Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search redirect; trojan,bho;DDS/GFER BSOD


  • This topic is locked This topic is locked
20 replies to this topic

#1 vdotmatrix

vdotmatrix

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 27 October 2011 - 05:16 AM

Hello everyone!
I finally saw the revalidation link above.
I have been jumping through the hoops in the preparation guide and have not been very successful.

  • I removed the disk emulation.
  • I ran DDS which resulted in BSOD
  • I then ran GFER which resulted in BSOD
  • I fell asleep trying to post and woke up this morning to read something about re-validation link.AHHHH

So here I am with nothing but spit and wishes. I have a newly generated HIJACKTHIS log. I ran malwarebytes superantiwhatever and i think they pointed to trojan.bho and trojan.agent/gen-frauder pluss 99 adware cookies.

INITIAL COMPLAINT: Firefox started to crash for no reason. then I noticed that TRENDMICRO kept warning me during searches and i realized MANY of my searches were being diverted unless I was in firefox safe mode or SAFARI.

So I join the thousands of appreciative hopefuls awaiting assistance from this terrible malady that affects computers with patient gratitude that there are forums like this. THANKS




Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:56:27 PM, on 10/26/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Backblaze\bzserv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Belkin Bulldog Plus\UPS-Status.exe
C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMConfig.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMProcess.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Backblaze\bzbui.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\SUPERAntiSpyware.exe
C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
C:\Program Files\BUFFALO\NASNAVI\nassche.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Documents and Settings\vincedaddy\Desktop\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\vincedaddy\My Documents\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [UPS-Status] C:\Program Files\Belkin Bulldog Plus\UPS-Status.exe
O4 - HKLM\..\Run: [CaddieSyncConduit] C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\vincedaddy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Backblaze] "C:\Program Files\Backblaze\bzbui.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Backblaze] "C:\Program Files\Backblaze\bzbui.exe" -quiet (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: BUFFALO NAS Navigator2.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
O4 - Startup: NAS Scheduler.lnk = C:\Program Files\BUFFALO\NASNAVI\nassche.exe
O4 - Global Startup: Logo Calibration Loader.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01118F00-3E00-11D2-8470-0060089874ED} (SupportSoft RemoteControl Class) - https://www.tmremote.com/sdccommon/download/ssrc.cab
O16 - DPF: {01119400-3E00-11D2-8470-0060089874ED} (SupportSoft Listener Control) - https://www.tmremote.com/sdccommon/download/sprtctlln.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - http://www.costcophotocenter.com/CostcoActivia.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - http://picasaweb.google.com/s/v/30.66/uploader2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164865209062
O16 - DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} - http://bookmarks.yahoo.com/YbConvFav.CAB
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} - http://photos.msn.com/resources/neutral/controls/DigWebX2.cab?10,0,910,0
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - (no file)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SASWINLO.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SASCORE.EXE
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Backblaze Service (bzserv) - Unknown owner - C:\Program Files\Backblaze\bzserv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 15395 bytes

Attached Files


Edited by vdotmatrix, 27 October 2011 - 05:17 AM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,731 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:08 AM

Posted 01 November 2011 - 05:20 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/425232 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 vdotmatrix

vdotmatrix
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 01 November 2011 - 11:09 AM

THANK YOU!

The main thing that alerted me that something was wrong was firefox 3.6.23 kept crashing; then I noticed that all searches are redirected to dangerous websites. And Trend micro kept letting me know it was stopping numerous attacks.

  • I began at the preparation on ...October 26........and followed the instructions carefully.
  • I disabled the emulation
    [list]
  • I ran the DDS and it resulted in BSOD ( blue screen error).
  • I ran the GMER and it too resulted in the BSOD.
  • I have made no changes to my system I hope, ever since, besides these never ending updates from flash, adobe reader and windows.
  • I ran malwarebytes during this same period and it detected Trojans and have included the logs for you to examine.
  • I also included a HIJACK THIS LOG from today or yesterday.
  • I was able to successfully ran DDS. today and log is included.
  • i ran the GMER and it resulted in the BSOD. WIDOWS XP-PRO SERVICE PACK 3; 32-BIT
  • i DO HAVE THE WINDOWS DISKS AVAILABLE.
  • trend micro has stopped the following Trojans as well: TROJ_GEN.R47C7JM ; TROJ_SPNR.0CJD11
  • trend micro has stopped 1091 web threats since October 6, 2011 and counting and (3) spyware.

Thank you for your help

Attached Files



#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:08 AM

Posted 02 November 2011 - 01:40 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 vdotmatrix

vdotmatrix
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 02 November 2011 - 11:12 AM

ComboFix 11-11-02.01 - vincedaddy 11/02/2011 8:43.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2277 [GMT -4:00]
Running from: c:\documents and settings\vincedaddy\My Documents\Downloads\ComboFix.exe
AV: Titanium Internet Security *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{60ab5591-e5b0-4b2c-89fc-e0a2364d410d}
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{60ab5591-e5b0-4b2c-89fc-e0a2364d410d}\chrome.manifest
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{60ab5591-e5b0-4b2c-89fc-e0a2364d410d}\chrome\xulcache.jar
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{60ab5591-e5b0-4b2c-89fc-e0a2364d410d}\defaults\preferences\xulcache.js
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{60ab5591-e5b0-4b2c-89fc-e0a2364d410d}\install.rdf
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{d65e844a-b92d-455e-81ae-f0e4d88eda2f}
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{d65e844a-b92d-455e-81ae-f0e4d88eda2f}\chrome.manifest
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{d65e844a-b92d-455e-81ae-f0e4d88eda2f}\chrome\xulcache.jar
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{d65e844a-b92d-455e-81ae-f0e4d88eda2f}\defaults\preferences\xulcache.js
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{d65e844a-b92d-455e-81ae-f0e4d88eda2f}\install.rdf
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{df64a5d1-9182-471e-9531-ff4a619498eb}
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{df64a5d1-9182-471e-9531-ff4a619498eb}\chrome.manifest
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{df64a5d1-9182-471e-9531-ff4a619498eb}\chrome\xulcache.jar
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{df64a5d1-9182-471e-9531-ff4a619498eb}\defaults\preferences\xulcache.js
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{df64a5d1-9182-471e-9531-ff4a619498eb}\install.rdf
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{ec1ce820-22a9-4c8c-b6bb-b907549051a3}
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{ec1ce820-22a9-4c8c-b6bb-b907549051a3}\chrome.manifest
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{ec1ce820-22a9-4c8c-b6bb-b907549051a3}\chrome\xulcache.jar
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{ec1ce820-22a9-4c8c-b6bb-b907549051a3}\defaults\preferences\xulcache.js
c:\documents and settings\ARACELI\Application Data\Mozilla\Firefox\Profiles\lhoazk74.default\extensions\{ec1ce820-22a9-4c8c-b6bb-b907549051a3}\install.rdf
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{60ab5591-e5b0-4b2c-89fc-e0a2364d410d}
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{60ab5591-e5b0-4b2c-89fc-e0a2364d410d}\chrome.manifest
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{60ab5591-e5b0-4b2c-89fc-e0a2364d410d}\chrome\xulcache.jar
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{60ab5591-e5b0-4b2c-89fc-e0a2364d410d}\defaults\preferences\xulcache.js
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{60ab5591-e5b0-4b2c-89fc-e0a2364d410d}\install.rdf
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{d65e844a-b92d-455e-81ae-f0e4d88eda2f}
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{d65e844a-b92d-455e-81ae-f0e4d88eda2f}\chrome.manifest
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{d65e844a-b92d-455e-81ae-f0e4d88eda2f}\chrome\xulcache.jar
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{d65e844a-b92d-455e-81ae-f0e4d88eda2f}\defaults\preferences\xulcache.js
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{d65e844a-b92d-455e-81ae-f0e4d88eda2f}\install.rdf
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{df64a5d1-9182-471e-9531-ff4a619498eb}
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{df64a5d1-9182-471e-9531-ff4a619498eb}\chrome.manifest
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{df64a5d1-9182-471e-9531-ff4a619498eb}\chrome\xulcache.jar
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{df64a5d1-9182-471e-9531-ff4a619498eb}\defaults\preferences\xulcache.js
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{df64a5d1-9182-471e-9531-ff4a619498eb}\install.rdf
c:\documents and settings\vincedaddy\Application Data\inst.exe
c:\documents and settings\vincedaddy\bnqzolvxcx.tmp
c:\documents and settings\vincedaddy\GoToAssistDownloadHelper.exe
c:\documents and settings\vincedaddy\System
c:\documents and settings\vincedaddy\System\win_qs8.jqx
c:\documents and settings\vincedaddy\WINDOWS
c:\windows\AutoRun.ini
c:\windows\Help\nvcpar.hlp-nv7668
c:\windows\Help\nvcpcs.hlp-nv7671
c:\windows\Help\nvcpda.hlp-nv7671
c:\windows\Help\nvcpde.hlp-nv7671
c:\windows\Help\nvcpel.hlp-nv7671
c:\windows\Help\nvcpeng.hlp-nv7671
c:\windows\Help\nvcpes.hlp-nv7671
c:\windows\Help\nvcpesm.hlp-nv7671
c:\windows\Help\nvcpfi.hlp-nv7674
c:\windows\Help\nvcpfr.hlp-nv7674
c:\windows\Help\nvcphe.hlp-nv7674
c:\windows\Help\nvcphu.hlp-nv7674
c:\windows\Help\nvcpit.hlp-nv7674
c:\windows\Help\nvcpja.hlp-nv7674
c:\windows\Help\nvcpko.hlp-nv7678
c:\windows\Help\nvcpl.hlp-nv7678
c:\windows\Help\nvcpnl.hlp-nv7678
c:\windows\Help\nvcpno.hlp-nv7678
c:\windows\Help\nvcppl.hlp-nv7678
c:\windows\Help\nvcppt.hlp-nv7678
c:\windows\Help\nvcpptb.hlp-nv7681
c:\windows\Help\nvcpru.hlp-nv7681
c:\windows\Help\nvcpsk.hlp-nv7681
c:\windows\Help\nvcpsl.hlp-nv7681
c:\windows\Help\nvcpsv.hlp-nv7681
c:\windows\Help\nvcpth.hlp-nv7681
c:\windows\Help\nvcptr.hlp-nv7681
c:\windows\Help\nvcpzhc.hlp-nv7681
c:\windows\Help\nvcpzht.hlp-nv7684
c:\windows\help\tours\htmltour\unlock_playing.htm
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\_000011_.tmp.dll
c:\windows\system32\_000012_.tmp.dll
c:\windows\system32\_000013_.tmp.dll
c:\windows\system32\_000014_.tmp.dll
c:\windows\system32\_000015_.tmp.dll
c:\windows\system32\_000016_.tmp.dll
c:\windows\system32\_000017_.tmp.dll
c:\windows\system32\_000018_.tmp.dll
c:\windows\system32\d3d9caps.dat
c:\windows\system32\service
c:\windows\system32\service\05092010_TIS17_SfFniAU.log
c:\windows\system32\service\11052010_TIS17_SfFniAU.log
c:\windows\system32\service\16022010_TIS17_SfFniAU.log
c:\windows\system32\service\18062010_TIS17_SfFniAU.log
c:\windows\system32\service\23062009_TIS17_SfFniAU.log
c:\windows\system32\service\24062009_TIS17_SfFniAU.log
c:\windows\system32\service\28032010_TIS17_SfFniAU.log
c:\windows\system32\service\29062010_TIS17_SfFniAU.log
c:\windows\system32\service\30062010_TIS17_SfFniAU.log
c:\windows\system32\shimg.dll
c:\windows\UNWISE.EXE
.
.
((((((((((((((((((((((((( Files Created from 2011-10-02 to 2011-11-02 )))))))))))))))))))))))))))))))
.
.
2011-10-27 01:50 . 2011-10-27 01:50 389120 ----a-w- c:\windows\system32\CF4003.exe
2011-10-26 23:50 . 2011-10-26 23:50 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-10-26 12:25 . 2011-10-26 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-10-26 12:25 . 2011-10-26 12:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-26 12:25 . 2011-08-31 21:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-25 23:38 . 2011-10-26 01:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-10-25 23:38 . 2011-10-25 23:47 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-10-24 18:29 . 2011-10-24 18:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 18:29 . 2011-10-24 18:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-24 16:01 . 2011-10-24 16:01 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer
2011-10-24 16:01 . 2011-10-24 16:01 -------- d-----w- c:\program files\Bonjour
2011-10-20 03:26 . 2011-10-20 03:26 69120 --sha-r- c:\windows\system32\Eaexec1.dll
2011-10-04 17:53 . 2011-08-08 18:18 2083464 ----a-w- c:\windows\system32\Incinerator32.dll
2011-10-04 17:53 . 2010-02-09 02:59 56200 ----a-w- c:\windows\system32\offreg.dll
2011-10-04 17:53 . 2011-10-04 17:53 -------- d-----w- c:\program files\iolo
2011-10-04 12:47 . 2011-10-04 12:47 -------- d-----w- C:\iolo
2011-10-04 12:28 . 2011-10-04 12:28 -------- d-----w- c:\documents and settings\LocalService\Application Data\Trend Micro
2011-10-04 12:28 . 2011-10-04 12:25 92432 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-10-04 12:28 . 2011-10-04 12:25 81168 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-10-04 12:28 . 2011-10-04 12:25 68368 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-10-04 12:28 . 2011-10-04 12:25 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-10-04 12:27 . 2011-10-04 12:27 56 ----a-w- c:\windows\system32\SupportTool.exe.bat
2011-10-04 12:26 . 2011-10-25 15:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2011-10-04 10:57 . 2010-09-23 17:29 511328 ----a-w- c:\program files\Common Files\Microsoft Shared\CAPICOM\CAPICOM.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-01 11:32 . 2011-05-25 00:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-25 15:47 . 2007-12-12 04:08 47360 -c--a-w- c:\documents and settings\vincedaddy\Application Data\pcouffin.sys
2011-10-20 01:14 . 2006-12-05 13:08 1880 ----a-w- c:\windows\AUTOLNCH.REG
2011-09-26 15:41 . 2008-07-30 00:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-11 22:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2004-08-11 22:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12 . 2004-08-11 22:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2004-08-11 22:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 03:05 . 2011-08-31 03:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 03:05 . 2011-08-31 03:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 03:05 . 2011-08-31 03:05 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 03:05 . 2011-08-31 03:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-22 23:48 . 2004-08-11 22:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-11 22:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-11 22:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-11 22:00 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-11 22:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-08 19:01 . 2008-06-25 03:45 11776 ----a-w- c:\windows\system32\smrgdf.exe
2011-08-08 19:01 . 2008-06-25 03:45 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\vincedaddy\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\vincedaddy\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\vincedaddy\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\vincedaddy\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="" [BU]
"Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-06-16 533800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-04-03 640440]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-26 1753192]
"KMCONFIG"="c:\program files\iHome\Keyboard & Mouse Driver\StartAutorun.exe" [2008-05-30 212992]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-05 1505144]
"UPS-Status"="c:\program files\Belkin Bulldog Plus\UPS-Status.exe" [2006-11-15 69632]
"CaddieSyncConduit"="c:\program files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe" [2011-04-27 2364792]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-10-04 129304]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-05 1300672]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
"Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-06-16 533800]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
.
c:\documents and settings\vincedaddy\Start Menu\Programs\Startup\
BUFFALO NAS Navigator2.lnk - c:\program files\BUFFALO\NASNAVI\NasNavi.exe [2010-10-28 1906152]
NAS Scheduler.lnk - c:\program files\BUFFALO\NASNAVI\nassche.exe [2009-5-15 206128]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logo Calibration Loader.lnk - c:\program files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe [2010-4-28 708608]
ProfileReminder.lnk - c:\program files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe [2010-4-28 954368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2010-09-30 03:51 13672 ----a-w- c:\program files\Citrix\GoToAssist\615\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-29 00:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel Desktop Application Director 8.LNK]
backup=c:\windows\pss\Corel Desktop Application Director 8.LNKCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
backup=c:\windows\pss\HotSync Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
backup=c:\windows\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KODAK Software Updater.lnk]
backup=c:\windows\pss\KODAK Software Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logo Calibration Loader.lnk]
backup=c:\windows\pss\Logo Calibration Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MUPS.lnk]
backup=c:\windows\pss\MUPS.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PCCloneEX.LNK]
backup=c:\windows\pss\PCCloneEX.LNKCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ProfileReminder.lnk]
backup=c:\windows\pss\ProfileReminder.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^BUFFALO NAS Navigator.lnk]
backup=c:\windows\pss\BUFFALO NAS Navigator.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^CNET TechTracker.lnk]
backup=c:\windows\pss\CNET TechTracker.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^DING!.lnk]
backup=c:\windows\pss\DING!.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^HotSync Manager.LNK]
backup=c:\windows\pss\HotSync Manager.LNKStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
backup=c:\windows\pss\Yahoo! Widget Engine.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CaddieSyncLauncher
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eBayToolbar
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Foxmarks
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Memeo AutoBackup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSystemAnalyzer
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
2002-10-02 21:41 684032 -c--a-w- c:\program files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2008-01-17 15:42 58728 ----a-w- c:\program files\Common Files\Symantec Shared\CCAPP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]
2005-10-31 14:51 57344 -c--a-w- c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2008-08-13 23:32 206064 -c--a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2006-05-03 08:12 98304 -c--a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-11-15 14:24 16384 -c--a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eFax 4.2]
2006-07-14 20:36 107008 -c--a-w- c:\program files\eFax Messenger 4.2\J2GDllCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]
2011-07-28 13:10 1406824 ----a-w- c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2006-07-06 12:15 151552 -c--a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-10-09 22:06 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MBMon]
2006-03-16 00:15 1355468 -c--a-w- c:\windows\system32\CTMBHA.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsmqIntCert]
2008-04-14 00:11 177152 ----a-w- c:\windows\system32\mqrt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 19:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetZero_uoltray]
2007-03-07 00:51 1629184 -c--a-w- c:\program files\NetZero\exec.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]
2007-04-10 17:01 1537640 -c--a-w- c:\program files\Norton Ghost\Agent\GhostTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-10-16 16:04 13851752 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
2004-12-22 23:40 24576 ----a-w- c:\windows\MIDIDEF.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-04-18 21:30 15146376 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-06-17 10:32 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 05:00 90112 -c--a-w- c:\windows\Updreg.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoiceCenter]
2006-02-16 13:20 1118208 ----a-w- c:\program files\Creative\VoiceCenter\AndreaVC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
2007-04-10 21:46 709992 -c--a-w- c:\windows\vVX3000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL ACS"=2 (0x2)
"WLSetupSvc"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"Bonjour Service"=2 (0x2)
"MemeoBackgroundService"=2 (0x2)
"Fax"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"WinDefend"=2 (0x2)
"wampmysqld"=3 (0x3)
"wampapache"=3 (0x3)
"Viewpoint Manager Service"=2 (0x2)
"UPSentry_Smart"=2 (0x2)
"Symantec Core LC"=2 (0x2)
"STacSV"=2 (0x2)
"sprtsvc_dellsupportcenter"=2 (0x2)
"Pml Driver HPZ12"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"NVSvc"=2 (0x2)
"Norton Ghost"=2 (0x2)
"MDM"=2 (0x2)
"KodakCCS"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"iPod Service"=3 (0x3)
"ioloSystemService"=2 (0x2)
"ioloFileInfoList"=2 (0x2)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"IAANTMON"=2 (0x2)
"gusvc"=3 (0x3)
"GoToAssist"=3 (0x3)
"GEARSecurity"=2 (0x2)
"FLEXnet Licensing Service"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"Creative Labs Licensing Service"=2 (0x2)
"Adobe LM Service"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\Program Files\\Palm\\Hotsync.exe"=
"c:\\Documents and Settings\\vincedaddy\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Electronic Arts\\Command & Conquer 3 Kane's Wrath\\RetailExe\\1.2\\cnc3ep1.dat"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Program Files\\123CopyDVD 2009\\123CopyDVD.exe"=
"c:\\Program Files\\SkyGolf\\SkyCaddie Desktop\\SkyCaddieDesktop.exe"=
"c:\\Documents and Settings\\vincedaddy\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Documents and Settings\\vincedaddy\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\BUFFALO\\NASNAVI\\NasNavi.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Logging]
"LogSuccessfulConnections"= 0 (0x0)
"LogDroppedPackets"= 0 (0x0)
"LogFileSize"= 0 (0x0)
"LogFilePath"=
.
R1 FNETDEVI;FNETDEVI;c:\windows\system32\drivers\FNETDEVI.SYS [11/13/2008 12:53 AM 19572]
R1 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [10/4/2011 8:28 AM 68368]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [10/4/2011 8:27 AM 200632]
R2 bzserv;Backblaze Service;c:\program files\Backblaze\bzserv.exe [12/2/2010 7:10 PM 269096]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [10/4/2011 1:53 PM 722616]
R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys [4/28/2010 11:01 AM 14416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/31/2010 11:53 AM 136176]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 6:46 AM 284016]
S3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\system32\drivers\bfturboh.sys [12/12/2008 12:05 AM 15872]
S3 i1display;i1 Display;c:\windows\system32\drivers\i1display.sys [4/28/2010 11:16 AM 44344]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [3/13/2011 5:55 PM 23712]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [12/12/2007 12:08 AM 47360]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [5/13/2011 3:21 AM 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [5/13/2011 3:21 AM 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [5/13/2011 3:21 AM 136808]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504]
S3 yeddef;YEDDEF driver;c:\windows\system32\Drivers\yeddef.sys --> c:\windows\system32\Drivers\yeddef.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2010-09-05 c:\windows\Tasks\20100905_123400_vincedaddy2.job
- c:\program files\Nero\Nero 7\Nero BackItUp\BackItUp.exe [2006-11-10 23:25]
.
2011-10-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2011-11-02 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-03-07 16:28]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-31 15:53]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-31 15:53]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1901060476-2160935586-1665064021-1006Core.job
- c:\documents and settings\vincedaddy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-21 12:56]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1901060476-2160935586-1665064021-1006UA.job
- c:\documents and settings\vincedaddy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-21 12:56]
.
2011-11-02 c:\windows\Tasks\User_Feed_Synchronization-{AB247319-2232-43C6-9B7E-D6A74CF0E2D2}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 192.168.0.1
DPF: {01118F00-3E00-11D2-8470-0060089874ED} - hxxps://www.tmremote.com/sdccommon/download/ssrc.cab
DPF: {01119400-3E00-11D2-8470-0060089874ED} - hxxps://www.tmremote.com/sdccommon/download/sprtctlln.cab
FF - ProfilePath - c:\documents and settings\vincedaddy\Application Data\Mozilla\Firefox\Profiles\5zy2wjab.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - user.js: yahoo.homepage.dontask - true
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
MSConfigStartUp-nwiz - nwiz.exe
MSConfigStartUp-UfSeAgnt - (no file)
AddRemove-EC Watermark - c:\windows\UNWISE.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-02 08:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1901060476-2160935586-1665064021-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1901060476-2160935586-1665064021-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:27,a6,04,f5,bc,ca,64,ae,0d,d5,5b,cd,d3,59,f9,55,c3,54,2f,ae,ee,e9,54,
ec,6a,e4,8e,b4,32,7b,46,3f,ab,bc,69,22,9d,9b,e9,43,bc,98,c1,de,fe,fe,64,bf,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_USERS\S-1-5-21-1901060476-2160935586-1665064021-1006\Software\SecuROM\License information*]
"datasecu"=hex:c0,37,d9,99,2a,d8,fe,55,4f,49,0a,f5,d8,34,81,41,d0,58,9e,41,e0,
1e,6a,26,15,41,05,0a,75,14,f7,c1,10,b4,70,4f,44,19,22,25,d0,29,7b,4d,d3,63,\
"rkeysecu"=hex:56,c6,0d,e0,20,27,f2,5f,5e,7a,0c,15,6c,01,a7,f3
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(960)
c:\program files\Citrix\GoToAssist\615\G2AWinLogon.dll
c:\windows\system32\LMIinit.dll
.
Completion time: 2011-11-02 09:03:18
ComboFix-quarantined-files.txt 2011-11-02 13:03
ComboFix2.txt 2009-12-12 04:12
.
Pre-Run: 23,937,183,744 bytes free
Post-Run: 23,925,846,016 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 3D0016642EBD5B508A2B79118890419D






