Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit - don't know how to remove


  • This topic is locked This topic is locked
15 replies to this topic

#1 barbfthomas

barbfthomas

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:13 PM

Posted 09 March 2012 - 08:23 AM

Mbam still won't run successfully after expert help in forum:
BleepingComputer.com> Security> Am I infected? What do I do?
TOPIC:
Taskbar icon appear/disappear, mbam has errors

My forum helper believes it's a rootkit.
DDS and GMER logs attached.
Much appreciate your help.
Thank you.
Barb

Attached Files

  • Attached File  dds.txt   24.58KB   3 downloads
  • Attached File  ark.txt   15.4KB   2 downloads


BC AdBot (Login to Remove)

 


#2 barbfthomas

barbfthomas
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:13 PM

Posted 09 March 2012 - 06:29 PM

I attached the wrong report from gmer the first time. Here is the correct report.

Edited by barbfthomas, 09 March 2012 - 06:42 PM.


#3 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:13 PM

Posted 09 March 2012 - 07:52 PM

I see ComboFix has been run on this computer. Was it recently? If so please find the log at c:\combofix.txt and post the content

thanks

please advise what symptoms you are experiencing

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#4 barbfthomas

barbfthomas
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:13 PM

Posted 10 March 2012 - 12:43 PM

Symptons:
Malwarebytes errors out even after multiple clean removals and reinstalls with updates. Task bar icons appear/disappear with each boot. Previous helper boopme had me run sfc.exe, which helped with task bar initially, now the problem is back again.

This morning on bootup I saw a taskbar icon appear and instantly disappear saying my firewall is not on, which I know to be false. This is a new symptom.

boopme also had me run rkill then tdskiller plus SuperAntiSpyware.

Combofix was run 03/04/2012 previous to me contacting the forums. Log is below.

Thank you for your time and help.

