-03-18 12:16 13648 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2010-03-18 12:16 . 2010-03-18 12:16 13648 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2010-03-18 12:16 . 2010-03-18 12:16 13648 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2010-03-18 12:16 . 2010-03-18 12:16 13648 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2010-03-18 12:16 . 2010-03-18 12:16 13648 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2010-03-18 12:16 . 2010-03-18 12:16 13648 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2012-03-21 08:46 . 2012-03-21 08:46 22016 c:\windows\Installer\97e40.msi
+ 2012-04-18 10:08 . 2012-04-18 10:08 73216 c:\windows\Installer\8adbd2.msi
+ 2012-03-30 11:22 . 2012-03-30 11:22 22528 c:\windows\Installer\47ffe6.msi
+ 2012-03-28 15:57 . 2012-03-28 15:57 28160 c:\windows\Installer\1cdb2d8.msi
+ 2012-03-28 16:01 . 2012-03-28 16:01 57344 c:\windows\Installer\{7A3FFA58-876F-489C-B6CF-0503916224DF}\ARPPRODUCTICON.exe
+ 2012-03-28 15:59 . 2012-03-28 15:59 49152 c:\windows\Installer\{6D6664A9-3342-4948-9B7E-034EFE366F0F}\UNINST_Uninstall_H_8AD6F64309CF42C693274CB5A3D89801.exe
+ 2012-03-28 15:59 . 2012-03-28 15:59 53248 c:\windows\Installer\{6D6664A9-3342-4948-9B7E-034EFE366F0F}\ARPPRODUCTICON.exe
+ 2012-03-28 15:58 . 2012-03-28 15:58 53248 c:\windows\Installer\{31A559C1-9E4D-423B-9DD3-34A6C5398752}\ARPPRODUCTICON.exe
+ 2012-04-11 19:03 . 2011-12-17 19:46 12800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 43520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 12800 c:\windows\ie8updates\KB2647516-IE8\xpshims.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 66560 c:\windows\ie8updates\KB2647516-IE8\mshtmled.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 55296 c:\windows\ie8updates\KB2647516-IE8\msfeedsbs.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 43520 c:\windows\ie8updates\KB2647516-IE8\licmgr10.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 25600 c:\windows\ie8updates\KB2647516-IE8\jsproxy.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\dab766b18e6fe0a8f53a93c56be7b40e\System.Windows.Presentation.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\36124bfc4baaa1c2063d699e77324080\System.Web.DynamicData.Design.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\89dfd3999ad1d72c59243d7b4bf40d5a\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-16 09:03 . 2012-02-16 09:03 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3aa4296d4aa01fe0533de2c15f818d5f\PresentationFontCache.ni.exe
+ 2012-02-16 09:02 . 2012-02-16 09:02 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\820acb71782d9cd006800b3ac7e1ca53\PresentationCFFRasterizer.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\d07f0222f62dbed7898a6e2e909d407a\Microsoft.Vsa.ni.dll
+ 2012-02-29 18:16 . 2012-02-29 18:16 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a140509b1342934fc5e58ae22ac9696c\Microsoft.VisualC.ni.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2012-01-11 18:26 . 2012-01-11 18:26 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-02-15 18:38 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2661637\update\spcustom.dll
+ 2012-02-15 18:38 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2661637\spmsg.dll
+ 2012-02-15 18:39 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2660465\update\spcustom.dll
+ 2012-02-15 18:39 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2660465\spmsg.dll
+ 2012-03-14 10:38 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2647518\update\spcustom.dll
+ 2012-03-14 10:38 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2647518\spmsg.dll
+ 2012-02-15 18:39 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2647516-IE8\update\spcustom.dll
+ 2012-02-15 18:39 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2647516-IE8\spmsg.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 12800 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\xpshims.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 66560 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtmled.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 55296 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\msfeedsbs.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 43520 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\licmgr10.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 25600 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\jsproxy.dll
+ 2012-03-14 10:41 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2641653\update\spcustom.dll
+ 2012-03-14 10:41 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2641653\spmsg.dll
+ 2012-03-14 10:38 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2621440\update\spcustom.dll
+ 2012-03-14 10:38 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2621440\spmsg.dll
+ 2012-01-31 18:28 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2585542\update\spcustom.dll
+ 2012-01-31 18:28 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2585542\spmsg.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-02-15 08:49 . 2012-01-11 19:06 3072 c:\windows\system32\iacenc.dll
+ 2012-02-15 08:49 . 2012-01-11 19:06 3072 c:\windows\system32\dllcache\iacenc.dll
- 2010-12-03 09:40 . 2012-01-17 08:36 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceStopShortcut.exe
+ 2010-12-03 09:40 . 2012-03-14 08:37 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceStopShortcut.exe
- 2010-12-03 09:40 . 2012-01-17 08:36 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceStartShortcut.exe
+ 2010-12-03 09:40 . 2012-03-14 08:37 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceStartShortcut.exe
- 2010-12-03 09:40 . 2012-01-17 08:36 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceConsoleShortcut.exe
+ 2010-12-03 09:40 . 2012-03-14 08:37 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceConsoleShortcut.exe
+ 2012-04-11 19:01 . 2012-04-11 19:01 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-02-15 08:49 . 2012-01-11 19:05 3072 c:\windows\$hf_mig$\KB2661637\SP3QFE\iacenc.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-05-14 01:17 . 2011-05-14 01:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 01:12 . 2011-05-14 01:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 01:11 . 2011-05-14 01:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
+ 2008-04-14 12:00 . 2011-11-16 14:21 354816 c:\windows\system32\winhttp.dll
- 2008-04-14 12:00 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 105984 c:\windows\system32\url.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 105984 c:\windows\system32\url.dll
+ 2008-04-14 12:00 . 2011-11-16 14:21 152064 c:\windows\system32\schannel.dll
- 2006-02-28 12:00 . 2012-01-11 18:27 434464 c:\windows\system32\perfh009.dat
+ 2006-02-28 12:00 . 2012-04-11 19:02 434464 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2012-03-01 11:01 206848 c:\windows\system32\occache.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 206848 c:\windows\system32\occache.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 611840 c:\windows\system32\mstime.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 611840 c:\windows\system32\mstime.dll
- 2006-11-07 20:03 . 2011-11-04 19:20 602112 c:\windows\system32\msfeeds.dll
+ 2006-11-07 20:03 . 2012-03-01 11:01 602112 c:\windows\system32\msfeeds.dll
+ 2009-09-23 23:30 . 2009-09-23 23:30 156488 c:\windows\system32\mscorier.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 184320 c:\windows\system32\iepeers.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 184320 c:\windows\system32\iepeers.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 387584 c:\windows\system32\iedkcs32.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 387584 c:\windows\system32\iedkcs32.dll
+ 2008-04-14 12:00 . 2012-02-29 12:17 174080 c:\windows\system32\ie4uinit.exe
- 2008-04-14 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
+ 2007-06-26 18:51 . 2012-04-20 07:50 196960 c:\windows\system32\FNTCACHE.DAT
+ 2010-03-18 12:16 . 2010-03-18 12:16 486216 c:\windows\system32\evr.dll
+ 2012-03-28 15:57 . 2009-01-24 00:36 103424 c:\windows\system32\DRVSTORE\qcusbser_16B28C7848350E13EA22A0597DCA5455A7D15937\qcmdmxp.sys
+ 2012-03-28 15:58 . 2009-01-24 00:36 103424 c:\windows\system32\DRVSTORE\qcusbmdm_AE3A52441B17C2D2343D229D81AF3B2CD8465388\qcmdmxp.sys
+ 2012-03-28 15:59 . 2011-08-04 00:58 130048 c:\windows\system32\DRVSTORE\htcusbnet_5A2D6C4CE617BCADCD925F74EC7058775179B5C5\htcusbnet.sys
+ 2008-01-19 09:45 . 2008-01-19 09:45 503144 c:\windows\system32\drivers\wdf01000.sys
+ 2007-06-26 10:58 . 2012-01-09 16:20 139784 c:\windows\system32\drivers\rdpwd.sys
+ 2008-04-14 12:00 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll
- 2008-04-14 12:00 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 916992 c:\windows\system32\dllcache\wininet.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 916992 c:\windows\system32\dllcache\wininet.dll
- 2008-04-14 12:00 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2008-04-14 12:00 . 2011-11-16 14:21 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 105984 c:\windows\system32\dllcache\url.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 105984 c:\windows\system32\dllcache\url.dll
+ 2008-04-14 12:00 . 2011-11-16 14:21 152064 c:\windows\system32\dllcache\schannel.dll
+ 2007-06-26 10:58 . 2012-01-09 16:20 139784 c:\windows\system32\dllcache\rdpwd.sys
- 2008-04-14 12:00 . 2011-11-04 19:20 206848 c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 206848 c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 611840 c:\windows\system32\dllcache\mstime.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 611840 c:\windows\system32\dllcache\mstime.dll
+ 2011-06-13 08:58 . 2012-03-01 11:01 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2011-06-13 08:58 . 2011-11-04 19:20 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-04-14 12:00 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll
- 2011-06-13 08:58 . 2011-11-04 19:20 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2011-06-13 08:58 . 2012-03-01 11:01 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 184320 c:\windows\system32\dllcache\iepeers.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 184320 c:\windows\system32\dllcache\iepeers.dll
- 2011-06-13 08:58 . 2011-11-04 19:20 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2011-06-13 08:58 . 2012-03-01 11:01 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-14 12:00 . 2012-02-29 12:17 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-04-14 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2012-01-31 02:38 . 2012-01-31 02:38 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2012-03-28 09:08 . 2012-03-28 09:08 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-02-02 22:56 . 2012-02-02 22:56 963584 c:\windows\Installer\28e1600.msp
+ 2012-03-29 19:41 . 2012-03-29 19:41 499712 c:\windows\Installer\28cf07d.msi
+ 2012-02-29 18:15 . 2012-02-29 18:15 271872 c:\windows\Installer\2115e53.msi
+ 2012-03-28 16:01 . 2012-03-28 16:01 836608 c:\windows\Installer\1cdb2ec.msi