++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
during COMBO FIX i got this error pev.exe-app error
instruction at 0x0050005c
ref. mem. could not be read.


I hit CANCEL to debug and everything proceeded.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

  • At startup windows want to install an unknown device which it can find an
  • Before I ran COMBOFIX I tried update the recovery console. The installation window came up in ARABIC. I hope I hit CANCEL. LOL
  • I have no mouse wheel function
  • I have no mouse wheel function
  • By disabling the emulation could this have uninstalled something?
  • There is a lag in keybord response as if the computer is doing something in the background


So far my google searches have not been re-directed.

I would like to keep this case open for a few more days just in case.

So far so good...! OMG I should have thanked you FIRST for taking the time to help me!!!!

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:08 AM

Posted 02 November 2011 - 12:50 PM

Greetings

Good That cleaned up some bad guys but I see some other stuff that we need to go after, so I want you to run this custom script for me.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

File::
c:\windows\system32\Eaexec1.dll

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 vdotmatrix

vdotmatrix
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 02 November 2011 - 09:38 PM

ComboFix 11-11-02.03 - vincedaddy 11/02/2011 18:36:03.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2330 [GMT -4:00]
Running from: c:\documents and settings\vincedaddy\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\vincedaddy\Desktop\CFScript.txt
AV: Titanium Internet Security *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
.
FILE ::
"c:\windows\system32\Eaexec1.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{ec1ce820-22a9-4c8c-b6bb-b907549051a3}\chrome.manifest
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{ec1ce820-22a9-4c8c-b6bb-b907549051a3}\chrome\xulcache.jar
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{ec1ce820-22a9-4c8c-b6bb-b907549051a3}\defaults\preferences\xulcache.js
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\ylu0ipdc.default\extensions\{ec1ce820-22a9-4c8c-b6bb-b907549051a3}\install.rdf
.
.
((((((((((((((((((((((((( Files Created from 2011-10-02 to 2011-11-02 )))))))))))))))))))))))))))))))
.
.
2011-10-27 01:50 . 2011-10-27 01:50 389120 ----a-w- c:\windows\system32\CF4003.exe
2011-10-26 23:50 . 2011-10-26 23:50 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-10-26 12:25 . 2011-10-26 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-10-26 12:25 . 2011-10-26 12:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-26 12:25 . 2011-08-31 21:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-25 23:38 . 2011-10-26 01:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-10-25 23:38 . 2011-10-25 23:47 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-10-24 18:29 . 2011-10-24 18:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 18:29 . 2011-10-24 18:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-24 16:01 . 2011-10-24 16:01 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer
2011-10-24 16:01 . 2011-10-24 16:01 -------- d-----w- c:\program files\Bonjour
2011-10-20 03:26 . 2011-10-20 03:26 69120 --sha-r- c:\windows\system32\Eaexec1.dll
2011-10-04 17:53 . 2011-08-08 18:18 2083464 ----a-w- c:\windows\system32\Incinerator32.dll
2011-10-04 17:53 . 2010-02-09 02:59 56200 ----a-w- c:\windows\system32\offreg.dll
2011-10-04 17:53 . 2011-10-04 17:53 -------- d-----w- c:\program files\iolo
2011-10-04 12:47 . 2011-10-04 12:47 -------- d-----w- C:\iolo
2011-10-04 12:28 . 2011-10-04 12:28 -------- d-----w- c:\documents and settings\LocalService\Application Data\Trend Micro
2011-10-04 12:28 . 2011-10-04 12:25 92432 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-10-04 12:28 . 2011-10-04 12:25 81168 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-10-04 12:28 . 2011-10-04 12:25 68368 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-10-04 12:28 . 2011-10-04 12:25 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-10-04 12:27 . 2011-10-04 12:27 56 ----a-w- c:\windows\system32\SupportTool.exe.bat
2011-10-04 12:26 . 2011-10-25 15:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2011-10-04 10:57 . 2010-09-23 17:29 511328 ----a-w- c:\program files\Common Files\Microsoft Shared\CAPICOM\CAPICOM.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-01 11:32 . 2011-05-25 00:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-25 15:47 . 2007-12-12 04:08 47360 -c--a-w- c:\documents and settings\vincedaddy\Application Data\pcouffin.sys
2011-10-20 01:14 . 2006-12-05 13:08 1880 ----a-w- c:\windows\AUTOLNCH.REG
2011-09-26 15:41 . 2008-07-30 00:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-11 22:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2004-08-11 22:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12 . 2004-08-11 22:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2004-08-11 22:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 03:05 . 2011-08-31 03:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 03:05 . 2011-08-31 03:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 03:05 . 2011-08-31 03:05 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 03:05 . 2011-08-31 03:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-22 23:48 . 2004-08-11 22:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-11 22:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-11 22:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-11 22:00 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-11 22:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-08 19:01 . 2008-06-25 03:45 11776 ----a-w- c:\windows\system32\smrgdf.exe
2011-08-08 19:01 . 2008-06-25 03:45 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-02_12.52.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-02 22:18 . 2011-11-02 22:18 16384 c:\windows\temp\Perflib_Perfdata_c4.dat
+ 2011-10-04 00:35 . 2011-11-02 17:26 37807 c:\windows\Installer\{E071691D-20E6-4C2B-9A04-FE41C0FDC367}\RunLightroom313212_C2C2101F05384548B5AF39E0D3B3CB50.exe
- 2011-10-04 00:35 . 2011-10-04 00:35 37807 c:\windows\Installer\{E071691D-20E6-4C2B-9A04-FE41C0FDC367}\RunLightroom313212_C2C2101F05384548B5AF39E0D3B3CB50.exe
+ 2011-10-04 00:35 . 2011-11-02 17:26 37807 c:\windows\Installer\{E071691D-20E6-4C2B-9A04-FE41C0FDC367}\NewShortcut4_C2C2101F05384548B5AF39E0D3B3CB50.exe
- 2011-10-04 00:35 . 2011-10-04 00:35 37807 c:\windows\Installer\{E071691D-20E6-4C2B-9A04-FE41C0FDC367}\NewShortcut4_C2C2101F05384548B5AF39E0D3B3CB50.exe
+ 2011-10-04 00:35 . 2011-11-02 17:26 37807 c:\windows\Installer\{E071691D-20E6-4C2B-9A04-FE41C0FDC367}\ARPPRODUCTICON.exe
- 2011-10-04 00:35 . 2011-10-04 00:35 37807 c:\windows\Installer\{E071691D-20E6-4C2B-9A04-FE41C0FDC367}\ARPPRODUCTICON.exe
- 2011-11-02 11:09 . 2011-11-02 11:09 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\0eb3c18ec758534395684f3ca286a201\UIAutomationProvider.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\0eb3c18ec758534395684f3ca286a201\UIAutomationProvider.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\9bbefd2263d8f2169ab3695798208293\System.Windows.Presentation.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\9bbefd2263d8f2169ab3695798208293\System.Windows.Presentation.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\02068ef9dafba3308b13444b8f4e5940\System.Web.ApplicationServices.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\02068ef9dafba3308b13444b8f4e5940\System.Web.ApplicationServices.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c3831eb95ccf3904bab81a97a9b08ed3\System.ServiceModel.Channels.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c3831eb95ccf3904bab81a97a9b08ed3\System.ServiceModel.Channels.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\5c87f21925d5a61059ee68cef72841f4\System.AddIn.Contract.ni.dll
+ 2011-11-02 18:29 . 2011-11-02 18:29 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\5c87f21925d5a61059ee68cef72841f4\System.AddIn.Contract.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\552a460a8bcf608aecc6418db0d40216\Microsoft.VisualC.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\552a460a8bcf608aecc6418db0d40216\Microsoft.VisualC.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\01254caa0efc15b5cd48fb3178018701\Accessibility.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\01254caa0efc15b5cd48fb3178018701\Accessibility.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\6c334564da041df8fb75415f2d503224\System.Windows.Presentation.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\6c334564da041df8fb75415f2d503224\System.Windows.Presentation.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a54a122f1070ab71931dd9679ddd8e90\System.Web.DynamicData.Design.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a54a122f1070ab71931dd9679ddd8e90\System.Web.DynamicData.Design.ni.dll
+ 2011-11-02 18:24 . 2011-11-02 18:24 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll
- 2011-11-02 11:05 . 2011-11-02 11:05 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll
- 2011-11-02 11:05 . 2011-11-02 11:05 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll
+ 2011-11-02 18:24 . 2011-11-02 18:24 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\eaa8d72317e5b8047e413939cc71ffba\Microsoft.Vsa.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\eaa8d72317e5b8047e413939cc71ffba\Microsoft.Vsa.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe
- 2011-11-02 11:04 . 2011-11-02 11:04 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe
- 2011-11-02 11:03 . 2011-11-02 11:03 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
+ 2011-11-02 16:33 . 2011-11-02 16:33 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\b9b6069e6da06eb57e89cc544397f735\dfsvc.ni.exe
+ 2011-11-02 18:27 . 2011-11-02 18:27 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\b9b6069e6da06eb57e89cc544397f735\dfsvc.ni.exe
- 2011-11-02 11:12 . 2011-11-02 11:12 245760 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\cc063533b04f9420d1aa571a36d1fabd\WindowsFormsIntegration.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 245760 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\cc063533b04f9420d1aa571a36d1fabd\WindowsFormsIntegration.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 195584 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\5786f917a7b62d63ca8dd5b47aaf9610\UIAutomationTypes.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 195584 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\5786f917a7b62d63ca8dd5b47aaf9610\UIAutomationTypes.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 481792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\ece129234f9ba9ad856d0e77e4849137\UIAutomationClient.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 481792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\ece129234f9ba9ad856d0e77e4849137\UIAutomationClient.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8eca92a64c232f34b5b559625b022369\System.Xml.Linq.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8eca92a64c232f34b5b559625b022369\System.Xml.Linq.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 187904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\18419dd13ced512c5f8dc15a79a601eb\System.Windows.Input.Manipulations.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 187904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\18419dd13ced512c5f8dc15a79a601eb\System.Windows.Input.Manipulations.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 645632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dd9dbf82e44454689976a49a9e4ddb6d\System.Transactions.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 645632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dd9dbf82e44454689976a49a9e4ddb6d\System.Transactions.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 220672 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6e7f1bdc845816dfc797f8002b76b5e8\System.ServiceProcess.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 220672 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6e7f1bdc845816dfc797f8002b76b5e8\System.ServiceProcess.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\76a5d670ce969c0c65a905b7303d4bbf\System.ServiceModel.Routing.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\76a5d670ce969c0c65a905b7303d4bbf\System.ServiceModel.Routing.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 721920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\09a97525ae5583cc2685e2c39a3078bd\System.Security.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 721920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\09a97525ae5583cc2685e2c39a3078bd\System.Security.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 310272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 310272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 758784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e30ded9b9c19a264a974b1cc40d7d2cc\System.Runtime.Remoting.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 758784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e30ded9b9c19a264a974b1cc40d7d2cc\System.Runtime.Remoting.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 144896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\b07f0d26a34ad53fc369248f289d1126\System.Numerics.ni.dll
+ 2011-11-02 15:31 . 2011-11-02 15:31 144896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\b07f0d26a34ad53fc369248f289d1126\System.Numerics.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 651264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd5c866d2462dd913ed0a0287396aa50\System.Net.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 651264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd5c866d2462dd913ed0a0287396aa50\System.Net.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 625152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\3ab3e80af8e5e95a5a62092cc9293c91\System.Messaging.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 625152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\3ab3e80af8e5e95a5a62092cc9293c91\System.Messaging.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 392704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\8b5fe7aff54a7aed07287257a9b8e420\System.Management.Instrumentation.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 392704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\8b5fe7aff54a7aed07287257a9b8e420\System.Management.Instrumentation.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 405504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\150da10324f2811a48da58d3496bbe10\System.IO.Log.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 405504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\150da10324f2811a48da58d3496bbe10\System.IO.Log.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 228352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\386f41f744eedacd1517c8a15750a48b\System.IdentityModel.Selectors.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 228352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\386f41f744eedacd1517c8a15750a48b\System.IdentityModel.Selectors.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 230912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.Wrapper.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 230912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.Wrapper.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 784896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 784896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 373248 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\1331ee3a7146218388537aa7e41303af\System.Dynamic.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 373248 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\1331ee3a7146218388537aa7e41303af\System.Dynamic.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 461824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\7f4419b6f829a2485d83b3c3e7b26a97\System.DirectoryServices.Protocols.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 461824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\7f4419b6f829a2485d83b3c3e7b26a97\System.DirectoryServices.Protocols.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 911872 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\46a7f51ef1a9d917598b96f7a758a459\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 911872 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\46a7f51ef1a9d917598b96f7a758a459\System.DirectoryServices.AccountManagement.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 112128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\36342e6024e2844502d0bdaa9d30971a\System.Device.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 112128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\36342e6024e2844502d0bdaa9d30971a\System.Device.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\caecc65b5c0ede0fe0d55b9f48ada80f\System.Data.DataSetExtensions.ni.dll
+ 2011-11-02 18:29 . 2011-11-02 18:29 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\caecc65b5c0ede0fe0d55b9f48ada80f\System.Data.DataSetExtensions.ni.dll
- 2011-11-02 04:44 . 2011-11-02 04:44 973312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac18c2dcd06bd2a0589bac94ccae5716\System.Configuration.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 973312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac18c2dcd06bd2a0589bac94ccae5716\System.Configuration.ni.dll
+ 2011-11-02 18:29 . 2011-11-02 18:29 145920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\aea1d325200e1a7b1ee7ec86fba33db4\System.Configuration.Install.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 145920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\aea1d325200e1a7b1ee7ec86fba33db4\System.Configuration.Install.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 193536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\7d8e51e92fede804332703770695afdb\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-11-02 18:29 . 2011-11-02 18:29 193536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\7d8e51e92fede804332703770695afdb\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 690176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4a518b841f06ee4f07320159cf918a2c\System.ComponentModel.Composition.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 690176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4a518b841f06ee4f07320159cf918a2c\System.ComponentModel.Composition.ni.dll
+ 2011-11-02 18:29 . 2011-11-02 18:29 613888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\767e70aec1ffb52f95c2b07c08fa0781\System.AddIn.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 613888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\767e70aec1ffb52f95c2b07c08fa0781\System.AddIn.ni.dll
+ 2011-11-02 18:29 . 2011-11-02 18:29 402944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\8594d07d18330843968d649ed6ef6166\System.Activities.DurableInstancing.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 402944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\8594d07d18330843968d649ed6ef6166\System.Activities.DurableInstancing.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 316928 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\38f0d77629891e7808424103aaef0728\SMSvcHost.ni.exe
+ 2011-11-02 18:27 . 2011-11-02 18:27 316928 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\38f0d77629891e7808424103aaef0728\SMSvcHost.ni.exe
+ 2011-11-02 18:28 . 2011-11-02 18:28 142336 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4d2a51c03b27e615ff9f1c430f2014ba\SMDiagnostics.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 142336 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4d2a51c03b27e615ff9f1c430f2014ba\SMDiagnostics.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 283648 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f5e029e2215c95ab38a1eefef7b32ac9\PresentationFramework.Classic.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 283648 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f5e029e2215c95ab38a1eefef7b32ac9\PresentationFramework.Classic.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 450048 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3555f5f74c56fa92c0ab7a635af91bfa\PresentationFramework.Aero.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 450048 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3555f5f74c56fa92c0ab7a635af91bfa\PresentationFramework.Aero.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 327168 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\040571d65dc822e5df020d5e084f4b45\PresentationFramework.Royale.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 327168 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\040571d65dc822e5df020d5e084f4b45\PresentationFramework.Royale.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 656896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\016f9a150fce0e0a4c93532d8fa4c749\PresentationFramework.Luna.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 656896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\016f9a150fce0e0a4c93532d8fa4c749\PresentationFramework.Luna.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 302592 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\d422f1944652f0826e367c5fe4a0a463\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 302592 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\d422f1944652f0826e367c5fe4a0a463\Microsoft.VisualBasic.Compatibility.Data.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 418304 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\5f595338c63c2fdb5a171760c29d5bcf\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 418304 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\5f595338c63c2fdb5a171760c29d5bcf\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 193024 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\d2574c8ae333ff959be2e0d83121ad10\CustomMarshalers.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 193024 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\d2574c8ae333ff959be2e0d83121ad10\CustomMarshalers.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe
+ 2011-11-02 18:23 . 2011-11-02 18:23 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe
+ 2011-11-02 18:27 . 2011-11-02 18:27 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3533d614ebecd4344efbee619dd11a74\System.Web.Routing.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3533d614ebecd4344efbee619dd11a74\System.Web.Routing.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d93514a764a83b18f6f3547b59cc8ae9\System.Web.Extensions.Design.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d93514a764a83b18f6f3547b59cc8ae9\System.Web.Extensions.Design.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\93b5d1b77a74b76ac73cbf51ec871c01\System.Web.Entity.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\93b5d1b77a74b76ac73cbf51ec871c01\System.Web.Entity.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d06a7d5872bbe85795f947f6c75d38c6\System.Web.Entity.Design.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d06a7d5872bbe85795f947f6c75d38c6\System.Web.Entity.Design.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ad0851438a18bf730d974c9b2f5f776a\System.Web.DynamicData.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ad0851438a18bf730d974c9b2f5f776a\System.Web.DynamicData.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\b2a84980f206431821d85d5155d5916f\System.Net.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\b2a84980f206431821d85d5155d5916f\System.Net.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\f36eded354122da9555a6c7cdbdb5431\System.Management.Instrumentation.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\f36eded354122da9555a6c7cdbdb5431\System.Management.Instrumentation.ni.dll
+ 2011-11-02 16:35 . 2011-11-02 16:35 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll
- 2011-11-02 11:03 . 2011-11-02 11:03 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll
- 2011-11-02 11:03 . 2011-11-02 11:03 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll
+ 2011-11-02 16:35 . 2011-11-02 16:35 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11cdd1c0d65428cd3505d3813d36638c\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11cdd1c0d65428cd3505d3813d36638c\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3f179f373f31817a914b639a56cc0497\System.Data.Services.Design.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3f179f373f31817a914b639a56cc0497\System.Data.Services.Design.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\fee1a48b769a8c4beb335ee5ce006091\System.Data.Entity.Design.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\fee1a48b769a8c4beb335ee5ce006091\System.Data.Entity.Design.ni.dll
+ 2011-11-02 18:24 . 2011-11-02 18:24 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\b9d9ff5d03e90ede1116794f2c7dd6da\System.Data.DataSetExtensions.ni.dll
- 2011-11-02 11:05 . 2011-11-02 11:05 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\b9d9ff5d03e90ede1116794f2c7dd6da\System.Data.DataSetExtensions.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll
- 2011-11-02 11:05 . 2011-11-02 11:05 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3048737e9e3bf5173121a084337256bc\System.AddIn.ni.dll
+ 2011-11-02 18:24 . 2011-11-02 18:24 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3048737e9e3bf5173121a084337256bc\System.AddIn.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe
+ 2011-11-02 18:23 . 2011-11-02 18:23 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe
- 2011-11-02 11:04 . 2011-11-02 11:04 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe
- 2011-11-02 11:04 . 2011-11-02 11:04 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe
- 2011-11-02 11:04 . 2011-11-02 11:04 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe
+ 2011-11-02 18:23 . 2011-11-02 18:23 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe
- 2011-11-02 11:04 . 2011-11-02 11:04 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
- 2011-11-02 11:05 . 2011-11-02 11:05 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll
+ 2011-11-02 18:24 . 2011-11-02 18:24 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll
- 2011-11-02 11:05 . 2011-11-02 11:05 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\47ff0720cb80a0fc0bbd15ddc3d12adc\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-11-02 18:24 . 2011-11-02 18:24 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\47ff0720cb80a0fc0bbd15ddc3d12adc\Microsoft.Build.Utilities.v3.5.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\dc278e1123086ae32fec8f7e9751db14\Microsoft.Build.Conversion.v3.5.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\dc278e1123086ae32fec8f7e9751db14\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe
- 2011-11-02 11:04 . 2011-11-02 11:04 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe
+ 2011-11-02 16:34 . 2011-11-02 16:34 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll
- 2011-11-02 11:03 . 2011-11-02 11:03 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 3779072 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 3779072 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 1055744 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\5904383f7c86f1374a14198872dfa7d8\UIAutomationClientsideProviders.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 1055744 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\5904383f7c86f1374a14198872dfa7d8\UIAutomationClientsideProviders.ni.dll
- 2011-11-02 04:43 . 2011-11-02 04:44 9000960 c:\windows\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
+ 2011-11-02 15:31 . 2011-11-02 15:31 9000960 c:\windows\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
- 2011-11-02 04:44 . 2011-11-02 04:44 5571584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 5571584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 1776640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 1776640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 4496384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\9cf13572472dc2efe8f3b7c2ab6198d3\System.Windows.Forms.DataVisualization.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 4496384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\9cf13572472dc2efe8f3b7c2ab6198d3\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 1828352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\87e09dfbe3a44d6b00d3a5895f5a21a6\System.Web.Services.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 1828352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\87e09dfbe3a44d6b00d3a5895f5a21a6\System.Web.Services.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 1992192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\61a931da70f8078539a51cef3888d02d\System.Speech.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 1992192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\61a931da70f8078539a51cef3888d02d\System.Speech.ni.dll
+ 2011-11-02 18:32 . 2011-11-02 18:32 1127424 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dbf07cb14b4dcc210cdf8b5d90a12a56\System.ServiceModel.Discovery.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 1127424 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dbf07cb14b4dcc210cdf8b5d90a12a56\System.ServiceModel.Discovery.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 1388032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\52481fccddb053768631c640d5059d4b\System.ServiceModel.Activities.ni.dll
- 2011-11-02 11:12 . 2011-11-02 11:12 1388032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\52481fccddb053768631c640d5059d4b\System.ServiceModel.Activities.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 2625024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 2625024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 1011200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f3989d3e9cb8904e4edf23ede5adb6c1\System.Runtime.DurableInstancing.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 1011200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f3989d3e9cb8904e4edf23ede5adb6c1\System.Runtime.DurableInstancing.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 1047040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\eb9369fc9393d29afe51e45cb49aa4be\System.Printing.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 1047040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\eb9369fc9393d29afe51e45cb49aa4be\System.Printing.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 1159168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 1159168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 1065984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\9eac876f58a3ebca8878b8654efdc817\System.IdentityModel.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 1065984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\9eac876f58a3ebca8878b8654efdc817\System.IdentityModel.ni.dll
+ 2011-11-02 15:33 . 2011-11-02 15:33 1651200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
- 2011-11-02 04:46 . 2011-11-02 04:46 1651200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 1151488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\5166bf93ac5239837c9c92b58d183ea6\System.DirectoryServices.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 1151488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\5166bf93ac5239837c9c92b58d183ea6\System.DirectoryServices.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 1872384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\90fd7fc9fbf5f4eed9135996b515a38a\System.Deployment.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 1872384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\90fd7fc9fbf5f4eed9135996b515a38a\System.Deployment.ni.dll
+ 2011-11-02 15:33 . 2011-11-02 15:33 6754816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\92cccedc7cda413ff6fc6492cb256b58\System.Data.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:46 6754816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\92cccedc7cda413ff6fc6492cb256b58\System.Data.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 2538496 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\1fdd0961d8d07ef4d1fcaf30f0050c0a\System.Data.SqlXml.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 2538496 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\1fdd0961d8d07ef4d1fcaf30f0050c0a\System.Data.SqlXml.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 1332736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\685c7df1332a74aaa899f2bdb3beabc3\System.Data.Services.Client.ni.dll
+ 2011-11-02 18:30 . 2011-11-02 18:30 1332736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\685c7df1332a74aaa899f2bdb3beabc3\System.Data.Services.Client.ni.dll
- 2011-11-02 04:46 . 2011-11-02 04:46 2499072 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\87a713cee613d08ee04ae9483a9d4716\System.Data.Linq.ni.dll
+ 2011-11-02 15:33 . 2011-11-02 15:33 2499072 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\87a713cee613d08ee04ae9483a9d4716\System.Data.Linq.ni.dll
- 2011-11-02 04:44 . 2011-11-02 04:44 7025664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 7025664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 4103168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\931ad0783c03deb967760d5c2387274a\System.Activities.ni.dll
+ 2011-11-02 18:29 . 2011-11-02 18:29 4103168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\931ad0783c03deb967760d5c2387274a\System.Activities.ni.dll
+ 2011-11-02 18:29 . 2011-11-02 18:29 3691520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\a57e34a36f38a007aa24f1bd07a167ab\System.Activities.Presentation.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 3691520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\a57e34a36f38a007aa24f1bd07a167ab\System.Activities.Presentation.ni.dll
+ 2011-11-02 18:29 . 2011-11-02 18:29 1506304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\607df7a11c3334146664bc74130bc38f\System.Activities.Core.Presentation.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 1506304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\607df7a11c3334146664bc74130bc38f\System.Activities.Core.Presentation.ni.dll
- 2011-11-02 11:09 . 2011-11-02 11:09 2842624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\42f0e1a4e3081c50503d74ebc0540a60\ReachFramework.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 2842624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\42f0e1a4e3081c50503d74ebc0540a60\ReachFramework.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 1622528 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\15578874ee1464dc6a3545d4be842e59\PresentationUI.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 1622528 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\15578874ee1464dc6a3545d4be842e59\PresentationUI.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 1819648 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e8ab3b63bade82c3522613f2b1240c0d\Microsoft.VisualBasic.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 1819648 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e8ab3b63bade82c3522613f2b1240c0d\Microsoft.VisualBasic.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 1167872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2eef2f34c0295f1fe5d6d4441f9e790b\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 1167872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2eef2f34c0295f1fe5d6d4441f9e790b\Microsoft.VisualBasic.Activities.Compiler.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 1137664 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1b2ede54faaa3788c37d8663212fee0e\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-11-02 18:28 . 2011-11-02 18:28 1137664 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1b2ede54faaa3788c37d8663212fee0e\Microsoft.VisualBasic.Compatibility.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 1079808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9952f66fc592ffc21b024803c8c955fd\Microsoft.Transactions.Bridge.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 1079808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9952f66fc592ffc21b024803c8c955fd\Microsoft.Transactions.Bridge.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 2441728 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\08b2c2639708ab20748653185d6b67be\Microsoft.JScript.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 2441728 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\08b2c2639708ab20748653185d6b67be\Microsoft.JScript.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 1612288 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\05503f37aef5261d80ccca19f8078679\Microsoft.CSharp.ni.dll
+ 2011-11-02 15:32 . 2011-11-02 15:32 1612288 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\05503f37aef5261d80ccca19f8078679\Microsoft.CSharp.ni.dll
+ 2011-11-02 16:34 . 2011-11-02 16:34 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
- 2011-11-02 11:03 . 2011-11-02 11:03 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\17902fdb0e0d3bc8b49bce693415fe7e\System.WorkflowServices.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\17902fdb0e0d3bc8b49bce693415fe7e\System.WorkflowServices.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f72c5f649951b0403e62bfab6c453e6f\System.Workflow.Runtime.ni.dll
- 2011-11-02 11:08 . 2011-11-02 11:08 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f72c5f649951b0403e62bfab6c453e6f\System.Workflow.Runtime.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0aa4f4174204c93cc5181df4a6b2fb09\System.Workflow.ComponentModel.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0aa4f4174204c93cc5181df4a6b2fb09\System.Workflow.ComponentModel.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\921629dc69a5a895101097c88ae67897\System.Workflow.Activities.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\921629dc69a5a895101097c88ae67897\System.Workflow.Activities.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll
+ 2011-11-02 18:27 . 2011-11-02 18:27 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ccaf6bdd256a9b5079fedadcc8993327\System.Web.Extensions.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ccaf6bdd256a9b5079fedadcc8993327\System.Web.Extensions.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9ec7da53380a754b4ad97709df0dd7e7\System.ServiceModel.Web.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9ec7da53380a754b4ad97709df0dd7e7\System.ServiceModel.Web.ni.dll
- 2011-11-02 11:03 . 2011-11-02 11:03 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
+ 2011-11-02 16:36 . 2011-11-02 16:36 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
- 2011-11-02 11:03 . 2011-11-02 11:03 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll
+ 2011-11-02 16:35 . 2011-11-02 16:35 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\541142d8742e6e88f1e729fafee04e71\System.Data.Services.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\541142d8742e6e88f1e729fafee04e71\System.Data.Services.ni.dll
+ 2011-11-02 18:24 . 2011-11-02 18:24 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\b70adfee3b5ed7e0688d13f24cbec556\System.Data.Entity.ni.dll
- 2011-11-02 11:05 . 2011-11-02 11:05 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\b70adfee3b5ed7e0688d13f24cbec556\System.Data.Entity.ni.dll
- 2011-11-02 11:05 . 2011-11-02 11:05 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll
+ 2011-11-02 18:24 . 2011-11-02 18:24 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll
- 2011-11-02 11:05 . 2011-11-02 11:05 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
+ 2011-11-02 18:24 . 2011-11-02 18:24 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\8ad32b72258899177c07dc5912b5b748\Microsoft.JScript.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\8ad32b72258899177c07dc5912b5b748\Microsoft.JScript.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll
- 2011-11-02 11:05 . 2011-11-02 11:05 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\415cef6abab5bb959f200f6c537bc289\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-11-02 18:24 . 2011-11-02 18:24 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\415cef6abab5bb959f200f6c537bc289\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-11-02 18:23 . 2011-11-02 18:23 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll
- 2011-11-02 11:04 . 2011-11-02 11:04 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll
+ 2011-11-02 15:33 . 2011-11-02 15:33 13006336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
- 2011-11-02 04:46 . 2011-11-02 04:46 13006336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
+ 2011-11-02 18:31 . 2011-11-02 18:31 17919488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\250b525aa8c17327216e102569c0d766\System.ServiceModel.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 17919488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\250b525aa8c17327216e102569c0d766\System.ServiceModel.ni.dll
- 2011-11-02 11:11 . 2011-11-02 11:11 13273600 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\642a7b3d47828fb0070a55cfeb58f42b\System.Data.Entity.ni.dll
+ 2011-11-02 18:30 . 2011-11-02 18:30 13273600 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\642a7b3d47828fb0070a55cfeb58f42b\System.Data.Entity.ni.dll
- 2011-11-02 04:46 . 2011-11-02 04:46 17629184 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
+ 2011-11-02 15:33 . 2011-11-02 15:34 17629184 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
+ 2011-11-02 15:33 . 2011-11-02 15:33 11057664 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
- 2011-11-02 04:45 . 2011-11-02 04:45 11057664 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
- 2011-11-02 04:43 . 2011-11-02 04:43 14415872 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
+ 2011-11-02 15:31 . 2011-11-02 15:31 14415872 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
- 2011-11-02 11:06 . 2011-11-02 11:06 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
+ 2011-11-02 18:25 . 2011-11-02 18:25 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
- 2011-11-02 11:07 . 2011-11-02 11:07 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
+ 2011-11-02 18:26 . 2011-11-02 18:26 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
- 2011-11-02 11:03 . 2011-11-02 11:03 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll
+ 2011-11-02 18:22 . 2011-11-02 18:22 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll
+ 2011-11-02 16:32 . 2011-11-02 16:33 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
- 2011-11-02 11:02 . 2011-11-02 11:02 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\vincedaddy\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\vincedaddy\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\vincedaddy\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\vincedaddy\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="" [BU]
"Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-06-16 533800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-04-03 640440]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-26 1753192]
"KMCONFIG"="c:\program files\iHome\Keyboard & Mouse Driver\StartAutorun.exe" [2008-05-30 212992]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-05 1505144]
"UPS-Status"="c:\program files\Belkin Bulldog Plus\UPS-Status.exe" [2006-11-15 69632]
"CaddieSyncConduit"="c:\program files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe" [2011-04-27 2364792]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-10-04 129304]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-05 1300672]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
"Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-06-16 533800]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
.
c:\documents and settings\vincedaddy\Start Menu\Programs\Startup\
BUFFALO NAS Navigator2.lnk - c:\program files\BUFFALO\NASNAVI\NasNavi.exe [2010-10-28 1906152]
NAS Scheduler.lnk - c:\program files\BUFFALO\NASNAVI\nassche.exe [2009-5-15 206128]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logo Calibration Loader.lnk - c:\program files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe [2010-4-28 708608]
ProfileReminder.lnk - c:\program files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe [2010-4-28 954368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2010-09-30 03:51 13672 ----a-w- c:\program files\Citrix\GoToAssist\615\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-29 00:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel Desktop Application Director 8.LNK]
backup=c:\windows\pss\Corel Desktop Application Director 8.LNKCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
backup=c:\windows\pss\HotSync Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
backup=c:\windows\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KODAK Software Updater.lnk]
backup=c:\windows\pss\KODAK Software Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logo Calibration Loader.lnk]
backup=c:\windows\pss\Logo Calibration Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MUPS.lnk]
backup=c:\windows\pss\MUPS.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PCCloneEX.LNK]
backup=c:\windows\pss\PCCloneEX.LNKCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ProfileReminder.lnk]
backup=c:\windows\pss\ProfileReminder.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^BUFFALO NAS Navigator.lnk]
backup=c:\windows\pss\BUFFALO NAS Navigator.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^CNET TechTracker.lnk]
backup=c:\windows\pss\CNET TechTracker.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^DING!.lnk]
backup=c:\windows\pss\DING!.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^HotSync Manager.LNK]
backup=c:\windows\pss\HotSync Manager.LNKStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^vincedaddy^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
backup=c:\windows\pss\Yahoo! Widget Engine.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
2002-10-02 21:41 684032 -c--a-w- c:\program files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2008-01-17 15:42 58728 ----a-w- c:\program files\Common Files\Symantec Shared\CCAPP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]
2005-10-31 14:51 57344 -c--a-w- c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2008-08-13 23:32 206064 -c--a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2006-05-03 08:12 98304 -c--a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-11-15 14:24 16384 -c--a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eFax 4.2]
2006-07-14 20:36 107008 -c--a-w- c:\program files\eFax Messenger 4.2\J2GDllCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]
2011-07-28 13:10 1406824 ----a-w- c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2006-07-06 12:15 151552 -c--a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-10-09 22:06 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MBMon]
2006-03-16 00:15 1355468 -c--a-w- c:\windows\system32\CTMBHA.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsmqIntCert]
2008-04-14 00:11 177152 ----a-w- c:\windows\system32\mqrt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 19:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetZero_uoltray]
2007-03-07 00:51 1629184 -c--a-w- c:\program files\NetZero\exec.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]
2007-04-10 17:01 1537640 -c--a-w- c:\program files\Norton Ghost\Agent\GhostTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-10-16 16:04 13851752 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
2004-12-22 23:40 24576 ----a-w- c:\windows\MIDIDEF.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-04-18 21:30 15146376 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-06-17 10:32 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 05:00 90112 -c--a-w- c:\windows\Updreg.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoiceCenter]
2006-02-16 13:20 1118208 ----a-w- c:\program files\Creative\VoiceCenter\AndreaVC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
2007-04-10 21:46 709992 -c--a-w- c:\windows\vVX3000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL ACS"=2 (0x2)
"WLSetupSvc"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"Bonjour Service"=2 (0x2)
"MemeoBackgroundService"=2 (0x2)
"Fax"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"WinDefend"=2 (0x2)
"wampmysqld"=3 (0x3)
"wampapache"=3 (0x3)
"Viewpoint Manager Service"=2 (0x2)
"UPSentry_Smart"=2 (0x2)
"Symantec Core LC"=2 (0x2)
"STacSV"=2 (0x2)
"sprtsvc_dellsupportcenter"=2 (0x2)
"Pml Driver HPZ12"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"NVSvc"=2 (0x2)
"Norton Ghost"=2 (0x2)
"MDM"=2 (0x2)
"KodakCCS"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"iPod Service"=3 (0x3)
"ioloSystemService"=2 (0x2)
"ioloFileInfoList"=2 (0x2)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"IAANTMON"=2 (0x2)
"gusvc"=3 (0x3)
"GoToAssist"=3 (0x3)
"GEARSecurity"=2 (0x2)
"FLEXnet Licensing Service"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"Creative Labs Licensing Service"=2 (0x2)
"Adobe LM Service"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\Program Files\\Palm\\Hotsync.exe"=
"c:\\Documents and Settings\\vincedaddy\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Electronic Arts\\Command & Conquer 3 Kane's Wrath\\RetailExe\\1.2\\cnc3ep1.dat"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Program Files\\123CopyDVD 2009\\123CopyDVD.exe"=
"c:\\Program Files\\SkyGolf\\SkyCaddie Desktop\\SkyCaddieDesktop.exe"=
"c:\\Documents and Settings\\vincedaddy\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Documents and Settings\\vincedaddy\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Logging]
"LogSuccessfulConnections"= 0 (0x0)
"LogDroppedPackets"= 0 (0x0)
"LogFileSize"= 0 (0x0)
"LogFilePath"=
.
R1 FNETDEVI;FNETDEVI;c:\windows\system32\drivers\FNETDEVI.SYS [11/13/2008 12:53 AM 19572]
R1 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [10/4/2011 8:28 AM 68368]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [10/4/2011 8:27 AM 200632]
R2 bzserv;Backblaze Service;c:\program files\Backblaze\bzserv.exe [12/2/2010 7:10 PM 269096]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [10/4/2011 1:53 PM 722616]
R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys [4/28/2010 11:01 AM 14416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/31/2010 11:53 AM 136176]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 6:46 AM 284016]
S3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\system32\drivers\bfturboh.sys [12/12/2008 12:05 AM 15872]
S3 i1display;i1 Display;c:\windows\system32\drivers\i1display.sys [4/28/2010 11:16 AM 44344]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [3/13/2011 5:55 PM 23712]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [12/12/2007 12:08 AM 47360]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [5/13/2011 3:21 AM 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [5/13/2011 3:21 AM 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [5/13/2011 3:21 AM 136808]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504]
S3 yeddef;YEDDEF driver;c:\windows\system32\Drivers\yeddef.sys --> c:\windows\system32\Drivers\yeddef.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2010-09-05 c:\windows\Tasks\20100905_123400_vincedaddy2.job
- c:\program files\Nero\Nero 7\Nero BackItUp\BackItUp.exe [2006-11-10 23:25]
.
2011-10-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2011-11-02 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-03-07 16:28]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-31 15:53]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-31 15:53]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1901060476-2160935586-1665064021-1006Core.job
- c:\documents and settings\vincedaddy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-21 12:56]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1901060476-2160935586-1665064021-1006UA.job
- c:\documents and settings\vincedaddy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-21 12:56]
.
2011-11-02 c:\windows\Tasks\User_Feed_Synchronization-{AB247319-2232-43C6-9B7E-D6A74CF0E2D2}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 192.168.0.1
DPF: {01118F00-3E00-11D2-8470-0060089874ED} - hxxps://www.tmremote.com/sdccommon/download/ssrc.cab
DPF: {01119400-3E00-11D2-8470-0060089874ED} - hxxps://www.tmremote.com/sdccommon/download/sprtctlln.cab
FF - ProfilePath - c:\documents and settings\vincedaddy\Application Data\Mozilla\Firefox\Profiles\5zy2wjab.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - user.js: yahoo.homepage.dontask - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-02 18:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1901060476-2160935586-1665064021-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1901060476-2160935586-1665064021-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:27,a6,04,f5,bc,ca,64,ae,0d,d5,5b,cd,d3,59,f9,55,c3,54,2f,ae,ee,e9,54,
ec,6a,e4,8e,b4,32,7b,46,3f,ab,bc,69,22,9d,9b,e9,43,bc,98,c1,de,fe,fe,64,bf,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_USERS\S-1-5-21-1901060476-2160935586-1665064021-1006\Software\SecuROM\License information*]
"datasecu"=hex:c0,37,d9,99,2a,d8,fe,55,4f,49,0a,f5,d8,34,81,41,d0,58,9e,41,e0,
1e,6a,26,15,41,05,0a,75,14,f7,c1,10,b4,70,4f,44,19,22,25,d0,29,7b,4d,d3,63,\
"rkeysecu"=hex:56,c6,0d,e0,20,27,f2,5f,5e,7a,0c,15,6c,01,a7,f3
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(952)
c:\program files\Citrix\GoToAssist\615\G2AWinLogon.dll
c:\windows\system32\LMIinit.dll
.
Completion time: 2011-11-02 18:55:26
ComboFix-quarantined-files.txt 2011-11-02 22:55
ComboFix2.txt 2011-11-02 13:03
ComboFix3.txt 2009-12-12 04:12
.
Pre-Run: 23,095,545,856 bytes free
Post-Run: 23,091,564,544 bytes free
.
- - End Of File - - 1B1F4B50585F59224C4F6B573DAB3D8B

