Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow click response for all programs and functions


  • This topic is locked This topic is locked
20 replies to this topic

#1 yarlac

yarlac

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 20 April 2012 - 02:13 AM

I went to McDonalds two month's ago and my computer went crazy and got realy slow. I have tried to use it several times since and the click delay is terrible. I'll type a word after the first letter appears on the sreen I have to wait for about 10 sec then the rest of the word appears. During that 10 seconds my computer is locked up. Also the cursor jumps to other parts of a page when typing online or in a program.


I ran Malwarebytes, AVG, Eset the found a couple issues but that did not fix the computer. I then ran ComboFix and it would not run. I downloaded a new version and only #49 completed. It usually runs 50 or so scans. Now it will only run #49. I tried additional downloads of ComboFix and it will not run except #49.

Help,
yarlac

Here is the log fil for dds and gmer

DDS Scan Results

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Ray at 18:45:31 on 2012-04-19
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.314 [GMT -7:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Enabled*
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\1-Click Answers\answers.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\1-CLIC~1\agtserv.exe
svchost.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Paint Shop Pro.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
.
============== Pseudo HJT Report ===============
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [cdloader] "c:\documents and settings\ray\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [MRC] "c:\ray's files\xxx\pc tune-up\PCTuneUp.exe" /MBRSTART
uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\1-clic~1.lnk - c:\program files\1-click answers\answers.exe
IE: Answers... - file://c:\program files\1-click answers\html\atiemenu.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1289617899308
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
TCP: DhcpNameServer = 208.180.42.100 66.76.175.100 208.180.42.68
TCP: Interfaces\{7F9C8C55-2D1F-48C0-B202-37314208D906} : DhcpNameServer = 208.180.42.100 66.76.175.100 208.180.42.68
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: Sebring - c:\windows\system32\LgNotify.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\ray\application data\mozilla\firefox\profiles\cdx04dqr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msnbc.msn.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q=
FF - component: c:\documents and settings\ray\application data\mozilla\firefox\profiles\cdx04dqr.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\ray\application data\mozilla\firefox\profiles\cdx04dqr.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff10.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff5.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff6.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff7.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff8.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff9.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\j2re1.4.2\bin\NPJPI142.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Google Docs Viewer: adonis.cuhk@gmail.com - %profile%\extensions\adonis.cuhk@gmail.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\avg\avg2012\Firefox4
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\common files\abbyy\finereader\9.00\licensing\pe\NetworkLicenseServer.exe [2007-12-6 660768]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-12-31 654408]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-31 22344]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-22 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-16 253088]
S3 ATIXPGAA;ATIXPGAA;c:\dell\drivers\r74793\atixpgaa.sys [2010-9-22 11648]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-22 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
.
=============== Created Last 30 ================.
2012-04-17 07:59:33 -------- d-s---w- C:\ComboFix
2012-04-17 06:21:21 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-04-16 23:47:04 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-04 05:53:56 182160 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2012-04-04 05:53:56 182160 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================.
2012-04-16 23:47:04 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 22:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-04 05:08:03 709968 ----a-w- c:\windows\is-B5C2S.exe
2006-05-03 10:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll
.
============= FINISH: 18:46:59.11 ===============

GMER

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-04-19 23:13:14
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD1600BEVE-00WZT0 rev.01.01A01
Running: GMER k6g8dg4r.exe; Driver: C:\DOCUME~1\Ray\LOCALS~1\Temp\fgxcrpob.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----

BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:18 PM

Posted 25 April 2012 - 08:55 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Nothing suspicious was found on your logs.

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please post the logs for my review.

#3 yarlac

yarlac
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 30 April 2012 - 11:26 PM

TDSSKiller produced no infections ZERO. as the plot sickens.