+ 2012-03-28 15:57 . 2012-03-28 15:57 962048 c:\windows\Installer\1cdb2df.msi
+ 2012-03-28 15:55 . 2012-03-28 15:55 331264 c:\windows\Installer\1cdb2be.msi
+ 2012-03-28 15:55 . 2012-03-28 15:55 498176 c:\windows\Installer\1cdb2b9.msi
+ 2012-02-29 16:01 . 2012-02-29 16:01 467456 c:\windows\Installer\195c1fe.msi
+ 2012-04-11 19:03 . 2011-12-17 19:46 916992 c:\windows\ie8updates\KB2675157-IE8\wininet.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll
+ 2012-04-11 19:03 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll
+ 2012-04-11 19:03 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe
+ 2012-04-11 19:03 . 2011-12-17 19:46 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll
+ 2012-04-11 19:03 . 2011-12-16 12:23 174080 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe
+ 2012-02-15 18:39 . 2011-11-04 19:20 916992 c:\windows\ie8updates\KB2647516-IE8\wininet.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 105984 c:\windows\ie8updates\KB2647516-IE8\url.dll
+ 2012-02-15 18:39 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2647516-IE8\spuninst\updspapi.dll
+ 2012-02-15 18:39 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2647516-IE8\spuninst\spuninst.exe
+ 2012-02-15 18:39 . 2011-11-04 19:20 206848 c:\windows\ie8updates\KB2647516-IE8\occache.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 611840 c:\windows\ie8updates\KB2647516-IE8\mstime.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 602112 c:\windows\ie8updates\KB2647516-IE8\msfeeds.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 247808 c:\windows\ie8updates\KB2647516-IE8\ieproxy.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 184320 c:\windows\ie8updates\KB2647516-IE8\iepeers.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 743424 c:\windows\ie8updates\KB2647516-IE8\iedvtool.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 387584 c:\windows\ie8updates\KB2647516-IE8\iedkcs32.dll
+ 2012-02-15 18:39 . 2011-11-04 11:24 174080 c:\windows\ie8updates\KB2647516-IE8\ie4uinit.exe
+ 2012-02-16 09:25 . 2012-02-16 09:25 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\edc5691acfb65ac37f49de2ec497083a\WsatConfig.ni.exe
+ 2012-04-12 08:07 . 2012-04-12 08:07 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\5be064066858620a8aa628fca459a888\WindowsFormsIntegration.ni.dll
+ 2012-04-12 08:12 . 2012-04-12 08:12 223744 c:\windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\6a7464c304726eea6e49810397569686\VistaBridgeLibrary.ni.dll
+ 2012-02-16 09:06 . 2012-02-16 09:06 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\68f4157e570c77df653057c0583395bd\UIAutomationClient.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c2a12bd4056b44f8005a7eb3af161e6a\System.Xml.Linq.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\1107b3a711bab40c83e2561ba2431d62\System.Web.Routing.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\67877f896b2b0e42286e838fe307f3fd\System.Web.RegularExpressions.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d7c8c294920cfe79765215e242308d28\System.Web.Extensions.Design.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\5176923a8264305118a299419e1c7bde\System.Web.Entity.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d746c0f0ed36226efb2e0115de42cdd6\System.Web.Entity.Design.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\df5542604898c9ea3fda32c8619ae0e5\System.Web.DynamicData.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\b9c8715157536097b489132574ad5c17\System.Web.Abstractions.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll
+ 2012-04-12 08:12 . 2012-04-12 08:12 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e433394df8d44e43690a855e403555\System.ServiceProcess.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-29 18:16 . 2012-02-29 18:16 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c14e58265386feb509cc61bb5e8dd296\System.Runtime.Remoting.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\a4b2b1ee81acd843970d9a81b281f1c1\System.Net.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e3436edde657a5111d39d5b2eecf9715\System.Management.Instrumentation.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\974ded7dd3bca225a1b90de778846c78\System.IO.Log.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\01eba24390736a59c39becd825b5756e\System.IdentityModel.Selectors.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.Wrapper.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.ni.dll
+ 2012-04-12 08:06 . 2012-04-12 08:06 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\cc2cd3bc46c9c2b30e47281e404a3230\System.Drawing.Design.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\78a370dc153011708dd9e4cb0e606bfc\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6e644fc7464d9fe23fc9cd6001296f2f\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\bac39be66bb9f987c1948b766833f8e6\System.Data.Services.Client.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2b5ecd231320e57010043c408783d80b\System.Data.Services.Design.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4ac9ac2326720485aefd4d79d2024945\System.Data.Entity.Design.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\d504d550fd0a6994fcb1466ea7be92af\System.Data.DataSetExtensions.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\28637135c6939e74450bbbf110b12643\System.Configuration.Install.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\958b5c0114d664ab5ba72575c301e2ea\System.AddIn.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4dcff3b0e79fc27e31549bb2af00efb5\SMSvcHost.ni.exe
+ 2012-02-16 09:25 . 2012-02-16 09:25 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bd3bfd5b6ef659dac4d6cccb34577d33\SMDiagnostics.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\edec83be646eb52204c991371751a428\ServiceModelReg.ni.exe
+ 2012-02-16 09:04 . 2012-02-16 09:04 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\52015457bc28e7a9a563d9eab8ab0015\PresentationFramework.Royale.ni.dll
+ 2012-02-16 09:04 . 2012-02-16 09:04 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a680814559114706a33282e9df4b7a\PresentationFramework.Classic.ni.dll
+ 2012-02-16 09:04 . 2012-02-16 09:04 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2713754549b1114c9152d33efe5f72c7\PresentationFramework.Aero.ni.dll
+ 2012-02-16 09:04 . 2012-02-16 09:04 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1552f18ca434c1dca6d082df476d089a\PresentationFramework.Luna.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7c51497b188c82e2ccbe6315549ce023\MSBuild.ni.exe
+ 2012-02-16 09:25 . 2012-02-16 09:25 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f0f6dd614d294295c5d8386cc4192034\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\fd1338828beec8737fed8f50f4fcc567\Microsoft.Build.Utilities.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\0d5f999c4b7e51151548c37c676c1b8e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\792168ce8fe03a3db43e12cf736cf91e\Microsoft.Build.Engine.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\0a5277c34ddc1f55df1defb4231e814f\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a8df37aadb089f1f34d3d2f103966fbc\ComSvcConfig.ni.exe
+ 2012-04-12 08:12 . 2012-04-12 08:12 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\8d6cd6a93f679608d52b6c874088b963\AspNetMMCExt.ni.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-01-11 18:26 . 2012-01-11 18:26 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2012-01-11 18:26 . 2012-01-11 18:26 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-02-15 18:38 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2661637$\spuninst\updspapi.dll
+ 2012-02-15 18:38 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2661637$\spuninst\spuninst.exe
+ 2012-02-15 18:39 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2660465$\spuninst\updspapi.dll
+ 2012-02-15 18:39 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2660465$\spuninst\spuninst.exe
+ 2012-03-14 10:38 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2647518$\spuninst\updspapi.dll
+ 2012-03-14 10:38 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2647518$\spuninst\spuninst.exe
+ 2012-03-14 10:41 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2641653$\spuninst\updspapi.dll
+ 2012-03-14 10:41 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2641653$\spuninst\spuninst.exe
+ 2012-03-14 10:38 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2621440$\spuninst\updspapi.dll
+ 2012-03-14 10:38 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2621440$\spuninst\spuninst.exe
+ 2012-03-14 10:38 . 2011-06-24 14:10 139656 c:\windows\$NtUninstallKB2621440$\rdpwd.sys
+ 2012-01-31 18:28 . 2009-08-25 09:17 354816 c:\windows\$NtUninstallKB2585542$\winhttp.dll
+ 2012-01-31 18:28 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2585542$\spuninst\updspapi.dll
+ 2012-01-31 18:28 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2585542$\spuninst\spuninst.exe
+ 2012-01-31 18:28 . 2011-04-29 17:25 151552 c:\windows\$NtUninstallKB2585542$\schannel.dll
+ 2012-02-15 18:38 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2661637\update\updspapi.dll
+ 2012-02-15 18:38 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2661637\update\update.exe
+ 2012-02-15 18:38 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2661637\spuninst.exe
+ 2012-02-15 18:39 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2660465\update\updspapi.dll
+ 2012-02-15 18:39 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2660465\update\update.exe
+ 2012-02-15 18:39 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2660465\spuninst.exe
+ 2012-03-14 10:38 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2647518\update\updspapi.dll
+ 2012-03-14 10:38 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2647518\update\update.exe
+ 2012-03-14 10:38 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2647518\spuninst.exe
+ 2012-02-15 18:39 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2647516-IE8\update\updspapi.dll
+ 2012-02-15 18:39 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2647516-IE8\update\update.exe
+ 2012-02-15 18:39 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2647516-IE8\spuninst.exe
+ 2012-02-15 08:50 . 2011-12-17 19:45 919552 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 105984 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\url.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 206848 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\occache.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 611840 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mstime.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 602112 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\msfeeds.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 247808 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ieproxy.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 184320 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iepeers.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 743424 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iedvtool.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 387584 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iedkcs32.dll