CFScript.txt cannot be RTF!! once I got it in the right txt format COMBOFIX ran great!

  • Terribly slow before I ran 2nd combofix with CFScript.txt
  • When turning of computer, you have 3 choices: standby, turn off or restart. The turnoff now always has an UPDATE shield on it everytime.
  • Upon startup wizard finds new hardware ("UNKNOWN") which it tries to find software/drivers for; no idea what hardware it is looking for.
  • RE-DIRECT seems to have been fixed!
  • UNRESPONSIVE SCRIPT message while in GMAIL again
  • Terribly slow on webpages sometimes; can't figure out if something is making the system lag.
  • Mouse still has no wheel function.
  • What do you think!!! thanks for your help!!!

Edited by vdotmatrix, 02 November 2011 - 09:39 PM.


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:08 AM

Posted 02 November 2011 - 09:40 PM

Hello

please run this tool and see if it helps any



I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 vdotmatrix

vdotmatrix
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 02 November 2011 - 10:00 PM

22:47:16.0562 5236 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
22:47:16.0890 5236 ============================================================
22:47:16.0890 5236 Current date / time: 2011/11/02 22:47:16.0890
22:47:16.0890 5236 SystemInfo:
22:47:16.0890 5236
22:47:16.0890 5236 OS Version: 5.1.2600 ServicePack: 3.0
22:47:16.0890 5236 Product type: Workstation
22:47:16.0890 5236 ComputerName: 5G415C1
22:47:16.0890 5236 UserName: vincedaddy
22:47:16.0890 5236 Windows directory: C:\WINDOWS
22:47:16.0890 5236 System windows directory: C:\WINDOWS
22:47:16.0890 5236 Processor architecture: Intel x86
22:47:16.0890 5236 Number of processors: 2
22:47:16.0890 5236 Page size: 0x1000
22:47:16.0890 5236 Boot type: Normal boot
22:47:16.0890 5236 ============================================================
22:47:17.0734 5236 Initialize success
22:48:05.0500 4120 ============================================================
22:48:05.0500 4120 Scan started
22:48:05.0500 4120 Mode: Manual;
22:48:05.0500 4120 ============================================================
22:48:06.0203 4120 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
22:48:06.0203 4120 61883 - ok
22:48:06.0218 4120 Abiosdsk - ok
22:48:06.0250 4120 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:48:06.0250 4120 abp480n5 - ok
22:48:06.0296 4120 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:48:06.0296 4120 ACPI - ok
22:48:06.0312 4120 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:48:06.0312 4120 ACPIEC - ok
22:48:06.0343 4120 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\WINDOWS\system32\drivers\adfs.sys
22:48:06.0343 4120 adfs - ok
22:48:06.0375 4120 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:48:06.0375 4120 adpu160m - ok
22:48:06.0406 4120 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:48:06.0406 4120 aec - ok
22:48:06.0546 4120 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:48:06.0562 4120 AFD - ok
22:48:06.0625 4120 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:48:06.0625 4120 agp440 - ok
22:48:06.0656 4120 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:48:06.0656 4120 agpCPQ - ok
22:48:06.0656 4120 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:48:06.0656 4120 Aha154x - ok
22:48:06.0671 4120 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:48:06.0671 4120 aic78u2 - ok
22:48:06.0687 4120 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:48:06.0687 4120 aic78xx - ok
22:48:06.0703 4120 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:48:06.0703 4120 AliIde - ok
22:48:06.0718 4120 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:48:06.0718 4120 alim1541 - ok
22:48:06.0750 4120 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:48:06.0750 4120 amdagp - ok
22:48:06.0750 4120 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:48:06.0750 4120 amsint - ok
22:48:06.0812 4120 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:48:06.0812 4120 Arp1394 - ok
22:48:06.0812 4120 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:48:06.0812 4120 asc - ok
22:48:06.0828 4120 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:48:06.0828 4120 asc3350p - ok
22:48:06.0843 4120 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:48:06.0843 4120 asc3550 - ok
22:48:06.0875 4120 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
22:48:06.0875 4120 ASCTRM - ok
22:48:06.0906 4120 ASPI32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
22:48:06.0906 4120 ASPI32 - ok
22:48:06.0921 4120 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:48:06.0921 4120 AsyncMac - ok
22:48:06.0984 4120 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:48:06.0984 4120 atapi - ok
22:48:07.0000 4120 Atdisk - ok
22:48:07.0031 4120 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:48:07.0031 4120 Atmarpc - ok
22:48:07.0093 4120 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:48:07.0093 4120 audstub - ok
22:48:07.0140 4120 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
22:48:07.0140 4120 Avc - ok
22:48:07.0203 4120 basic2 (9372cc48814a17e67c28945eb4acc189) C:\WINDOWS\system32\DRIVERS\basic2.sys
22:48:07.0203 4120 basic2 - ok
22:48:07.0734 4120 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:48:07.0734 4120 Beep - ok
22:48:07.0812 4120 bfturboh (628fcde747951bbcf8fef6e918b04fdd) C:\WINDOWS\system32\drivers\bfturboh.sys
22:48:07.0812 4120 bfturboh - ok
22:48:07.0984 4120 catchme - ok
22:48:07.0984 4120 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:48:07.0984 4120 cbidf - ok
22:48:08.0000 4120 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:48:08.0000 4120 cbidf2k - ok
22:48:08.0031 4120 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:48:08.0031 4120 CCDECODE - ok
22:48:08.0062 4120 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:48:08.0078 4120 cd20xrnt - ok
22:48:08.0093 4120 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:48:08.0093 4120 Cdaudio - ok
22:48:08.0109 4120 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:48:08.0109 4120 Cdfs - ok
22:48:08.0156 4120 Cdr4_xp (9714b7c918c6543d69074ec101f86ac4) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
22:48:08.0156 4120 Cdr4_xp - ok
22:48:08.0203 4120 Cdralw2k (0d856d16c08440bfb566d6cdd9948d4e) C:\WINDOWS\system32\drivers\Cdralw2k.sys
22:48:08.0203 4120 Cdralw2k - ok
22:48:08.0218 4120 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:48:08.0218 4120 Cdrom - ok
22:48:08.0265 4120 cdudf_xp (bce04a21510e721aaba3f893b6770c12) C:\WINDOWS\system32\drivers\cdudf_xp.sys
22:48:08.0265 4120 cdudf_xp - ok
22:48:08.0265 4120 Changer - ok
22:48:08.0296 4120 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:48:08.0296 4120 CmdIde - ok
22:48:08.0312 4120 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:48:08.0312 4120 Compbatt - ok
22:48:08.0343 4120 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:48:08.0343 4120 Cpqarray - ok
22:48:08.0406 4120 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
22:48:08.0406 4120 ctsfm2k - ok
22:48:08.0453 4120 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys
22:48:08.0453 4120 CTUSFSYN - ok
22:48:08.0468 4120 cvspydr2 (c6644d1a70c050fdd7ecbe8c3ac05313) C:\WINDOWS\system32\DRIVERS\cvspydr2.sys
22:48:08.0484 4120 cvspydr2 - ok
22:48:08.0515 4120 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:48:08.0515 4120 dac2w2k - ok
22:48:08.0546 4120 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:48:08.0546 4120 dac960nt - ok
22:48:08.0562 4120 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:48:08.0562 4120 Disk - ok
22:48:08.0625 4120 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:48:08.0640 4120 dmboot - ok
22:48:08.0671 4120 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:48:08.0671 4120 dmio - ok
22:48:08.0687 4120 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:48:08.0687 4120 dmload - ok
22:48:08.0703 4120 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:48:08.0703 4120 DMusic - ok
22:48:08.0718 4120 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:48:08.0718 4120 dpti2o - ok
22:48:08.0734 4120 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:48:08.0734 4120 drmkaud - ok
22:48:08.0765 4120 DSproct - ok
22:48:08.0781 4120 dvd_2K (f5ca443d58a53de968685ee43fbe8f17) C:\WINDOWS\system32\drivers\dvd_2K.sys
22:48:08.0781 4120 dvd_2K - ok
22:48:08.0796 4120 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:48:08.0796 4120 E100B - ok
22:48:08.0843 4120 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
22:48:08.0843 4120 e1express - ok
22:48:08.0875 4120 Fallback (9ea76a7f28cd968f8adc709e479f23b2) C:\WINDOWS\system32\DRIVERS\fallback.sys
22:48:08.0890 4120 Fallback - ok
22:48:08.0906 4120 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:48:08.0906 4120 Fastfat - ok
22:48:08.0937 4120 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:48:08.0937 4120 Fdc - ok
22:48:08.0968 4120 FilterService (ed6c44547540e7892a1c34fd4bd35a53) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
22:48:08.0968 4120 FilterService - ok
22:48:08.0984 4120 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:48:08.0984 4120 Fips - ok
22:48:09.0000 4120 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:48:09.0000 4120 Flpydisk - ok
22:48:09.0000 4120 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:48:09.0015 4120 FltMgr - ok
22:48:09.0015 4120 FNETDEVI (92fc10e8fcf01c36abd567f646b74658) C:\WINDOWS\system32\drivers\FNETDEVI.SYS
22:48:09.0015 4120 FNETDEVI - ok
22:48:09.0031 4120 Fsks (b7b262d0431374f3afd1349e35b368d9) C:\WINDOWS\system32\DRIVERS\fsksnt.sys
22:48:09.0031 4120 Fsks - ok
22:48:09.0062 4120 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:48:09.0062 4120 Fs_Rec - ok
22:48:09.0078 4120 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:48:09.0078 4120 Ftdisk - ok
22:48:09.0109 4120 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:48:09.0109 4120 GearAspiWDM - ok
22:48:09.0125 4120 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:48:09.0125 4120 Gpc - ok
22:48:09.0140 4120 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:48:09.0140 4120 HDAudBus - ok
22:48:09.0156 4120 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
22:48:09.0156 4120 HidBatt - ok
22:48:09.0187 4120 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:48:09.0187 4120 HidUsb - ok
22:48:09.0203 4120 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:48:09.0203 4120 hpn - ok
22:48:09.0234 4120 HSFHWBS2 (970178e8e003eb1481293830069624b9) C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
22:48:09.0234 4120 HSFHWBS2 - ok
22:48:09.0281 4120 HSF_DP (ebb354438a4c5a3327fb97306260714a) C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
22:48:09.0312 4120 HSF_DP - ok
22:48:09.0359 4120 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:48:09.0359 4120 HTTP - ok
22:48:09.0390 4120 i1display (8313a6af9de34a9d24df2329a548b004) C:\WINDOWS\system32\Drivers\i1display.sys
22:48:09.0390 4120 i1display - ok
22:48:09.0406 4120 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:48:09.0406 4120 i2omgmt - ok
22:48:09.0406 4120 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:48:09.0406 4120 i2omp - ok
22:48:09.0421 4120 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:48:09.0421 4120 i8042prt - ok
22:48:09.0453 4120 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\drivers\iaStor.sys
22:48:09.0453 4120 iaStor - ok
22:48:09.0546 4120 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:48:09.0546 4120 Imapi - ok
22:48:09.0609 4120 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:48:09.0609 4120 ini910u - ok
22:48:09.0734 4120 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:48:09.0734 4120 IntelIde - ok
22:48:09.0812 4120 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:48:09.0812 4120 intelppm - ok
22:48:09.0812 4120 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:48:09.0812 4120 Ip6Fw - ok
22:48:09.0843 4120 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:48:09.0843 4120 IpFilterDriver - ok
22:48:09.0859 4120 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:48:09.0859 4120 IpInIp - ok
22:48:09.0890 4120 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:48:09.0890 4120 IpNat - ok
22:48:09.0937 4120 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:48:09.0937 4120 IPSec - ok
22:48:09.0953 4120 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:48:09.0953 4120 IRENUM - ok
22:48:09.0984 4120 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:48:09.0984 4120 isapnp - ok
22:48:10.0031 4120 K56 (a4e3277398c8aba999483d4c658c9696) C:\WINDOWS\system32\DRIVERS\k56nt.sys
22:48:10.0046 4120 K56 - ok
22:48:10.0093 4120 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:48:10.0093 4120 Kbdclass - ok
22:48:10.0109 4120 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:48:10.0109 4120 kbdhid - ok
22:48:10.0171 4120 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:48:10.0171 4120 kmixer - ok
22:48:10.0187 4120 KMWDFILTER (ba28aa72a51f69a2a6214f993c2430d6) C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
22:48:10.0187 4120 KMWDFILTER - ok
22:48:10.0187 4120 KMWDFILTERx86 (ba28aa72a51f69a2a6214f993c2430d6) C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
22:48:10.0203 4120 KMWDFILTERx86 - ok
22:48:10.0250 4120 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:48:10.0250 4120 KSecDD - ok
22:48:10.0250 4120 lbrtfdc - ok
22:48:10.0343 4120 LMIInfo - ok
22:48:10.0359 4120 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
22:48:10.0359 4120 lmimirr - ok
22:48:10.0375 4120 LMIRfsClientNP - ok
22:48:10.0390 4120 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
22:48:10.0390 4120 LMIRfsDriver - ok
22:48:10.0484 4120 LVcKap (fb548ff809634bfa866312b37d8a18ae) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
22:48:10.0546 4120 LVcKap - ok
22:48:10.0640 4120 LVMVDrv (fe3fb994f8702d9e37648927819b74b8) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
22:48:10.0703 4120 LVMVDrv - ok
22:48:10.0812 4120 lvpopflt (92990b040b68632cc3f80a742d163937) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
22:48:10.0843 4120 lvpopflt - ok
22:48:11.0078 4120 LVPr2Mon (c7ea51f1ab10b0b2b443f4d5589fc1a5) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
22:48:11.0078 4120 LVPr2Mon - ok
22:48:11.0125 4120 LVUSBSta (caef4c05ba2c1acad4ebcaa4261cd55d) C:\WINDOWS\system32\drivers\LVUSBSta.sys
22:48:11.0125 4120 LVUSBSta - ok
22:48:11.0203 4120 LVUVC (b0dfee7da5e6d04762e25e355d94d8b5) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
22:48:11.0265 4120 LVUVC - ok
22:48:11.0281 4120 MBAMSwissArmy - ok
22:48:11.0296 4120 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:48:11.0296 4120 mdmxsdk - ok
22:48:11.0328 4120 mmc_2K (2739df798b44809407879e9134233de4) C:\WINDOWS\system32\drivers\mmc_2K.sys
22:48:11.0328 4120 mmc_2K - ok
22:48:11.0343 4120 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:48:11.0343 4120 mnmdd - ok
22:48:11.0343 4120 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:48:11.0343 4120 Modem - ok
22:48:11.0375 4120 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:48:11.0375 4120 MODEMCSA - ok
22:48:11.0406 4120 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
22:48:11.0437 4120 monfilt - ok
22:48:11.0453 4120 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:48:11.0453 4120 Mouclass - ok
22:48:11.0484 4120 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:48:11.0484 4120 mouhid - ok
22:48:11.0515 4120 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:48:11.0515 4120 MountMgr - ok
22:48:11.0546 4120 MQAC (70c14f5cca5cf73f8a645c73a01d8726) C:\WINDOWS\system32\drivers\mqac.sys
22:48:11.0546 4120 MQAC - ok
22:48:11.0562 4120 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:48:11.0578 4120 mraid35x - ok
22:48:11.0609 4120 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:48:11.0609 4120 MRxDAV - ok
22:48:11.0656 4120 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:48:11.0656 4120 MRxSmb - ok
22:48:11.0703 4120 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
22:48:11.0703 4120 MSDV - ok
22:48:11.0734 4120 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:48:11.0734 4120 Msfs - ok
22:48:11.0750 4120 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:48:11.0750 4120 MSKSSRV - ok
22:48:11.0765 4120 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:48:11.0765 4120 MSPCLOCK - ok
22:48:11.0765 4120 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:48:11.0765 4120 MSPQM - ok
22:48:11.0796 4120 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:48:11.0796 4120 mssmbios - ok
22:48:12.0140 4120 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:48:12.0140 4120 MSTEE - ok
22:48:12.0218 4120 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:48:12.0218 4120 Mup - ok
22:48:12.0234 4120 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:48:12.0234 4120 NABTSFEC - ok
22:48:12.0265 4120 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:48:12.0265 4120 NDIS - ok
22:48:12.0281 4120 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:48:12.0281 4120 NdisIP - ok
22:48:12.0312 4120 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:48:12.0328 4120 NdisTapi - ok
22:48:12.0328 4120 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:48:12.0343 4120 Ndisuio - ok
22:48:12.0343 4120 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:48:12.0343 4120 NdisWan - ok
22:48:12.0375 4120 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:48:12.0375 4120 NDProxy - ok
22:48:12.0390 4120 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:48:12.0390 4120 NetBIOS - ok
22:48:12.0421 4120 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:48:12.0421 4120 NetBT - ok
22:48:12.0437 4120 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:48:12.0437 4120 NIC1394 - ok
22:48:12.0453 4120 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:48:12.0453 4120 Npfs - ok
22:48:12.0531 4120 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:48:12.0546 4120 Ntfs - ok
22:48:12.0609 4120 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
22:48:12.0609 4120 NuidFltr - ok
22:48:12.0625 4120 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:48:12.0625 4120 Null - ok
22:48:12.0812 4120 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:48:12.0953 4120 nv - ok
22:48:12.0968 4120 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:48:12.0968 4120 NwlnkFlt - ok
22:48:12.0984 4120 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:48:12.0984 4120 NwlnkFwd - ok
22:48:13.0000 4120 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:48:13.0000 4120 ohci1394 - ok
22:48:13.0046 4120 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
22:48:13.0046 4120 ossrv - ok
22:48:13.0078 4120 PalmUSBD (dc450992eba6f914080c1f7fbeeed72c) C:\WINDOWS\system32\drivers\PalmUSBD.sys
22:48:13.0078 4120 PalmUSBD - ok
22:48:13.0109 4120 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:48:13.0109 4120 Parport - ok
22:48:13.0125 4120 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:48:13.0125 4120 PartMgr - ok
22:48:13.0125 4120 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:48:13.0125 4120 ParVdm - ok
22:48:13.0156 4120 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:48:13.0156 4120 PCI - ok
22:48:13.0156 4120 PCIDump - ok
22:48:13.0171 4120 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:48:13.0171 4120 PCIIde - ok
22:48:13.0203 4120 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:48:13.0203 4120 Pcmcia - ok
22:48:13.0234 4120 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
22:48:13.0234 4120 pcouffin - ok
22:48:13.0265 4120 PDCOMP - ok
22:48:13.0265 4120 PDFRAME - ok
22:48:13.0296 4120 PDIHWCTL (274fb48dc92e0ec012d4d8d866cfaf8a) C:\WINDOWS\system32\drivers\pdihwctl.sys
22:48:13.0296 4120 PDIHWCTL - ok
22:48:13.0312 4120 PDRELI - ok
22:48:13.0312 4120 PDRFRAME - ok
22:48:13.0343 4120 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:48:13.0343 4120 perc2 - ok
22:48:13.0359 4120 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:48:13.0359 4120 perc2hib - ok
22:48:13.0390 4120 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:48:13.0390 4120 PptpMiniport - ok
22:48:13.0406 4120 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:48:13.0406 4120 PSched - ok
22:48:13.0421 4120 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:48:13.0421 4120 Ptilink - ok
22:48:13.0437 4120 pwd_2k (2e162e3856c9c6a3b53e0ece28386fe3) C:\WINDOWS\system32\drivers\pwd_2k.sys
22:48:13.0453 4120 pwd_2k - ok
22:48:13.0484 4120 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:48:13.0484 4120 PxHelp20 - ok
22:48:13.0515 4120 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:48:13.0515 4120 ql1080 - ok
22:48:13.0531 4120 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:48:13.0531 4120 Ql10wnt - ok
22:48:13.0531 4120 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:48:13.0531 4120 ql12160 - ok
22:48:13.0546 4120 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:48:13.0546 4120 ql1240 - ok
22:48:13.0562 4120 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:48:13.0562 4120 ql1280 - ok
22:48:13.0593 4120 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:48:13.0593 4120 RasAcd - ok
22:48:13.0609 4120 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:48:13.0609 4120 Rasl2tp - ok
22:48:13.0625 4120 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:48:13.0625 4120 RasPppoe - ok
22:48:13.0640 4120 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:48:13.0640 4120 Raspti - ok
22:48:13.0687 4120 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:48:13.0687 4120 Rdbss - ok
22:48:13.0703 4120 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:48:13.0703 4120 RDPCDD - ok
22:48:13.0750 4120 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:48:13.0750 4120 rdpdr - ok
22:48:13.0781 4120 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:48:13.0796 4120 RDPWD - ok
22:48:13.0796 4120 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:48:13.0812 4120 redbook - ok
22:48:13.0843 4120 Rksample (4c35e57300a2dc5932a8e29efa527c32) C:\WINDOWS\system32\DRIVERS\rksample.sys
22:48:13.0843 4120 Rksample - ok
22:48:13.0875 4120 RMCAST (96f7a9a7bf0c9c0440a967440065d33c) C:\WINDOWS\system32\drivers\RMCast.sys
22:48:13.0875 4120 RMCAST - ok
22:48:13.0906 4120 rspndr (a3b23fb3f295694091f51865f98588b2) C:\WINDOWS\system32\DRIVERS\rspndr.sys
22:48:13.0906 4120 rspndr - ok
22:48:13.0921 4120 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
22:48:13.0921 4120 sbp2port - ok
22:48:13.0953 4120 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:48:13.0953 4120 Secdrv - ok
22:48:13.0984 4120 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:48:13.0984 4120 serenum - ok
22:48:14.0015 4120 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:48:14.0015 4120 Serial - ok
22:48:14.0031 4120 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:48:14.0046 4120 Sfloppy - ok
22:48:14.0046 4120 Simbad - ok
22:48:14.0078 4120 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:48:14.0078 4120 sisagp - ok
22:48:14.0093 4120 slabbus (886dbe1e6de104591e8b7334b6d42ed8) C:\WINDOWS\system32\DRIVERS\slabbus.sys
22:48:14.0109 4120 slabbus - ok
22:48:14.0125 4120 slabser (ed71f8c82ef11c0da1c57be021a2fdc9) C:\WINDOWS\system32\DRIVERS\slabser.sys
22:48:14.0125 4120 slabser - ok
22:48:14.0125 4120 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:48:14.0125 4120 SLIP - ok
22:48:14.0171 4120 SoftFax (413cfa795cad19a010889df0ec060408) C:\WINDOWS\system32\DRIVERS\faxnt.sys
22:48:14.0171 4120 SoftFax - ok