yarlac

here is the log

20:07:45.0987 4592 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
20:07:47.0990 4592 ============================================================
20:07:47.0990 4592 Current date / time: 2012/04/30 20:07:47.0990
20:07:47.0990 4592 SystemInfo:
20:07:47.0990 4592
20:07:47.0990 4592 OS Version: 5.1.2600 ServicePack: 3.0
20:07:47.0990 4592 Product type: Workstation
20:07:47.0990 4592 ComputerName: 0118D84E81B9446
20:07:47.0990 4592 UserName: Ray
20:07:47.0990 4592 Windows directory: C:\WINDOWS
20:07:47.0990 4592 System windows directory: C:\WINDOWS
20:07:47.0990 4592 Processor architecture: Intel x86
20:07:47.0990 4592 Number of processors: 1
20:07:47.0990 4592 Page size: 0x1000
20:07:47.0990 4592 Boot type: Normal boot
20:07:47.0990 4592 ============================================================
20:07:50.0593 4592 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:07:50.0593 4592 ============================================================
20:07:50.0593 4592 \Device\Harddisk0\DR0:
20:07:50.0603 4592 MBR partitions:
20:07:50.0603 4592 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
20:07:50.0603 4592 ============================================================
20:07:50.0613 4592 C: <-> \Device\Harddisk0\DR0\Partition0
20:07:50.0613 4592 ============================================================
20:07:50.0613 4592 Initialize success
20:07:50.0613 4592 ============================================================
20:07:52.0826 6116 ============================================================
20:07:52.0826 6116 Scan started
20:07:52.0826 6116 Mode: Manual;
20:07:52.0826 6116 ============================================================
20:07:53.0968 6116 ABBYY.Licensing.FineReader.Professional.9.0 (2a5e5246f22530e351c9f3f2c1cd63b9) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
20:07:53.0988 6116 ABBYY.Licensing.FineReader.Professional.9.0 - ok
20:07:54.0108 6116 Abiosdsk - ok
20:07:54.0128 6116 abp480n5 - ok
20:07:54.0228 6116 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:07:54.0238 6116 ACPI - ok
20:07:54.0289 6116 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:07:54.0289 6116 ACPIEC - ok
20:07:54.0459 6116 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:07:54.0479 6116 AdobeFlashPlayerUpdateSvc - ok
20:07:54.0489 6116 adpu160m - ok
20:07:54.0539 6116 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:07:54.0559 6116 aec - ok
20:07:54.0669 6116 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:07:55.0170 6116 AFD - ok
20:07:55.0500 6116 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
20:07:55.0510 6116 agp440 - ok
20:07:55.0520 6116 Aha154x - ok
20:07:55.0540 6116 aic78u2 - ok
20:07:55.0550 6116 aic78xx - ok
20:07:55.0610 6116 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
20:07:55.0610 6116 Alerter - ok
20:07:55.0661 6116 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
20:07:55.0661 6116 ALG - ok
20:07:55.0681 6116 AliIde - ok
20:07:55.0691 6116 amsint - ok
20:07:55.0781 6116 ApfiltrService (c804fbe1248cfb9bb19e9274ff30f7e3) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
20:07:55.0831 6116 ApfiltrService - ok
20:07:55.0881 6116 Apowersoft_AudioDevice (85ece26f326c2d07ba77a60343468272) C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys
20:07:56.0101 6116 Apowersoft_AudioDevice - ok
20:07:56.0211 6116 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
20:07:56.0271 6116 AppMgmt - ok
20:07:56.0332 6116 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:07:56.0412 6116 Arp1394 - ok
20:07:56.0432 6116 asc - ok
20:07:56.0442 6116 asc3350p - ok
20:07:56.0482 6116 asc3550 - ok
20:07:56.0632 6116 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:07:56.0692 6116 aspnet_state - ok
20:07:56.0722 6116 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:07:56.0732 6116 AsyncMac - ok
20:07:56.0872 6116 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:07:56.0872 6116 atapi - ok
20:07:56.0892 6116 Atdisk - ok
20:07:57.0303 6116 Ati HotKey Poller (abc57a6f6070baf9786c318f59f29f0b) C:\WINDOWS\system32\Ati2evxx.exe
20:07:57.0363 6116 Ati HotKey Poller - ok
20:07:57.0703 6116 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:07:57.0814 6116 ati2mtag - ok
20:07:57.0904 6116 ATIXPGAA (ea5305daef03dc9d07b2721077e1db80) C:\dell\drivers\R74793\ATIXPGAA.SYS
20:07:58.0114 6116 ATIXPGAA - ok
20:07:58.0184 6116 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:07:58.0184 6116 Atmarpc - ok
20:07:58.0254 6116 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
20:07:58.0274 6116 AudioSrv - ok
20:07:58.0334 6116 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:07:58.0344 6116 audstub - ok
20:07:58.0425 6116 Avgfwdx (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
20:07:58.0435 6116 Avgfwdx - ok
20:07:58.0435 6116 Avgfwfd (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
20:07:58.0445 6116 Avgfwfd - ok
20:07:59.0276 6116 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files\AVG\AVG2012\avgfws.exe
20:07:59.0646 6116 avgfws - ok
20:08:01.0699 6116 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
20:08:02.0180 6116 AVGIDSAgent - ok
20:08:02.0981 6116 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
20:08:02.0991 6116 AVGIDSDriver - ok
20:08:03.0121 6116 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
20:08:03.0121 6116 AVGIDSEH - ok
20:08:03.0251 6116 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
20:08:03.0251 6116 AVGIDSFilter - ok
20:08:03.0372 6116 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
20:08:03.0382 6116 AVGIDSShim - ok
20:08:03.0842 6116 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
20:08:03.0922 6116 Avgldx86 - ok
20:08:03.0993 6116 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
20:08:04.0003 6116 Avgmfx86 - ok
20:08:04.0053 6116 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
20:08:04.0063 6116 Avgrkx86 - ok
20:08:04.0453 6116 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
20:08:04.0523 6116 Avgtdix - ok
20:08:04.0764 6116 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
20:08:04.0764 6116 avgwd - ok
20:08:05.0555 6116 BCM43XX (1b1cf5e962c15abca83d1ef2b3906e2f) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:08:05.0935 6116 BCM43XX - ok
20:08:06.0096 6116 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:08:06.0496 6116 Beep - ok
20:08:06.0927 6116 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
20:08:08.0018 6116 BITS - ok
20:08:08.0118 6116 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
20:08:08.0489 6116 Browser - ok
20:08:08.0509 6116 bvrp_pci - ok
20:08:09.0030 6116 catchme - ok
20:08:09.0090 6116 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:08:09.0090 6116 cbidf2k - ok
20:08:09.0100 6116 cd20xrnt - ok
20:08:09.0150 6116 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:08:09.0150 6116 Cdaudio - ok
20:08:09.0440 6116 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:08:09.0450 6116 Cdfs - ok
20:08:09.0591 6116 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:08:09.0611 6116 Cdrom - ok
20:08:09.0801 6116 Changer - ok
20:08:09.0871 6116 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
20:08:10.0041 6116 CiSvc - ok
20:08:10.0282 6116 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
20:08:10.0282 6116 ClipSrv - ok
20:08:10.0612 6116 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:08:10.0662 6116 clr_optimization_v2.0.50727_32 - ok
20:08:10.0692 6116 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:08:10.0692 6116 CmBatt - ok
20:08:10.0702 6116 CmdIde - ok
20:08:10.0712 6116 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:08:10.0712 6116 Compbatt - ok
20:08:10.0722 6116 COMSysApp - ok
20:08:10.0953 6116 Cpqarray - ok
20:08:11.0163 6116 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
20:08:11.0163 6116 CryptSvc - ok
20:08:11.0173 6116 dac2w2k - ok
20:08:11.0183 6116 dac960nt - ok
20:08:11.0273 6116 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
20:08:11.0303 6116 DcomLaunch - ok
20:08:11.0383 6116 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
20:08:11.0383 6116 Dhcp - ok
20:08:11.0583 6116 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:08:11.0694 6116 Disk - ok
20:08:11.0744 6116 dmadmin - ok
20:08:13.0616 6116 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
20:08:13.0646 6116 dmboot - ok
20:08:13.0686 6116 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
20:08:13.0686 6116 dmio - ok
20:08:13.0737 6116 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:08:13.0737 6116 dmload - ok
20:08:13.0757 6116 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
20:08:13.0757 6116 dmserver - ok
20:08:13.0787 6116 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:08:13.0787 6116 DMusic - ok
20:08:14.0167 6116 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
20:08:14.0327 6116 Dnscache - ok
20:08:16.0060 6116 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
20:08:16.0380 6116 Dot3svc - ok
20:08:16.0390 6116 dpti2o - ok
20:08:16.0410 6116 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:08:16.0410 6116 drmkaud - ok
20:08:16.0551 6116 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
20:08:16.0561 6116 EapHost - ok
20:08:16.0631 6116 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
20:08:16.0631 6116 ERSvc - ok
20:08:16.0691 6116 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:08:16.0701 6116 Eventlog - ok
20:08:16.0771 6116 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
20:08:16.0781 6116 EventSystem - ok
20:08:16.0801 6116 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:08:16.0811 6116 Fastfat - ok
20:08:16.0901 6116 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:08:16.0911 6116 FastUserSwitchingCompatibility - ok
20:08:16.0941 6116 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:08:16.0941 6116 Fdc - ok
20:08:16.0961 6116 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
20:08:16.0961 6116 Fips - ok
20:08:16.0971 6116 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:08:16.0971 6116 Flpydisk - ok
20:08:17.0031 6116 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:08:17.0041 6116 FltMgr - ok
20:08:17.0442 6116 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:08:17.0442 6116 FontCache3.0.0.0 - ok
20:08:17.0472 6116 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:08:17.0472 6116 Fs_Rec - ok
20:08:17.0522 6116 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:08:17.0542 6116 Ftdisk - ok
20:08:17.0612 6116 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:08:17.0612 6116 Gpc - ok
20:08:17.0913 6116 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:08:17.0923 6116 gupdate - ok
20:08:17.0923 6116 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:08:17.0923 6116 gupdatem - ok
20:08:18.0013 6116 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:08:18.0013 6116 gusvc - ok
20:08:18.0133 6116 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:08:18.0133 6116 helpsvc - ok
20:08:18.0143 6116 HidServ - ok
20:08:18.0203 6116 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:08:18.0203 6116 hidusb - ok
20:08:18.0253 6116 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
20:08:18.0253 6116 hkmsvc - ok
20:08:18.0263 6116 hpn - ok
20:08:18.0383 6116 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:08:18.0383 6116 HTTP - ok
20:08:18.0563 6116 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
20:08:18.0573 6116 HTTPFilter - ok
20:08:18.0573 6116 i2omgmt - ok
20:08:18.0694 6116 i2omp - ok
20:08:18.0724 6116 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:08:18.0724 6116 i8042prt - ok
20:08:18.0844 6116 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:08:19.0064 6116 IDriverT - ok
20:08:19.0204 6116 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:08:19.0295 6116 idsvc - ok
20:08:19.0335 6116 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:08:19.0335 6116 Imapi - ok
20:08:19.0395 6116 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
20:08:19.0405 6116 ImapiService - ok
20:08:19.0415 6116 ini910u - ok
20:08:19.0495 6116 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:08:19.0495 6116 IntelIde - ok
20:08:19.0515 6116 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:08:19.0515 6116 intelppm - ok
20:08:19.0555 6116 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:08:19.0555 6116 Ip6Fw - ok
20:08:19.0575 6116 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:08:19.0575 6116 IpFilterDriver - ok
20:08:19.0605 6116 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:08:19.0605 6116 IpInIp - ok
20:08:19.0645 6116 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:08:19.0655 6116 IpNat - ok
20:08:19.0665 6116 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:08:19.0675 6116 IPSec - ok
20:08:19.0715 6116 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:08:19.0715 6116 IRENUM - ok
20:08:19.0725 6116 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:08:19.0735 6116 isapnp - ok
20:08:19.0795 6116 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:08:19.0795 6116 Kbdclass - ok
20:08:19.0825 6116 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:08:19.0825 6116 kmixer - ok
20:08:20.0036 6116 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:08:20.0036 6116 KSecDD - ok
20:08:20.0096 6116 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
20:08:20.0106 6116 lanmanserver - ok
20:08:20.0176 6116 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
20:08:20.0176 6116 lanmanworkstation - ok
20:08:20.0186 6116 lbrtfdc - ok
20:08:20.0246 6116 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
20:08:20.0246 6116 LmHosts - ok
20:08:20.0286 6116 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
20:08:20.0286 6116 MBAMProtector - ok
20:08:20.0456 6116 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:08:20.0486 6116 MBAMService - ok
20:08:20.0717 6116 MDC8021X (0f528e44cdc78365be693ae723e3801c) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
20:08:20.0727 6116 MDC8021X - ok
20:08:20.0817 6116 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
20:08:20.0827 6116 Messenger - ok
20:08:20.0857 6116 Microsoft SharePoint Workspace Audit Service - ok
20:08:20.0897 6116 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:08:20.0897 6116 mnmdd - ok
20:08:20.0957 6116 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
20:08:20.0957 6116 mnmsrvc - ok
20:08:21.0007 6116 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
20:08:21.0007 6116 Modem - ok
20:08:21.0057 6116 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:08:21.0057 6116 Mouclass - ok
20:08:21.0107 6116 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:08:21.0117 6116 mouhid - ok
20:08:21.0127 6116 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:08:21.0127 6116 MountMgr - ok
20:08:21.0137 6116 mraid35x - ok
20:08:21.0418 6116 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:08:21.0418 6116 MRxDAV - ok
20:08:21.0548 6116 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:08:21.0568 6116 MRxSmb - ok
20:08:21.0618 6116 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
20:08:21.0618 6116 MSDTC - ok
20:08:22.0239 6116 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:08:22.0239 6116 Msfs - ok
20:08:22.0249 6116 MSIServer - ok