+ 2012-02-15 08:50 . 2011-12-16 12:33 174080 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ie4uinit.exe
+ 2012-03-14 10:41 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2641653\update\updspapi.dll
+ 2012-03-14 10:41 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2641653\update\update.exe
+ 2012-03-14 10:41 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2641653\spuninst.exe
+ 2012-03-14 10:38 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2621440\update\updspapi.dll
+ 2012-03-14 10:38 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2621440\update\update.exe
+ 2012-03-14 10:38 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2621440\spuninst.exe
+ 2012-03-14 08:37 . 2012-01-09 16:19 139784 c:\windows\$hf_mig$\KB2621440\SP3QFE\rdpwd.sys
+ 2012-01-31 18:28 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2585542\update\updspapi.dll
+ 2012-01-31 18:28 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2585542\update\update.exe
+ 2012-01-31 18:28 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2585542\spuninst.exe
+ 2011-11-16 14:20 . 2011-11-16 14:20 354816 c:\windows\$hf_mig$\KB2585542\SP3QFE\winhttp.dll
+ 2011-11-16 14:20 . 2011-11-16 14:20 152064 c:\windows\$hf_mig$\KB2585542\SP3QFE\schannel.dll
+ 2011-05-13 20:04 . 2011-05-13 20:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
+ 2011-05-13 20:04 . 2011-05-13 20:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
+ 2009-07-20 21:14 . 2009-07-20 21:14 1393480 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.30.2107.0_x-ww_bd5ca85e\msxml4.dll
+ 2009-01-22 02:14 . 2009-01-22 02:14 1328968 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.30.2100.0_x-ww_b9ea3bd7\msxml4.dll
+ 2010-01-07 09:06 . 2010-09-28 15:44 4184352 c:\windows\system32\usbaaplrc.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 1212416 c:\windows\system32\urlmon.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 1212416 c:\windows\system32\urlmon.dll
+ 2009-07-20 21:16 . 2009-07-20 21:16 1393480 c:\windows\system32\msxml4.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 5978624 c:\windows\system32\mshtml.dll
+ 2006-10-17 10:57 . 2012-03-01 11:01 2000384 c:\windows\system32\iertutil.dll
- 2006-10-17 10:57 . 2011-11-04 19:20 2000384 c:\windows\system32\iertutil.dll
+ 2012-03-28 15:59 . 2009-06-09 12:41 1122664 c:\windows\system32\DRVSTORE\androidusb_F8E53F6F8F4568D53EDC82173C048C4CABFEC42F\WdfCoInstaller01007.dll
+ 2008-04-14 12:00 . 2012-02-03 09:22 1860096 c:\windows\system32\dllcache\win32k.sys
+ 2008-04-14 12:00 . 2012-03-01 11:01 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2008-04-14 12:00 . 2011-11-04 19:20 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-14 12:00 . 2012-03-01 11:01 5978624 c:\windows\system32\dllcache\mshtml.dll
- 2011-06-13 08:58 . 2011-11-04 19:20 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-06-13 08:58 . 2012-03-01 11:01 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-10-26 03:39 . 2011-10-26 03:39 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-04-08 09:43 . 2012-04-08 09:43 2208768 c:\windows\Installer\6c57c.msi
+ 2012-02-01 09:34 . 2012-02-01 09:34 4698112 c:\windows\Installer\31c633.msi
+ 2012-03-14 08:37 . 2012-03-14 08:37 1409536 c:\windows\Installer\2c6e1.msi
+ 2011-10-30 22:54 . 2011-10-30 22:54 2748416 c:\windows\Installer\223e5cc.msp
+ 2012-03-28 15:59 . 2012-03-28 15:59 9106432 c:\windows\Installer\1cdb2e7.msi
+ 2012-04-11 19:03 . 2011-12-17 19:46 1212416 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 5979136 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
+ 2012-04-11 19:03 . 2011-12-17 19:46 2000384 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 1212416 c:\windows\ie8updates\KB2647516-IE8\urlmon.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 5978112 c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 2000384 c:\windows\ie8updates\KB2647516-IE8\iertutil.dll
+ 2012-02-16 09:02 . 2012-02-16 09:02 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\174c2f776741812aed02c337bbcd1dae\WindowsBase.ni.dll
+ 2012-02-16 09:06 . 2012-02-16 09:06 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\94f5164ff4f664c5e4e7fb4c3af1abad\UIAutomationClientsideProviders.ni.dll
+ 2012-02-16 09:00 . 2012-02-16 09:00 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27D.tmp\System.dll
+ 2012-02-16 09:01 . 2012-02-16 09:01 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
+ 2012-02-16 09:06 . 2012-02-16 09:06 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\d31d2eb0a862d3c1d3561be5f1570c3e\System.WorkflowServices.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\248ea47105ff4af6ee75e6fdd5b450a1\System.Workflow.Runtime.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\53c2336db392bfa5484850780048e37a\System.Workflow.ComponentModel.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\f243723cda77dd647b250dd9c42c35e2\System.Workflow.Activities.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\d1dacd5cb445b242b70bf7d606464293\System.Web.Mobile.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6acbb8bb1a43fab0fdcf55bedd1fbcc3\System.Web.Extensions.ni.dll
+ 2012-02-16 09:06 . 2012-02-16 09:06 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e456140d5d6c43d7383bd36d3f9e12c6\System.Speech.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\285dfbf2380436e187cb624bd1cd4683\System.ServiceModel.Web.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
+ 2012-04-12 08:06 . 2012-04-12 08:06 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\44d507a702c1623810e094adf751f687\System.Printing.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\8ef05061cd205c4f2a8583d97f32a603\System.IdentityModel.ni.dll
+ 2012-04-12 08:06 . 2012-04-12 08:06 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\77d0e93f024055d04c07cc2700b4c590\System.DirectoryServices.ni.dll
+ 2012-04-12 08:12 . 2012-04-12 08:12 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3d253a2235f7c03630003bc1fbaf34a3\System.Deployment.ni.dll
+ 2012-02-16 09:05 . 2012-02-16 09:05 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\857300fa64d09c69125451fd8894f3da\System.Data.SqlXml.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\e9d4a1fb13572c769ddd9b86e55baab4\System.Data.Services.ni.dll
+ 2012-02-29 18:16 . 2012-02-29 18:16 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\3f2e74586111fb32d5edc059f709fa94\System.Data.OracleClient.ni.dll
+ 2012-02-16 09:05 . 2012-02-16 09:05 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3d9c33f71d15a3e2e240092a244eba3\System.Data.Linq.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\424160369b301ccd1b6fd86265611955\System.Data.Entity.ni.dll
+ 2012-02-16 09:05 . 2012-02-16 09:05 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\0a6d6717e76be12295711ff02c7aa1d4\System.Core.ni.dll
+ 2012-04-12 08:06 . 2012-04-12 08:06 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\c73e109dbac6b099786cc68fe36e3d0b\ReachFramework.ni.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\20d72aeac1109863b77532d37d3f4fa2\PresentationUI.ni.dll
+ 2012-02-16 09:01 . 2012-02-16 09:01 1458176 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c58021bf78ed4dd1be2a755b2e8f5641\PresentationBuildTasks.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ec4a3f74cb80c9b9581d778e8645b2c\Microsoft.VisualBasic.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f7071f9a1c0523540f6aa7f11c302fb6\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\806b1d127ed3e906db972751e87585c4\Microsoft.JScript.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\876b7280cf4e81fd65b120f60d38a7d9\Microsoft.Build.Tasks.ni.dll
+ 2012-04-12 08:13 . 2012-04-12 08:13 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\64ba53308e90fa3837fe47977e2d37b6\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d6edd4b4619a9052d3dfe50c3067d5e0\Microsoft.Build.Engine.ni.dll
+ 2012-04-12 08:12 . 2012-04-12 08:12 4829696 c:\windows\assembly\NativeImages_v2.0.50727_32\Fences\90121442a128b0baf330ab92b8ade84d\Fences.ni.exe
+ 2012-04-11 19:02 . 2012-04-11 19:02 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-01-11 18:26 . 2012-01-11 18:27 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-01-11 18:26 . 2012-01-11 18:26 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-04-11 19:01 . 2012-04-11 19:01 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-01-11 18:26 . 2012-01-11 18:26 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-01-11 18:27 . 2012-01-11 18:27 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-11 19:02 . 2012-04-11 19:02 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-02-15 18:39 . 2011-11-23 13:25 1859584 c:\windows\$NtUninstallKB2660465$\win32k.sys
+ 2012-03-14 10:41 . 2012-01-12 16:53 1859968 c:\windows\$NtUninstallKB2641653$\win32k.sys
+ 2012-01-12 16:54 . 2012-01-12 16:54 1869056 c:\windows\$hf_mig$\KB2660465\SP3QFE\win32k.sys
+ 2012-02-15 08:50 . 2011-12-17 19:45 1214464 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\urlmon.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 5980160 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 2001408 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iertutil.dll
+ 2012-03-14 08:38 . 2012-02-03 09:26 1869184 c:\windows\$hf_mig$\KB2641653\SP3QFE\win32k.sys
+ 2007-06-26 14:31 . 2012-04-11 18:57 55154568 c:\windows\system32\MRT.exe
+ 2006-11-07 20:03 . 2012-03-02 05:01 11082752 c:\windows\system32\ieframe.dll
+ 2011-06-13 08:58 . 2012-03-02 05:01 11082752 c:\windows\system32\dllcache\ieframe.dll
+ 2012-04-11 19:03 . 2011-12-18 14:46 11082240 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll
+ 2012-02-15 18:39 . 2011-11-04 19:20 11081728 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll
+ 2012-04-12 08:07 . 2012-04-12 08:07 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll
+ 2012-04-12 08:12 . 2012-04-12 08:12 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\db1d2470de43ffcb6f562277208d56e5\System.Web.ni.dll
+ 2012-02-16 09:25 . 2012-02-16 09:25 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1cdcd6d97627d345d5ff446e6ec88b97\System.ServiceModel.ni.dll
+ 2012-04-12 08:06 . 2012-04-12 08:06 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\561138d8d199861578c197c4d24e3934\System.Design.ni.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\029d1d9e6495065aa4f38bcf2315ee8c\PresentationFramework.ni.dll
+ 2012-04-11 19:03 . 2012-04-11 19:03 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0a059ecfca6e421629a8298b03a7814c\PresentationCore.ni.dll
+ 2012-02-15 08:50 . 2011-12-17 19:45 11085312 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg&inst=NzctNTkyNjY4MDE3LVQyMC1VODUrMS1CQSsxLUtWMys3LVhMKzEtRlA5Mis2LUJBUjlHKzEtVEI5KzItRkwrOS1GMTBNKzUtUUlYMSs0LVgyMDEwKzItRjEwTTEwQysxLUxJQys3Ny1TUDErMS1TVUQrMS1TMUkrMS1TVTMrMS1GTDEwKzEtVFVHKzM&prod=90&ver=10.0.1375" [?]