ComboFix 12-03-04.01 - Barb 2012-03-04 9:17.7.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.63.1033.18.1022.429 [GMT -8:00]
Running from: c:\documents and settings\Barb\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2012-02-04 to 2012-03-04 )))))))))))))))))))))))))))))))
.
.
2012-03-04 16:05 . 2012-03-04 16:05 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2BFFCBE4-8A22-459A-9F58-DC7B9D7B49A4}\MpKsldb52dbec.sys
2012-03-04 08:58 . 2012-03-04 08:59 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-03-04 08:58 . 2012-03-04 08:58 -------- d-----w- c:\documents and settings\Barb\Application Data\Malwarebytes
2012-03-04 08:58 . 2012-03-04 08:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-03-04 08:57 . 2011-12-10 23:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-04 08:57 . 2012-03-04 08:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-04 08:56 . 2012-03-04 08:56 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2BFFCBE4-8A22-459A-9F58-DC7B9D7B49A4}\offreg.dll
2012-03-02 14:44 . 2012-02-08 06:03 6552120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2BFFCBE4-8A22-459A-9F58-DC7B9D7B49A4}\mpengine.dll
2012-02-03 23:26 . 2012-02-03 23:26 348160 ----a-w- c:\windows\system32\msvcr71.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-25 20:44 . 2007-04-11 18:32 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-02-25 20:44 . 2011-05-07 03:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-16 22:48 . 2011-08-11 16:02 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-08 06:03 . 2012-01-08 18:25 6552120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-12 16:53 . 2004-08-04 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-31 20:21 . 2011-12-31 20:21 26624 -c--a-w- C:\barbc.bat
2011-12-17 19:46 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:46 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:46 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-13 01:33 . 2011-06-13 01:33 2374968 ----a-w- c:\program files\iMeshV10.exe
2009-04-06 19:02 . 2009-04-06 19:02 3190688 ----a-w- c:\program files\ccsetup218.exe
2009-04-05 19:09 . 2009-04-05 19:08 1613856 ----a-w- c:\program files\CuteWriter.exe
2009-01-13 02:25 . 2009-01-13 02:25 1079152 ----a-w- c:\program files\scripten.exe
2007-02-11 07:22 . 2007-02-11 07:22 5186048 -c--a-w- c:\program files\WindowsDefender.msi
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-07_18.21.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-03-04 08:53 . 2012-03-04 08:53 16384 c:\windows\temp\Perflib_Perfdata_374.dat
+ 2012-03-04 08:53 . 2012-03-04 08:53 16384 c:\windows\temp\Perflib_Perfdata_320.dat
- 2004-08-04 12:00 . 2011-11-04 19:20 66560 c:\windows\SYSTEM32\mshtmled.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 66560 c:\windows\SYSTEM32\mshtmled.dll
- 2006-11-08 05:03 . 2011-11-04 19:20 55296 c:\windows\SYSTEM32\msfeedsbs.dll
+ 2006-11-08 05:03 . 2011-12-17 19:46 55296 c:\windows\SYSTEM32\msfeedsbs.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 25600 c:\windows\SYSTEM32\jsproxy.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 25600 c:\windows\SYSTEM32\jsproxy.dll
+ 2009-06-10 00:17 . 2011-12-17 19:46 12800 c:\windows\SYSTEM32\DLLCACHE\xpshims.dll
- 2009-06-10 00:17 . 2011-11-04 19:20 12800 c:\windows\SYSTEM32\DLLCACHE\xpshims.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 66560 c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 66560 c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
- 2007-05-09 03:02 . 2011-11-04 19:20 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
+ 2007-05-09 03:02 . 2011-12-17 19:46 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 43520 c:\windows\SYSTEM32\DLLCACHE\licmgr10.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 43520 c:\windows\SYSTEM32\DLLCACHE\licmgr10.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
- 2005-05-12 00:54 . 2005-05-12 00:54 11264 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2005-05-12 00:54 . 2012-02-23 06:36 11264 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2005-05-12 00:54 . 2012-02-23 06:36 12288 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2005-05-12 00:54 . 2005-05-12 00:54 12288 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2012-02-16 06:02 . 2011-11-04 19:20 12800 c:\windows\ie8updates\KB2647516-IE8\xpshims.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 66560 c:\windows\ie8updates\KB2647516-IE8\mshtmled.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 55296 c:\windows\ie8updates\KB2647516-IE8\msfeedsbs.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 43520 c:\windows\ie8updates\KB2647516-IE8\licmgr10.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 25600 c:\windows\ie8updates\KB2647516-IE8\jsproxy.dll
+ 2012-02-16 14:44 . 2012-02-16 14:44 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\dab766b18e6fe0a8f53a93c56be7b40e\System.Windows.Presentation.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\31b65443e56a470d199f293085576e05\System.Web.DynamicData.Design.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\89dfd3999ad1d72c59243d7b4bf40d5a\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-16 06:14 . 2012-02-16 06:14 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3aa4296d4aa01fe0533de2c15f818d5f\PresentationFontCache.ni.exe
+ 2012-02-16 06:14 . 2012-02-16 06:14 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\820acb71782d9cd006800b3ac7e1ca53\PresentationCFFRasterizer.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\d07f0222f62dbed7898a6e2e909d407a\Microsoft.Vsa.ni.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-01-03 22:50 . 2012-01-03 22:50 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 105984 c:\windows\SYSTEM32\url.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 105984 c:\windows\SYSTEM32\url.dll
- 2002-09-03 08:13 . 2012-01-03 22:51 525196 c:\windows\SYSTEM32\PERFH009.DAT
+ 2002-09-03 08:13 . 2012-02-16 06:12 525196 c:\windows\SYSTEM32\PERFH009.DAT
+ 2002-09-03 08:13 . 2012-02-16 06:12 100336 c:\windows\SYSTEM32\PERFC009.DAT
- 2002-09-03 08:13 . 2012-01-03 22:51 100336 c:\windows\SYSTEM32\PERFC009.DAT
+ 2004-08-04 12:00 . 2011-12-17 19:46 206848 c:\windows\SYSTEM32\occache.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 206848 c:\windows\SYSTEM32\occache.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 611840 c:\windows\SYSTEM32\mstime.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 611840 c:\windows\SYSTEM32\mstime.dll
+ 2006-11-08 05:03 . 2011-12-17 19:46 602112 c:\windows\SYSTEM32\msfeeds.dll
- 2006-11-08 05:03 . 2011-11-04 19:20 602112 c:\windows\SYSTEM32\msfeeds.dll
+ 2012-02-16 22:48 . 2012-02-16 22:48 250016 c:\windows\SYSTEM32\Macromed\Flash\FlashUtil11f_ActiveX.exe
+ 2012-02-16 22:48 . 2012-02-16 22:48 335520 c:\windows\SYSTEM32\Macromed\Flash\FlashUtil11f_ActiveX.dll
+ 2012-02-25 20:45 . 2012-02-25 20:44 157472 c:\windows\SYSTEM32\javaws.exe
- 2012-01-10 16:11 . 2011-11-10 13:54 157472 c:\windows\SYSTEM32\javaws.exe
+ 2012-02-25 20:45 . 2012-02-25 20:44 149280 c:\windows\SYSTEM32\javaw.exe
- 2012-01-10 16:11 . 2011-11-10 13:54 149280 c:\windows\SYSTEM32\javaw.exe
+ 2012-02-25 20:45 . 2012-02-25 20:44 149280 c:\windows\SYSTEM32\java.exe
- 2012-01-10 16:11 . 2011-11-10 13:54 149280 c:\windows\SYSTEM32\java.exe
+ 2011-11-22 03:36 . 2012-03-04 08:57 227112 c:\windows\SYSTEM32\INETSRV\MetaBase.bin
- 2004-08-04 12:00 . 2011-11-04 19:20 184320 c:\windows\SYSTEM32\iepeers.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 184320 c:\windows\SYSTEM32\iepeers.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 387584 c:\windows\SYSTEM32\iedkcs32.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 387584 c:\windows\SYSTEM32\iedkcs32.dll
+ 2004-08-04 12:00 . 2011-12-16 12:23 174080 c:\windows\SYSTEM32\ie4uinit.exe
- 2004-08-04 12:00 . 2011-11-04 11:24 174080 c:\windows\SYSTEM32\ie4uinit.exe
+ 2002-09-03 15:05 . 2012-02-16 14:34 411880 c:\windows\SYSTEM32\FNTCACHE.DAT
- 2002-09-03 15:05 . 2012-02-01 14:16 411880 c:\windows\SYSTEM32\FNTCACHE.DAT
+ 2004-08-04 12:00 . 2011-12-17 19:46 916992 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 916992 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 105984 c:\windows\SYSTEM32\DLLCACHE\url.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 105984 c:\windows\SYSTEM32\DLLCACHE\url.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 206848 c:\windows\SYSTEM32\DLLCACHE\occache.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 206848 c:\windows\SYSTEM32\DLLCACHE\occache.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 611840 c:\windows\SYSTEM32\DLLCACHE\mstime.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 611840 c:\windows\SYSTEM32\DLLCACHE\mstime.dll
- 2007-05-09 03:02 . 2011-11-04 19:20 602112 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
+ 2007-05-09 03:02 . 2011-12-17 19:46 602112 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
+ 2009-06-10 00:17 . 2011-12-17 19:46 247808 c:\windows\SYSTEM32\DLLCACHE\ieproxy.dll
- 2009-06-10 00:17 . 2011-11-04 19:20 247808 c:\windows\SYSTEM32\DLLCACHE\ieproxy.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 184320 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 184320 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll
- 2010-06-09 19:44 . 2011-11-04 19:20 743424 c:\windows\SYSTEM32\DLLCACHE\iedvtool.dll
+ 2010-06-09 19:44 . 2011-12-17 19:46 743424 c:\windows\SYSTEM32\DLLCACHE\iedvtool.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 387584 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 387584 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
- 2004-08-04 12:00 . 2011-11-04 11:24 174080 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
+ 2004-08-04 12:00 . 2011-12-16 12:23 174080 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
+ 2012-02-25 20:46 . 2012-02-25 20:46 203776 c:\windows\Installer\ce5fc1.msi
+ 2012-02-25 20:44 . 2012-02-25 20:44 901120 c:\windows\Installer\ce5fb3.msi
+ 2012-02-20 22:49 . 2012-02-20 22:49 380928 c:\windows\Installer\{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}\iTunesIco.exe