20:08:22.0279 6116 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:08:22.0279 6116 MSKSSRV - ok
20:08:22.0289 6116 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:08:22.0289 6116 MSPCLOCK - ok
20:08:22.0329 6116 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:08:22.0329 6116 MSPQM - ok
20:08:22.0369 6116 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:08:22.0379 6116 mssmbios - ok
20:08:22.0419 6116 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:08:22.0419 6116 Mup - ok
20:08:22.0719 6116 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
20:08:22.0729 6116 napagent - ok
20:08:22.0760 6116 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:08:22.0770 6116 NDIS - ok
20:08:22.0820 6116 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:08:23.0000 6116 NdisTapi - ok
20:08:23.0050 6116 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:08:23.0050 6116 Ndisuio - ok
20:08:23.0080 6116 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:08:23.0090 6116 NdisWan - ok
20:08:23.0240 6116 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:08:23.0270 6116 NDProxy - ok
20:08:23.0681 6116 Nero BackItUp Scheduler 3 (2aae889742376edc5c3203dfb74f28fd) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
20:08:23.0711 6116 Nero BackItUp Scheduler 3 - ok
20:08:23.0731 6116 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:08:23.0731 6116 NetBIOS - ok
20:08:23.0841 6116 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:08:23.0851 6116 NetBT - ok
20:08:23.0901 6116 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:08:23.0911 6116 NetDDE - ok
20:08:23.0921 6116 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:08:23.0941 6116 NetDDEdsdm - ok
20:08:23.0971 6116 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:08:23.0971 6116 Netlogon - ok
20:08:24.0041 6116 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
20:08:24.0041 6116 Netman - ok
20:08:24.0212 6116 NetSvc (25d4fd2151185172b6643c94f34f36be) C:\Program Files\Intel\NCS\Sync\NetSvc.exe
20:08:24.0222 6116 NetSvc - ok
20:08:24.0362 6116 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:08:24.0362 6116 NetTcpPortSharing - ok
20:08:24.0422 6116 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:08:24.0432 6116 NIC1394 - ok
20:08:24.0482 6116 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
20:08:24.0502 6116 Nla - ok
20:08:24.0722 6116 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
20:08:24.0752 6116 NMIndexingService - ok
20:08:24.0782 6116 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:08:24.0792 6116 Npfs - ok
20:08:24.0873 6116 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:08:24.0883 6116 Ntfs - ok
20:08:24.0933 6116 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:08:24.0933 6116 NtLmSsp - ok
20:08:25.0033 6116 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
20:08:25.0063 6116 NtmsSvc - ok
20:08:25.0113 6116 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:08:25.0113 6116 Null - ok
20:08:25.0173 6116 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:08:25.0173 6116 NwlnkFlt - ok
20:08:25.0203 6116 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:08:25.0203 6116 NwlnkFwd - ok
20:08:25.0293 6116 O&O Defrag (2dd5a7c3ec4b83a41e266ddaa345eb18) C:\WINDOWS\system32\oodag.exe
20:08:25.0333 6116 O&O Defrag - ok
20:08:25.0373 6116 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:08:25.0383 6116 ohci1394 - ok
20:08:25.0433 6116 OMCI (35bee961b7a0b24fd130fb8f65f50005) C:\WINDOWS\system32\DRIVERS\omci.sys
20:08:25.0564 6116 OMCI - ok
20:08:25.0704 6116 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:08:25.0714 6116 ose - ok
20:08:26.0235 6116 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:08:26.0285 6116 osppsvc - ok
20:08:26.0455 6116 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
20:08:26.0455 6116 Parport - ok
20:08:26.0485 6116 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:08:26.0485 6116 PartMgr - ok
20:08:26.0535 6116 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:08:26.0565 6116 ParVdm - ok
20:08:26.0595 6116 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
20:08:26.0595 6116 PCI - ok
20:08:26.0615 6116 PCIDump - ok
20:08:26.0645 6116 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:08:26.0645 6116 PCIIde - ok
20:08:26.0675 6116 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:08:26.0675 6116 Pcmcia - ok
20:08:26.0695 6116 PDCOMP - ok
20:08:26.0705 6116 PDFRAME - ok
20:08:26.0715 6116 PDRELI - ok
20:08:26.0735 6116 PDRFRAME - ok
20:08:26.0745 6116 perc2 - ok
20:08:26.0765 6116 perc2hib - ok
20:08:26.0845 6116 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\WINDOWS\system32\IoctlSvc.exe
20:08:26.0845 6116 PLFlash DeviceIoControl Service - ok
20:08:26.0915 6116 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:08:26.0915 6116 PlugPlay - ok
20:08:26.0966 6116 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:08:26.0966 6116 PolicyAgent - ok
20:08:27.0016 6116 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:08:27.0016 6116 PptpMiniport - ok
20:08:27.0026 6116 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:08:27.0036 6116 ProtectedStorage - ok
20:08:27.0056 6116 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:08:27.0056 6116 PSched - ok
20:08:27.0086 6116 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:08:27.0086 6116 Ptilink - ok
20:08:27.0106 6116 ql1080 - ok
20:08:27.0116 6116 Ql10wnt - ok
20:08:27.0126 6116 ql12160 - ok
20:08:27.0136 6116 ql1240 - ok
20:08:27.0156 6116 ql1280 - ok
20:08:27.0196 6116 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:08:27.0196 6116 RasAcd - ok
20:08:27.0266 6116 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
20:08:27.0266 6116 RasAuto - ok
20:08:27.0286 6116 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:08:27.0296 6116 Rasl2tp - ok
20:08:27.0376 6116 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
20:08:27.0396 6116 RasMan - ok
20:08:27.0406 6116 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:08:27.0406 6116 RasPppoe - ok
20:08:27.0426 6116 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:08:27.0426 6116 Raspti - ok
20:08:27.0456 6116 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:08:27.0456 6116 Rdbss - ok
20:08:27.0486 6116 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:08:27.0486 6116 RDPCDD - ok
20:08:27.0516 6116 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:08:27.0526 6116 rdpdr - ok
20:08:27.0586 6116 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:08:27.0757 6116 RDPWD - ok
20:08:27.0867 6116 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
20:08:27.0867 6116 RDSessMgr - ok
20:08:27.0927 6116 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:08:27.0927 6116 redbook - ok
20:08:27.0997 6116 RegSrvc (91bb86dbc9e098389f9a70b1dc08bc54) C:\WINDOWS\system32\RegSrvc.exe
20:08:28.0007 6116 RegSrvc - ok
20:08:28.0057 6116 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
20:08:28.0057 6116 RemoteAccess - ok
20:08:28.0097 6116 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
20:08:28.0097 6116 RemoteRegistry - ok
20:08:28.0117 6116 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
20:08:28.0127 6116 RpcLocator - ok
20:08:28.0217 6116 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
20:08:28.0227 6116 RpcSs - ok
20:08:28.0307 6116 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
20:08:28.0307 6116 RSVP - ok
20:08:28.0358 6116 S24EventMonitor (fce966c61d85615e4c73d9100341496c) C:\WINDOWS\system32\S24EvMon.exe
20:08:28.0368 6116 S24EventMonitor - ok
20:08:28.0388 6116 s24trans (68b465437dca3ecc717fc315da7b8762) C:\WINDOWS\system32\DRIVERS\s24trans.sys
20:08:28.0388 6116 s24trans - ok
20:08:28.0418 6116 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:08:28.0418 6116 SamSs - ok
20:08:28.0438 6116 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
20:08:28.0438 6116 SCardSvr - ok
20:08:28.0478 6116 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
20:08:28.0478 6116 Schedule - ok
20:08:28.0538 6116 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:08:28.0558 6116 Secdrv - ok
20:08:28.0598 6116 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
20:08:28.0598 6116 seclogon - ok
20:08:28.0628 6116 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
20:08:28.0628 6116 SENS - ok
20:08:28.0688 6116 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
20:08:28.0688 6116 Serial - ok
20:08:29.0209 6116 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:08:29.0209 6116 Sfloppy - ok
20:08:29.0279 6116 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
20:08:29.0299 6116 SharedAccess - ok
20:08:29.0369 6116 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:08:29.0379 6116 ShellHWDetection - ok
20:08:29.0389 6116 Simbad - ok
20:08:29.0409 6116 Sparrow - ok
20:08:29.0429 6116 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:08:29.0429 6116 splitter - ok
20:08:29.0469 6116 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:08:29.0479 6116 Spooler - ok
20:08:29.0529 6116 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
20:08:29.0529 6116 sr - ok
20:08:29.0569 6116 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
20:08:29.0579 6116 srservice - ok
20:08:29.0619 6116 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:08:29.0629 6116 Srv - ok
20:08:29.0659 6116 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
20:08:29.0669 6116 SSDPSRV - ok
20:08:29.0760 6116 STAC97 (5813d453ef8ce49d607c255cf128aceb) C:\WINDOWS\system32\drivers\stac97.sys
20:08:29.0810 6116 STAC97 - ok
20:08:29.0880 6116 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
20:08:29.0890 6116 stisvc - ok
20:08:29.0950 6116 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:08:29.0950 6116 swenum - ok
20:08:29.0980 6116 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:08:29.0980 6116 swmidi - ok
20:08:29.0990 6116 SwPrv - ok
20:08:30.0010 6116 symc810 - ok
20:08:30.0020 6116 symc8xx - ok
20:08:30.0040 6116 sym_hi - ok
20:08:30.0050 6116 sym_u3 - ok
20:08:30.0070 6116 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:08:30.0080 6116 sysaudio - ok
20:08:30.0120 6116 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
20:08:30.0120 6116 SysmonLog - ok
20:08:30.0170 6116 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
20:08:30.0180 6116 TapiSrv - ok
20:08:30.0280 6116 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:08:30.0300 6116 Tcpip - ok
20:08:30.0350 6116 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:08:30.0350 6116 TDPIPE - ok
20:08:30.0370 6116 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:08:30.0370 6116 TDTCP - ok
20:08:30.0400 6116 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:08:30.0411 6116 TermDD - ok
20:08:30.0471 6116 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
20:08:30.0481 6116 TermService - ok
20:08:30.0551 6116 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:08:30.0561 6116 Themes - ok
20:08:30.0601 6116 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
20:08:30.0611 6116 TlntSvr - ok
20:08:30.0621 6116 TosIde - ok
20:08:30.0661 6116 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
20:08:30.0661 6116 TrkWks - ok
20:08:30.0711 6116 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:08:30.0711 6116 Udfs - ok
20:08:30.0721 6116 ultra - ok
20:08:30.0811 6116 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:08:30.0871 6116 Update - ok
20:08:30.0941 6116 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
20:08:30.0941 6116 upnphost - ok
20:08:30.0961 6116 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
20:08:30.0961 6116 UPS - ok
20:08:31.0011 6116 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
20:08:31.0011 6116 usbaudio - ok
20:08:31.0071 6116 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:08:31.0071 6116 usbccgp - ok
20:08:31.0112 6116 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:08:31.0112 6116 usbehci - ok
20:08:31.0132 6116 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:08:31.0132 6116 usbhub - ok
20:08:31.0192 6116 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:08:31.0192 6116 usbprint - ok
20:08:31.0232 6116 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:08:31.0232 6116 usbscan - ok
20:08:31.0262 6116 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:08:31.0262 6116 usbstor - ok
20:08:31.0302 6116 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:08:31.0302 6116 usbuhci - ok
20:08:31.0322 6116 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:08:31.0322 6116 VgaSave - ok
20:08:31.0342 6116 ViaIde - ok
20:08:31.0362 6116 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
20:08:31.0372 6116 VolSnap - ok
20:08:31.0462 6116 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
20:08:31.0482 6116 VSS - ok
20:08:31.0532 6116 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
20:08:31.0532 6116 W32Time - ok
20:08:31.0562 6116 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:08:31.0572 6116 Wanarp - ok
20:08:31.0592 6116 WDICA - ok
20:08:31.0612 6116 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:08:31.0622 6116 wdmaud - ok
20:08:31.0652 6116 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
20:08:31.0652 6116 WebClient - ok
20:08:31.0813 6116 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:08:31.0813 6116 winmgmt - ok
20:08:31.0853 6116 WLTRYSVC - ok
20:08:31.0913 6116 WmdmPmSN (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll
20:08:31.0943 6116 WmdmPmSN - ok
20:08:32.0053 6116 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
20:08:32.0103 6116 Wmi - ok
20:08:32.0173 6116 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:08:32.0173 6116 WmiApSrv - ok
20:08:32.0393 6116 WMPNetworkSvc (6bab4dc65515a098505f8b3d01fb6fe5) C:\Program Files\Windows Media Player\WMPNetwk.exe
20:08:32.0423 6116 WMPNetworkSvc - ok
20:08:32.0524 6116 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:08:32.0524 6116 WS2IFSL - ok
20:08:32.0594 6116 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
20:08:32.0594 6116 wscsvc - ok
20:08:32.0664 6116 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
20:08:32.0664 6116 wuauserv - ok
20:08:32.0734 6116 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:08:32.0754 6116 WudfPf - ok
20:08:32.0824 6116 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:08:32.0834 6116 WudfRd - ok
20:08:32.0864 6116 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:08:32.0874 6116 WudfSvc - ok
20:08:32.0954 6116 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
20:08:32.0964 6116 WZCSVC - ok
20:08:33.0044 6116 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
20:08:33.0044 6116 xmlprov - ok
20:08:33.0094 6116 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:08:33.0405 6116 \Device\Harddisk0\DR0 - ok
20:08:33.0415 6116 Boot (0x1200) (3ecaea0625e7746cb8e9e2a3162146a9) \Device\Harddisk0\DR0\Partition0
20:08:33.0415 6116 \Device\Harddisk0\DR0\Partition0 - ok
20:08:33.0425 6116 ============================================================
20:08:33.0425 6116 Scan finished
20:08:33.0425 6116 ============================================================
20:08:33.0445 6016 Detected object count: 0
20:08:33.0445 6016 Actual detected object count: 0