.
c:\documents and settings\Guest\Start Menu\Programs\Startup\
OpenOffice.org 2.2.lnk.disabled [2008-3-25 876]
.
c:\documents and settings\Louis\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk.disabled [2009-3-7 864]
.
c:\documents and settings\Kerry\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk.disabled [2009-7-10 864]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check 2.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk
backup=c:\windows\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NkbMonitor.exe.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\NkbMonitor.exe.lnk
backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^OnlyWire.LNK]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\OnlyWire.LNK
backup=c:\windows\pss\OnlyWire.LNKCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Keith^Start Menu^Programs^Startup^Mozilla Sunbird.lnk]
path=c:\documents and settings\Keith\Start Menu\Programs\Startup\Mozilla Sunbird.lnk
backup=c:\windows\pss\Mozilla Sunbird.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Keith^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Keith\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 18:43 69632 -c----r- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
2012-01-24 17:24 2416480 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
2011-12-20 12:32 634880 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 17:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveZilla]
2011-03-17 08:04 7030272 ----a-w- c:\program files\LiveZilla\LiveZilla.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-22 04:22 7700480 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-22 04:22 86016 -c--a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-22 04:22 1622016 -c--a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-09-06 11:44 16262656 -c----r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 18:04 2879488 -c----r- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-10-31 18:47 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2007-06-26 14:02 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 15:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"PMJ151LA"=2 (0x2)
"Bonjour Service"=2 (0x2)
"aawservice"=2 (0x2)
"YahooAUService"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\Mozilla Thunderbird\\thunderbird.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Actinic v10\\Catalog.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Adobe\\Adobe Dreamweaver CS5\\Dreamweaver.exe"=
"c:\\Program Files\\OnlyWire\\OnlyWireWindows.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\LiveZilla\\LiveZilla Server Admin.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"4373:TCP"= 4373:TCP:Actinic Port
"4374:TCP"= 4374:TCP:Actinic Port 2
"23640:TCP"= 23640:TCP:spport
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22/02/2011 08:13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16/03/2011 16:03 32592]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [11/03/2012 14:48 56208]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [07/01/2011 06:41 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [05/04/2011 00:59 295248]
R1 RapportCerberus_34302;RapportCerberus_34302;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys [15/12/2011 18:14 228208]
R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [11/03/2012 14:48 71440]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [11/03/2012 14:48 164112]
R2 ActinicSyncServer;Actinic Synchronization Server v10;c:\program files\Actinic v10\ActSyncSvr.exe [27/10/2010 10:34 218480]
R2 Apache2.2;Apache2.2;c:\program files\XAMMP\xampp\apache\bin\httpd.exe [30/03/2010 10:25 29416]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [02/08/2011 07:09 192776]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [15/09/2011 12:06 88576]
R2 PMJ151NM;Panasonic DVC Web Camera;c:\windows\system32\drivers\PMJ151NM.sys [02/09/2007 15:23 14848]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [11/03/2012 14:48 931640]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;c:\windows\system32\drivers\atl01_xp.sys [26/06/2007 14:24 35712]
R3 RapportIaso;RapportIaso;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys [08/08/2011 09:17 21520]
S2 ChilkatSmtpQ;Chilkat SMTPQ;c:\program files\Atlantic Software\Email Marketing Pro\ChilkatSmtpQ.exe --> c:\program files\Atlantic Software\Email Marketing Pro\ChilkatSmtpQ.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [07/01/2010 13:00 135664]
S2 swinr;Windows Authentication Service;c:\windows\system32\swinr.exe [11/11/2010 16:41 21504]
S3 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12/10/2011 07:25 4433248]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14/04/2011 21:28 134608]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10/02/2011 07:53 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/02/2011 07:53 16720]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [07/01/2010 13:00 135664]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [28/03/2012 16:59 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22/06/2010 18:01 21248]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 MTDVC;Panasonic DVC USB-SERIAL Driver for NT Technology;c:\windows\system32\drivers\mtdv2ku1.sys [02/09/2007 15:22 12590]
S3 MTDVC_ENUM;Panasonic DVC COM Driver for NT Technology;c:\windows\system32\drivers\mtdv2ks1.sys [02/09/2007 15:22 11569]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-04 c:\windows\Tasks\AdobeAAMUpdater-1.0-PC-Keith.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-06-09 02:44]
.
2010-01-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:34]
.
2012-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 12:00]
.
2012-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 12:00]
.
2012-04-22 c:\windows\Tasks\User_Feed_Synchronization-{5790C573-6490-4E0D-B0E6-4429AF4BDB47}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.co.uk/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Keith\Application Data\Mozilla\Firefox\Profiles\os7k41td.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bfbdbc534-177d-44cf-8e6d-dac474588a24%7D&mid=991695b30782815c8506f767da868587-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=pl011&v=10.2.0.3&lang=en&pr=sa&d=2012-03-28%2009%3A48%3A37&sap=ku&q=
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-22 15:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PMJ151LA]
"ImagePath"="%SystemRoot%\PMJ151LA.BIN"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2424)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\program files\Stardock\Fences\FencesMenu.dll
c:\program files\stardock\fences\DesktopDock.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-04-22 15:55:54
ComboFix-quarantined-files.txt 2012-04-22 14:55
ComboFix2.txt 2012-01-30 17:24
ComboFix3.txt 2011-06-03 11:19
.
Pre-Run: 117,702,594,560 bytes free
Post-Run: 117,661,061,120 bytes free
.
- - End Of File - - D70C4FD9AF19F7C82628705BCC09BFE7

2nd RUN
ComboFix 12-04-22.01 - Keith 22/04/2012 19:38:13.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1460 [GMT 1:00]
Running from: c:\documents and settings\Keith\My Documents\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
F:\Autorun.inf
F:\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-03-22 to 2012-04-22 )))))))))))))))))))))))))))))))
.
.
2012-04-19 18:59 . 2012-04-19 18:59 -------- d-----w- c:\documents and settings\Keith\Application Data\FireShot
2012-04-18 10:08 . 2012-04-18 10:08 -------- d-----w- c:\program files\Market Samurai
2012-04-17 00:23 . 2012-04-17 00:23 56208 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2012-04-09 10:37 . 2012-04-09 10:37 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-04-09 10:37 . 2012-04-09 10:37 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-04-08 10:11 . 2012-04-08 10:11 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer
2012-03-30 11:22 . 2012-03-30 11:22 -------- d-----w- c:\documents and settings\Keith\Application Data\com.springbox.mobilizer
2012-03-30 11:22 . 2012-03-30 11:22 -------- d-----w- c:\program files\Mobilizer
2012-03-28 16:17 . 2007-11-27 02:24 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2012-03-28 16:02 . 2012-03-29 07:52 -------- d-----w- c:\documents and settings\Keith\Local Settings\Application Data\Htc
2012-03-28 16:01 . 2012-03-28 16:02 -------- d-----w- c:\documents and settings\Keith\Application Data\HTC
2012-03-28 15:59 . 2012-03-28 15:59 -------- d-----w- c:\documents and settings\Keith\Local Settings\Application Data\Downloaded Installations
2012-03-28 15:59 . 2009-06-10 14:49 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys
2012-03-28 15:59 . 2009-06-09 12:41 1122664 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-03-28 15:58 . 2012-03-28 15:58 -------- d-----w- c:\program files\Spirent Communications
2012-03-28 15:57 . 2012-03-28 16:01 -------- d-----w- c:\program files\HTC
2012-03-28 15:18 . 2008-04-13 23:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2012-03-28 15:18 . 2008-04-13 23:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 14:56 . 2010-11-11 15:20 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-01 11:01 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2008-04-14 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2008-04-14 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-02-03 09:22 . 2008-04-14 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2002-11-12 14:24 . 2002-11-12 14:24 987136 ----a-w- c:\program files\Heat Loss Calculator.exe
1997-07-25 17:11 . 2010-11-17 11:27 304128 ----a-w- c:\program files\mozilla firefox\plugins\Pngdll.dll
2012-04-09 10:37 . 2011-09-22 15:15 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 11:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 12:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 14:30 216064 --sha-r- c:\windows\system32\nbDX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg&inst=NzctNTkyNjY4MDE3LVQyMC1VODUrMS1CQSsxLUtWMys3LVhMKzEtRlA5Mis2LUJBUjlHKzEtVEI5KzItRkwrOS1GMTBNKzUtUUlYMSs0LVgyMDEwKzItRjEwTTEwQysxLUxJQys3Ny1TUDErMS1TVUQrMS1TMUkrMS1TVTMrMS1GTDEwKzEtVFVHKzM&prod=90&ver=10.0.1375" [?]