22:48:14.0218 4120 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:48:14.0218 4120 Sparrow - ok
22:48:14.0250 4120 SpeakerPhone (c11082c80723771c1979eacf7fdde1c3) C:\WINDOWS\system32\DRIVERS\spkpnt.sys
22:48:14.0250 4120 SpeakerPhone - ok
22:48:14.0265 4120 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:48:14.0281 4120 splitter - ok
22:48:14.0296 4120 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:48:14.0296 4120 sr - ok
22:48:14.0343 4120 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:48:14.0343 4120 Srv - ok
22:48:14.0375 4120 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
22:48:14.0375 4120 ssadbus - ok
22:48:14.0390 4120 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
22:48:14.0390 4120 ssadmdfl - ok
22:48:14.0406 4120 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
22:48:14.0421 4120 ssadmdm - ok
22:48:14.0484 4120 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys
22:48:14.0515 4120 STHDA - ok
22:48:14.0609 4120 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:48:14.0609 4120 streamip - ok
22:48:14.0640 4120 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:48:14.0640 4120 swenum - ok
22:48:14.0703 4120 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:48:14.0828 4120 swmidi - ok
22:48:14.0843 4120 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:48:14.0843 4120 symc810 - ok
22:48:14.0859 4120 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:48:14.0859 4120 symc8xx - ok
22:48:15.0250 4120 symlcbrd (5220576ee29bea7c18dff9ecabf18bbc) C:\WINDOWS\system32\drivers\symlcbrd.sys
22:48:15.0250 4120 symlcbrd - ok
22:48:15.0265 4120 SymSnap (b8fae6b464d9a2abeb0c80fb03ee5f96) C:\WINDOWS\system32\drivers\SymSnap.sys
22:48:15.0281 4120 SymSnap - ok
22:48:15.0281 4120 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:48:15.0281 4120 sym_hi - ok
22:48:15.0296 4120 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:48:15.0296 4120 sym_u3 - ok
22:48:15.0312 4120 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:48:15.0312 4120 sysaudio - ok
22:48:15.0343 4120 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:48:15.0359 4120 Tcpip - ok
22:48:15.0406 4120 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:48:15.0406 4120 TDPIPE - ok
22:48:15.0437 4120 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:48:15.0437 4120 TDTCP - ok
22:48:15.0468 4120 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:48:15.0468 4120 TermDD - ok
22:48:15.0531 4120 tmactmon (e8e528896ff2595cfada88749cd72ef8) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
22:48:15.0531 4120 tmactmon - ok
22:48:15.0625 4120 tmcomm (1837512d4aab862bd297a2ef035fba14) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
22:48:15.0640 4120 tmcomm - ok
22:48:15.0656 4120 tmevtmgr (dbac510d1c7cc66b7a78eb2264f3072e) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
22:48:15.0656 4120 tmevtmgr - ok
22:48:15.0671 4120 tmtdi (a6e20b094a8d3e3f46d10bbe7e1ebb82) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
22:48:15.0671 4120 tmtdi - ok
22:48:15.0687 4120 Tones (e0f10a379239b4fab319c55a9cd6bc96) C:\WINDOWS\system32\DRIVERS\tonesnt.sys
22:48:15.0687 4120 Tones - ok
22:48:15.0734 4120 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:48:15.0734 4120 TosIde - ok
22:48:15.0796 4120 UdfReadr_xp (e398bde2e6c978f357faedff784ffd70) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
22:48:15.0796 4120 UdfReadr_xp - ok
22:48:15.0812 4120 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:48:15.0828 4120 Udfs - ok
22:48:15.0843 4120 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:48:15.0843 4120 ultra - ok
22:48:15.0875 4120 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:48:15.0890 4120 Update - ok
22:48:15.0937 4120 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:48:15.0937 4120 USBAAPL - ok
22:48:15.0953 4120 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:48:15.0953 4120 usbaudio - ok
22:48:15.0968 4120 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:48:15.0968 4120 usbccgp - ok
22:48:15.0984 4120 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:48:15.0984 4120 usbehci - ok
22:48:16.0000 4120 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:48:16.0000 4120 usbhub - ok
22:48:16.0031 4120 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:48:16.0031 4120 usbohci - ok
22:48:16.0046 4120 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:48:16.0046 4120 usbprint - ok
22:48:16.0078 4120 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:48:16.0078 4120 usbscan - ok
22:48:16.0093 4120 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:48:16.0093 4120 USBSTOR - ok
22:48:16.0109 4120 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:48:16.0109 4120 usbuhci - ok
22:48:16.0140 4120 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:48:16.0140 4120 usbvideo - ok
22:48:16.0171 4120 V124 (177b65899d418f8c8f037b20567a99d6) C:\WINDOWS\system32\DRIVERS\v124nt.sys
22:48:16.0187 4120 V124 - ok
22:48:16.0218 4120 V2IMount (b413e1467c92a65610166c932877e147) C:\WINDOWS\system32\drivers\V2IMount.sys
22:48:16.0218 4120 V2IMount - ok
22:48:16.0218 4120 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:48:16.0234 4120 VgaSave - ok
22:48:16.0234 4120 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:48:16.0234 4120 viaagp - ok
22:48:16.0250 4120 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:48:16.0250 4120 ViaIde - ok
22:48:16.0281 4120 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:48:16.0281 4120 VolSnap - ok
22:48:16.0359 4120 VX3000 (13acfed0e6adca97440169dfd127ebcf) C:\WINDOWS\system32\DRIVERS\VX3000.sys
22:48:16.0406 4120 VX3000 - ok
22:48:16.0453 4120 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:48:16.0453 4120 Wanarp - ok
22:48:16.0453 4120 wanatw - ok
22:48:16.0531 4120 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:48:16.0562 4120 Wdf01000 - ok
22:48:16.0625 4120 WDICA - ok
22:48:16.0671 4120 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:48:16.0671 4120 wdmaud - ok
22:48:16.0734 4120 winachsf (a941aa38e3951058e584c4bbddd56ed9) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:48:16.0765 4120 winachsf - ok
22:48:16.0812 4120 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:48:16.0812 4120 WSTCODEC - ok
22:48:16.0828 4120 yeddef - ok
22:48:16.0859 4120 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
22:48:16.0859 4120 \Device\Harddisk0\DR0 - ok
22:48:16.0875 4120 Boot (0x1200) (d48bb5f219bfbf05e1ed4c74fdf8d019) \Device\Harddisk0\DR0\Partition0
22:48:16.0875 4120 \Device\Harddisk0\DR0\Partition0 - ok
22:48:16.0890 4120 Boot (0x1200) (2b95edcaf16ceae9f7d1857338a085c5) \Device\Harddisk0\DR0\Partition1
22:48:16.0890 4120 \Device\Harddisk0\DR0\Partition1 - ok
22:48:16.0890 4120 ============================================================
22:48:16.0890 4120 Scan finished
22:48:16.0890 4120 ============================================================
22:48:16.0890 4704 Detected object count: 0
22:48:16.0890 4704 Actual detected object count: 0
22:48:33.0750 4384 ============================================================
22:48:33.0750 4384 Scan started
22:48:33.0750 4384 Mode: Manual;
22:48:33.0750 4384 ============================================================
22:48:34.0578 4384 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
22:48:34.0578 4384 61883 - ok
22:48:34.0578 4384 Abiosdsk - ok
22:48:34.0609 4384 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:48:34.0609 4384 abp480n5 - ok
22:48:34.0656 4384 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:48:34.0656 4384 ACPI - ok
22:48:34.0671 4384 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:48:34.0671 4384 ACPIEC - ok
22:48:34.0718 4384 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\WINDOWS\system32\drivers\adfs.sys
22:48:34.0718 4384 adfs - ok
22:48:34.0828 4384 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:48:34.0828 4384 adpu160m - ok
22:48:34.0875 4384 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:48:34.0875 4384 aec - ok
22:48:34.0921 4384 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:48:34.0921 4384 AFD - ok
22:48:34.0921 4384 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:48:34.0937 4384 agp440 - ok
22:48:34.0937 4384 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:48:34.0937 4384 agpCPQ - ok
22:48:34.0953 4384 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:48:34.0953 4384 Aha154x - ok
22:48:34.0953 4384 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:48:34.0953 4384 aic78u2 - ok
22:48:35.0000 4384 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:48:35.0000 4384 aic78xx - ok
22:48:35.0015 4384 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:48:35.0015 4384 AliIde - ok
22:48:35.0031 4384 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:48:35.0031 4384 alim1541 - ok
22:48:35.0031 4384 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:48:35.0046 4384 amdagp - ok
22:48:35.0062 4384 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:48:35.0062 4384 amsint - ok
22:48:35.0093 4384 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:48:35.0109 4384 Arp1394 - ok
22:48:35.0109 4384 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:48:35.0109 4384 asc - ok
22:48:35.0125 4384 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:48:35.0125 4384 asc3350p - ok
22:48:35.0125 4384 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:48:35.0125 4384 asc3550 - ok
22:48:35.0187 4384 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
22:48:35.0187 4384 ASCTRM - ok
22:48:35.0234 4384 ASPI32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
22:48:35.0234 4384 ASPI32 - ok
22:48:35.0281 4384 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:48:35.0281 4384 AsyncMac - ok
22:48:35.0312 4384 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:48:35.0328 4384 atapi - ok
22:48:35.0328 4384 Atdisk - ok
22:48:35.0359 4384 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:48:35.0359 4384 Atmarpc - ok
22:48:35.0375 4384 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:48:35.0375 4384 audstub - ok
22:48:35.0406 4384 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
22:48:35.0406 4384 Avc - ok
22:48:35.0484 4384 basic2 (9372cc48814a17e67c28945eb4acc189) C:\WINDOWS\system32\DRIVERS\basic2.sys
22:48:35.0484 4384 basic2 - ok
22:48:35.0515 4384 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:48:35.0515 4384 Beep - ok
22:48:35.0578 4384 bfturboh (628fcde747951bbcf8fef6e918b04fdd) C:\WINDOWS\system32\drivers\bfturboh.sys
22:48:35.0578 4384 bfturboh - ok
22:48:35.0750 4384 catchme - ok
22:48:35.0937 4384 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:48:35.0937 4384 cbidf - ok
22:48:35.0953 4384 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:48:35.0953 4384 cbidf2k - ok
22:48:35.0968 4384 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:48:35.0968 4384 CCDECODE - ok
22:48:35.0984 4384 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:48:35.0984 4384 cd20xrnt - ok
22:48:36.0000 4384 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:48:36.0000 4384 Cdaudio - ok
22:48:36.0031 4384 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:48:36.0031 4384 Cdfs - ok
22:48:36.0062 4384 Cdr4_xp (9714b7c918c6543d69074ec101f86ac4) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
22:48:36.0062 4384 Cdr4_xp - ok
22:48:36.0093 4384 Cdralw2k (0d856d16c08440bfb566d6cdd9948d4e) C:\WINDOWS\system32\drivers\Cdralw2k.sys
22:48:36.0093 4384 Cdralw2k - ok
22:48:36.0109 4384 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:48:36.0109 4384 Cdrom - ok
22:48:36.0125 4384 cdudf_xp (bce04a21510e721aaba3f893b6770c12) C:\WINDOWS\system32\drivers\cdudf_xp.sys
22:48:36.0140 4384 cdudf_xp - ok
22:48:36.0140 4384 Changer - ok
22:48:36.0171 4384 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:48:36.0171 4384 CmdIde - ok
22:48:36.0203 4384 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:48:36.0203 4384 Compbatt - ok
22:48:36.0203 4384 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:48:36.0218 4384 Cpqarray - ok
22:48:36.0250 4384 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
22:48:36.0250 4384 ctsfm2k - ok
22:48:36.0281 4384 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys
22:48:36.0281 4384 CTUSFSYN - ok
22:48:36.0312 4384 cvspydr2 (c6644d1a70c050fdd7ecbe8c3ac05313) C:\WINDOWS\system32\DRIVERS\cvspydr2.sys
22:48:36.0312 4384 cvspydr2 - ok
22:48:36.0390 4384 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:48:36.0390 4384 dac2w2k - ok
22:48:36.0406 4384 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:48:36.0406 4384 dac960nt - ok
22:48:36.0562 4384 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:48:36.0562 4384 Disk - ok
22:48:36.0640 4384 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:48:36.0656 4384 dmboot - ok
22:48:36.0718 4384 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:48:36.0718 4384 dmio - ok
22:48:36.0734 4384 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:48:36.0734 4384 dmload - ok
22:48:36.0843 4384 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:48:36.0843 4384 DMusic - ok
22:48:36.0890 4384 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:48:36.0890 4384 dpti2o - ok
22:48:36.0921 4384 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:48:36.0921 4384 drmkaud - ok
22:48:36.0953 4384 DSproct - ok
22:48:36.0968 4384 dvd_2K (f5ca443d58a53de968685ee43fbe8f17) C:\WINDOWS\system32\drivers\dvd_2K.sys
22:48:36.0968 4384 dvd_2K - ok
22:48:36.0968 4384 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:48:36.0984 4384 E100B - ok
22:48:37.0500 4384 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
22:48:37.0515 4384 e1express - ok
22:48:37.0531 4384 Fallback (9ea76a7f28cd968f8adc709e479f23b2) C:\WINDOWS\system32\DRIVERS\fallback.sys
22:48:37.0546 4384 Fallback - ok
22:48:37.0546 4384 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:48:37.0546 4384 Fastfat - ok
22:48:37.0562 4384 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:48:37.0562 4384 Fdc - ok
22:48:37.0609 4384 FilterService (ed6c44547540e7892a1c34fd4bd35a53) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
22:48:37.0609 4384 FilterService - ok
22:48:37.0625 4384 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:48:37.0625 4384 Fips - ok
22:48:37.0656 4384 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:48:37.0656 4384 Flpydisk - ok
22:48:37.0796 4384 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:48:37.0812 4384 FltMgr - ok
22:48:37.0828 4384 FNETDEVI (92fc10e8fcf01c36abd567f646b74658) C:\WINDOWS\system32\drivers\FNETDEVI.SYS
22:48:37.0843 4384 FNETDEVI - ok
22:48:37.0875 4384 Fsks (b7b262d0431374f3afd1349e35b368d9) C:\WINDOWS\system32\DRIVERS\fsksnt.sys
22:48:37.0875 4384 Fsks - ok
22:48:37.0890 4384 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:48:37.0890 4384 Fs_Rec - ok
22:48:37.0890 4384 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:48:37.0906 4384 Ftdisk - ok
22:48:37.0921 4384 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:48:37.0921 4384 GearAspiWDM - ok
22:48:37.0953 4384 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:48:37.0953 4384 Gpc - ok
22:48:37.0984 4384 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:48:37.0984 4384 HDAudBus - ok
22:48:38.0000 4384 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
22:48:38.0000 4384 HidBatt - ok
22:48:38.0015 4384 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:48:38.0015 4384 HidUsb - ok
22:48:38.0046 4384 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:48:38.0046 4384 hpn - ok
22:48:38.0078 4384 HSFHWBS2 (970178e8e003eb1481293830069624b9) C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
22:48:38.0078 4384 HSFHWBS2 - ok
22:48:38.0125 4384 HSF_DP (ebb354438a4c5a3327fb97306260714a) C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
22:48:38.0140 4384 HSF_DP - ok
22:48:38.0171 4384 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:48:38.0171 4384 HTTP - ok
22:48:38.0218 4384 i1display (8313a6af9de34a9d24df2329a548b004) C:\WINDOWS\system32\Drivers\i1display.sys
22:48:38.0218 4384 i1display - ok
22:48:38.0218 4384 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:48:38.0234 4384 i2omgmt - ok
22:48:38.0234 4384 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:48:38.0234 4384 i2omp - ok
22:48:38.0250 4384 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:48:38.0250 4384 i8042prt - ok
22:48:38.0281 4384 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\drivers\iaStor.sys
22:48:38.0281 4384 iaStor - ok
22:48:38.0312 4384 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:48:38.0312 4384 Imapi - ok
22:48:38.0312 4384 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:48:38.0328 4384 ini910u - ok
22:48:38.0328 4384 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:48:38.0328 4384 IntelIde - ok
22:48:38.0359 4384 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:48:38.0359 4384 intelppm - ok
22:48:38.0375 4384 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:48:38.0375 4384 Ip6Fw - ok
22:48:38.0375 4384 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:48:38.0375 4384 IpFilterDriver - ok
22:48:38.0390 4384 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:48:38.0390 4384 IpInIp - ok
22:48:38.0406 4384 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:48:38.0406 4384 IpNat - ok
22:48:38.0421 4384 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:48:38.0421 4384 IPSec - ok
22:48:38.0453 4384 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:48:38.0453 4384 IRENUM - ok
22:48:38.0468 4384 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:48:38.0468 4384 isapnp - ok
22:48:38.0531 4384 K56 (a4e3277398c8aba999483d4c658c9696) C:\WINDOWS\system32\DRIVERS\k56nt.sys
22:48:38.0531 4384 K56 - ok
22:48:38.0578 4384 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:48:38.0578 4384 Kbdclass - ok
22:48:38.0578 4384 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:48:38.0578 4384 kbdhid - ok
22:48:38.0609 4384 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:48:38.0609 4384 kmixer - ok
22:48:38.0625 4384 KMWDFILTER (ba28aa72a51f69a2a6214f993c2430d6) C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
22:48:38.0625 4384 KMWDFILTER - ok
22:48:38.0625 4384 KMWDFILTERx86 (ba28aa72a51f69a2a6214f993c2430d6) C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
22:48:38.0625 4384 KMWDFILTERx86 - ok
22:48:38.0671 4384 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:48:38.0671 4384 KSecDD - ok
22:48:38.0687 4384 lbrtfdc - ok
22:48:38.0734 4384 LMIInfo - ok
22:48:38.0750 4384 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
22:48:38.0750 4384 lmimirr - ok
22:48:38.0765 4384 LMIRfsClientNP - ok
22:48:38.0796 4384 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
22:48:38.0796 4384 LMIRfsDriver - ok
22:48:38.0875 4384 LVcKap (fb548ff809634bfa866312b37d8a18ae) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
22:48:38.0890 4384 LVcKap - ok
22:48:38.0968 4384 LVMVDrv (fe3fb994f8702d9e37648927819b74b8) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
22:48:38.0984 4384 LVMVDrv - ok
22:48:39.0062 4384 lvpopflt (92990b040b68632cc3f80a742d163937) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
22:48:39.0078 4384 lvpopflt - ok
22:48:39.0109 4384 LVPr2Mon (c7ea51f1ab10b0b2b443f4d5589fc1a5) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
22:48:39.0109 4384 LVPr2Mon - ok
22:48:39.0171 4384 LVUSBSta (caef4c05ba2c1acad4ebcaa4261cd55d) C:\WINDOWS\system32\drivers\LVUSBSta.sys
22:48:39.0171 4384 LVUSBSta - ok
22:48:39.0281 4384 LVUVC (b0dfee7da5e6d04762e25e355d94d8b5) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
22:48:39.0296 4384 LVUVC - ok
22:48:39.0312 4384 MBAMSwissArmy - ok
22:48:39.0343 4384 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:48:39.0343 4384 mdmxsdk - ok
22:48:39.0390 4384 mmc_2K (2739df798b44809407879e9134233de4) C:\WINDOWS\system32\drivers\mmc_2K.sys
22:48:39.0390 4384 mmc_2K - ok
22:48:39.0421 4384 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:48:39.0421 4384 mnmdd - ok
22:48:39.0437 4384 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:48:39.0437 4384 Modem - ok
22:48:39.0484 4384 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:48:39.0484 4384 MODEMCSA - ok
22:48:39.0687 4384 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
22:48:39.0687 4384 monfilt - ok
22:48:39.0718 4384 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:48:39.0718 4384 Mouclass - ok
22:48:39.0750 4384 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:48:39.0750 4384 mouhid - ok
22:48:39.0750 4384 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:48:39.0765 4384 MountMgr - ok
22:48:39.0781 4384 MQAC (70c14f5cca5cf73f8a645c73a01d8726) C:\WINDOWS\system32\drivers\mqac.sys
22:48:39.0781 4384 MQAC - ok
22:48:39.0812 4384 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:48:39.0812 4384 mraid35x - ok
22:48:39.0828 4384 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:48:39.0828 4384 MRxDAV - ok
22:48:39.0875 4384 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:48:39.0875 4384 MRxSmb - ok
22:48:39.0890 4384 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
22:48:39.0890 4384 MSDV - ok
22:48:39.0906 4384 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:48:39.0906 4384 Msfs - ok
22:48:39.0906 4384 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:48:39.0906 4384 MSKSSRV - ok
22:48:39.0921 4384 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:48:39.0921 4384 MSPCLOCK - ok
22:48:39.0937 4384 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:48:39.0937 4384 MSPQM - ok
22:48:39.0984 4384 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:48:39.0984 4384 mssmbios - ok
22:48:39.0984 4384 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:48:39.0984 4384 MSTEE - ok
22:48:40.0031 4384 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:48:40.0031 4384 Mup - ok
22:48:40.0062 4384 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:48:40.0062 4384 NABTSFEC - ok
22:48:40.0093 4384 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:48:40.0109 4384 NDIS - ok
22:48:40.0109 4384 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:48:40.0109 4384 NdisIP - ok
22:48:40.0140 4384 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:48:40.0140 4384 NdisTapi - ok
22:48:40.0156 4384 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:48:40.0156 4384 Ndisuio - ok
22:48:40.0171 4384 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:48:40.0171 4384 NdisWan - ok
22:48:40.0265 4384 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:48:40.0265 4384 NDProxy - ok
22:48:40.0281 4384 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:48:40.0281 4384 NetBIOS - ok
22:48:40.0296 4384 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:48:40.0296 4384 NetBT - ok
22:48:40.0328 4384 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:48:40.0328 4384 NIC1394 - ok
22:48:40.0328 4384 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:48:40.0343 4384 Npfs - ok
22:48:40.0359 4384 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:48:40.0359 4384 Ntfs - ok
22:48:40.0421 4384 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
22:48:40.0421 4384 NuidFltr - ok
22:48:40.0437 4384 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:48:40.0437 4384 Null - ok
22:48:40.0609 4384 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:48:40.0671 4384 nv - ok
22:48:40.0703 4384 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:48:40.0703 4384 NwlnkFlt - ok
22:48:40.0718 4384 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:48:40.0718 4384 NwlnkFwd - ok