#4 yarlac

yarlac
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 01 May 2012 - 03:28 AM

aswMBR log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-30 21:35:41
-----------------------------
21:35:41.663 OS Version: Windows 5.1.2600 Service Pack 3
21:35:41.663 Number of processors: 1 586 0x905
21:35:41.663 ComputerName: 0118D84E81B9446 UserName: Ray
21:35:42.484 Initialize success
21:44:45.074 AVAST engine defs: 12043001
23:57:02.708 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
23:57:02.708 Disk 0 Vendor: WDC_WD1600BEVE-00WZT0 01.01A01 Size: 152627MB BusType: 3
23:57:02.728 Disk 0 MBR read successfully
23:57:02.728 Disk 0 MBR scan
23:57:02.808 Disk 0 Windows XP default MBR code
23:57:02.808 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152625 MB offset 63
23:57:02.808 Disk 0 scanning sectors +312576705
23:57:02.888 Disk 0 scanning C:\WINDOWS\system32\drivers
23:57:22.216 Service scanning
23:57:50.657 Modules scanning
23:57:58.067 Disk 0 trace - called modules:
23:57:58.107 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
23:57:58.107 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89bbbab8]
23:57:58.468 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89c0b030]
23:57:59.059 AVAST engine scan C:\WINDOWS
23:58:14.471 AVAST engine scan C:\WINDOWS\system32
00:03:15.484 AVAST engine scan C:\WINDOWS\system32\drivers
00:03:36.013 AVAST engine scan C:\Documents and Settings\Ray
00:30:04.808 AVAST engine scan C:\Documents and Settings\All Users
00:31:52.873 Scan finished successfully
01:25:04.272 Disk 0 MBR has been saved successfully to "C:\Ray's Files\XXX\Bleepingcomputer.com TOOLS 4.19.2012\4.19.2012 episode\MBR.dat"
01:25:04.272 The log file has been saved successfully to "C:\Ray's Files\XXX\Bleepingcomputer.com TOOLS 4.19.2012\4.19.2012 episode\aswMBR.txt"

#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:18 PM

Posted 01 May 2012 - 08:27 AM

The last two logs are clean.

Try this:

  • Download OTL to your Desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\*. /mp /s
    c:\$recycle.bin\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    explorer.exe
    svchost.exe
    userinit.exe
    qmgr.dll
    proquota.exe
    kernel32.dll
    ndis.sys
    autochk.exe
    spoolsv.exe
    xmlprov.dll
    ntmssvc.dll
    mswsock.dll
    Beep.SYS
    ntfs.sys
    termsrv.dll
    sfcfiles.dll
    st3shark.sys
    ahcix86.sys
    srsvc.dll
    /md5stop
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
===

#6 yarlac

yarlac
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 02 May 2012 - 05:13 AM

OLT LOG

OTL logfile created on: 5/2/2012 2:55:53 AM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Ray's Files\XXX\Bleepingcomputer.com TOOLS 4.19.2012\4.19.2012 episode
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 76.45% Memory free
3.85 Gb Paging File | 3.23 Gb Available in Paging File | 83.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 105.78 Gb Free Space | 70.97% Space Free | Partition Type: NTFS

Computer Name: 0118D84E81B9446 | User Name: Ray | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Ray's Files\XXX\Bleepingcomputer.com TOOLS 4.19.2012\4.19.2012 episode\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Program Files\1-Click Answers\answers.exe (Answers Corporation)
PRC - C:\Program Files\1-Click Answers\agtserv.exe (Answers Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
PRC - C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - C:\WINDOWS\system32\ZCfgSvc.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\1XConfig.exe (Intel)
PRC - C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
PRC - C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\WINDOWS\system32\C1XStngs.dll ()
MOD - C:\WINDOWS\system32\libeay32.dll ()
MOD - C:\WINDOWS\system32\ssleay32.dll ()