.
c:\documents and settings\Guest\Start Menu\Programs\Startup\
OpenOffice.org 2.2.lnk.disabled [2008-3-25 876]
.
c:\documents and settings\Kerry\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk.disabled [2009-7-10 864]
.
c:\documents and settings\Louis\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk.disabled [2009-3-7 864]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check 2.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk
backup=c:\windows\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NkbMonitor.exe.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\NkbMonitor.exe.lnk
backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^OnlyWire.LNK]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\OnlyWire.LNK
backup=c:\windows\pss\OnlyWire.LNKCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Keith^Start Menu^Programs^Startup^Mozilla Sunbird.lnk]
path=c:\documents and settings\Keith\Start Menu\Programs\Startup\Mozilla Sunbird.lnk
backup=c:\windows\pss\Mozilla Sunbird.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Keith^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Keith\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 18:43 69632 -c----r- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
2011-12-20 12:32 634880 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 17:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveZilla]
2011-03-17 08:04 7030272 ----a-w- c:\program files\LiveZilla\LiveZilla.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-22 04:22 7700480 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-22 04:22 86016 -c--a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-22 04:22 1622016 -c--a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-09-06 11:44 16262656 -c----r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 18:04 2879488 -c----r- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-10-31 18:47 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2007-06-26 14:02 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 15:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"PMJ151LA"=2 (0x2)
"Bonjour Service"=2 (0x2)
"aawservice"=2 (0x2)
"YahooAUService"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\Mozilla Thunderbird\\thunderbird.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Actinic v10\\Catalog.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Adobe\\Adobe Dreamweaver CS5\\Dreamweaver.exe"=
"c:\\Program Files\\OnlyWire\\OnlyWireWindows.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\LiveZilla\\LiveZilla Server Admin.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"4373:TCP"= 4373:TCP:Actinic Port
"4374:TCP"= 4374:TCP:Actinic Port 2
"23640:TCP"= 23640:TCP:spport
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22/02/2011 08:13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16/03/2011 16:03 32592]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [17/04/2012 01:23 56208]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [07/01/2011 06:41 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [05/04/2011 00:59 295248]
R1 RapportCerberus_34302;RapportCerberus_34302;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys [15/12/2011 18:14 228208]
R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [17/04/2012 01:23 71440]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [17/04/2012 01:23 164112]
R2 ActinicSyncServer;Actinic Synchronization Server v10;c:\program files\Actinic v10\ActSyncSvr.exe [27/10/2010 10:34 218480]
R2 Apache2.2;Apache2.2;c:\program files\XAMMP\xampp\apache\bin\httpd.exe [30/03/2010 10:25 29416]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [02/08/2011 07:09 192776]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [15/09/2011 12:06 88576]
R2 PMJ151NM;Panasonic DVC Web Camera;c:\windows\system32\drivers\PMJ151NM.sys [02/09/2007 15:23 14848]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [17/04/2012 01:23 931640]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;c:\windows\system32\drivers\atl01_xp.sys [26/06/2007 14:24 35712]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14/04/2011 21:28 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10/02/2011 07:53 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/02/2011 07:53 16720]
R3 RapportIaso;RapportIaso;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys [08/08/2011 09:17 21520]
S2 ChilkatSmtpQ;Chilkat SMTPQ;c:\program files\Atlantic Software\Email Marketing Pro\ChilkatSmtpQ.exe --> c:\program files\Atlantic Software\Email Marketing Pro\ChilkatSmtpQ.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [07/01/2010 13:00 135664]
S2 swinr;Windows Authentication Service;c:\windows\system32\swinr.exe [11/11/2010 16:41 21504]
S3 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12/10/2011 07:25 4433248]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [07/01/2010 13:00 135664]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [28/03/2012 16:59 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22/06/2010 18:01 21248]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 MTDVC;Panasonic DVC USB-SERIAL Driver for NT Technology;c:\windows\system32\drivers\mtdv2ku1.sys [02/09/2007 15:22 12590]
S3 MTDVC_ENUM;Panasonic DVC COM Driver for NT Technology;c:\windows\system32\drivers\mtdv2ks1.sys [02/09/2007 15:22 11569]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-04 c:\windows\Tasks\AdobeAAMUpdater-1.0-PC-Keith.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-06-09 02:44]
.
2010-01-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:34]
.
2012-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 12:00]
.
2012-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 12:00]
.
2012-04-22 c:\windows\Tasks\User_Feed_Synchronization-{5790C573-6490-4E0D-B0E6-4429AF4BDB47}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.co.uk/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Keith\Application Data\Mozilla\Firefox\Profiles\os7k41td.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bfbdbc534-177d-44cf-8e6d-dac474588a24%7D&mid=991695b30782815c8506f767da868587-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=pl011&v=10.2.0.3&lang=en&pr=sa&d=2012-03-28%2009%3A48%3A37&sap=ku&q=
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-22 19:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PMJ151LA]
"ImagePath"="%SystemRoot%\PMJ151LA.BIN"
.
Completion time: 2012-04-22 19:50:55
ComboFix-quarantined-files.txt 2012-04-22 18:50
.
Pre-Run: 132,530,659,328 bytes free
Post-Run: 132,521,656,320 bytes free
.
- - End Of File - - 80B91B5B758255E60F73333B12C693B9

START OF TDS KILLER LOG
18:22:44.0421 2544 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
18:22:44.0656 2544 ============================================================
18:22:44.0656 2544 Current date / time: 2012/04/22 18:22:44.0656
18:22:44.0656 2544 SystemInfo:
18:22:44.0656 2544
18:22:44.0656 2544 OS Version: 5.1.2600 ServicePack: 3.0
18:22:44.0656 2544 Product type: Workstation
18:22:44.0656 2544 ComputerName: PC
18:22:44.0656 2544 UserName: Keith
18:22:44.0656 2544 Windows directory: C:\WINDOWS
18:22:44.0656 2544 System windows directory: C:\WINDOWS
18:22:44.0656 2544 Processor architecture: Intel x86
18:22:44.0656 2544 Number of processors: 1
18:22:44.0656 2544 Page size: 0x1000
18:22:44.0656 2544 Boot type: Normal boot
18:22:44.0656 2544 ============================================================
18:22:46.0859 2544 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:22:46.0875 2544 \Device\Harddisk0\DR0:
18:22:46.0875 2544 MBR partitions:
18:22:46.0875 2544 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
18:22:46.0890 2544 C: <-> \Device\Harddisk0\DR0\Partition0
18:22:46.0890 2544 Initialize success
18:22:46.0890 2544 ============================================================
18:22:49.0687 3304 ============================================================
18:22:49.0687 3304 Scan started
18:22:49.0687 3304 Mode: Manual;
18:22:49.0687 3304 ============================================================
18:22:50.0312 3304 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
18:22:50.0328 3304 61883 - ok
18:22:50.0390 3304 Abiosdsk - ok
18:22:50.0500 3304 abp480n5 - ok
18:22:50.0562 3304 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:22:50.0562 3304 ACPI - ok
18:22:50.0656 3304 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:22:50.0656 3304 ACPIEC - ok
18:22:50.0781 3304 ActinicSyncServer (f834e936815aa232ad15f3457fd0cff9) C:\Program Files\Actinic v10\ActSyncSvr.exe
18:22:50.0781 3304 ActinicSyncServer - ok
18:22:50.0843 3304 adpu160m - ok
18:22:50.0937 3304 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:22:50.0953 3304 aec - ok
18:22:51.0140 3304 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:22:51.0203 3304 AFD - ok
18:22:51.0312 3304 Aha154x - ok
18:22:51.0421 3304 aic78u2 - ok
18:22:51.0578 3304 aic78xx - ok
18:22:51.0703 3304 alcan5wn (0940030d5a5869067ccc03e3b0b8dec7) C:\WINDOWS\system32\DRIVERS\alcan5wn.sys
18:22:51.0703 3304 alcan5wn - ok
18:22:51.0921 3304 alcaudsl (4c9577888c53243e2991456f510488a1) C:\WINDOWS\system32\DRIVERS\alcaudsl.sys
18:22:51.0921 3304 alcaudsl - ok
18:22:52.0046 3304 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
18:22:52.0046 3304 Alerter - ok
18:22:52.0218 3304 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
18:22:52.0218 3304 ALG - ok
18:22:52.0312 3304 AliIde - ok
18:22:52.0421 3304 amsint - ok
18:22:52.0578 3304 Apache2.2 (fb32f046a2578755fa0da5052c6a9cd3) C:\Program Files\XAMMP\xampp\apache\bin\httpd.exe
18:22:52.0578 3304 Apache2.2 - ok
18:22:52.0703 3304 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:22:52.0718 3304 Apple Mobile Device - ok
18:22:52.0781 3304 AppMgmt - ok
18:22:52.0843 3304 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:22:52.0843 3304 Arp1394 - ok
18:22:52.0921 3304 asc - ok
18:22:53.0031 3304 asc3350p - ok