22:48:40.0765 4384 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:48:40.0765 4384 ohci1394 - ok
22:48:41.0312 4384 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
22:48:41.0312 4384 ossrv - ok
22:48:41.0375 4384 PalmUSBD (dc450992eba6f914080c1f7fbeeed72c) C:\WINDOWS\system32\drivers\PalmUSBD.sys
22:48:41.0375 4384 PalmUSBD - ok
22:48:41.0437 4384 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:48:41.0437 4384 Parport - ok
22:48:41.0453 4384 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:48:41.0453 4384 PartMgr - ok
22:48:41.0484 4384 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:48:41.0484 4384 ParVdm - ok
22:48:41.0531 4384 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:48:41.0531 4384 PCI - ok
22:48:41.0546 4384 PCIDump - ok
22:48:41.0562 4384 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:48:41.0562 4384 PCIIde - ok
22:48:41.0625 4384 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:48:41.0625 4384 Pcmcia - ok
22:48:41.0687 4384 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
22:48:41.0687 4384 pcouffin - ok
22:48:41.0687 4384 PDCOMP - ok
22:48:41.0703 4384 PDFRAME - ok
22:48:41.0750 4384 PDIHWCTL (274fb48dc92e0ec012d4d8d866cfaf8a) C:\WINDOWS\system32\drivers\pdihwctl.sys
22:48:41.0750 4384 PDIHWCTL - ok
22:48:41.0765 4384 PDRELI - ok
22:48:41.0765 4384 PDRFRAME - ok
22:48:41.0781 4384 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:48:41.0781 4384 perc2 - ok
22:48:41.0796 4384 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:48:41.0796 4384 perc2hib - ok
22:48:41.0828 4384 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:48:41.0828 4384 PptpMiniport - ok
22:48:41.0843 4384 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:48:41.0843 4384 PSched - ok
22:48:41.0859 4384 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:48:41.0859 4384 Ptilink - ok
22:48:41.0906 4384 pwd_2k (2e162e3856c9c6a3b53e0ece28386fe3) C:\WINDOWS\system32\drivers\pwd_2k.sys
22:48:41.0906 4384 pwd_2k - ok
22:48:41.0937 4384 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:48:41.0953 4384 PxHelp20 - ok
22:48:41.0953 4384 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:48:41.0953 4384 ql1080 - ok
22:48:41.0968 4384 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:48:41.0968 4384 Ql10wnt - ok
22:48:41.0968 4384 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:48:41.0968 4384 ql12160 - ok
22:48:41.0984 4384 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:48:41.0984 4384 ql1240 - ok
22:48:42.0000 4384 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:48:42.0000 4384 ql1280 - ok
22:48:42.0031 4384 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:48:42.0031 4384 RasAcd - ok
22:48:42.0031 4384 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:48:42.0031 4384 Rasl2tp - ok
22:48:42.0046 4384 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:48:42.0046 4384 RasPppoe - ok
22:48:42.0062 4384 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:48:42.0062 4384 Raspti - ok
22:48:42.0093 4384 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:48:42.0093 4384 Rdbss - ok
22:48:42.0109 4384 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:48:42.0109 4384 RDPCDD - ok
22:48:42.0125 4384 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:48:42.0140 4384 rdpdr - ok
22:48:42.0171 4384 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:48:42.0171 4384 RDPWD - ok
22:48:42.0187 4384 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:48:42.0187 4384 redbook - ok
22:48:42.0218 4384 Rksample (4c35e57300a2dc5932a8e29efa527c32) C:\WINDOWS\system32\DRIVERS\rksample.sys
22:48:42.0218 4384 Rksample - ok
22:48:42.0250 4384 RMCAST (96f7a9a7bf0c9c0440a967440065d33c) C:\WINDOWS\system32\drivers\RMCast.sys
22:48:42.0250 4384 RMCAST - ok
22:48:42.0281 4384 rspndr (a3b23fb3f295694091f51865f98588b2) C:\WINDOWS\system32\DRIVERS\rspndr.sys
22:48:42.0281 4384 rspndr - ok
22:48:42.0296 4384 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
22:48:42.0296 4384 sbp2port - ok
22:48:42.0343 4384 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:48:42.0343 4384 Secdrv - ok
22:48:42.0359 4384 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:48:42.0359 4384 serenum - ok
22:48:42.0390 4384 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:48:42.0406 4384 Serial - ok
22:48:42.0421 4384 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:48:42.0421 4384 Sfloppy - ok
22:48:42.0437 4384 Simbad - ok
22:48:42.0453 4384 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:48:42.0453 4384 sisagp - ok
22:48:42.0484 4384 slabbus (886dbe1e6de104591e8b7334b6d42ed8) C:\WINDOWS\system32\DRIVERS\slabbus.sys
22:48:42.0484 4384 slabbus - ok
22:48:42.0562 4384 slabser (ed71f8c82ef11c0da1c57be021a2fdc9) C:\WINDOWS\system32\DRIVERS\slabser.sys
22:48:42.0562 4384 slabser - ok
22:48:42.0625 4384 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:48:42.0625 4384 SLIP - ok
22:48:42.0828 4384 SoftFax (413cfa795cad19a010889df0ec060408) C:\WINDOWS\system32\DRIVERS\faxnt.sys
22:48:42.0843 4384 SoftFax - ok
22:48:42.0875 4384 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:48:42.0875 4384 Sparrow - ok
22:48:42.0906 4384 SpeakerPhone (c11082c80723771c1979eacf7fdde1c3) C:\WINDOWS\system32\DRIVERS\spkpnt.sys
22:48:42.0906 4384 SpeakerPhone - ok
22:48:42.0937 4384 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:48:42.0937 4384 splitter - ok
22:48:43.0015 4384 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:48:43.0031 4384 sr - ok
22:48:43.0062 4384 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:48:43.0062 4384 Srv - ok
22:48:43.0109 4384 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
22:48:43.0109 4384 ssadbus - ok
22:48:43.0125 4384 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
22:48:43.0125 4384 ssadmdfl - ok
22:48:43.0140 4384 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
22:48:43.0140 4384 ssadmdm - ok
22:48:43.0187 4384 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys
22:48:43.0187 4384 STHDA - ok
22:48:43.0203 4384 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:48:43.0203 4384 streamip - ok
22:48:43.0234 4384 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:48:43.0234 4384 swenum - ok
22:48:43.0250 4384 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:48:43.0250 4384 swmidi - ok
22:48:43.0281 4384 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:48:43.0281 4384 symc810 - ok
22:48:43.0281 4384 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:48:43.0281 4384 symc8xx - ok
22:48:43.0312 4384 symlcbrd (5220576ee29bea7c18dff9ecabf18bbc) C:\WINDOWS\system32\drivers\symlcbrd.sys
22:48:43.0312 4384 symlcbrd - ok
22:48:43.0328 4384 SymSnap (b8fae6b464d9a2abeb0c80fb03ee5f96) C:\WINDOWS\system32\drivers\SymSnap.sys
22:48:43.0328 4384 SymSnap - ok
22:48:43.0343 4384 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:48:43.0343 4384 sym_hi - ok
22:48:43.0343 4384 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:48:43.0343 4384 sym_u3 - ok
22:48:43.0375 4384 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:48:43.0375 4384 sysaudio - ok
22:48:43.0421 4384 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:48:43.0421 4384 Tcpip - ok
22:48:43.0437 4384 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:48:43.0453 4384 TDPIPE - ok
22:48:43.0468 4384 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:48:43.0468 4384 TDTCP - ok
22:48:43.0515 4384 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:48:43.0515 4384 TermDD - ok
22:48:43.0578 4384 tmactmon (e8e528896ff2595cfada88749cd72ef8) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
22:48:43.0578 4384 tmactmon - ok
22:48:43.0671 4384 tmcomm (1837512d4aab862bd297a2ef035fba14) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
22:48:43.0671 4384 tmcomm - ok
22:48:43.0703 4384 tmevtmgr (dbac510d1c7cc66b7a78eb2264f3072e) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
22:48:43.0703 4384 tmevtmgr - ok
22:48:43.0750 4384 tmtdi (a6e20b094a8d3e3f46d10bbe7e1ebb82) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
22:48:43.0750 4384 tmtdi - ok
22:48:43.0781 4384 Tones (e0f10a379239b4fab319c55a9cd6bc96) C:\WINDOWS\system32\DRIVERS\tonesnt.sys
22:48:43.0781 4384 Tones - ok
22:48:43.0781 4384 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:48:43.0796 4384 TosIde - ok
22:48:43.0828 4384 UdfReadr_xp (e398bde2e6c978f357faedff784ffd70) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
22:48:43.0828 4384 UdfReadr_xp - ok
22:48:43.0890 4384 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:48:43.0890 4384 Udfs - ok
22:48:43.0968 4384 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:48:43.0968 4384 ultra - ok
22:48:44.0031 4384 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:48:44.0031 4384 Update - ok
22:48:44.0093 4384 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:48:44.0093 4384 USBAAPL - ok
22:48:44.0125 4384 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:48:44.0125 4384 usbaudio - ok
22:48:44.0500 4384 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:48:44.0500 4384 usbccgp - ok
22:48:44.0906 4384 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:48:44.0906 4384 usbehci - ok
22:48:44.0937 4384 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:48:44.0937 4384 usbhub - ok
22:48:44.0968 4384 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:48:44.0968 4384 usbohci - ok
22:48:45.0015 4384 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:48:45.0031 4384 usbprint - ok
22:48:45.0281 4384 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:48:45.0281 4384 usbscan - ok
22:48:45.0328 4384 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:48:45.0328 4384 USBSTOR - ok
22:48:45.0343 4384 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:48:45.0343 4384 usbuhci - ok
22:48:45.0515 4384 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:48:45.0515 4384 usbvideo - ok
22:48:45.0593 4384 V124 (177b65899d418f8c8f037b20567a99d6) C:\WINDOWS\system32\DRIVERS\v124nt.sys
22:48:45.0593 4384 V124 - ok
22:48:45.0640 4384 V2IMount (b413e1467c92a65610166c932877e147) C:\WINDOWS\system32\drivers\V2IMount.sys
22:48:45.0640 4384 V2IMount - ok
22:48:45.0671 4384 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:48:45.0671 4384 VgaSave - ok
22:48:45.0671 4384 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:48:45.0671 4384 viaagp - ok
22:48:45.0812 4384 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:48:45.0828 4384 ViaIde - ok
22:48:46.0062 4384 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:48:46.0062 4384 VolSnap - ok
22:48:46.0125 4384 VX3000 (13acfed0e6adca97440169dfd127ebcf) C:\WINDOWS\system32\DRIVERS\VX3000.sys
22:48:46.0140 4384 VX3000 - ok
22:48:46.0218 4384 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:48:46.0218 4384 Wanarp - ok
22:48:46.0234 4384 wanatw - ok
22:48:46.0281 4384 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:48:46.0296 4384 Wdf01000 - ok
22:48:46.0296 4384 WDICA - ok
22:48:46.0421 4384 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:48:46.0421 4384 wdmaud - ok
22:48:46.0500 4384 winachsf (a941aa38e3951058e584c4bbddd56ed9) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:48:46.0515 4384 winachsf - ok
22:48:46.0546 4384 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:48:46.0546 4384 WSTCODEC - ok
22:48:46.0562 4384 yeddef - ok
22:48:46.0593 4384 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
22:48:46.0593 4384 \Device\Harddisk0\DR0 - ok
22:48:46.0609 4384 Boot (0x1200) (d48bb5f219bfbf05e1ed4c74fdf8d019) \Device\Harddisk0\DR0\Partition0
22:48:46.0609 4384 \Device\Harddisk0\DR0\Partition0 - ok
22:48:46.0625 4384 Boot (0x1200) (2b95edcaf16ceae9f7d1857338a085c5) \Device\Harddisk0\DR0\Partition1
22:48:46.0625 4384 \Device\Harddisk0\DR0\Partition1 - ok
22:48:46.0625 4384 ============================================================
22:48:46.0625 4384 Scan finished
22:48:46.0625 4384 ============================================================
22:48:46.0640 2896 Detected object count: 0
22:48:46.0640 2896 Actual detected object count: 0
22:52:06.0312 5556 ============================================================
22:52:06.0312 5556 Scan started
22:52:06.0312 5556 Mode: Manual; SigCheck; TDLFS;
22:52:06.0312 5556 ============================================================
22:52:06.0921 5556 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
22:52:07.0046 5556 61883 - ok
22:52:07.0109 5556 Abiosdsk - ok
22:52:07.0156 5556 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:52:07.0296 5556 abp480n5 - ok
22:52:07.0421 5556 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:52:07.0578 5556 ACPI - ok
22:52:07.0593 5556 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:52:07.0671 5556 ACPIEC - ok
22:52:07.0828 5556 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\WINDOWS\system32\drivers\adfs.sys
22:52:07.0828 5556 adfs - ok
22:52:07.0859 5556 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:52:07.0953 5556 adpu160m - ok
22:52:07.0968 5556 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:52:08.0062 5556 aec - ok
22:52:08.0125 5556 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:52:08.0187 5556 AFD - ok
22:52:08.0218 5556 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:52:08.0312 5556 agp440 - ok
22:52:08.0906 5556 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:52:09.0000 5556 agpCPQ - ok
22:52:09.0015 5556 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:52:09.0062 5556 Aha154x - ok
22:52:09.0093 5556 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:52:09.0187 5556 aic78u2 - ok
22:52:09.0218 5556 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:52:09.0312 5556 aic78xx - ok
22:52:09.0328 5556 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:52:09.0406 5556 AliIde - ok
22:52:09.0421 5556 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:52:09.0515 5556 alim1541 - ok
22:52:09.0531 5556 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:52:09.0640 5556 amdagp - ok
22:52:09.0656 5556 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:52:09.0703 5556 amsint - ok
22:52:09.0718 5556 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:52:09.0828 5556 Arp1394 - ok
22:52:09.0828 5556 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:52:09.0937 5556 asc - ok
22:52:09.0937 5556 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:52:09.0984 5556 asc3350p - ok
22:52:10.0000 5556 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:52:10.0093 5556 asc3550 - ok
22:52:10.0125 5556 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
22:52:10.0125 5556 ASCTRM ( UnsignedFile.Multi.Generic ) - warning
22:52:10.0125 5556 ASCTRM - detected UnsignedFile.Multi.Generic (1)
22:52:10.0171 5556 ASPI32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
22:52:10.0171 5556 ASPI32 ( UnsignedFile.Multi.Generic ) - warning
22:52:10.0171 5556 ASPI32 - detected UnsignedFile.Multi.Generic (1)
22:52:10.0187 5556 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:52:10.0281 5556 AsyncMac - ok
22:52:10.0281 5556 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:52:10.0375 5556 atapi - ok
22:52:10.0390 5556 Atdisk - ok
22:52:10.0406 5556 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:52:10.0500 5556 Atmarpc - ok
22:52:10.0515 5556 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:52:10.0609 5556 audstub - ok
22:52:10.0640 5556 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
22:52:10.0734 5556 Avc - ok
22:52:10.0765 5556 basic2 (9372cc48814a17e67c28945eb4acc189) C:\WINDOWS\system32\DRIVERS\basic2.sys
22:52:10.0765 5556 basic2 ( UnsignedFile.Multi.Generic ) - warning
22:52:10.0765 5556 basic2 - detected UnsignedFile.Multi.Generic (1)
22:52:10.0781 5556 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:52:10.0875 5556 Beep - ok
22:52:10.0890 5556 bfturboh (628fcde747951bbcf8fef6e918b04fdd) C:\WINDOWS\system32\drivers\bfturboh.sys
22:52:10.0906 5556 bfturboh ( UnsignedFile.Multi.Generic ) - warning
22:52:10.0906 5556 bfturboh - detected UnsignedFile.Multi.Generic (1)
22:52:11.0000 5556 catchme - ok
22:52:11.0015 5556 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:52:11.0109 5556 cbidf - ok
22:52:11.0125 5556 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:52:11.0218 5556 cbidf2k - ok
22:52:11.0234 5556 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:52:11.0328 5556 CCDECODE - ok
22:52:11.0343 5556 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:52:11.0390 5556 cd20xrnt - ok
22:52:11.0390 5556 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:52:11.0484 5556 Cdaudio - ok
22:52:11.0515 5556 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:52:11.0625 5556 Cdfs - ok
22:52:11.0656 5556 Cdr4_xp (9714b7c918c6543d69074ec101f86ac4) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
22:52:11.0687 5556 Cdr4_xp - ok
22:52:11.0718 5556 Cdralw2k (0d856d16c08440bfb566d6cdd9948d4e) C:\WINDOWS\system32\drivers\Cdralw2k.sys
22:52:11.0734 5556 Cdralw2k - ok
22:52:11.0750 5556 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:52:11.0843 5556 Cdrom - ok
22:52:11.0875 5556 cdudf_xp (bce04a21510e721aaba3f893b6770c12) C:\WINDOWS\system32\drivers\cdudf_xp.sys
22:52:11.0890 5556 cdudf_xp ( UnsignedFile.Multi.Generic ) - warning
22:52:11.0890 5556 cdudf_xp - detected UnsignedFile.Multi.Generic (1)
22:52:11.0890 5556 Changer - ok
22:52:11.0953 5556 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:52:12.0046 5556 CmdIde - ok
22:52:12.0062 5556 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:52:12.0171 5556 Compbatt - ok
22:52:12.0250 5556 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:52:12.0359 5556 Cpqarray - ok
22:52:12.0390 5556 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
22:52:12.0406 5556 ctsfm2k ( UnsignedFile.Multi.Generic ) - warning
22:52:12.0406 5556 ctsfm2k - detected UnsignedFile.Multi.Generic (1)
22:52:12.0437 5556 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys
22:52:12.0453 5556 CTUSFSYN ( UnsignedFile.Multi.Generic ) - warning
22:52:12.0453 5556 CTUSFSYN - detected UnsignedFile.Multi.Generic (1)
22:52:12.0468 5556 cvspydr2 (c6644d1a70c050fdd7ecbe8c3ac05313) C:\WINDOWS\system32\DRIVERS\cvspydr2.sys
22:52:12.0500 5556 cvspydr2 - ok
22:52:13.0046 5556 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:52:13.0140 5556 dac2w2k - ok
22:52:13.0203 5556 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:52:13.0296 5556 dac960nt - ok
22:52:13.0328 5556 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:52:13.0421 5556 Disk - ok
22:52:13.0468 5556 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:52:13.0562 5556 dmboot - ok
22:52:13.0578 5556 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:52:13.0671 5556 dmio - ok
22:52:13.0687 5556 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:52:13.0765 5556 dmload - ok
22:52:13.0781 5556 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:52:13.0875 5556 DMusic - ok
22:52:13.0890 5556 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:52:13.0984 5556 dpti2o - ok
22:52:14.0000 5556 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:52:14.0234 5556 drmkaud - ok
22:52:14.0265 5556 DSproct - ok
22:52:14.0281 5556 dvd_2K (f5ca443d58a53de968685ee43fbe8f17) C:\WINDOWS\system32\drivers\dvd_2K.sys
22:52:14.0281 5556 dvd_2K ( UnsignedFile.Multi.Generic ) - warning
22:52:14.0281 5556 dvd_2K - detected UnsignedFile.Multi.Generic (1)
22:52:14.0296 5556 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:52:14.0390 5556 E100B - ok
22:52:14.0421 5556 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
22:52:14.0437 5556 e1express ( UnsignedFile.Multi.Generic ) - warning
22:52:14.0437 5556 e1express - detected UnsignedFile.Multi.Generic (1)
22:52:14.0500 5556 Fallback (9ea76a7f28cd968f8adc709e479f23b2) C:\WINDOWS\system32\DRIVERS\fallback.sys
22:52:14.0500 5556 Fallback ( UnsignedFile.Multi.Generic ) - warning
22:52:14.0500 5556 Fallback - detected UnsignedFile.Multi.Generic (1)
22:52:14.0531 5556 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:52:14.0625 5556 Fastfat - ok
22:52:14.0640 5556 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:52:14.0734 5556 Fdc - ok
22:52:14.0781 5556 FilterService (ed6c44547540e7892a1c34fd4bd35a53) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
22:52:14.0796 5556 FilterService - ok
22:52:14.0812 5556 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:52:14.0906 5556 Fips - ok
22:52:14.0921 5556 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:52:15.0015 5556 Flpydisk - ok
22:52:15.0046 5556 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:52:15.0140 5556 FltMgr - ok
22:52:15.0187 5556 FNETDEVI (92fc10e8fcf01c36abd567f646b74658) C:\WINDOWS\system32\drivers\FNETDEVI.SYS
22:52:15.0187 5556 FNETDEVI ( UnsignedFile.Multi.Generic ) - warning
22:52:15.0203 5556 FNETDEVI - detected UnsignedFile.Multi.Generic (1)
22:52:15.0234 5556 Fsks (b7b262d0431374f3afd1349e35b368d9) C:\WINDOWS\system32\DRIVERS\fsksnt.sys
22:52:15.0234 5556 Fsks ( UnsignedFile.Multi.Generic ) - warning
22:52:15.0234 5556 Fsks - detected UnsignedFile.Multi.Generic (1)
22:52:15.0250 5556 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:52:15.0328 5556 Fs_Rec - ok
22:52:15.0343 5556 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:52:15.0437 5556 Ftdisk - ok
22:52:15.0468 5556 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:52:15.0468 5556 GearAspiWDM - ok
22:52:15.0515 5556 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:52:15.0609 5556 Gpc - ok
22:52:15.0640 5556 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:52:15.0750 5556 HDAudBus - ok
22:52:15.0750 5556 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
22:52:15.0859 5556 HidBatt - ok
22:52:15.0875 5556 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:52:15.0968 5556 HidUsb - ok
22:52:16.0078 5556 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:52:16.0171 5556 hpn - ok
22:52:16.0281 5556 HSFHWBS2 (970178e8e003eb1481293830069624b9) C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
22:52:16.0375 5556 HSFHWBS2 - ok
22:52:16.0750 5556 HSF_DP (ebb354438a4c5a3327fb97306260714a) C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
22:52:16.0859 5556 HSF_DP - ok
22:52:16.0968 5556 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:52:17.0000 5556 HTTP - ok
22:52:18.0109 5556 i1display (8313a6af9de34a9d24df2329a548b004) C:\WINDOWS\system32\Drivers\i1display.sys
22:52:18.0125 5556 i1display - ok
22:52:18.0203 5556 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:52:18.0296 5556 i2omgmt - ok
22:52:18.0312 5556 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:52:18.0406 5556 i2omp - ok
22:52:18.0468 5556 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:52:18.0562 5556 i8042prt - ok
22:52:18.0656 5556 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\drivers\iaStor.sys
22:52:18.0671 5556 iaStor ( UnsignedFile.Multi.Generic ) - warning
22:52:18.0671 5556 iaStor - detected UnsignedFile.Multi.Generic (1)
22:52:18.0718 5556 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:52:18.0812 5556 Imapi - ok
22:52:18.0843 5556 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:52:18.0937 5556 ini910u - ok
22:52:18.0968 5556 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:52:19.0062 5556 IntelIde - ok
22:52:19.0109 5556 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:52:19.0203 5556 intelppm - ok
22:52:19.0218 5556 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:52:19.0296 5556 Ip6Fw - ok
22:52:19.0312 5556 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:52:19.0406 5556 IpFilterDriver - ok
22:52:19.0406 5556 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:52:19.0500 5556 IpInIp - ok