- 2005-05-12 00:54 . 2005-05-12 00:54 135168 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2005-05-12 00:54 . 2012-02-23 06:36 135168 c:\windows\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2012-02-16 06:02 . 2011-11-04 19:20 916992 c:\windows\ie8updates\KB2647516-IE8\wininet.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 105984 c:\windows\ie8updates\KB2647516-IE8\url.dll
+ 2012-02-16 06:03 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2647516-IE8\spuninst\updspapi.dll
+ 2012-02-16 06:03 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2647516-IE8\spuninst\spuninst.exe
+ 2012-02-16 06:02 . 2011-11-04 19:20 206848 c:\windows\ie8updates\KB2647516-IE8\occache.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 611840 c:\windows\ie8updates\KB2647516-IE8\mstime.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 602112 c:\windows\ie8updates\KB2647516-IE8\msfeeds.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 247808 c:\windows\ie8updates\KB2647516-IE8\ieproxy.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 184320 c:\windows\ie8updates\KB2647516-IE8\iepeers.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 743424 c:\windows\ie8updates\KB2647516-IE8\iedvtool.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 387584 c:\windows\ie8updates\KB2647516-IE8\iedkcs32.dll
+ 2012-02-16 06:02 . 2011-11-04 11:24 174080 c:\windows\ie8updates\KB2647516-IE8\ie4uinit.exe
+ 2012-02-16 14:41 . 2012-02-16 14:41 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\edc5691acfb65ac37f49de2ec497083a\WsatConfig.ni.exe
+ 2012-02-16 06:17 . 2012-02-16 06:17 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\4ad8369d6a60765d7e9b43cdf9023f41\WindowsFormsIntegration.ni.dll
+ 2012-02-16 06:16 . 2012-02-16 06:16 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\68f4157e570c77df653057c0583395bd\UIAutomationClient.ni.dll
+ 2012-02-16 14:44 . 2012-02-16 14:44 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c2a12bd4056b44f8005a7eb3af161e6a\System.Xml.Linq.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\fc63b434b2f253cd27625487f7b02ac0\System.Web.Routing.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\67877f896b2b0e42286e838fe307f3fd\System.Web.RegularExpressions.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\86650d4fb220f94f25bb5da42a03d454\System.Web.Extensions.Design.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\654465871e547e131668874de7c60b8c\System.Web.Entity.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f0d6895f6e709d425cb5da6053c603d2\System.Web.Entity.Design.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3f3b7dc7208e302e39a2dfb5b2cb953b\System.Web.DynamicData.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\e9cddd213343f15d611b14620d649bb0\System.Web.Abstractions.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\a4b2b1ee81acd843970d9a81b281f1c1\System.Net.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e3436edde657a5111d39d5b2eecf9715\System.Management.Instrumentation.ni.dll
+ 2012-02-16 14:40 . 2012-02-16 14:40 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\974ded7dd3bca225a1b90de778846c78\System.IO.Log.ni.dll
+ 2012-02-16 14:40 . 2012-02-16 14:40 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\01eba24390736a59c39becd825b5756e\System.IdentityModel.Selectors.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.Wrapper.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.ni.dll
+ 2012-02-16 06:16 . 2012-02-16 06:16 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e9ae7ae6d1e9edc7aaf819889cd1c692\System.Drawing.Design.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\78a370dc153011708dd9e4cb0e606bfc\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-16 14:42 . 2012-02-16 14:43 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6e644fc7464d9fe23fc9cd6001296f2f\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-16 14:42 . 2012-02-16 14:42 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\bac39be66bb9f987c1948b766833f8e6\System.Data.Services.Client.ni.dll
+ 2012-02-16 14:42 . 2012-02-16 14:42 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2b5ecd231320e57010043c408783d80b\System.Data.Services.Design.ni.dll
+ 2012-02-16 14:42 . 2012-02-16 14:42 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4ac9ac2326720485aefd4d79d2024945\System.Data.Entity.Design.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\d504d550fd0a6994fcb1466ea7be92af\System.Data.DataSetExtensions.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\28637135c6939e74450bbbf110b12643\System.Configuration.Install.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\958b5c0114d664ab5ba72575c301e2ea\System.AddIn.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4dcff3b0e79fc27e31549bb2af00efb5\SMSvcHost.ni.exe
+ 2012-02-16 14:41 . 2012-02-16 14:41 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bd3bfd5b6ef659dac4d6cccb34577d33\SMDiagnostics.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\edec83be646eb52204c991371751a428\ServiceModelReg.ni.exe
+ 2012-02-16 06:15 . 2012-02-16 06:15 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\52015457bc28e7a9a563d9eab8ab0015\PresentationFramework.Royale.ni.dll
+ 2012-02-16 06:15 . 2012-02-16 06:15 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a680814559114706a33282e9df4b7a\PresentationFramework.Classic.ni.dll
+ 2012-02-16 06:15 . 2012-02-16 06:15 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2713754549b1114c9152d33efe5f72c7\PresentationFramework.Aero.ni.dll
+ 2012-02-16 06:15 . 2012-02-16 06:15 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1552f18ca434c1dca6d082df476d089a\PresentationFramework.Luna.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7c51497b188c82e2ccbe6315549ce023\MSBuild.ni.exe
+ 2012-02-16 14:41 . 2012-02-16 14:41 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f0f6dd614d294295c5d8386cc4192034\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fb938a1d399e2cfca2304bdca4fe76dc\Microsoft.PowerShell.Security.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a03adbb7c3084d986da6e22dcce9805f\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8a25afef0d57ac430ba392595eba639f\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\875af0c2a5e8a4bed88232b6f445cfaa\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\fd1338828beec8737fed8f50f4fcc567\Microsoft.Build.Utilities.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\0d5f999c4b7e51151548c37c676c1b8e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\792168ce8fe03a3db43e12cf736cf91e\Microsoft.Build.Engine.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\0a5277c34ddc1f55df1defb4231e814f\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a8df37aadb089f1f34d3d2f103966fbc\ComSvcConfig.ni.exe
+ 2012-02-16 14:40 . 2012-02-16 14:40 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\25ce400b547f517258c8afb0480390ea\AspNetMMCExt.ni.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-02-16 06:11 . 2012-02-16 06:11 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 1212416 c:\windows\SYSTEM32\urlmon.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 1212416 c:\windows\SYSTEM32\urlmon.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 5979136 c:\windows\SYSTEM32\mshtml.dll
+ 2006-10-17 19:57 . 2011-12-17 19:46 2000384 c:\windows\SYSTEM32\iertutil.dll
- 2006-10-17 19:57 . 2011-11-04 19:20 2000384 c:\windows\SYSTEM32\iertutil.dll
+ 2008-10-14 23:19 . 2012-01-12 16:53 1859968 c:\windows\SYSTEM32\DLLCACHE\win32k.sys
+ 2004-08-04 12:00 . 2011-12-17 19:46 1212416 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
- 2004-08-04 12:00 . 2011-11-04 19:20 1212416 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
+ 2004-08-04 12:00 . 2011-12-17 19:46 5979136 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
+ 2007-05-09 03:02 . 2011-12-17 19:46 2000384 c:\windows\SYSTEM32\DLLCACHE\iertutil.dll
- 2007-05-09 03:02 . 2011-11-04 19:20 2000384 c:\windows\SYSTEM32\DLLCACHE\iertutil.dll
+ 2011-10-26 11:39 . 2011-10-26 11:39 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-10-31 06:54 . 2011-10-31 06:54 2748416 c:\windows\Installer\36ba2ad.msp
+ 2012-02-20 22:49 . 2012-02-20 22:49 5421056 c:\windows\Installer\1186657.msi
+ 2012-02-16 06:02 . 2011-11-04 19:20 1212416 c:\windows\ie8updates\KB2647516-IE8\urlmon.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 5978112 c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 2000384 c:\windows\ie8updates\KB2647516-IE8\iertutil.dll
+ 2012-02-16 06:14 . 2012-02-16 06:14 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\174c2f776741812aed02c337bbcd1dae\WindowsBase.ni.dll
+ 2012-02-16 06:16 . 2012-02-16 06:16 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\94f5164ff4f664c5e4e7fb4c3af1abad\UIAutomationClientsideProviders.ni.dll
+ 2012-02-16 06:14 . 2012-02-16 06:14 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
+ 2012-02-16 06:16 . 2012-02-16 06:16 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
+ 2012-02-16 14:44 . 2012-02-16 14:44 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c4c671c737b553db8e07664816475333\System.WorkflowServices.ni.dll
+ 2012-02-16 14:44 . 2012-02-16 14:44 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\248ea47105ff4af6ee75e6fdd5b450a1\System.Workflow.Runtime.ni.dll
+ 2012-02-16 14:44 . 2012-02-16 14:44 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\80a288b6611668160334668cc2608e4a\System.Workflow.ComponentModel.ni.dll
+ 2012-02-16 14:44 . 2012-02-16 14:44 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\4c27548df5897320840ee0d65db38742\System.Workflow.Activities.ni.dll
+ 2012-02-16 14:44 . 2012-02-16 14:44 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\030cde14924eefebc06c240dbfe093a4\System.Web.Mobile.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6379c8ca8ae11effb415139990923ff1\System.Web.Extensions.ni.dll
+ 2012-02-16 06:16 . 2012-02-16 06:16 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e456140d5d6c43d7383bd36d3f9e12c6\System.Speech.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\285dfbf2380436e187cb624bd1cd4683\System.ServiceModel.Web.ni.dll