========== Win32 Services (SafeList) ==========

SRV - (WLTRYSVC) -- C:\WINDOWS\System32\wltrysvc.exe %C:\WINDOWS%\System32\bcmwltry.exe File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avgfws) -- C:\Program Files\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Professional.9.0) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
SRV - (O&O Defrag) -- C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (S24EventMonitor) -- C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) -- C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
SRV - (NetSvc) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe (Intel® Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\Ray\LOCALS~1\Temp\catchme.sys File not found
DRV - (bvrp_pci) -- File not found
DRV - (aswMBR) -- C:\Documents and Settings\Ray\Local Settings\temp\aswMBR.sys ()
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgfwfd) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwdx) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Apowersoft_AudioDevice) -- C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (STAC97) Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\stac97.sys (SigmaTel, Inc.)
DRV - (ATIXPGAA) -- C:\dell\drivers\R74793\atixpgaa.sys (ATI Technologies Inc.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (OMCI) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.msnbc.msn.com/|http://www.realitylust.com/porn-movies/outdoor.shtml|http://yourlust.com/videos/a-ride-at-the-park.html|http://yourlust.com/videos/claudia-ricci2.html"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledItems: {b01bf10c-302a-11da-b67b-000d60ca027b}:2.0.3
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/03/06 23:12:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Components: C:\Program Files\Flock\components [2010/12/21 20:43:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\Program Files\Flock\plugins [2012/04/14 01:29:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/10 15:13:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/14 01:29:20 | 000,000,000 | ---D | M]

[2010/12/21 20:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Extensions
[2010/12/21 20:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2012/05/01 15:49:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions
[2011/01/03 19:45:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/10 18:55:31 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/04/11 03:25:32 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/04/11 03:25:29 | 000,000,000 | ---D | M] (Google Docs Viewer) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\adonis.cuhk@gmail.com
[2012/04/21 01:39:15 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\plugin@yontoo.com
[2010/09/22 12:18:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/22 00:55:26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\DOCUMENTS AND SETTINGS\RAY\APPLICATION DATA\FLOCK\BROWSER\PROFILES\VS1I6J6M.DEFAULT\EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C}
[2012/04/12 03:33:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\DOCUMENTS AND SETTINGS\RAY\APPLICATION DATA\FLOCK\BROWSER\PROFILES\VS1I6J6M.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}

========== Chrome ==========


O1 HOSTS File: ([2012/04/11 03:40:05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [MRC] C:\Ray's Files\XXX\PC Tune-Up\PCTuneUp.exe (Large Software)
O4 - HKCU..\RunOnce: [CanonUPW_000] C:\Program Files\Common Files\Canon\UPW\2.0.0.0\UPWClean.exe (CANON INC.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\1-Click Answers.lnk = C:\Program Files\1-Click Answers\answers.exe (Answers Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Answers... - C:\Program Files\1-Click Answers\Html\atiemenu.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1289617899308 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.180.42.100 66.76.175.100 208.180.42.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F9C8C55-2D1F-48C0-B202-37314208D906}: DhcpNameServer = 208.180.42.100 66.76.175.100 208.180.42.68
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\Sebring: DllName - (C:\WINDOWS\system32\LgNotify.dll) - C:\WINDOWS\system32\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Ray\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ray\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/21 19:42:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/05/01 05:29:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Application Data\vlc
[2012/05/01 05:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/05/01 02:40:56 | 000,304,128 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2012/05/01 02:39:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\WINDOWS
[2012/04/25 20:09:44 | 000,016,640 | -H-- | C] (Wondershare) -- C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys
[2012/04/25 20:09:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Application Data\Apowersoft
[2012/04/23 03:23:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012/04/23 03:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Application Data\Canon
[2012/04/23 03:17:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX340 series User Registration
[2012/04/23 03:13:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
[2012/04/23 03:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX340 series Manual
[2012/04/23 03:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX340 series
[2012/04/23 03:08:47 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhTH.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhUS.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhSE.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhRU.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhPT.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhPL.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhNL.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhIT.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhID.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhGR.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhFR.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhFI.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhES.DLL
[2012/04/23 03:08:46 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhDE.DLL
[2012/04/23 03:08:46 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhTR.DLL
[2012/04/23 03:08:46 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhNO.DLL
[2012/04/23 03:08:46 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhKR.DLL
[2012/04/23 03:08:46 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhJP.DLL
[2012/04/23 03:08:46 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhHU.DLL
[2012/04/23 03:08:46 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhDK.DLL
[2012/04/23 03:08:46 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhCZ.DLL
[2012/04/23 03:08:46 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhAR.DLL
[2012/04/23 03:08:46 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhTW.DLL
[2012/04/23 03:08:46 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLhCN.DLL
[2012/04/23 03:08:44 | 000,225,792 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCF2Lh.DLL
[2012/04/23 03:08:44 | 000,167,936 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFMSh.EXE
[2012/04/23 03:08:15 | 000,236,032 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM9O.DLL
[2012/04/23 03:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon
[2012/04/23 03:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2012/04/21 17:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oodag
[2012/04/21 15:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\My Documents\O&O
[2012/04/21 15:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\O&O Software
[2012/04/21 15:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2012/04/21 03:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Local Settings\Application Data\CRE
[2012/04/21 03:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/04/21 03:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Local Settings\Application Data\uTorrentControl2
[2012/04/21 03:34:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Local Settings\Application Data\Conduit
[2012/04/21 03:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentControl2
[2012/04/21 02:26:36 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/04/21 01:39:12 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2012/04/21 01:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2012/04/21 01:38:32 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012/04/20 14:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2012/04/20 13:14:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon IJ Network Utilities
[2012/04/20 13:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012/04/20 13:09:24 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2012/04/20 13:09:03 | 001,310,720 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC340C.dll
[2012/04/20 13:09:03 | 000,307,200 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC340L.dll
[2012/04/20 13:09:03 | 000,110,592 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC340I.dll
[2012/04/20 13:09:03 | 000,102,400 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC340U.dll
[2012/04/20 13:09:03 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2012/04/20 13:09:01 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2012/04/20 12:50:18 | 000,354,816 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPPM.DLL
[2012/04/20 12:50:18 | 000,137,216 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPUI.DLL
[2012/04/20 12:50:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\STRING
[2012/04/20 12:50:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CHM
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkSE.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkRU.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkPT.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkPL.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkNL.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkIT.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkID.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkGR.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkFR.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkFI.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkES.DLL
[2012/04/20 12:45:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkDE.DLL
[2012/04/20 12:45:27 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkUS.DLL
[2012/04/20 12:45:27 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkTR.DLL
[2012/04/20 12:45:27 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkTH.DLL
[2012/04/20 12:45:27 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkNO.DLL
[2012/04/20 12:45:27 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkKR.DLL
[2012/04/20 12:45:27 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkHU.DLL
[2012/04/20 12:45:27 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkDK.DLL
[2012/04/20 12:45:27 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkCZ.DLL
[2012/04/20 12:45:27 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkAR.DLL
[2012/04/20 12:45:27 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkTW.DLL
[2012/04/20 12:45:27 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkJP.DLL
[2012/04/20 12:45:27 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLkCN.DLL
[2012/04/20 12:45:26 | 000,168,448 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFMSk.EXE
[2012/04/20 12:45:25 | 000,296,960 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCF2Lk.DLL
[2012/04/20 12:45:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/04/20 12:44:54 | 000,277,504 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMA5.DLL
[2012/04/20 12:44:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2012/04/20 12:44:32 | 000,094,208 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNC340O.dll
[2012/04/20 12:44:30 | 000,179,200 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIUA5.DLL
[2012/04/20 12:44:21 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012/04/18 15:21:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2012/04/18 02:21:53 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012/04/17 00:57:51 | 004,465,601 | R--- | C] (Swearware) -- C:\Documents and Settings\Ray\Desktop\ComboFix.exe
[2012/04/17 00:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/04/16 23:21:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012/04/16 16:47:04 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/11 03:43:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/02 02:46:19 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\Word 2010.lnk
[2012/05/02 02:19:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/02 02:15:04 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/01 19:32:13 | 000,068,700 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/05/01 15:34:17 | 096,854,148 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/05/01 09:15:05 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/01 05:27:51 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/05/01 02:45:25 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Jasc Paint Shop Pro 8.lnk
[2012/05/01 02:42:33 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\PhotoStitch.lnk
[2012/04/30 14:27:08 | 000,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2012/04/30 14:27:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/30 14:26:27 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\Ray\PCTuneUp.config
[2012/04/30 14:25:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/30 14:25:31 | 000,001,455 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2012/04/30 12:20:03 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Ray\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2010.lnk
[2012/04/29 18:37:46 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\DSCN4571.JPG
[2012/04/29 18:12:20 | 000,088,069 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\pspbrwse.jbf
[2012/04/28 02:57:06 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/04/27 08:21:16 | 000,624,914 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2012/04/26 09:43:40 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/04/24 20:38:25 | 000,785,087 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\1956 International Deposit Receipt 4.2012.jpg
[2012/04/23 03:17:57 | 000,001,685 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon MX340 series User Registration.LNK
[2012/04/23 03:16:43 | 000,001,680 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon Solution Menu.lnk
[2012/04/23 03:16:29 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon Easy-PhotoPrint EX.lnk
[2012/04/23 03:14:07 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon MP Navigator EX 3.1.lnk
[2012/04/23 03:13:33 | 000,001,652 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon My Printer.lnk
[2012/04/23 03:13:15 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon MX340 series On-screen Manual.lnk
[2012/04/23 01:39:17 | 000,068,463 | ---- | M] () -- C:\Program Files\RMPly00.exe
[2012/04/22 00:53:24 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/22 00:53:24 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/04/21 15:48:54 | 000,002,401 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\O&O Defrag.lnk
[2012/04/21 13:50:03 | 000,270,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/04/21 03:42:21 | 000,436,250 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/21 03:42:21 | 000,068,980 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/21 03:35:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/20 14:25:51 | 000,055,242 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\Return label -- fuel pump.jpg
[2012/04/19 18:04:42 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Ray\defogger_reenable
[2012/04/17 14:11:08 | 000,824,689 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\More Things Flashlight Kit.JPG
[2012/04/17 13:47:07 | 009,981,906 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\More_things flashlight kit.pspimage
[2012/04/17 01:10:21 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\Ray\Desktop\esetsmartinstaller_enu.exe
[2012/04/17 00:58:49 | 000,000,008 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/04/17 00:57:51 | 004,465,601 | R--- | M] (Swearware) -- C:\Documents and Settings\Ray\Desktop\ComboFix.exe
[2012/04/16 16:48:09 | 000,709,145 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\3.16.2012 Caluori Declaration Ryobi.pdf
[2012/04/14 01:29:22 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/04/12 02:24:31 | 000,061,403 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\1and1.jpg
[2012/04/11 07:51:51 | 000,323,971 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\billing statement 3-31-12.pdf
[2012/04/11 03:40:05 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/04/11 01:17:31 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\Ray\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2012/04/10 14:23:43 | 000,940,898 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\Trailer 2.jpg
[2012/04/10 14:23:21 | 001,025,224 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\Trailer 1.jpg
[2012/04/10 00:09:05 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/01 05:27:51 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/05/01 02:42:33 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\PhotoStitch.lnk
[2012/04/29 18:37:46 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\DSCN4571.JPG
[2012/04/24 20:34:14 | 000,785,087 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\1956 International Deposit Receipt 4.2012.jpg
[2012/04/23 03:53:50 | 000,001,455 | ---- | C] () -- C:\WINDOWS\System32\OODBS.lor
[2012/04/23 03:17:57 | 000,001,685 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon MX340 series User Registration.LNK
[2012/04/23 03:16:43 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon Solution Menu.lnk
[2012/04/23 03:16:29 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon Easy-PhotoPrint EX.lnk
[2012/04/23 03:14:07 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon MP Navigator EX 3.1.lnk
[2012/04/23 03:13:33 | 000,001,652 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon My Printer.lnk
[2012/04/23 03:13:15 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon MX340 series On-screen Manual.lnk
[2012/04/23 01:39:16 | 000,068,463 | ---- | C] () -- C:\Program Files\RMPly00.exe
[2012/04/21 15:48:30 | 000,002,401 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\O&O Defrag.lnk
[2012/04/20 13:09:03 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\CNC1741D.TBL
[2012/04/20 12:25:43 | 000,055,242 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\Return label -- fuel pump.jpg
[2012/04/19 18:04:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ray\defogger_reenable
[2012/04/18 02:21:44 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/04/18 02:21:44 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/04/17 14:11:07 | 000,824,689 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\More Things Flashlight Kit.JPG
[2012/04/17 13:50:00 | 000,088,069 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\pspbrwse.jbf
[2012/04/17 13:46:21 | 009,981,906 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\More_things flashlight kit.pspimage
[2012/04/16 23:23:39 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/04/16 16:48:06 | 000,709,145 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\3.16.2012 Caluori Declaration Ryobi.pdf
[2012/04/16 16:47:06 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/14 01:29:22 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/04/14 01:29:20 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/04/12 02:24:31 | 000,061,403 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\1and1.jpg
[2012/04/11 07:51:31 | 000,323,971 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\billing statement 3-31-12.pdf
[2012/04/11 01:17:31 | 000,001,486 | ---- | C] () -- C:\Documents and Settings\Ray\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2012/04/10 14:23:42 | 000,940,898 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\Trailer 2.jpg
[2012/04/10 14:23:20 | 001,025,224 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\Trailer 1.jpg
[2012/04/10 13:46:22 | 000,002,519 | ---- | C] () -- C:\Documents and Settings\Ray\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2010.lnk
[2012/04/06 05:36:41 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012/02/03 22:08:03 | 000,709,968 | ---- | C] () -- C:\WINDOWS\is-B5C2S.exe
[2011/07/13 01:19:16 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Ray\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/24 15:18:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2010/09/22 12:30:25 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/09/22 12:22:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/09/22 01:00:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/21 20:44:24 | 000,028,768 | ---- | C] () -- C:\WINDOWS\System32\javaw.exe
[2010/09/21 20:44:24 | 000,024,670 | ---- | C] () -- C:\WINDOWS\System32\java.exe
[2010/09/21 20:27:11 | 000,000,456 | ---- | C] () -- C:\WINDOWS\System32\pthsp.dat
[2010/09/21 19:45:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/09/21 19:39:51 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/09/21 12:27:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/09/21 12:26:13 | 000,270,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== LOP Check ==========