22:52:19.0515 5556 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:52:19.0609 5556 IpNat - ok
22:52:19.0625 5556 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:52:19.0718 5556 IPSec - ok
22:52:19.0750 5556 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:52:19.0796 5556 IRENUM - ok
22:52:19.0812 5556 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:52:19.0906 5556 isapnp - ok
22:52:19.0953 5556 K56 (a4e3277398c8aba999483d4c658c9696) C:\WINDOWS\system32\DRIVERS\k56nt.sys
22:52:19.0968 5556 K56 ( UnsignedFile.Multi.Generic ) - warning
22:52:19.0968 5556 K56 - detected UnsignedFile.Multi.Generic (1)
22:52:20.0000 5556 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:52:20.0468 5556 Kbdclass - ok
22:52:20.0562 5556 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:52:20.0656 5556 kbdhid - ok
22:52:21.0296 5556 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:52:21.0390 5556 kmixer - ok
22:52:21.0406 5556 KMWDFILTER (ba28aa72a51f69a2a6214f993c2430d6) C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
22:52:21.0421 5556 KMWDFILTER - ok
22:52:21.0421 5556 KMWDFILTERx86 (ba28aa72a51f69a2a6214f993c2430d6) C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
22:52:21.0437 5556 KMWDFILTERx86 - ok
22:52:21.0468 5556 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:52:21.0515 5556 KSecDD - ok
22:52:21.0531 5556 lbrtfdc - ok
22:52:21.0578 5556 LMIInfo - ok
22:52:21.0593 5556 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
22:52:21.0609 5556 lmimirr - ok
22:52:21.0625 5556 LMIRfsClientNP - ok
22:52:21.0625 5556 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
22:52:21.0640 5556 LMIRfsDriver - ok
22:52:21.0687 5556 LVcKap (fb548ff809634bfa866312b37d8a18ae) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
22:52:21.0953 5556 LVcKap - ok
22:52:23.0203 5556 LVMVDrv (fe3fb994f8702d9e37648927819b74b8) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
22:52:23.0468 5556 LVMVDrv - ok
22:52:24.0687 5556 lvpopflt (92990b040b68632cc3f80a742d163937) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
22:52:24.0968 5556 lvpopflt - ok
22:52:26.0093 5556 LVPr2Mon (c7ea51f1ab10b0b2b443f4d5589fc1a5) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
22:52:26.0109 5556 LVPr2Mon - ok
22:52:27.0437 5556 LVUSBSta (caef4c05ba2c1acad4ebcaa4261cd55d) C:\WINDOWS\system32\drivers\LVUSBSta.sys
22:52:27.0453 5556 LVUSBSta - ok
22:52:27.0546 5556 LVUVC (b0dfee7da5e6d04762e25e355d94d8b5) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
22:52:29.0984 5556 LVUVC - ok
22:52:30.0000 5556 MBAMSwissArmy - ok
22:52:30.0031 5556 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:52:30.0125 5556 mdmxsdk - ok
22:52:30.0156 5556 mmc_2K (2739df798b44809407879e9134233de4) C:\WINDOWS\system32\drivers\mmc_2K.sys
22:52:30.0156 5556 mmc_2K ( UnsignedFile.Multi.Generic ) - warning
22:52:30.0156 5556 mmc_2K - detected UnsignedFile.Multi.Generic (1)
22:52:30.0171 5556 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:52:30.0265 5556 mnmdd - ok
22:52:30.0281 5556 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:52:30.0375 5556 Modem - ok
22:52:30.0390 5556 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:52:30.0484 5556 MODEMCSA - ok
22:52:30.0531 5556 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
22:52:32.0187 5556 monfilt ( UnsignedFile.Multi.Generic ) - warning
22:52:32.0187 5556 monfilt - detected UnsignedFile.Multi.Generic (1)
22:52:32.0468 5556 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:52:32.0562 5556 Mouclass - ok
22:52:32.0578 5556 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:52:32.0671 5556 mouhid - ok
22:52:32.0687 5556 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:52:32.0765 5556 MountMgr - ok
22:52:33.0718 5556 MQAC (70c14f5cca5cf73f8a645c73a01d8726) C:\WINDOWS\system32\drivers\mqac.sys
22:52:33.0765 5556 MQAC - ok
22:52:33.0781 5556 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:52:33.0875 5556 mraid35x - ok
22:52:34.0921 5556 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:52:35.0015 5556 MRxDAV - ok
22:52:36.0250 5556 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:52:36.0296 5556 MRxSmb - ok
22:52:36.0359 5556 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
22:52:36.0453 5556 MSDV - ok
22:52:36.0468 5556 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:52:36.0562 5556 Msfs - ok
22:52:36.0562 5556 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:52:36.0656 5556 MSKSSRV - ok
22:52:36.0671 5556 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:52:36.0750 5556 MSPCLOCK - ok
22:52:36.0765 5556 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:52:36.0859 5556 MSPQM - ok
22:52:37.0328 5556 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:52:37.0421 5556 mssmbios - ok
22:52:37.0531 5556 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:52:37.0609 5556 MSTEE - ok
22:52:37.0671 5556 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:52:37.0687 5556 Mup - ok
22:52:37.0718 5556 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:52:37.0812 5556 NABTSFEC - ok
22:52:37.0875 5556 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:52:37.0968 5556 NDIS - ok
22:52:38.0000 5556 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:52:38.0093 5556 NdisIP - ok
22:52:38.0125 5556 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:52:38.0171 5556 NdisTapi - ok
22:52:38.0187 5556 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:52:38.0281 5556 Ndisuio - ok
22:52:38.0296 5556 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:52:38.0390 5556 NdisWan - ok
22:52:39.0109 5556 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:52:39.0125 5556 NDProxy - ok
22:52:39.0171 5556 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:52:39.0250 5556 NetBIOS - ok
22:52:39.0281 5556 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:52:39.0359 5556 NetBT - ok
22:52:39.0390 5556 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:52:39.0484 5556 NIC1394 - ok
22:52:39.0515 5556 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:52:39.0593 5556 Npfs - ok
22:52:39.0625 5556 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:52:39.0718 5556 Ntfs - ok
22:52:39.0843 5556 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
22:52:39.0843 5556 NuidFltr - ok
22:52:39.0921 5556 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:52:40.0015 5556 Null - ok
22:52:40.0312 5556 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:52:52.0953 5556 nv - ok
22:52:54.0562 5556 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:52:54.0671 5556 NwlnkFlt - ok
22:52:54.0875 5556 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:52:54.0968 5556 NwlnkFwd - ok
22:52:56.0484 5556 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:52:56.0578 5556 ohci1394 - ok
22:52:56.0609 5556 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
22:52:56.0625 5556 ossrv ( UnsignedFile.Multi.Generic ) - warning
22:52:56.0625 5556 ossrv - detected UnsignedFile.Multi.Generic (1)
22:52:56.0687 5556 PalmUSBD (dc450992eba6f914080c1f7fbeeed72c) C:\WINDOWS\system32\drivers\PalmUSBD.sys
22:52:56.0703 5556 PalmUSBD - ok
22:52:56.0718 5556 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:52:56.0812 5556 Parport - ok
22:52:56.0828 5556 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:52:56.0921 5556 PartMgr - ok
22:52:56.0921 5556 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:52:57.0015 5556 ParVdm - ok
22:52:57.0109 5556 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:52:57.0203 5556 PCI - ok
22:52:57.0203 5556 PCIDump - ok
22:52:57.0218 5556 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:52:57.0328 5556 PCIIde - ok
22:52:57.0343 5556 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:52:58.0406 5556 Pcmcia - ok
22:52:58.0468 5556 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
22:52:58.0468 5556 pcouffin ( UnsignedFile.Multi.Generic ) - warning
22:52:58.0468 5556 pcouffin - detected UnsignedFile.Multi.Generic (1)
22:52:58.0500 5556 PDCOMP - ok
22:52:58.0500 5556 PDFRAME - ok
22:52:58.0546 5556 PDIHWCTL (274fb48dc92e0ec012d4d8d866cfaf8a) C:\WINDOWS\system32\drivers\pdihwctl.sys
22:52:58.0546 5556 PDIHWCTL ( UnsignedFile.Multi.Generic ) - warning
22:52:58.0546 5556 PDIHWCTL - detected UnsignedFile.Multi.Generic (1)
22:52:58.0593 5556 PDRELI - ok
22:52:58.0593 5556 PDRFRAME - ok
22:52:58.0609 5556 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:52:58.0703 5556 perc2 - ok
22:52:58.0734 5556 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:52:58.0828 5556 perc2hib - ok
22:52:59.0859 5556 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:52:59.0953 5556 PptpMiniport - ok
22:52:59.0984 5556 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:53:00.0062 5556 PSched - ok
22:53:00.0125 5556 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:53:00.0203 5556 Ptilink - ok
22:53:00.0234 5556 pwd_2k (2e162e3856c9c6a3b53e0ece28386fe3) C:\WINDOWS\system32\drivers\pwd_2k.sys
22:53:00.0250 5556 pwd_2k ( UnsignedFile.Multi.Generic ) - warning
22:53:00.0250 5556 pwd_2k - detected UnsignedFile.Multi.Generic (1)
22:53:00.0265 5556 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:53:00.0265 5556 PxHelp20 - ok
22:53:00.0281 5556 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:53:00.0375 5556 ql1080 - ok
22:53:00.0375 5556 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:53:00.0468 5556 Ql10wnt - ok
22:53:00.0468 5556 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:53:00.0562 5556 ql12160 - ok
22:53:00.0562 5556 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:53:00.0656 5556 ql1240 - ok
22:53:00.0671 5556 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:53:00.0750 5556 ql1280 - ok
22:53:00.0781 5556 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:53:00.0859 5556 RasAcd - ok
22:53:00.0875 5556 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:53:00.0968 5556 Rasl2tp - ok
22:53:00.0984 5556 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:53:01.0062 5556 RasPppoe - ok
22:53:01.0078 5556 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:53:01.0156 5556 Raspti - ok
22:53:01.0171 5556 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:53:01.0265 5556 Rdbss - ok
22:53:01.0281 5556 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:53:01.0359 5556 RDPCDD - ok
22:53:01.0375 5556 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:53:01.0468 5556 rdpdr - ok
22:53:01.0765 5556 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:53:01.0781 5556 RDPWD - ok
22:53:01.0828 5556 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:53:01.0921 5556 redbook - ok
22:53:01.0953 5556 Rksample (4c35e57300a2dc5932a8e29efa527c32) C:\WINDOWS\system32\DRIVERS\rksample.sys
22:53:01.0953 5556 Rksample ( UnsignedFile.Multi.Generic ) - warning
22:53:01.0953 5556 Rksample - detected UnsignedFile.Multi.Generic (1)
22:53:02.0031 5556 RMCAST (96f7a9a7bf0c9c0440a967440065d33c) C:\WINDOWS\system32\drivers\RMCast.sys
22:53:02.0046 5556 RMCAST - ok
22:53:02.0703 5556 rspndr (a3b23fb3f295694091f51865f98588b2) C:\WINDOWS\system32\DRIVERS\rspndr.sys
22:53:02.0718 5556 rspndr ( UnsignedFile.Multi.Generic ) - warning
22:53:02.0718 5556 rspndr - detected UnsignedFile.Multi.Generic (1)
22:53:02.0812 5556 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
22:53:02.0906 5556 sbp2port - ok
22:53:03.0000 5556 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:53:03.0046 5556 Secdrv - ok
22:53:03.0078 5556 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:53:03.0171 5556 serenum - ok
22:53:03.0218 5556 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:53:03.0296 5556 Serial - ok
22:53:03.0328 5556 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:53:03.0406 5556 Sfloppy - ok
22:53:03.0421 5556 Simbad - ok
22:53:03.0437 5556 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:53:03.0531 5556 sisagp - ok
22:53:03.0562 5556 slabbus (886dbe1e6de104591e8b7334b6d42ed8) C:\WINDOWS\system32\DRIVERS\slabbus.sys
22:53:03.0593 5556 slabbus - ok
22:53:03.0656 5556 slabser (ed71f8c82ef11c0da1c57be021a2fdc9) C:\WINDOWS\system32\DRIVERS\slabser.sys
22:53:03.0671 5556 slabser - ok
22:53:03.0687 5556 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:53:03.0765 5556 SLIP - ok
22:53:04.0578 5556 SoftFax (413cfa795cad19a010889df0ec060408) C:\WINDOWS\system32\DRIVERS\faxnt.sys
22:53:04.0593 5556 SoftFax ( UnsignedFile.Multi.Generic ) - warning
22:53:04.0593 5556 SoftFax - detected UnsignedFile.Multi.Generic (1)
22:53:04.0640 5556 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:53:04.0703 5556 Sparrow - ok
22:53:04.0718 5556 SpeakerPhone (c11082c80723771c1979eacf7fdde1c3) C:\WINDOWS\system32\DRIVERS\spkpnt.sys
22:53:04.0734 5556 SpeakerPhone ( UnsignedFile.Multi.Generic ) - warning
22:53:04.0734 5556 SpeakerPhone - detected UnsignedFile.Multi.Generic (1)
22:53:04.0828 5556 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:53:04.0921 5556 splitter - ok
22:53:04.0968 5556 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:53:05.0031 5556 sr - ok
22:53:05.0078 5556 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:53:05.0109 5556 Srv - ok
22:53:05.0187 5556 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
22:53:05.0187 5556 ssadbus - ok
22:53:05.0203 5556 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
22:53:05.0218 5556 ssadmdfl - ok
22:53:05.0218 5556 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
22:53:05.0234 5556 ssadmdm - ok
22:53:05.0343 5556 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys
22:53:05.0375 5556 STHDA - ok
22:53:05.0421 5556 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:53:05.0515 5556 streamip - ok
22:53:05.0734 5556 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:53:05.0828 5556 swenum - ok
22:53:05.0875 5556 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:53:06.0015 5556 swmidi - ok
22:53:06.0078 5556 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:53:06.0156 5556 symc810 - ok
22:53:06.0171 5556 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:53:06.0250 5556 symc8xx - ok
22:53:06.0359 5556 symlcbrd (5220576ee29bea7c18dff9ecabf18bbc) C:\WINDOWS\system32\drivers\symlcbrd.sys
22:53:06.0359 5556 symlcbrd ( UnsignedFile.Multi.Generic ) - warning
22:53:06.0359 5556 symlcbrd - detected UnsignedFile.Multi.Generic (1)
22:53:06.0375 5556 SymSnap (b8fae6b464d9a2abeb0c80fb03ee5f96) C:\WINDOWS\system32\drivers\SymSnap.sys
22:53:06.0390 5556 SymSnap - ok
22:53:07.0468 5556 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:53:07.0546 5556 sym_hi - ok
22:53:07.0578 5556 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:53:07.0671 5556 sym_u3 - ok
22:53:07.0703 5556 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:53:07.0796 5556 sysaudio - ok
22:53:08.0468 5556 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:53:08.0515 5556 Tcpip - ok
22:53:08.0531 5556 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:53:08.0625 5556 TDPIPE - ok
22:53:08.0687 5556 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:53:08.0781 5556 TDTCP - ok
22:53:08.0796 5556 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:53:08.0890 5556 TermDD - ok
22:53:09.0140 5556 tmactmon (e8e528896ff2595cfada88749cd72ef8) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
22:53:09.0156 5556 tmactmon - ok
22:53:09.0187 5556 tmcomm (1837512d4aab862bd297a2ef035fba14) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
22:53:09.0187 5556 tmcomm - ok
22:53:09.0203 5556 tmevtmgr (dbac510d1c7cc66b7a78eb2264f3072e) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
22:53:09.0218 5556 tmevtmgr - ok
22:53:09.0234 5556 tmtdi (a6e20b094a8d3e3f46d10bbe7e1ebb82) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
22:53:09.0250 5556 tmtdi - ok
22:53:09.0296 5556 Tones (e0f10a379239b4fab319c55a9cd6bc96) C:\WINDOWS\system32\DRIVERS\tonesnt.sys
22:53:09.0296 5556 Tones ( UnsignedFile.Multi.Generic ) - warning
22:53:09.0296 5556 Tones - detected UnsignedFile.Multi.Generic (1)
22:53:09.0328 5556 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:53:09.0406 5556 TosIde - ok
22:53:09.0437 5556 UdfReadr_xp (e398bde2e6c978f357faedff784ffd70) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
22:53:09.0453 5556 UdfReadr_xp ( UnsignedFile.Multi.Generic ) - warning
22:53:09.0453 5556 UdfReadr_xp - detected UnsignedFile.Multi.Generic (1)
22:53:09.0468 5556 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:53:09.0562 5556 Udfs - ok
22:53:09.0562 5556 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:53:09.0625 5556 ultra - ok
22:53:09.0687 5556 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:53:09.0796 5556 Update - ok
22:53:09.0843 5556 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:53:09.0875 5556 USBAAPL - ok
22:53:10.0000 5556 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:53:10.0093 5556 usbaudio - ok
22:53:10.0375 5556 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:53:10.0468 5556 usbccgp - ok
22:53:10.0500 5556 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:53:10.0593 5556 usbehci - ok
22:53:10.0609 5556 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:53:10.0703 5556 usbhub - ok
22:53:10.0734 5556 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:53:10.0828 5556 usbohci - ok
22:53:10.0859 5556 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:53:10.0953 5556 usbprint - ok
22:53:10.0984 5556 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:53:11.0062 5556 usbscan - ok
22:53:11.0093 5556 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:53:11.0187 5556 USBSTOR - ok
22:53:11.0203 5556 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:53:11.0296 5556 usbuhci - ok
22:53:11.0312 5556 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:53:11.0406 5556 usbvideo - ok
22:53:11.0421 5556 V124 (177b65899d418f8c8f037b20567a99d6) C:\WINDOWS\system32\DRIVERS\v124nt.sys
22:53:11.0437 5556 V124 ( UnsignedFile.Multi.Generic ) - warning
22:53:11.0437 5556 V124 - detected UnsignedFile.Multi.Generic (1)
22:53:11.0468 5556 V2IMount (b413e1467c92a65610166c932877e147) C:\WINDOWS\system32\drivers\V2IMount.sys
22:53:11.0484 5556 V2IMount - ok
22:53:11.0500 5556 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:53:11.0578 5556 VgaSave - ok
22:53:11.0812 5556 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:53:11.0890 5556 viaagp - ok
22:53:11.0921 5556 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:53:12.0015 5556 ViaIde - ok
22:53:12.0671 5556 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:53:12.0765 5556 VolSnap - ok
22:53:12.0875 5556 VX3000 (13acfed0e6adca97440169dfd127ebcf) C:\WINDOWS\system32\DRIVERS\VX3000.sys
22:53:13.0125 5556 VX3000 - ok
22:53:14.0281 5556 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:53:14.0359 5556 Wanarp - ok
22:53:14.0375 5556 wanatw - ok
22:53:14.0406 5556 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:53:14.0437 5556 Wdf01000 - ok
22:53:14.0437 5556 WDICA - ok
22:53:14.0484 5556 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:53:14.0562 5556 wdmaud - ok
22:53:15.0765 5556 winachsf (a941aa38e3951058e584c4bbddd56ed9) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:53:15.0781 5556 winachsf ( UnsignedFile.Multi.Generic ) - warning
22:53:15.0781 5556 winachsf - detected UnsignedFile.Multi.Generic (1)
22:53:15.0875 5556 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:53:15.0968 5556 WSTCODEC - ok
22:53:15.0984 5556 yeddef - ok
22:53:16.0000 5556 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
22:53:16.0406 5556 \Device\Harddisk0\DR0 - ok
22:53:16.0421 5556 Boot (0x1200) (d48bb5f219bfbf05e1ed4c74fdf8d019) \Device\Harddisk0\DR0\Partition0
22:53:16.0421 5556 \Device\Harddisk0\DR0\Partition0 - ok
22:53:16.0437 5556 Boot (0x1200) (2b95edcaf16ceae9f7d1857338a085c5) \Device\Harddisk0\DR0\Partition1
22:53:16.0437 5556 \Device\Harddisk0\DR0\Partition1 - ok
22:53:16.0437 5556 ============================================================
22:53:16.0437 5556 Scan finished
22:53:16.0437 5556 ============================================================
22:53:16.0562 4328 Detected object count: 29
22:53:16.0562 4328 Actual detected object count: 29
22:53:43.0781 4328 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0781 4328 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0781 4328 ASPI32 ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0781 4328 ASPI32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0781 4328 basic2 ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0781 4328 basic2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 bfturboh ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 bfturboh ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 cdudf_xp ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 cdudf_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 ctsfm2k ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 ctsfm2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 CTUSFSYN ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 CTUSFSYN ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 dvd_2K ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 dvd_2K ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 e1express ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 e1express ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 Fallback ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 Fallback ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 FNETDEVI ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 FNETDEVI ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 Fsks ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 Fsks ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 iaStor ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 iaStor ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0796 4328 K56 ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0796 4328 K56 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 mmc_2K ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 mmc_2K ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 monfilt ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 monfilt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 ossrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 ossrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 PDIHWCTL ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 PDIHWCTL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 pwd_2k ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 pwd_2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 Rksample ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 Rksample ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 SoftFax ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 SoftFax ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 SpeakerPhone ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 SpeakerPhone ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 symlcbrd ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 symlcbrd ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0812 4328 Tones ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0812 4328 Tones ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0828 4328 UdfReadr_xp ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0828 4328 UdfReadr_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0828 4328 V124 ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0828 4328 V124 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:43.0828 4328 winachsf ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:43.0828 4328 winachsf ( UnsignedFile.Multi.Generic ) - User select action: Skip