+ 2012-02-16 14:40 . 2012-02-16 14:40 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
+ 2012-02-16 06:16 . 2012-02-16 06:16 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d51e6bb07124a1d780d1e024858e0dc1\System.Printing.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 4950016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\10fdfb918f01ebc41f38a391334146a9\System.Management.Automation.ni.dll
+ 2012-02-16 14:40 . 2012-02-16 14:40 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\8ef05061cd205c4f2a8583d97f32a603\System.IdentityModel.ni.dll
+ 2012-02-16 06:16 . 2012-02-16 06:16 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
+ 2012-02-16 14:42 . 2012-02-16 14:42 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\77d0e93f024055d04c07cc2700b4c590\System.DirectoryServices.ni.dll
+ 2012-02-16 14:42 . 2012-02-16 14:42 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\707a05a7d5a8d99dd56d1d50311a60d2\System.Deployment.ni.dll
+ 2012-02-16 06:15 . 2012-02-16 06:15 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\857300fa64d09c69125451fd8894f3da\System.Data.SqlXml.ni.dll
+ 2012-02-16 14:42 . 2012-02-16 14:42 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\e9d4a1fb13572c769ddd9b86e55baab4\System.Data.Services.ni.dll
+ 2012-02-16 06:15 . 2012-02-16 06:15 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3d9c33f71d15a3e2e240092a244eba3\System.Data.Linq.ni.dll
+ 2012-02-16 14:42 . 2012-02-16 14:42 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\424160369b301ccd1b6fd86265611955\System.Data.Entity.ni.dll
+ 2012-02-16 06:15 . 2012-02-16 06:15 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\0a6d6717e76be12295711ff02c7aa1d4\System.Core.ni.dll
+ 2012-02-16 06:15 . 2012-02-16 06:15 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\33cdfb4c322a528260016ac759230501\ReachFramework.ni.dll
+ 2012-02-16 06:15 . 2012-02-16 06:15 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a6def83aee1aaf3336675ce58ac09013\PresentationUI.ni.dll
+ 2012-02-16 06:14 . 2012-02-16 06:14 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\59cd6ce5a254006179eee92952cd2272\PresentationBuildTasks.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f7071f9a1c0523540f6aa7f11c302fb6\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\806b1d127ed3e906db972751e87585c4\Microsoft.JScript.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\912789fd859e0887e10a935cade08e72\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\6c1d3eec78906cc2a2ecffb013114c50\Microsoft.Build.Tasks.ni.dll
+ 2012-02-16 14:41 . 2012-02-16 14:41 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d6edd4b4619a9052d3dfe50c3067d5e0\Microsoft.Build.Engine.ni.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-01-03 22:50 . 2012-01-03 22:50 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-02-16 06:12 . 2012-02-16 06:12 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-12-27 18:40 . 2012-02-16 06:04 52550552 c:\windows\SYSTEM32\MRT.exe
+ 2006-11-08 05:03 . 2011-12-18 22:46 11082240 c:\windows\SYSTEM32\ieframe.dll
+ 2007-05-09 03:02 . 2011-12-18 22:46 11082240 c:\windows\SYSTEM32\DLLCACHE\ieframe.dll
+ 2012-02-16 06:02 . 2011-11-04 19:20 11081728 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll
+ 2012-02-16 06:16 . 2012-02-16 06:16 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
+ 2012-02-16 14:43 . 2012-02-16 14:43 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
+ 2012-02-16 14:40 . 2012-02-16 14:40 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1cdcd6d97627d345d5ff446e6ec88b97\System.ServiceModel.ni.dll
+ 2012-02-16 06:16 . 2012-02-16 06:16 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c8f8fb506c32500acc1b6190d054f26\System.Design.ni.dll
+ 2012-02-16 06:15 . 2012-02-16 06:15 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5060105fb9e169399fe45600b1e9215e\PresentationFramework.ni.dll
+ 2012-02-16 06:14 . 2012-02-16 06:14 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0665bba8c9962deadc418881eb3a2a2a\PresentationCore.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"Disc Detector"="c:\program files\Creative\ShareDLL\CtNotify.exe" [2001-12-26 191488]
"ViewMgr"="c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe" [2004-11-11 111816]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2003-08-27 204800]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-17 421736]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"diagent"="c:\program files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-03 135264]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-08-06 114741]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd.exe" [2003-08-05 49152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-10-19 155648]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-10-30 77824]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-11-06 741376]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2004-04-07 135224]
"ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2003-09-29 81990]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-16 57344]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe" [2007-08-09 148760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NoteWhen.lnk - c:\program files\notewhen\notewhen.exe [2001-8-4 294912]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Help.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Help.lnk
backup=c:\windows\pss\Help.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Uninstall PC Magazine's NoteWhen utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Uninstall PC Magazine's NoteWhen utility.lnk
backup=c:\windows\pss\Uninstall PC Magazine's NoteWhen utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Verizon Online Support Center.lnk]
backup=c:\windows\pss\Verizon Online Support Center.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Barb^Start Menu^Programs^Startup^msnmsgr.exe.lnk]
path=c:\documents and settings\Barb\Start Menu\Programs\Startup\msnmsgr.exe.lnk
backup=c:\windows\pss\msnmsgr.exe.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Barb^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Barb\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2007-08-09 01:00 1945424 ----a-w- c:\program files\Seagate\DiscWizard\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiscWizardMonitor.exe]
2007-08-09 00:47 1169456 ----a-w- c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
2005-06-07 03:15 100056 -c--a-w- c:\progra~1\SYMNET~1\SNDMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SPBBCSvc"=2 (0x2)
"navapsvc"=3 (0x3)
"ccSetMgr"=2 (0x2)
"ccPwdSvc"=3 (0x3)
"ccEvtMgr"=2 (0x2)
"SymWSC"=2 (0x2)
"NPFMntor"=2 (0x2)
"MsSecurity1.209.4"=2 (0x2)
"gusvc"=2 (0x2)
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"TabletService"=2 (0x2)
"aawservice"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Macromedia\\Fireworks MX\\Fireworks.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"=
"c:\\Program Files\\1ProxN45Ja[1].zip\\Proxomitron Naoko-4\\Proxomitron.exe"=
"c:\\Program Files\\Macromedia\\Flash MX\\Flash.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\SYSTEM32\\mshta.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\SYSTEM32\\mmc.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\Electric Quilt Company\\EQ6\\EQ6.exe"=
"c:\\Program Files\\Brother\\Brmfl07b\\FAXRX.exe"=
"c:\\Program Files\\Winmx\\WinMX.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"54925:UDP"= 54925:UDP:Brother Network Scanner
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 MpKsldb52dbec;MpKsldb52dbec;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2BFFCBE4-8A22-459A-9F58-DC7B9D7B49A4}\MpKsldb52dbec.sys [2012-03-04 29904]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys [2012-03-04 40776]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-01 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-01 136176]
S4 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MPKSLDB52DBEC
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57]
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-01 19:22]
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-01 19:22]
.
2012-03-04 c:\windows\Tasks\User_Feed_Synchronization-{20A6847D-CEB1-4D73-8DFF-DA33118EE018}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 11:31]
.
.
------- Supplementary Scan -------
.
uStart Page = https://sso.wgu.edu/WGULogin/?goto=https%3A%2F%2Fmy.wgu.edu%2Fc%2Fportal%2Flogin
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
Trusted Zone: ancestry.com\content
Trusted Zone: custhelp.com\247pearsoned
Trusted Zone: escweb.net\www
Trusted Zone: http
Trusted Zone: mathxl.com
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\update
Trusted Zone: myitlab.com
Trusted Zone: mylabsplus.com\wgu
Trusted Zone: pearsoncmg.com
Trusted Zone: pearsoned.com
Trusted Zone: windowsupdate.com\download
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\Barb\Application Data\Mozilla\Firefox\Profiles\33ld3sgu.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-04 09:29
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Disc Detector = c:\program files\Creative\ShareDLL\CtNotify.exe?X???$???????????????E?@?Disc Detector?A????? ?A?p?????B?e!@???@???@?? C?????E?@?????????@?B???A????? ?A???????B???@?????P?????@?????????~?B~??????????@?(?????????????????B??????????????????????????@??????r?B
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1632)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\xpsp3res.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\documents and settings\All Users\Documents\My Documents\Lauren's\Docs\Audible\Bin\AudibleExt.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
Completion time: 2012-03-04 09:34:11
ComboFix-quarantined-files.txt 2012-03-04 17:34
ComboFix2.txt 2012-02-07 18:25
.
Pre-Run: 191,464,087,552 bytes free
Post-Run: 191,545,491,456 bytes free
.
- - End Of File - - F53B1B0E7F101FD2A373C8B4EB3EB0E3