[2012/04/25 20:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/04/20 12:45:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/04/23 03:23:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012/03/06 23:02:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/09/30 12:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2012/05/01 23:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/04/21 01:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2010/11/12 20:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2012/04/25 20:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\Apowersoft
[2012/03/06 23:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\AVG2012
[2012/04/23 03:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\Canon
[2010/12/21 20:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\Flock
[2011/02/27 20:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\mjusbsp
[2012/05/02 01:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32\drivers\*.sys /90 >
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys

< %systemroot%\*. /mp /s >

< c:\$recycle.bin\*.* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-04-21 10:45:31

< MD5 for: AGP440.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/11/12 20:29:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010/11/12 20:29:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004/08/03 16:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/11/12 20:29:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010/11/12 20:29:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008/04/13 17:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\cmdcons\autochk.exe
[2008/04/13 17:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008/04/13 17:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2004/08/04 05:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: BEEP.SYS >
[2004/08/04 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2004/08/04 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004/08/04 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2010/09/03 22:34:09 | 000,363,520 | ---- | M] () MD5=22AAAF06D16DC3548C1B3AD27732C569 -- C:\Ray's Files\XXX\Combo Fix & Malwarebytes Anti malware - Spyware cleaners - Al Stoke\BOGUS - Security Suite Malware Computer Tack over - Kill programs\eXplorer.exe
[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: KERNEL32.DLL >
[2004/08/04 05:00:00 | 000,983,552 | ---- | M] (Microsoft Corporation) MD5=888190E31455FAD793312F8D087146EB -- C:\WINDOWS\$NtServicePackUninstall$\kernel32.dll
[2009/03/21 07:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\ERDNT\cache\kernel32.dll
[2009/03/21 07:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\system32\dllcache\kernel32.dll
[2009/03/21 07:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\system32\kernel32.dll
[2008/04/13 17:11:56 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=C24B983D211C34DA8FCC1AC38477971D -- C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll
[2008/04/13 17:11:56 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=C24B983D211C34DA8FCC1AC38477971D -- C:\WINDOWS\ServicePackFiles\i386\kernel32.dll
[2009/03/21 06:59:23 | 000,991,744 | ---- | M] (Microsoft Corporation) MD5=DA11D9D6ECBDF0F93436A4B7C13F7BEC -- C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll

< MD5 for: MSWSOCK.DLL >
[2004/08/04 05:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
[2008/06/20 10:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2008/06/20 10:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\ERDNT\cache\mswsock.dll
[2008/06/20 09:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 09:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
[2008/04/13 17:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
[2008/04/13 17:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 10:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 10:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

< MD5 for: NDIS.SYS >
[2008/04/13 12:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008/04/13 12:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 12:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004/08/04 05:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NTFS.SYS >
[2008/04/13 12:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ERDNT\cache\ntfs.sys
[2008/04/13 12:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008/04/13 12:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004/08/03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
[2004/08/04 05:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys

< MD5 for: NTMSSVC.DLL >
[2008/04/13 17:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) MD5=156F64A3345BD23C600655FB4D10BC08 -- C:\WINDOWS\ERDNT\cache\ntmssvc.dll
[2008/04/13 17:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) MD5=156F64A3345BD23C600655FB4D10BC08 -- C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll
[2008/04/13 17:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) MD5=156F64A3345BD23C600655FB4D10BC08 -- C:\WINDOWS\system32\ntmssvc.dll
[2004/08/04 05:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) MD5=B62F29C00AC55A761B2E45877D85EA0F -- C:\WINDOWS\$NtServicePackUninstall$\ntmssvc.dll