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:08 AM

Posted 02 November 2011 - 10:12 PM

how are things doing now


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 vdotmatrix

vdotmatrix
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 02 November 2011 - 10:44 PM

I think things are quiet!

Would it be safe to defragment my HD or should I wait a few days to do anything at all.

I resolved the ADD New hardware Issue: it was a leftover file from SuperAntispyware: Root\Legacy_SASKUTIL\0000

UPDATE SHIELD: wants to update Windows security Update for NETFRAMEWORK for the hundreth time seems like.

At any rate I feel like you have saved me from utter disaster! I can't thank you enough.


I will watch my system for the next few days...anything I should do in the meantime?

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:08 AM

Posted 02 November 2011 - 11:58 PM

These logs are looking alot better. But we still have some work to do.


For the .net fault updates run tyhis tool

http://download.techworld.com/3214090/net-framework-cleanup-tool-20-8-2010/


and download .net again



Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

1. click on start
2. then go to settings
3. after that you need control panel
4. look for the icon add/remove programs
click on the following programs

Adobe Reader 9.4.5
J2SE Runtime Environment 5.0 Update 6


and click on remove

Update Adobe Reader

Recently there have been vunerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be carefull not to install anything to do with AskBar.
[/list]
Your Java is out of date.

It can be updated by the Java control panel
  • click on Start-> Control Panel (Classic View)-> Java (looks like a coffee cup) -> Update Tab -> Update Now.
  • An update should begin;
  • follow the prompts


TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidently close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the AnalyseThis button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

If you have problems running Hijackthis.

sometimes we have to run it like this To run HijackThis as an administrator,
rightclick HijackThis.exe (located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 vdotmatrix

vdotmatrix
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 03 November 2011 - 09:55 AM

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8076

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/3/2011 10:43:11 AM
mbam-log-2011-11-03 (10-43-11).txt

Scan type: Quick scan
Objects scanned: 267681
Time elapsed: 11 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
**********************************************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:20 AM, on 11/3/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Backblaze\bzserv.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Backblaze\bzfilelist.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMConfig.exe
C:\Program Files\Belkin Bulldog Plus\UPS-Status.exe
C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iHome\Keyboard & Mouse Driver\KMProcess.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Backblaze\bzbui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BUFFALO\NASNAVI\nassche.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\vincedaddy\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Documents and Settings\vincedaddy\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\iHome\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [UPS-Status] C:\Program Files\Belkin Bulldog Plus\UPS-Status.exe
O4 - HKLM\..\Run: [CaddieSyncConduit] C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Backblaze] "C:\Program Files\Backblaze\bzbui.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Backblaze] "C:\Program Files\Backblaze\bzbui.exe" -quiet (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: BUFFALO NAS Navigator2.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
O4 - Startup: NAS Scheduler.lnk = C:\Program Files\BUFFALO\NASNAVI\nassche.exe
O4 - Global Startup: Logo Calibration Loader.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01118F00-3E00-11D2-8470-0060089874ED} (SupportSoft RemoteControl Class) - https://www.tmremote.com/sdccommon/download/ssrc.cab
O16 - DPF: {01119400-3E00-11D2-8470-0060089874ED} (SupportSoft Listener Control) - https://www.tmremote.com/sdccommon/download/sprtctlln.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - http://www.costcophotocenter.com/CostcoActivia.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - http://picasaweb.google.com/s/v/30.66/uploader2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164865209062
O16 - DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} - http://bookmarks.yahoo.com/YbConvFav.CAB
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} - http://photos.msn.com/resources/neutral/controls/DigWebX2.cab?10,0,910,0
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - (no file)
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Backblaze Service (bzserv) - Unknown owner - C:\Program Files\Backblaze\bzserv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 14889 bytes
***************************************************************************

  • could not uninstall adobe reader 9.4.5; Message: this patch pkg could not be opened.verify it exists or verify it is a a valid windows patch package; able to install Adobe reader X.
  • Could not unistall java 22 but was able to install Java 29.
  • performed all of your instructions. THANK YOU


#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:08 AM

Posted 03 November 2011 - 10:25 AM

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded startup entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
      O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
      O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
      O4 - HKLM\..\Run: [CaddieSyncConduit] C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
      O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
      O4 - Global Startup: Logo Calibration Loader.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
      O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

    NOTE**You can research each of those lines >here< and see if you want to keep them or not
    just copy the name between the brakets and paste into the search space
    O4 - HKLM\..\Run: [IntelliPoint]



If you have any problems running Hijackthis.

sometimes we have to run it like this To run HijackThis as an administrator,
rightclick HijackThis.exe (located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)
and select to run as administrator


Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the activex control to install
    • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • Click on copy to clipboard and paste the results here in this topic
  • you may also find here C:\Program Files\Eset\Eset Online Scanner\log.txt
Copy and paste that log as a reply to this topic

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 vdotmatrix

vdotmatrix
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 03 November 2011 - 05:19 PM

I have to send you an note.

I am performing the ESET scan and at 5hours 37mins it is only 37% completed.
Does this sound right?
There are 2 threats detected, one some trojan in a WIN32 file.
If it takes this long then I will just let it run.

thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users