#5 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:13 PM

Posted 10 March 2012 - 04:01 PM

Hi,

we'll try TDSSKiller again, but have it look to see if there is a tdss File system hidden on your computer, please do the following:

  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • If TDLFS File System is found then ensure Deleteis selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#6 barbfthomas

barbfthomas
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:13 PM

Posted 10 March 2012 - 06:09 PM

TDSSKillwe log:
15:04:20.0046 3036 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
15:04:20.0562 3036 ============================================================
15:04:20.0562 3036 Current date / time: 2012/03/10 15:04:20.0562
15:04:20.0562 3036 SystemInfo:
15:04:20.0562 3036
15:04:20.0562 3036 OS Version: 5.1.2600 ServicePack: 3.0
15:04:20.0562 3036 Product type: Workstation
15:04:20.0562 3036 ComputerName: DELL2400
15:04:20.0562 3036 UserName: Barb
15:04:20.0562 3036 Windows directory: C:\WINDOWS
15:04:20.0562 3036 System windows directory: C:\WINDOWS
15:04:20.0562 3036 Processor architecture: Intel x86
15:04:20.0562 3036 Number of processors: 1
15:04:20.0562 3036 Page size: 0x1000
15:04:20.0562 3036 Boot type: Normal boot
15:04:20.0562 3036 ============================================================
15:04:24.0468 3036 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:04:24.0484 3036 \Device\Harddisk0\DR0:
15:04:24.0484 3036 MBR used
15:04:24.0484 3036 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3EC10, BlocksNum 0x253EEAB1
15:04:24.0562 3036 Initialize success
15:04:24.0562 3036 ============================================================
15:06:04.0546 2380 ============================================================
15:06:04.0546 2380 Scan started
15:06:04.0546 2380 Mode: Manual; TDLFS;
15:06:04.0546 2380 ============================================================
15:06:04.0781 2380 Abiosdsk - ok
15:06:04.0859 2380 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
15:06:04.0875 2380 abp480n5 - ok
15:06:04.0921 2380 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:06:04.0937 2380 ACPI - ok
15:06:05.0000 2380 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:06:05.0000 2380 ACPIEC - ok
15:06:05.0046 2380 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
15:06:05.0046 2380 adpu160m - ok
15:06:05.0140 2380 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:06:05.0156 2380 aec - ok
15:06:05.0218 2380 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:06:05.0218 2380 AFD - ok
15:06:05.0296 2380 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\System32\DRIVERS\agp440.sys
15:06:05.0312 2380 agp440 - ok
15:06:05.0390 2380 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
15:06:05.0390 2380 agpCPQ - ok
15:06:05.0484 2380 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
15:06:05.0484 2380 Aha154x - ok
15:06:05.0562 2380 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
15:06:05.0578 2380 aic78u2 - ok
15:06:05.0656 2380 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
15:06:05.0656 2380 aic78xx - ok
15:06:05.0734 2380 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
15:06:05.0734 2380 AliIde - ok
15:06:05.0843 2380 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
15:06:05.0843 2380 alim1541 - ok
15:06:05.0921 2380 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
15:06:05.0921 2380 amdagp - ok
15:06:06.0000 2380 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
15:06:06.0000 2380 amsint - ok
15:06:06.0093 2380 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
15:06:06.0093 2380 asc - ok
15:06:06.0171 2380 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
15:06:06.0171 2380 asc3350p - ok
15:06:06.0234 2380 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
15:06:06.0234 2380 asc3550 - ok
15:06:06.0328 2380 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:06:06.0328 2380 AsyncMac - ok
15:06:06.0375 2380 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:06:06.0375 2380 atapi - ok
15:06:06.0406 2380 Atdisk - ok
15:06:06.0453 2380 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:06:06.0453 2380 Atmarpc - ok
15:06:06.0500 2380 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:06:06.0500 2380 audstub - ok
15:06:06.0609 2380 bcm4sbxp (068523d2cd260069b19ad68adea0d739) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
15:06:06.0609 2380 bcm4sbxp - ok
15:06:06.0703 2380 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:06:06.0703 2380 Beep - ok
15:06:06.0875 2380 catchme - ok
15:06:06.0984 2380 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
15:06:06.0984 2380 cbidf - ok
15:06:07.0031 2380 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:06:07.0031 2380 cbidf2k - ok
15:06:07.0125 2380 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:06:07.0125 2380 CCDECODE - ok
15:06:07.0171 2380 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
15:06:07.0171 2380 cd20xrnt - ok
15:06:07.0218 2380 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:06:07.0218 2380 Cdaudio - ok
15:06:07.0281 2380 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:06:07.0281 2380 Cdfs - ok
15:06:07.0343 2380 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:06:07.0343 2380 Cdrom - ok
15:06:07.0375 2380 Changer - ok
15:06:07.0468 2380 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
15:06:07.0468 2380 CmdIde - ok
15:06:07.0609 2380 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
15:06:07.0609 2380 Cpqarray - ok
15:06:07.0765 2380 ctsfm2k (b459ae4afca570088adddbe55eabbc92) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
15:06:07.0765 2380 ctsfm2k - ok
15:06:07.0875 2380 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
15:06:07.0875 2380 dac2w2k - ok
15:06:07.0921 2380 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
15:06:07.0921 2380 dac960nt - ok
15:06:08.0015 2380 DCamUSBSQTECH (e63b2b630bd44f85007f7f0fc1e4bfc2) C:\WINDOWS\system32\Drivers\SQcaptur.sys
15:06:08.0031 2380 DCamUSBSQTECH - ok
15:06:08.0156 2380 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:06:08.0156 2380 Disk - ok
15:06:08.0250 2380 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:06:08.0265 2380 dmboot - ok
15:06:08.0328 2380 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\DRIVERS\dmio.sys
15:06:08.0343 2380 dmio - ok
15:06:08.0437 2380 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:06:08.0453 2380 dmload - ok
15:06:08.0515 2380 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:06:08.0515 2380 DMusic - ok
15:06:08.0609 2380 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
15:06:08.0609 2380 dpti2o - ok
15:06:08.0687 2380 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:06:08.0687 2380 drmkaud - ok
15:06:08.0765 2380 drvmcdb (7f056a52bcba3102d2d37a4a2646c807) C:\WINDOWS\system32\drivers\drvmcdb.sys
15:06:08.0765 2380 drvmcdb - ok
15:06:08.0828 2380 drvnddm (d3c1e501ed42e77574b3095309dd4075) C:\WINDOWS\system32\drivers\drvnddm.sys
15:06:08.0828 2380 drvnddm - ok
15:06:09.0000 2380 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
15:06:09.0000 2380 DSproct - ok
15:06:09.0156 2380 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
15:06:09.0171 2380 dsunidrv - ok
15:06:09.0281 2380 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
15:06:09.0281 2380 EL90XBC - ok
15:06:09.0375 2380 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:06:09.0375 2380 Fastfat - ok
15:06:09.0421 2380 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:06:09.0421 2380 Fdc - ok
15:06:09.0484 2380 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:06:09.0484 2380 Fips - ok
15:06:09.0546 2380 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:06:09.0546 2380 Flpydisk - ok
15:06:09.0625 2380 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:06:09.0625 2380 FltMgr - ok
15:06:09.0703 2380 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:06:09.0703 2380 Fs_Rec - ok
15:06:09.0750 2380 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:06:09.0750 2380 Ftdisk - ok
15:06:09.0828 2380 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
15:06:09.0828 2380 gameenum - ok
15:06:09.0875 2380 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:06:09.0875 2380 GEARAspiWDM - ok
15:06:09.0937 2380 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:06:09.0953 2380 Gpc - ok
15:06:10.0000 2380 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:06:10.0015 2380 HidUsb - ok
15:06:10.0140 2380 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
15:06:10.0140 2380 hpn - ok
15:06:10.0234 2380 HPZid412 (287a63bd8509bd78e7978823b38afa81) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:06:10.0234 2380 HPZid412 - ok
15:06:10.0312 2380 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:06:10.0312 2380 HPZipr12 - ok
15:06:10.0390 2380 HPZius12 (29559db25258b60510a60c4e470fce32) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:06:10.0390 2380 HPZius12 - ok
15:06:10.0468 2380 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:06:10.0468 2380 HTTP - ok
15:06:10.0531 2380 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
15:06:10.0531 2380 i2omgmt - ok
15:06:10.0578 2380 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
15:06:10.0578 2380 i2omp - ok
15:06:10.0656 2380 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:06:10.0656 2380 i8042prt - ok
15:06:10.0750 2380 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
15:06:10.0765 2380 i81x - ok
15:06:10.0828 2380 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