< MD5 for: NVGTS.SYS >
[2008/01/25 20:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\Ray's Files\XXX\ASUS M3N78 Pro\Disk\AHCI\XP\Disk1\nvgts.sys
[2008/01/25 20:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\Ray's Files\XXX\ASUS M3N78 Pro\Disk\RAID\XP\Disk1\nvgts.sys

< MD5 for: PROQUOTA.EXE >
[2004/08/04 05:00:00 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=4D9D45A4370E0C2AD00C362B7118E2A4 -- C:\WINDOWS\$NtServicePackUninstall$\proquota.exe
[2008/04/13 17:12:32 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=F6465A2EEF75468988A4FCF124148FA8 -- C:\WINDOWS\ServicePackFiles\i386\proquota.exe
[2008/04/13 17:12:32 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=F6465A2EEF75468988A4FCF124148FA8 -- C:\WINDOWS\system32\proquota.exe

< MD5 for: QMGR.DLL >
[2004/08/04 05:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll
[2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ERDNT\cache\qmgr.dll
[2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
[2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\bits\qmgr.dll
[2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\qmgr.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SFCFILES.DLL >
[2004/08/04 05:00:00 | 001,580,544 | ---- | M] (Microsoft Corporation) MD5=30A609E00BD1D4FFC49D6B5A432BE7F2 -- C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll
[2008/04/13 17:12:05 | 001,614,848 | ---- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\ERDNT\cache\sfcfiles.dll
[2008/04/13 17:12:05 | 001,614,848 | ---- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll
[2008/04/13 17:12:05 | 001,614,848 | ---- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\system32\sfcfiles.dll

< MD5 for: SPOOLSV.EXE >
[2010/08/17 06:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010/08/17 06:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\ERDNT\cache\spoolsv.exe
[2010/08/17 06:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010/08/17 06:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2004/08/04 05:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=7435B108B935E42EA92CA94F59C8E717 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2008/04/13 17:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008/04/13 17:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe

< MD5 for: SRSVC.DLL >
[2008/04/13 17:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) MD5=3805DF0AC4296A34BA4BF93B346CC378 -- C:\WINDOWS\ERDNT\cache\srsvc.dll
[2008/04/13 17:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) MD5=3805DF0AC4296A34BA4BF93B346CC378 -- C:\WINDOWS\ServicePackFiles\i386\srsvc.dll
[2008/04/13 17:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) MD5=3805DF0AC4296A34BA4BF93B346CC378 -- C:\WINDOWS\system32\srsvc.dll
[2004/08/04 05:00:00 | 000,170,496 | ---- | M] (Microsoft Corporation) MD5=92BDF74F12D6CBEC43C94D4B7F804838 -- C:\WINDOWS\$NtServicePackUninstall$\srsvc.dll

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TERMSRV.DLL >
[2004/08/04 05:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=B60C877D16D9C880B952FDA04ADF16E6 -- C:\WINDOWS\$NtServicePackUninstall$\termsrv.dll
[2008/04/13 17:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\ERDNT\cache\termsrv.dll
[2008/04/13 17:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\ServicePackFiles\i386\termsrv.dll
[2008/04/13 17:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\system32\termsrv.dll

< MD5 for: USERINIT.EXE >
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: XMLPROV.DLL >
[2008/04/13 17:12:11 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=295D21F14C335B53CB8154E5B1F892B9 -- C:\WINDOWS\ERDNT\cache\xmlprov.dll
[2008/04/13 17:12:11 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=295D21F14C335B53CB8154E5B1F892B9 -- C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll
[2008/04/13 17:12:11 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=295D21F14C335B53CB8154E5B1F892B9 -- C:\WINDOWS\system32\xmlprov.dll
[2004/08/04 05:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=EEF46DAB68229A14DA3D8E73C99E2959 -- C:\WINDOWS\$NtServicePackUninstall$\xmlprov.dll

< End of report >

=================================================================================
=================================================================================
=================================================================================

EXTRA LOG

OTL Extras logfile created on: 5/2/2012 2:55:53 AM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Ray's Files\XXX\Bleepingcomputer.com TOOLS 4.19.2012\4.19.2012 episode
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 76.45% Memory free
3.85 Gb Paging File | 3.23 Gb Available in Paging File | 83.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 105.78 Gb Free Space | 70.97% Space Free | Partition Type: NTFS

Computer Name: 0118D84E81B9446 | User Name: Ray | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Documents and Settings\Ray\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Ray\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Apowersoft\Streaming Video Recorder\Streaming-Video-Recorder.exe" = C:\Program Files\Apowersoft\Streaming Video Recorder\Streaming-Video-Recorder.exe:*:Enabled:Streaming Video Recorder
"C:\Program Files\Apowersoft\Streaming Video Recorder\StreamingVideoRecorder.exe" = C:\Program Files\Apowersoft\Streaming Video Recorder\StreamingVideoRecorder.exe:*:Enabled:Streaming Video Recorder
"C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll" = C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll:*:Enabled:Streaming Video Recorder
"C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll" = C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll:*:Enabled:Streaming Video Recorder


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{069C1AD7-AC72-40E0-A156-7442EA6A48D7}" = AVG 2012
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series" = Canon MX340 series MP Drivers
"{181934AF-3E7B-450D-804F-2B812E018ED1}" = Intel® PROSet
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4761EB82-E8BD-45A4-B19B-586FA9D1D7E6}" = Camtasia Studio 6
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{53480370-6CA2-47EC-BC05-02B4B9271C31}" = O&O Defrag Professional Edition
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D6C9AF27-9414-46C8-B9D8-D878BA041033}" = Nero 8 Ultra Edition HD
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"1-Click Answers" = 1-Click Answers
"1ClickDownloader" = 1ClickDownloader
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"Applian FLV Player2.0.24" = Applian FLV Player
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2012
"Broadcom 802.11b Network Adapter" = Dell TrueMobile 1400 Dual Band WLAN Mini-PCI Card
"Bulk Rename Utility_is1" = Bulk Rename Utility 2.7.1.2
"Canon MX340 series User Registration" = Canon MX340 series User Registration
"Canon PhotoStitch 3.1" = Canon Utilities PhotoStitch 3.1
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"Flock (2.0.3)" = Flock (2.0.3)
"Freeraser" = Freeraser
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express 2
"NMPUninstallKey" = Nero Media Player
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Sierra I6" = Sierra I6
"Speed Dial Utility" = Canon Speed Dial Utility
"SUPER ©" = SUPER © Version 2010.bld.41 (Oct 31, 2010)
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 2.0.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"magicJack" = magicJack
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/23/2012 6:43:50 AM | Computer Name = 0118D84E81B9446 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.4448, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/23/2012 6:43:59 AM | Computer Name = 0118D84E81B9446 | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4448, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b.

Error - 4/28/2012 6:02:01 AM | Computer Name = 0118D84E81B9446 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/28/2012 6:02:03 AM | Computer Name = 0118D84E81B9446 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/28/2012 6:02:12 AM | Computer Name = 0118D84E81B9446 | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4448, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b.

Error - 4/28/2012 6:17:45 AM | Computer Name = 0118D84E81B9446 | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 14.0.4762.1000, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/30/2012 1:59:23 AM | Computer Name = 0118D84E81B9446 | Source = Microsoft Office 14 | ID = 2001
Description = Microsoft Word: Rejected Safe Mode action : Word experienced a serious
problem with the 'c:\program files\abbyy finereader 9.0\fr9.word.tmpl.dot' add-in.
If you have seen this message multiple times, you should disable this add-in and
check to see if an update is available. Do you want to disable this add-in?.

Error - 4/30/2012 5:23:15 PM | Computer Name = 0118D84E81B9446 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/1/2012 5:58:37 AM | Computer Name = 0118D84E81B9446 | Source = Application Hang | ID = 1002
Description = Hanging application AcroRd32.exe, version 10.1.3.23, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 5/2/2012 4:21:12 AM | Computer Name = 0118D84E81B9446 | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4448, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b.

[ System Events ]
Error - 4/25/2012 11:56:43 PM | Computer Name = 0118D84E81B9446 | Source = Service Control Manager | ID = 7034
Description = The RegSrvc service terminated unexpectedly. It has done this 1 time(s).

Error - 4/25/2012 11:56:43 PM | Computer Name = 0118D84E81B9446 | Source = Service Control Manager | ID = 7034
Description = The WLTRYSVC service terminated unexpectedly. It has done this 1
time(s).

Error - 4/25/2012 11:59:25 PM | Computer Name = 0118D84E81B9446 | Source = Service Control Manager | ID = 7000
Description = The WLTRYSVC service failed to start due to the following error: %%2

Error - 4/26/2012 12:03:01 AM | Computer Name = 0118D84E81B9446 | Source = Service Control Manager | ID = 7000
Description = The WLTRYSVC service failed to start due to the following error: %%2

Error - 4/26/2012 3:42:13 AM | Computer Name = 0118D84E81B9446 | Source = Service Control Manager | ID = 7000
Description = The WLTRYSVC service failed to start due to the following error: %%2

Error - 4/26/2012 6:34:49 AM | Computer Name = 0118D84E81B9446 | Source = ipnathlp | ID = 31012
Description = The DNS proxy agent encountered an error while obtaining the local
list of name-resolution servers. Some DNS or WINS servers may be inaccessible to
clients on the local network. The data is the error code.