18:22:53.0078 3304 asc3550 - ok
18:22:53.0187 3304 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:22:53.0187 3304 aspnet_state - ok
18:22:53.0250 3304 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:22:53.0265 3304 AsyncMac - ok
18:22:53.0375 3304 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:22:53.0375 3304 atapi - ok
18:22:53.0531 3304 AtcL001 (8048e8d1d56c03c85b72a4e7a3fd4312) C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
18:22:53.0546 3304 AtcL001 - ok
18:22:53.0640 3304 Atdisk - ok
18:22:53.0703 3304 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:22:53.0703 3304 Atmarpc - ok
18:22:53.0765 3304 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
18:22:53.0765 3304 AudioSrv - ok
18:22:53.0859 3304 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:22:53.0859 3304 audstub - ok
18:22:53.0937 3304 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
18:22:53.0937 3304 Avc - ok
18:22:54.0156 3304 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
18:22:54.0250 3304 AVGIDSAgent - ok
18:22:54.0328 3304 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
18:22:54.0343 3304 AVGIDSDriver - ok
18:22:54.0421 3304 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
18:22:54.0421 3304 AVGIDSEH - ok
18:22:54.0515 3304 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
18:22:54.0515 3304 AVGIDSFilter - ok
18:22:54.0593 3304 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
18:22:54.0593 3304 AVGIDSShim - ok
18:22:54.0671 3304 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
18:22:54.0687 3304 Avgldx86 - ok
18:22:54.0796 3304 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
18:22:54.0796 3304 Avgmfx86 - ok
18:22:54.0859 3304 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
18:22:54.0875 3304 Avgrkx86 - ok
18:22:54.0968 3304 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
18:22:54.0968 3304 Avgtdix - ok
18:22:55.0062 3304 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
18:22:55.0062 3304 avgwd - ok
18:22:55.0140 3304 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:22:55.0140 3304 Beep - ok
18:22:55.0218 3304 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
18:22:55.0234 3304 BITS - ok
18:22:55.0296 3304 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
18:22:55.0312 3304 Bonjour Service - ok
18:22:55.0375 3304 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
18:22:55.0375 3304 Browser - ok
18:22:55.0453 3304 catchme - ok
18:22:55.0515 3304 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:22:55.0515 3304 cbidf2k - ok
18:22:55.0593 3304 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:22:55.0593 3304 CCDECODE - ok
18:22:55.0656 3304 cd20xrnt - ok
18:22:55.0718 3304 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:22:55.0718 3304 Cdaudio - ok
18:22:55.0812 3304 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:22:55.0812 3304 Cdfs - ok
18:22:55.0906 3304 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:22:55.0921 3304 Cdrom - ok
18:22:55.0984 3304 Changer - ok
18:22:56.0046 3304 ChilkatSmtpQ - ok
18:22:56.0093 3304 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
18:22:56.0093 3304 CiSvc - ok
18:22:56.0156 3304 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
18:22:56.0156 3304 ClipSrv - ok
18:22:56.0250 3304 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:22:56.0265 3304 clr_optimization_v2.0.50727_32 - ok
18:22:56.0343 3304 CmdIde - ok
18:22:56.0375 3304 COMSysApp - ok
18:22:56.0437 3304 Cpqarray - ok
18:22:56.0500 3304 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
18:22:56.0500 3304 CryptSvc - ok
18:22:56.0578 3304 dac2w2k - ok
18:22:56.0640 3304 dac960nt - ok
18:22:56.0718 3304 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
18:22:56.0734 3304 DcomLaunch - ok
18:22:57.0000 3304 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
18:22:57.0000 3304 Dhcp - ok
18:22:57.0093 3304 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:22:57.0093 3304 Disk - ok
18:22:57.0125 3304 dmadmin - ok
18:22:57.0203 3304 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:22:57.0218 3304 dmboot - ok
18:22:57.0390 3304 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
18:22:57.0390 3304 dmio - ok
18:22:57.0468 3304 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:22:57.0484 3304 dmload - ok
18:22:57.0546 3304 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
18:22:57.0546 3304 dmserver - ok
18:22:57.0625 3304 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:22:57.0625 3304 DMusic - ok
18:22:57.0703 3304 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
18:22:57.0703 3304 Dnscache - ok
18:22:57.0781 3304 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
18:22:57.0781 3304 Dot3svc - ok
18:22:57.0843 3304 dpti2o - ok
18:22:57.0921 3304 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:22:57.0921 3304 drmkaud - ok
18:22:58.0000 3304 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
18:22:58.0000 3304 EapHost - ok
18:22:58.0062 3304 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
18:22:58.0062 3304 ERSvc - ok
18:22:58.0125 3304 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
18:22:58.0140 3304 Eventlog - ok
18:22:58.0218 3304 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
18:22:58.0218 3304 EventSystem - ok
18:22:58.0281 3304 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:22:58.0296 3304 Fastfat - ok
18:22:58.0375 3304 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:22:58.0390 3304 FastUserSwitchingCompatibility - ok
18:22:58.0453 3304 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
18:22:58.0468 3304 Fax - ok
18:22:58.0531 3304 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:22:58.0531 3304 Fdc - ok
18:22:58.0625 3304 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:22:58.0625 3304 Fips - ok
18:22:58.0687 3304 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:22:58.0703 3304 Flpydisk - ok
18:22:58.0781 3304 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:22:58.0781 3304 FltMgr - ok
18:22:58.0890 3304 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:22:58.0890 3304 FontCache3.0.0.0 - ok
18:22:59.0046 3304 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:22:59.0046 3304 Fs_Rec - ok
18:22:59.0125 3304 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:22:59.0125 3304 Ftdisk - ok
18:22:59.0203 3304 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
18:22:59.0203 3304 GEARAspiWDM - ok
18:22:59.0281 3304 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:22:59.0281 3304 Gpc - ok
18:22:59.0359 3304 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
18:22:59.0406 3304 gupdate - ok
18:22:59.0453 3304 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
18:22:59.0453 3304 gupdatem - ok
18:22:59.0531 3304 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:22:59.0546 3304 gusvc - ok
18:22:59.0625 3304 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:22:59.0625 3304 HDAudBus - ok
18:22:59.0687 3304 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:22:59.0687 3304 helpsvc - ok
18:22:59.0734 3304 HidServ - ok
18:22:59.0828 3304 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:22:59.0828 3304 HidUsb - ok
18:22:59.0875 3304 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
18:22:59.0890 3304 hkmsvc - ok
18:22:59.0953 3304 hpn - ok
18:23:00.0062 3304 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
18:23:00.0093 3304 HTCAND32 - ok
18:23:00.0187 3304 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys
18:23:00.0218 3304 htcnprot - ok
18:23:00.0312 3304 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:23:00.0312 3304 HTTP - ok
18:23:00.0359 3304 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
18:23:00.0375 3304 HTTPFilter - ok
18:23:00.0421 3304 i2omgmt - ok
18:23:00.0484 3304 i2omp - ok
18:23:00.0562 3304 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:23:00.0562 3304 i8042prt - ok
18:23:00.0625 3304 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:23:00.0687 3304 IDriverT - ok
18:23:00.0828 3304 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:23:00.0890 3304 idsvc - ok
18:23:00.0984 3304 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:23:00.0984 3304 Imapi - ok
18:23:01.0125 3304 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
18:23:01.0125 3304 ImapiService - ok
18:23:01.0187 3304 ini910u - ok
18:23:01.0359 3304 IntcAzAudAddService (fc3a99650afe0b39fe1d214304a7d0d3) C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:23:01.0390 3304 IntcAzAudAddService - ok
18:23:01.0453 3304 IntelIde - ok
18:23:01.0578 3304 IntelS51 (cb5c2935491f0f998f1b62bffa258464) C:\WINDOWS\system32\DRIVERS\IntelS51.sys
18:23:01.0593 3304 IntelS51 - ok
18:23:01.0671 3304 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:23:01.0671 3304 Ip6Fw - ok
18:23:01.0750 3304 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:23:01.0750 3304 IpFilterDriver - ok
18:23:01.0828 3304 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:23:01.0828 3304 IpInIp - ok
18:23:01.0890 3304 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:23:01.0890 3304 IpNat - ok
18:23:01.0984 3304 iPod Service (6e27978a4755f4789f912f5f49392f7c) C:\Program Files\iPod\bin\iPodService.exe
18:23:02.0031 3304 iPod Service - ok
18:23:02.0109 3304 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:23:02.0109 3304 IPSec - ok
18:23:02.0171 3304 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:23:02.0187 3304 IRENUM - ok
18:23:02.0296 3304 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:23:02.0296 3304 isapnp - ok
18:23:02.0390 3304 JavaQuickStarterService (9ae07549a0d691a103faf8946554bdb7) C:\Program Files\Java\jre6\bin\jqs.exe
18:23:02.0390 3304 JavaQuickStarterService - ok
18:23:02.0484 3304 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:23:02.0484 3304 Kbdclass - ok
18:23:02.0562 3304 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:23:02.0562 3304 kmixer - ok