15:06:10.0843 2380 iAimFP0 - ok
15:06:10.0906 2380 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
15:06:10.0906 2380 iAimFP1 - ok
15:06:10.0937 2380 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
15:06:10.0953 2380 iAimFP2 - ok
15:06:11.0015 2380 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
15:06:11.0015 2380 iAimFP3 - ok
15:06:11.0109 2380 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
15:06:11.0109 2380 iAimFP4 - ok
15:06:11.0203 2380 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
15:06:11.0203 2380 iAimTV0 - ok
15:06:11.0250 2380 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
15:06:11.0250 2380 iAimTV1 - ok
15:06:11.0312 2380 iAimTV2 - ok
15:06:11.0375 2380 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
15:06:11.0375 2380 iAimTV3 - ok
15:06:11.0484 2380 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
15:06:11.0484 2380 iAimTV4 - ok
15:06:11.0593 2380 ialm (44b7d5a4f2bd9fe21aea0bb0bace38c4) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
15:06:11.0625 2380 ialm - ok
15:06:11.0718 2380 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:06:11.0718 2380 Imapi - ok
15:06:11.0812 2380 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
15:06:11.0812 2380 ini910u - ok
15:06:11.0984 2380 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
15:06:11.0984 2380 IntelIde - ok
15:06:12.0093 2380 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:06:12.0093 2380 intelppm - ok
15:06:12.0171 2380 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:06:12.0171 2380 ip6fw - ok
15:06:12.0296 2380 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:06:12.0296 2380 IpFilterDriver - ok
15:06:12.0359 2380 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:06:12.0359 2380 IpInIp - ok
15:06:12.0437 2380 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:06:12.0453 2380 IpNat - ok
15:06:12.0515 2380 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:06:12.0531 2380 IPSec - ok
15:06:12.0578 2380 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:06:12.0593 2380 IRENUM - ok
15:06:12.0640 2380 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:06:12.0656 2380 isapnp - ok
15:06:12.0750 2380 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:06:12.0750 2380 Kbdclass - ok
15:06:12.0812 2380 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:06:12.0812 2380 kbdhid - ok
15:06:12.0906 2380 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:06:12.0906 2380 kmixer - ok
15:06:13.0000 2380 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:06:13.0000 2380 KSecDD - ok
15:06:13.0078 2380 Lbd - ok
15:06:13.0109 2380 lbrtfdc - ok
15:06:13.0250 2380 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
15:06:13.0250 2380 MBAMSwissArmy - ok
15:06:13.0343 2380 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:06:13.0343 2380 mnmdd - ok
15:06:13.0406 2380 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:06:13.0406 2380 Modem - ok
15:06:13.0437 2380 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:06:13.0437 2380 Mouclass - ok
15:06:13.0500 2380 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:06:13.0500 2380 mouhid - ok
15:06:13.0562 2380 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:06:13.0562 2380 MountMgr - ok
15:06:13.0625 2380 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:06:13.0625 2380 MpFilter - ok
15:06:13.0812 2380 MpKsld10c5b48 (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{365566A9-041D-4F1C-BED6-7FDF49064739}\MpKsld10c5b48.sys
15:06:13.0812 2380 MpKsld10c5b48 - ok
15:06:13.0921 2380 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
15:06:13.0921 2380 mraid35x - ok
15:06:13.0968 2380 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:06:13.0984 2380 MRxDAV - ok
15:06:14.0062 2380 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:06:14.0078 2380 MRxSmb - ok
15:06:14.0187 2380 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:06:14.0187 2380 Msfs - ok
15:06:14.0250 2380 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:06:14.0250 2380 MSKSSRV - ok
15:06:14.0328 2380 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:06:14.0328 2380 MSPCLOCK - ok
15:06:14.0390 2380 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:06:14.0390 2380 MSPQM - ok
15:06:14.0468 2380 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:06:14.0468 2380 mssmbios - ok
15:06:14.0515 2380 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
15:06:14.0515 2380 MSTEE - ok
15:06:14.0640 2380 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:06:14.0640 2380 Mup - ok
15:06:14.0718 2380 MxlW2k (e91fc8b52d21e38317dc61a3c7ccfa4b) C:\WINDOWS\system32\drivers\MxlW2k.sys
15:06:14.0718 2380 MxlW2k - ok
15:06:14.0812 2380 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:06:14.0812 2380 NABTSFEC - ok
15:06:14.0875 2380 NaiAvFilter1 (93941b922810f9dfa68dfffc6ad67a77) C:\WINDOWS\system32\drivers\naiavf5x.sys
15:06:14.0875 2380 NaiAvFilter1 - ok
15:06:14.0953 2380 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:06:14.0953 2380 NDIS - ok
15:06:15.0015 2380 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:06:15.0031 2380 NdisIP - ok
15:06:15.0125 2380 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:06:15.0140 2380 NdisTapi - ok
15:06:15.0218 2380 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:06:15.0218 2380 Ndisuio - ok
15:06:15.0281 2380 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:06:15.0281 2380 NdisWan - ok
15:06:15.0375 2380 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:06:15.0375 2380 NDProxy - ok
15:06:15.0421 2380 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:06:15.0421 2380 NetBIOS - ok
15:06:15.0468 2380 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:06:15.0468 2380 NetBT - ok
15:06:15.0609 2380 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:06:15.0609 2380 Npfs - ok
15:06:15.0671 2380 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:06:15.0671 2380 Ntfs - ok
15:06:15.0812 2380 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:06:15.0812 2380 Null - ok
15:06:16.0015 2380 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:06:16.0062 2380 nv - ok
15:06:16.0171 2380 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:06:16.0171 2380 NwlnkFlt - ok
15:06:16.0234 2380 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:06:16.0234 2380 NwlnkFwd - ok
15:06:16.0296 2380 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
15:06:16.0296 2380 omci - ok
15:06:16.0375 2380 ossrv (c720c25b2d0c93dc425155f5b6a707f3) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
15:06:16.0390 2380 ossrv - ok
15:06:16.0484 2380 P16X (f051107ff80f132882e71e3a5d302ec1) C:\WINDOWS\system32\drivers\P16X.sys
15:06:16.0515 2380 P16X - ok
15:06:16.0609 2380 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
15:06:16.0609 2380 P3 - ok
15:06:16.0640 2380 PalmUSBD - ok
15:06:16.0703 2380 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
15:06:16.0718 2380 Parport - ok
15:06:16.0781 2380 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:06:16.0781 2380 PartMgr - ok
15:06:16.0859 2380 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:06:16.0859 2380 ParVdm - ok
15:06:16.0890 2380 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:06:16.0890 2380 PCI - ok
15:06:16.0953 2380 PCIDump - ok
15:06:17.0031 2380 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:06:17.0031 2380 PCIIde - ok
15:06:17.0093 2380 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:06:17.0093 2380 Pcmcia - ok
15:06:17.0125 2380 PDCOMP - ok
15:06:17.0171 2380 PDFRAME - ok
15:06:17.0203 2380 PDRELI - ok
15:06:17.0234 2380 PDRFRAME - ok
15:06:17.0312 2380 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
15:06:17.0312 2380 perc2 - ok
15:06:17.0359 2380 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
15:06:17.0375 2380 perc2hib - ok
15:06:17.0453 2380 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\System32\PfModNT.sys
15:06:17.0453 2380 PfModNT - ok
15:06:17.0531 2380 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:06:17.0531 2380 PptpMiniport - ok
15:06:17.0578 2380 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
15:06:17.0578 2380 Processor - ok
15:06:17.0625 2380 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:06:17.0625 2380 PSched - ok
15:06:17.0671 2380 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:06:17.0671 2380 Ptilink - ok
15:06:17.0781 2380 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
15:06:17.0781 2380 PxHelp20 - ok
15:06:17.0843 2380 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
15:06:17.0843 2380 ql1080 - ok
15:06:17.0906 2380 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
15:06:17.0921 2380 Ql10wnt - ok
15:06:18.0000 2380 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
15:06:18.0015 2380 ql12160 - ok
15:06:18.0109 2380 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
15:06:18.0125 2380 ql1240 - ok
15:06:18.0234 2380 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
15:06:18.0234 2380 ql1280 - ok
15:06:18.0296 2380 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:06:18.0296 2380 RasAcd - ok
15:06:18.0390 2380 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:06:18.0390 2380 Rasl2tp - ok
15:06:18.0421 2380 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:06:18.0421 2380 RasPppoe - ok
15:06:18.0468 2380 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:06:18.0468 2380 Raspti - ok
15:06:18.0531 2380 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:06:18.0531 2380 Rdbss - ok
15:06:18.0593 2380 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:06:18.0609 2380 RDPCDD - ok