18:23:02.0640 3304 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:23:02.0640 3304 KSecDD - ok
18:23:02.0703 3304 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
18:23:02.0718 3304 lanmanserver - ok
18:23:02.0781 3304 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
18:23:02.0781 3304 lanmanworkstation - ok
18:23:02.0812 3304 Lavasoft Kernexplorer - ok
18:23:02.0859 3304 lbrtfdc - ok
18:23:02.0984 3304 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
18:23:02.0984 3304 LmHosts - ok
18:23:03.0078 3304 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
18:23:03.0078 3304 Messenger - ok
18:23:03.0171 3304 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:23:03.0171 3304 mnmdd - ok
18:23:03.0234 3304 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
18:23:03.0234 3304 mnmsrvc - ok
18:23:03.0312 3304 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:23:03.0312 3304 Modem - ok
18:23:03.0453 3304 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
18:23:03.0453 3304 MODEMCSA - ok
18:23:03.0515 3304 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:23:03.0515 3304 Mouclass - ok
18:23:03.0578 3304 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:23:03.0578 3304 mouhid - ok
18:23:03.0671 3304 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:23:03.0671 3304 MountMgr - ok
18:23:03.0718 3304 mraid35x - ok
18:23:03.0796 3304 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:23:03.0796 3304 MRxDAV - ok
18:23:04.0031 3304 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:23:04.0031 3304 MRxSmb - ok
18:23:04.0218 3304 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
18:23:04.0218 3304 MSDTC - ok
18:23:04.0296 3304 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
18:23:04.0296 3304 MSDV - ok
18:23:04.0375 3304 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:23:04.0375 3304 Msfs - ok
18:23:04.0406 3304 MSIServer - ok
18:23:04.0562 3304 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:23:04.0578 3304 MSKSSRV - ok
18:23:04.0640 3304 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:23:04.0640 3304 MSPCLOCK - ok
18:23:04.0718 3304 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:23:04.0718 3304 MSPQM - ok
18:23:04.0796 3304 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:23:04.0796 3304 mssmbios - ok
18:23:04.0890 3304 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:23:04.0890 3304 MSTEE - ok
18:23:04.0984 3304 MTDVC (592659fdaa0b6659c08633cfece55c52) C:\WINDOWS\system32\DRIVERS\mtdv2ku1.sys
18:23:05.0015 3304 MTDVC - ok
18:23:05.0109 3304 MTDVC_ENUM (b082cca71c0da3943ff3150eac94044a) C:\WINDOWS\system32\DRIVERS\mtdv2ks1.sys
18:23:05.0109 3304 MTDVC_ENUM - ok
18:23:05.0187 3304 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
18:23:05.0187 3304 MTsensor - ok
18:23:05.0296 3304 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:23:05.0312 3304 Mup - ok
18:23:05.0578 3304 MySQL (21eef976d53a0bcb603abff4ab6e4c88) C:\Program Files\XAMMP\xampp\mysql\bin\mysqld.exe
18:23:05.0703 3304 MySQL - ok
18:23:05.0796 3304 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:23:05.0796 3304 NABTSFEC - ok
18:23:05.0890 3304 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
18:23:05.0890 3304 napagent - ok
18:23:06.0062 3304 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:23:06.0062 3304 NDIS - ok
18:23:06.0140 3304 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:23:06.0156 3304 NdisIP - ok
18:23:06.0234 3304 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:23:06.0234 3304 NdisTapi - ok
18:23:06.0312 3304 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:23:06.0312 3304 Ndisuio - ok
18:23:06.0390 3304 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:23:06.0390 3304 NdisWan - ok
18:23:06.0468 3304 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:23:06.0484 3304 NDProxy - ok
18:23:06.0562 3304 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:23:06.0562 3304 NetBIOS - ok
18:23:06.0640 3304 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:23:06.0640 3304 NetBT - ok
18:23:06.0703 3304 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
18:23:06.0703 3304 NetDDE - ok
18:23:06.0734 3304 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
18:23:06.0734 3304 NetDDEdsdm - ok
18:23:06.0828 3304 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:23:06.0828 3304 Netlogon - ok
18:23:06.0890 3304 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
18:23:06.0890 3304 Netman - ok
18:23:07.0031 3304 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:23:07.0046 3304 NetTcpPortSharing - ok
18:23:07.0140 3304 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:23:07.0140 3304 NIC1394 - ok
18:23:07.0218 3304 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
18:23:07.0234 3304 Nla - ok
18:23:07.0296 3304 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:23:07.0296 3304 Npfs - ok
18:23:07.0390 3304 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:23:07.0390 3304 Ntfs - ok
18:23:07.0468 3304 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:23:07.0468 3304 NtLmSsp - ok
18:23:07.0546 3304 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
18:23:07.0546 3304 NtmsSvc - ok
18:23:07.0640 3304 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:23:07.0640 3304 Null - ok
18:23:07.0796 3304 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:23:07.0828 3304 nv - ok
18:23:07.0890 3304 NVSvc (0febe37db6650faa5965c00545009d1d) C:\WINDOWS\system32\nvsvc32.exe
18:23:07.0890 3304 NVSvc - ok
18:23:07.0968 3304 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:23:07.0968 3304 NwlnkFlt - ok
18:23:08.0031 3304 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:23:08.0031 3304 NwlnkFwd - ok
18:23:08.0109 3304 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:23:08.0125 3304 ohci1394 - ok
18:23:08.0203 3304 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
18:23:08.0203 3304 Parport - ok
18:23:08.0296 3304 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:23:08.0296 3304 PartMgr - ok
18:23:08.0375 3304 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:23:08.0375 3304 ParVdm - ok
18:23:08.0437 3304 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
18:23:08.0437 3304 PassThru Service - ok
18:23:08.0515 3304 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:23:08.0515 3304 PCI - ok
18:23:08.0593 3304 PCIDump - ok
18:23:08.0656 3304 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:23:08.0656 3304 PCIIde - ok
18:23:08.0734 3304 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:23:08.0734 3304 Pcmcia - ok
18:23:08.0828 3304 PDCOMP - ok
18:23:08.0890 3304 PDFRAME - ok
18:23:08.0937 3304 PDRELI - ok
18:23:09.0000 3304 PDRFRAME - ok
18:23:09.0046 3304 perc2 - ok
18:23:09.0109 3304 perc2hib - ok
18:23:09.0187 3304 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
18:23:09.0187 3304 PlugPlay - ok
18:23:09.0296 3304 PMJ151LA (715b8d5f504fe2c3d47f6bd76c183193) C:\WINDOWS\PMJ151LA.BIN
18:23:09.0296 3304 PMJ151LA - ok
18:23:09.0359 3304 PMJ151NM (d7cd8506ae89cca8cc21fa5f139fb465) C:\WINDOWS\system32\DRIVERS\PMJ151NM.sys
18:23:09.0375 3304 PMJ151NM - ok
18:23:09.0437 3304 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:23:09.0437 3304 PolicyAgent - ok
18:23:09.0531 3304 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:23:09.0531 3304 PptpMiniport - ok
18:23:09.0593 3304 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
18:23:09.0593 3304 Processor - ok
18:23:09.0640 3304 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:23:09.0640 3304 ProtectedStorage - ok
18:23:09.0718 3304 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:23:09.0734 3304 PSched - ok
18:23:09.0828 3304 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:23:09.0828 3304 Ptilink - ok
18:23:09.0890 3304 ql1080 - ok
18:23:09.0937 3304 Ql10wnt - ok
18:23:09.0984 3304 ql12160 - ok
18:23:10.0031 3304 ql1240 - ok
18:23:10.0093 3304 ql1280 - ok
18:23:10.0265 3304 RapportCerberus_34302 (6b6f0a77365667912360ff1d5e984f25) C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys
18:23:10.0281 3304 RapportCerberus_34302 - ok
18:23:10.0390 3304 RapportEI (43b9aa1423bf54367c5a3de1559780e8) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
18:23:10.0390 3304 RapportEI - ok
18:23:10.0531 3304 RapportIaso (dd3e4610de9252a957c5bd19bdf47ac4) c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\28896\rapportiaso.sys
18:23:10.0546 3304 RapportIaso - ok
18:23:10.0625 3304 RapportKELL (118600ab8f15fe27f2c865f3fb4efa58) C:\WINDOWS\system32\Drivers\RapportKELL.sys
18:23:10.0625 3304 RapportKELL - ok
18:23:10.0734 3304 RapportMgmtService (d9ef54568fafcb4be4637068e768409a) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
18:23:10.0765 3304 RapportMgmtService - ok
18:23:10.0859 3304 RapportPG (4af05a67b643a5190dfcbb793273e0bc) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
18:23:10.0859 3304 RapportPG - ok
18:23:10.0921 3304 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:23:10.0921 3304 RasAcd - ok
18:23:11.0000 3304 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
18:23:11.0015 3304 RasAuto - ok
18:23:11.0109 3304 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:23:11.0109 3304 Rasl2tp - ok
18:23:11.0171 3304 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
18:23:11.0171 3304 RasMan - ok
18:23:11.0234 3304 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:23:11.0234 3304 RasPppoe - ok
18:23:11.0328 3304 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:23:11.0328 3304 Raspti - ok
18:23:11.0390 3304 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:23:11.0406 3304 Rdbss - ok
18:23:11.0468 3304 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:23:11.0468 3304 RDPCDD - ok
18:23:11.0578 3304 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
18:23:11.0578 3304 RDPWD - ok
18:23:11.0640 3304 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
18:23:11.0640 3304 RDSessMgr - ok
18:23:11.0703 3304 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:23:11.0703 3304 redbook - ok
18:23:11.0781 3304 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
18:23:11.0781 3304 RemoteAccess - ok
18:23:11.0859 3304 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
18:23:11.0859 3304 ROOTMODEM - ok
18:23:11.0921 3304 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
18:23:11.0921 3304 RpcLocator - ok
18:23:12.0015 3304 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
18:23:12.0015 3304 RpcSs - ok
18:23:12.0093 3304 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
18:23:12.0093 3304 RSVP - ok
18:23:12.0156 3304 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:23:12.0156 3304 SamSs - ok
18:23:12.0484 3304 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
18:23:12.0500 3304 SCardSvr - ok
18:23:12.0578 3304 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
18:23:12.0578 3304 Schedule - ok
18:23:12.0687 3304 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:23:12.0687 3304 Secdrv - ok
18:23:12.0984 3304 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
18:23:12.0984 3304 seclogon - ok
18:23:13.0062 3304 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
18:23:13.0062 3304 SENS - ok
18:23:13.0140 3304 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:23:13.0140 3304 serenum - ok
18:23:13.0203 3304 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
18:23:13.0218 3304 Serial - ok
18:23:13.0296 3304 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
18:23:13.0296 3304 Sfloppy - ok
18:23:13.0375 3304 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
18:23:13.0390 3304 SharedAccess - ok
18:23:13.0453 3304 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:23:13.0453 3304 ShellHWDetection - ok
18:23:13.0515 3304 Simbad - ok
18:23:13.0578 3304 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:23:13.0578 3304 SLIP - ok
18:23:13.0640 3304 Sparrow - ok
18:23:13.0703 3304 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:23:13.0703 3304 splitter - ok
18:23:13.0765 3304 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
18:23:13.0781 3304 Spooler - ok
18:23:13.0843 3304 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:23:13.0859 3304 sr - ok
18:23:13.0906 3304 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
18:23:13.0906 3304 srservice - ok
18:23:14.0031 3304 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:23:14.0031 3304 Srv - ok
18:23:14.0109 3304 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
18:23:14.0109 3304 SSDPSRV - ok
18:23:14.0187 3304 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
18:23:14.0218 3304 stisvc - ok
18:23:14.0296 3304 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:23:14.0296 3304 streamip - ok
18:23:14.0390 3304 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:23:14.0390 3304 swenum - ok
18:23:14.0531 3304 swinr (9898644f9818ee5687d52b6a759b93d2) C:\WINDOWS\system32\swinr.exe
18:23:14.0546 3304 swinr - ok
18:23:14.0656 3304 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:23:14.0656 3304 swmidi - ok
18:23:14.0765 3304 SwPrv - ok
18:23:14.0828 3304 symc810 - ok
18:23:14.0875 3304 symc8xx - ok
18:23:14.0921 3304 sym_hi - ok
18:23:15.0000 3304 sym_u3 - ok
18:23:15.0062 3304 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:23:15.0062 3304 sysaudio - ok
18:23:15.0125 3304 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
18:23:15.0125 3304 SysmonLog - ok
18:23:15.0250 3304 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
18:23:15.0265 3304 TapiSrv - ok
18:23:15.0343 3304 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:23:15.0343 3304 Tcpip - ok
18:23:15.0421 3304 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:23:15.0421 3304 TDPIPE - ok
18:23:15.0531 3304 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:23:15.0531 3304 TDTCP - ok
18:23:15.0593 3304 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:23:15.0609 3304 TermDD - ok
18:23:15.0671 3304 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
18:23:15.0671 3304 TermService - ok
18:23:15.0765 3304 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:23:15.0765 3304 Themes - ok
18:23:15.0828 3304 TosIde - ok
18:23:15.0875 3304 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
18:23:15.0875 3304 TrkWks - ok
18:23:15.0984 3304 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:23:15.0984 3304 Udfs - ok
18:23:16.0078 3304 ultra - ok
18:23:16.0140 3304 UMWdf (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe
18:23:16.0156 3304 UMWdf - ok
18:23:16.0234 3304 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:23:16.0234 3304 Update - ok
18:23:16.0406 3304 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
18:23:16.0421 3304 upnphost - ok
18:23:16.0468 3304 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
18:23:16.0484 3304 UPS - ok
18:23:16.0546 3304 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
18:23:16.0546 3304 USBAAPL - ok
18:23:16.0625 3304 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:23:16.0625 3304 usbccgp - ok
18:23:16.0718 3304 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:23:16.0718 3304 usbehci - ok
18:23:16.0796 3304 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:23:16.0796 3304 usbhub - ok
18:23:16.0890 3304 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:23:16.0921 3304 usbprint - ok
18:23:17.0015 3304 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:23:17.0031 3304 usbscan - ok
18:23:17.0125 3304 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:23:17.0125 3304 USBSTOR - ok
18:23:17.0203 3304 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:23:17.0203 3304 usbuhci - ok
18:23:17.0281 3304 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
18:23:17.0281 3304 USB_RNDIS - ok
18:23:17.0359 3304 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:23:17.0359 3304 VgaSave - ok
18:23:17.0421 3304 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\drivers\ViaIde.sys
18:23:17.0421 3304 ViaIde - ok
18:23:17.0500 3304 videX32 (c8ee49fa76eb7c41a9cddfe58151a74e) C:\WINDOWS\system32\DRIVERS\videX32.sys
18:23:17.0500 3304 videX32 - ok
18:23:17.0578 3304 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:23:17.0578 3304 VolSnap - ok
18:23:17.0734 3304 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
18:23:17.0796 3304 VSS - ok
18:23:18.0000 3304 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
18:23:18.0046 3304 W32Time - ok
18:23:18.0171 3304 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:23:18.0187 3304 Wanarp - ok
18:23:18.0296 3304 Wdf01000 (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\Drivers\wdf01000.sys
18:23:18.0312 3304 Wdf01000 - ok
18:23:18.0453 3304 WDICA - ok
18:23:18.0531 3304 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:23:18.0531 3304 wdmaud - ok
18:23:18.0578 3304 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
18:23:18.0593 3304 WebClient - ok
18:23:18.0687 3304 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
18:23:18.0703 3304 winmgmt - ok
18:23:18.0765 3304 WmdmPmSN (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\mspmsnsv.dll
18:23:18.0765 3304 WmdmPmSN - ok
18:23:18.0843 3304 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:23:18.0984 3304 WmiApSrv - ok
18:23:19.0078 3304 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
18:23:19.0125 3304 WMPNetworkSvc - ok
18:23:19.0265 3304 WPFFontCache_v0400 - ok
18:23:19.0343 3304 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:23:19.0343 3304 WS2IFSL - ok
18:23:19.0390 3304 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
18:23:19.0406 3304 wscsvc - ok
18:23:19.0484 3304 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:23:19.0484 3304 WSTCODEC - ok
18:23:19.0546 3304 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
18:23:19.0546 3304 wuauserv - ok
18:23:19.0625 3304 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:23:19.0625 3304 WudfPf - ok
18:23:19.0734 3304 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:23:19.0734 3304 WudfRd - ok
18:23:19.0796 3304 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
18:23:19.0812 3304 WudfSvc - ok
18:23:19.0875 3304 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
18:23:19.0890 3304 WZCSVC - ok
18:23:19.0984 3304 xfilt (fcbc27869092850cdb75139f3818653a) C:\WINDOWS\system32\DRIVERS\xfilt.sys
18:23:19.0984 3304 xfilt - ok
18:23:20.0046 3304 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
18:23:20.0046 3304 xmlprov - ok
18:23:20.0140 3304 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:23:20.0203 3304 YahooAUService - ok
18:23:20.0234 3304 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:23:20.0390 3304 \Device\Harddisk0\DR0 - ok
18:23:20.0421 3304 Boot (0x1200) (23f9f8671ae8a139e49ce2fec9d302e0) \Device\Harddisk0\DR0\Partition0
18:23:20.0421 3304 \Device\Harddisk0\DR0\Partition0 - ok
18:23:20.0437 3304 ============================================================
18:23:20.0437 3304 Scan finished
18:23:20.0437 3304 ============================================================
18:23:20.0453 2556 Detected object count: 0
18:23:20.0453 2556 Actual detected object count: 0


Regards,
Keith
That's all the info I can give at the moment. Look forward to your reccomendations.

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

 

  • BC Ads
  • BleepingComputer.com

#2 HelpBot

HelpBot

    Bleepin' Binary Bot

  • Bots
  • PipPipPipPipPipPip
  • 7,169 posts
  • Gender:Male

Posted 28 April 2012 - 02:05 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/451036 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot

  • Bots
  • PipPipPipPipPipPip
  • 7,169 posts
  • Gender:Male

Posted 03 May 2012 - 02:10 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!
Back to Virus, Trojan, Spyware, and Malware Removal Logs


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Logs
  4. Privacy Policy
  5. Rules ·