15:06:18.0750 2380 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:06:18.0765 2380 rdpdr - ok
15:06:18.0828 2380 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
15:06:18.0828 2380 RDPWD - ok
15:06:18.0906 2380 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:06:18.0906 2380 redbook - ok
15:06:19.0078 2380 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:06:19.0078 2380 SASDIFSV - ok
15:06:19.0109 2380 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:06:19.0109 2380 SASKUTIL - ok
15:06:19.0296 2380 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:06:19.0296 2380 Secdrv - ok
15:06:19.0375 2380 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:06:19.0375 2380 serenum - ok
15:06:19.0421 2380 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
15:06:19.0421 2380 Serial - ok
15:06:19.0546 2380 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:06:19.0546 2380 Sfloppy - ok
15:06:19.0593 2380 Simbad - ok
15:06:19.0703 2380 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
15:06:19.0703 2380 sisagp - ok
15:06:19.0781 2380 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:06:19.0781 2380 SLIP - ok
15:06:19.0875 2380 snapman (b6aa9bbff890ffea333ffe81d0b888ff) C:\WINDOWS\system32\DRIVERS\snapman.sys
15:06:19.0875 2380 snapman - ok
15:06:19.0984 2380 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
15:06:19.0984 2380 Sparrow - ok
15:06:20.0078 2380 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:06:20.0078 2380 splitter - ok
15:06:20.0171 2380 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:06:20.0171 2380 sr - ok
15:06:20.0250 2380 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:06:20.0265 2380 Srv - ok
15:06:20.0375 2380 sscdbhk5 (328e8bb94ec58480f60458fb4b8437a7) C:\WINDOWS\system32\drivers\sscdbhk5.sys
15:06:20.0375 2380 sscdbhk5 - ok
15:06:20.0437 2380 ssrtln (7ec8b427cee5c0cdac066320b93f1355) C:\WINDOWS\system32\drivers\ssrtln.sys
15:06:20.0437 2380 ssrtln - ok
15:06:20.0500 2380 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
15:06:20.0500 2380 StillCam - ok
15:06:20.0562 2380 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:06:20.0578 2380 streamip - ok
15:06:20.0609 2380 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:06:20.0625 2380 swenum - ok
15:06:20.0718 2380 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:06:20.0718 2380 swmidi - ok
15:06:20.0781 2380 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
15:06:20.0781 2380 symc810 - ok
15:06:20.0859 2380 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
15:06:20.0875 2380 symc8xx - ok
15:06:20.0953 2380 SYMDNS (1f0a3f93fecba6e873e75ac34538708b) C:\WINDOWS\System32\Drivers\SYMDNS.SYS
15:06:20.0953 2380 SYMDNS - ok
15:06:21.0000 2380 SymEvent - ok
15:06:21.0062 2380 SYMFW (ca212638c07f7a1736667319589f416e) C:\WINDOWS\System32\Drivers\SYMFW.SYS
15:06:21.0078 2380 SYMFW - ok
15:06:21.0109 2380 SYMIDS (83a0415ab669afe9f2b7fccc52f23153) C:\WINDOWS\System32\Drivers\SYMIDS.SYS
15:06:21.0109 2380 SYMIDS - ok
15:06:21.0250 2380 SYMIDSCO - ok
15:06:21.0359 2380 SYMNDIS (2a8ebb694d702d91d8046b31c3da2220) C:\WINDOWS\System32\Drivers\SYMNDIS.SYS
15:06:21.0375 2380 SYMNDIS - ok
15:06:21.0468 2380 SYMREDRV (7c73b65f1bdfab9052a5076c0ca622de) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
15:06:21.0468 2380 SYMREDRV - ok
15:06:21.0562 2380 SYMTDI (b4562798891dca27ed67ca07acbadbd9) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
15:06:21.0562 2380 SYMTDI - ok
15:06:21.0640 2380 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
15:06:21.0640 2380 sym_hi - ok
15:06:21.0687 2380 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
15:06:21.0687 2380 sym_u3 - ok
15:06:21.0765 2380 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:06:21.0765 2380 sysaudio - ok
15:06:21.0875 2380 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:06:21.0890 2380 Tcpip - ok
15:06:21.0968 2380 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:06:21.0984 2380 TDPIPE - ok
15:06:22.0046 2380 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:06:22.0046 2380 TDTCP - ok
15:06:22.0140 2380 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:06:22.0140 2380 TermDD - ok
15:06:22.0234 2380 tfsnboio (c229bf90443be8d3bd2b65d7f3ac0f35) C:\WINDOWS\system32\dla\tfsnboio.sys
15:06:22.0234 2380 tfsnboio - ok
15:06:22.0281 2380 tfsncofs (79ee9fcd7728e54ab8fbc30962f0416f) C:\WINDOWS\system32\dla\tfsncofs.sys
15:06:22.0281 2380 tfsncofs - ok
15:06:22.0359 2380 tfsndrct (9efb37e7de17d783a059b653f7e8afad) C:\WINDOWS\system32\dla\tfsndrct.sys
15:06:22.0359 2380 tfsndrct - ok
15:06:22.0453 2380 tfsndres (130254995ebedcb34d62e8d78ec9dbd0) C:\WINDOWS\system32\dla\tfsndres.sys
15:06:22.0453 2380 tfsndres - ok
15:06:22.0515 2380 tfsnifs (9b40e1e4aeed849812a2e43a388a7e77) C:\WINDOWS\system32\dla\tfsnifs.sys
15:06:22.0515 2380 tfsnifs - ok
15:06:22.0546 2380 tfsnopio (818047ad850b312705aa17ca96b9427d) C:\WINDOWS\system32\dla\tfsnopio.sys
15:06:22.0546 2380 tfsnopio - ok
15:06:22.0578 2380 tfsnpool (4603e813bcc6dd465cd8d2afd37fa90d) C:\WINDOWS\system32\dla\tfsnpool.sys
15:06:22.0578 2380 tfsnpool - ok
15:06:22.0656 2380 tfsnudf (6fc2cd904a9a55acfdfc780a611a75ed) C:\WINDOWS\system32\dla\tfsnudf.sys
15:06:22.0656 2380 tfsnudf - ok
15:06:22.0750 2380 tfsnudfa (d4afa4d00f8db3fd1c15b3fe49c3a96c) C:\WINDOWS\system32\dla\tfsnudfa.sys
15:06:22.0750 2380 tfsnudfa - ok
15:06:22.0859 2380 tifsfilter (b84b82c0cbeb1b0d7eb7a946bade5830) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
15:06:22.0859 2380 tifsfilter - ok
15:06:22.0953 2380 timounter (68b3daa08ea06737022832fccffb9b75) C:\WINDOWS\system32\DRIVERS\timntr.sys
15:06:22.0968 2380 timounter - ok
15:06:23.0031 2380 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
15:06:23.0031 2380 TosIde - ok
15:06:23.0125 2380 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:06:23.0125 2380 Udfs - ok
15:06:23.0171 2380 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
15:06:23.0171 2380 ultra - ok
15:06:23.0296 2380 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:06:23.0296 2380 Update - ok
15:06:23.0375 2380 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:06:23.0375 2380 USBAAPL - ok
15:06:23.0453 2380 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
15:06:23.0453 2380 usbaudio - ok
15:06:23.0531 2380 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:06:23.0531 2380 usbccgp - ok
15:06:23.0609 2380 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:06:23.0609 2380 usbehci - ok
15:06:23.0671 2380 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:06:23.0687 2380 usbhub - ok
15:06:23.0781 2380 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:06:23.0796 2380 usbprint - ok
15:06:23.0843 2380 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:06:23.0843 2380 usbscan - ok
15:06:23.0937 2380 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:06:23.0937 2380 USBSTOR - ok
15:06:24.0046 2380 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:06:24.0046 2380 usbuhci - ok
15:06:24.0156 2380 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
15:06:24.0171 2380 usbvideo - ok
15:06:24.0250 2380 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:06:24.0250 2380 VgaSave - ok
15:06:24.0328 2380 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
15:06:24.0328 2380 viaagp - ok
15:06:24.0406 2380 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
15:06:24.0406 2380 ViaIde - ok
15:06:24.0531 2380 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:06:24.0531 2380 VolSnap - ok
15:06:24.0671 2380 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:06:24.0671 2380 Wanarp - ok
15:06:24.0750 2380 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:06:24.0765 2380 Wdf01000 - ok
15:06:24.0812 2380 WDICA - ok
15:06:24.0890 2380 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:06:24.0906 2380 wdmaud - ok
15:06:25.0031 2380 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
15:06:25.0062 2380 WinUSB - ok
15:06:25.0218 2380 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:06:25.0234 2380 WpdUsb - ok
15:06:25.0328 2380 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:06:25.0328 2380 WS2IFSL - ok
15:06:25.0453 2380 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:06:25.0453 2380 WSTCODEC - ok
15:06:25.0593 2380 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:06:25.0593 2380 WudfPf - ok
15:06:25.0671 2380 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:06:25.0687 2380 WudfRd - ok
15:06:25.0781 2380 zumbus - ok
15:06:25.0921 2380 {6080A529-897E-4629-A488-ABA0C29B635E} (fd1f4e9cf06c71c8d73a24acf18d8296) C:\WINDOWS\system32\drivers\ialmsbw.sys
15:06:25.0921 2380 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
15:06:26.0015 2380 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d4d7331d33d1fa73e588e5ce0d90a4c1) C:\WINDOWS\system32\drivers\ialmkchw.sys
15:06:26.0015 2380 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
15:06:26.0046 2380 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:06:26.0296 2380 \Device\Harddisk0\DR0 - ok
15:06:26.0312 2380 Boot (0x1200) (348bf581ee63c9bf46f72e9d12e5e7d9) \Device\Harddisk0\DR0\Partition0
15:06:26.0312 2380 \Device\Harddisk0\DR0\Partition0 - ok
15:06:26.0312 2380 ============================================================
15:06:26.0312 2380 Scan finished
15:06:26.0312 2380 ============================================================
15:06:26.0343 1264 Detected object count: 0
15:06:26.0343 1264 Actual detected object count: 0
15:07:19.0468 3124 Deinitialize success

#7 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:13 PM

Posted 10 March 2012 - 08:45 PM

are you still having issues with Malwarebytes?

Please uninstall it with this method


  • Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.
  • Restart your computer (very important).
  • Download and run this utility.
  • It will ask to restart your computer (please allow it to).
  • After the computer restarts, install the latest version from here.


NEXT



Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#8 barbfthomas

barbfthomas
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:13 PM

Posted 11 March 2012 - 01:39 AM

Mbam was not running successfully so I followed the steps as you wrote them.
ESET Scan results log:
C:\Documents and Settings\Barb\Application Data\Sun\Java\Deployment\cache\6.0\1\1fa06fc1-66a99278 a variant of Java/TrojanDownloader.Agent.NDJ trojan
C:\Documents and Settings\Barb\Desktop\System Tools\SmitfraudFix.exe multiple threats
C:\Documents and Settings\Barb\Desktop\System Tools\Misc Vundo\VundoFix.exe Win32/PrcView application
C:\Documents and Settings\Barb\Desktop\System Tools\SmitfraudFix\Process.exe Win32/PrcView application
C:\Documents and Settings\Barb\Desktop\System Tools\SmitfraudFix\restart.exe Win32/Shutdown.NAA application
C:\Downloads\VundoFix.exe Win32/PrcView application

#9 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:13 PM

Posted 11 March 2012 - 09:44 AM

Are you now able to run Malwarebytes? If so, please update it and post a fresh log,


then clear your Java cache


Click Start > Control Panel.
Double-click the Java icon in the control panel.
The Java Control Panel appears.
Click Settings under Temporary Internet Files.
The Temporary Files Settings dialog box appears.

There are three options on this window to clear the cache.

  • Delete Files
  • View Applications
  • View Applets


Click OK on Delete Temporary Files window.
Note: This deletes all the Downloaded Applications and Applets from the cache.
Click OK on Temporary Files Settings window.


NEXT

Visit ADOBE and download the latest version of Acrobat Reader (version X)
Having the latest updates ensures there are no security vulnerabilities in your system.



are there any outstanding issues?

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#10 barbfthomas

barbfthomas
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:13 PM

Posted 11 March 2012 - 12:16 PM

Hi again,
Malwarebytes ran successfully (quick scan log below). I havent run a complete scan.

My task bar start icons are still not showing up consistantly. They came back after running sfc.exe a couple of days ago, but now problem has returned. Should I run sfc.exe again?

Thank you for you help and all of your time. Are the problems I've experienced due to not being vigilent about loading software updates?

Thanks
Barb
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.11.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Barb :: DELL2400 [administrator]

2012-03-11 08:38:02
mbam-log-2012-03-11 (08-38-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 277764
Time elapsed: 15 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#11 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:13 PM

Posted 11 March 2012 - 12:46 PM

try this

Go to Start > Run > type regsvr32 /i shell32.dll then press <Enter>


reboot and let me know if the task bar icons are now showing up

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#12 barbfthomas

barbfthomas
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:13 PM

Posted 11 March 2012 - 02:34 PM

Hi again,
A couple of more start menu icons are showing, but not all of them. It may not matter, but I am definitely missing icons for MS Security Essentials and network associates antivirus console.
Thanks

#13 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:13 PM

Posted 11 March 2012 - 03:37 PM

Hi,

You should start a new topic in our Windows XP forum to see if our expert techs can assist you with the taskbar icons.

In the meantime, we need to clean up our tools



You can delete the DDS and GMER logs and programs from your desktop.


NEXT


Follow these steps to uninstall Combofix

  • Make sure your security programs are totally disabled.
  • Click START then RUN
  • Now copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

Posted Image


If there are any logs/tools remaining on your desktop > right click and delete them.


NEXT


Below I have included a number of recommendations for how to protect your computer against malware infections.

  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them
    Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.

  • Keep Windows updated by regularly checking their website at :
    http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.

  • Download TFC to your desktop
    • Close any open windows.
    • Double click the TFC icon to run the program
    • TFC will close all open programs itself in order to run,
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish it's job
    • Once its finished it should automatically reboot your machine,
    • if it doesn't, manually reboot to ensure a complete clean
    It's normal after running TFC cleaner that the PC will be slower to boot the first time.

  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for both Firefox and IE

  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at this well written article:
    PC Safety and Security--What Do I Need?.


Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#14 barbfthomas

barbfthomas
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:13 PM

Posted 11 March 2012 - 11:28 PM

Thank you again for the generosity of your time and talents.

Many Many Thanks!
Barb

#15 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:13 PM

Posted 12 March 2012 - 08:44 AM

you are welcome

stay safe :hello:

~CB

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users