Error - 4/26/2012 6:34:49 AM | Computer Name = 0118D84E81B9446 | Source = ipnathlp | ID = 31012
Description = The DNS proxy agent encountered an error while obtaining the local
list of name-resolution servers. Some DNS or WINS servers may be inaccessible to
clients on the local network. The data is the error code.

Error - 4/26/2012 6:34:49 AM | Computer Name = 0118D84E81B9446 | Source = ipnathlp | ID = 31012
Description = The DNS proxy agent encountered an error while obtaining the local
list of name-resolution servers. Some DNS or WINS servers may be inaccessible to
clients on the local network. The data is the error code.

Error - 4/26/2012 6:34:50 AM | Computer Name = 0118D84E81B9446 | Source = ipnathlp | ID = 31012
Description = The DNS proxy agent encountered an error while obtaining the local
list of name-resolution servers. Some DNS or WINS servers may be inaccessible to
clients on the local network. The data is the error code.

Error - 4/30/2012 5:26:55 PM | Computer Name = 0118D84E81B9446 | Source = Service Control Manager | ID = 7000
Description = The WLTRYSVC service failed to start due to the following error: %%2


< End of report >

#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:18 PM

Posted 02 May 2012 - 10:28 AM

Run OTL - Double-click OTL.exe Posted Image to start it.

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    FF - user.js - File not found
    [2012/04/21 01:39:15 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\plugin@yontoo.com
    O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    
    :Commands
    [emptytemp]
    [REBOOT]
    
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
===

Delete your current version of ComboFix.exe file.

Download ComboFix from any of the links below but rename it to iexplor.exe before saving it to your desktop. <- Important.

Link 1
Link 2
==================================

  • Disable your Anti-Virus and Anti-Spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

    Double click on the renamed ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Note: If you have difficulty properly disabling your protection programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Do not mouse click combofix's window while it's running. That may cause it to stall

Please post the logs for my review.

#8 yarlac

yarlac
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 02 May 2012 - 02:52 PM

The OLT FIX would not run. I pasted the info in the Custon Scans/Fixes, however, when I ran OLT my desktop icons disappeared, the bottom of OLT said "killing processes: NO NOT INTERUPT", after about 8-10 minutes the top blue bar of OLT says "Not Responding". The computer gets locked up so I have to unplug it and take battery out to reboot it.

Also I notice you had Yontoo plugin info in the custom scans items to paste. I'm not sure where it came from but getting rid of it is almost impossible.

I have tried to download a new version of ComboFix but it only scan #49 will run. I was hoping after these OLT fixes it would download and run again. When I tried to run ComboFix a screen poped up to run it in 'reduced functionality' something like that, then only #49 ran and completed.

It seems something knows what I am trying to do to fix this machine. The lock ups and delays takes me forever to even reply to you.

yarlac

#9 yarlac

yarlac
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 02 May 2012 - 03:09 PM

I ran OLT Quick Scan even though the FIX did not run, just in case you find something.

Also I have an add on called uTorrentControl2 I have no idea how it became a toolbar in IE but no matter how many times I delete it, it re-installs itself. Even when I "disable" it it re-enables itself. Someone must have paid someone for this thing to be stuck in a MS browser, yes a little cynical, I know....I'm working on it.


OTL logfile created on: 5/2/2012 12:53:15 PM - Run 2
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Ray's Files\XXX\Bleepingcomputer.com TOOLS 4.19.2012\4.19.2012 episode
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.03% Memory free
3.85 Gb Paging File | 2.76 Gb Available in Paging File | 71.75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 106.10 Gb Free Space | 71.19% Space Free | Partition Type: NTFS

Computer Name: 0118D84E81B9446 | User Name: Ray | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Ray's Files\XXX\Bleepingcomputer.com TOOLS 4.19.2012\4.19.2012 episode\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgscanx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\1-Click Answers\answers.exe (Answers Corporation)
PRC - C:\Program Files\1-Click Answers\agtserv.exe (Answers Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
PRC - C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - C:\WINDOWS\system32\ZCfgSvc.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\1XConfig.exe (Intel)
PRC - C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
PRC - C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\WINDOWS\system32\C1XStngs.dll ()
MOD - C:\WINDOWS\system32\libeay32.dll ()
MOD - C:\WINDOWS\system32\ssleay32.dll ()


========== Win32 Services (SafeList) ==========

SRV - (WLTRYSVC) -- C:\WINDOWS\System32\wltrysvc.exe %C:\WINDOWS%\System32\bcmwltry.exe File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avgfws) -- C:\Program Files\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Professional.9.0) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
SRV - (O&O Defrag) -- C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (S24EventMonitor) -- C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) -- C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
SRV - (NetSvc) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe (Intel® Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\Ray\LOCALS~1\Temp\catchme.sys File not found
DRV - (bvrp_pci) -- File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgfwfd) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwdx) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Apowersoft_AudioDevice) -- C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (STAC97) Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\stac97.sys (SigmaTel, Inc.)
DRV - (ATIXPGAA) -- C:\dell\drivers\R74793\atixpgaa.sys (ATI Technologies Inc.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (OMCI) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_enUS398
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.msnbc.msn.com/|http://www.realitylust.com/porn-movies/outdoor.shtml|http://yourlust.com/videos/a-ride-at-the-park.html|http://yourlust.com/videos/claudia-ricci2.html"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledItems: {b01bf10c-302a-11da-b67b-000d60ca027b}:2.0.3
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/03/06 23:12:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Components: C:\Program Files\Flock\components [2010/12/21 20:43:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\Program Files\Flock\plugins [2012/04/14 01:29:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/10 15:13:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/14 01:29:20 | 000,000,000 | ---D | M]

[2010/12/21 20:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Extensions
[2010/12/21 20:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2012/05/01 15:49:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions
[2011/01/03 19:45:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/10 18:55:31 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/04/11 03:25:32 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/04/11 03:25:29 | 000,000,000 | ---D | M] (Google Docs Viewer) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\adonis.cuhk@gmail.com
[2012/04/21 01:39:15 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\extensions\plugin@yontoo.com
[2010/09/22 12:18:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/22 00:55:26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\DOCUMENTS AND SETTINGS\RAY\APPLICATION DATA\FLOCK\BROWSER\PROFILES\VS1I6J6M.DEFAULT\EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C}
[2012/04/12 03:33:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\DOCUMENTS AND SETTINGS\RAY\APPLICATION DATA\FLOCK\BROWSER\PROFILES\VS1I6J6M.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}

========== Chrome ==========


O1 HOSTS File: ([2012/04/11 03:40:05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [MRC] C:\Ray's Files\XXX\PC Tune-Up\PCTuneUp.exe (Large Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\1-Click Answers.lnk = C:\Program Files\1-Click Answers\answers.exe (Answers Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Answers... - C:\Program Files\1-Click Answers\Html\atiemenu.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1289617899308 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.180.42.100 66.76.175.100 208.180.42.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F9C8C55-2D1F-48C0-B202-37314208D906}: DhcpNameServer = 208.180.42.100 66.76.175.100 208.180.42.68
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\Sebring: DllName - (C:\WINDOWS\system32\LgNotify.dll) - C:\WINDOWS\system32\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Ray\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ray\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/21 19:42:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/02 11:32:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/01 05:29:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Application Data\vlc
[2012/05/01 05:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/05/01 02:39:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\WINDOWS
[2012/04/25 20:09:44 | 000,016,640 | -H-- | C] (Wondershare) -- C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys
[2012/04/25 20:09:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Application Data\Apowersoft
[2012/04/23 03:23:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012/04/23 03:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Application Data\Canon
[2012/04/23 03:17:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX340 series User Registration
[2012/04/23 03:13:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
[2012/04/23 03:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX340 series Manual
[2012/04/23 03:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX340 series
[2012/04/23 03:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon
[2012/04/23 03:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2012/04/21 17:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oodag
[2012/04/21 15:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\My Documents\O&O
[2012/04/21 15:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\O&O Software
[2012/04/21 15:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2012/04/21 03:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Local Settings\Application Data\CRE
[2012/04/21 03:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/04/21 03:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Local Settings\Application Data\uTorrentControl2
[2012/04/21 03:34:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ray\Local Settings\Application Data\Conduit
[2012/04/21 03:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentControl2
[2012/04/21 02:26:36 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/04/21 01:39:12 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2012/04/21 01:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2012/04/21 01:38:32 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012/04/20 14:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2012/04/20 13:14:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon IJ Network Utilities
[2012/04/20 13:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012/04/20 12:50:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\STRING
[2012/04/20 12:50:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CHM
[2012/04/20 12:45:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/04/20 12:44:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2012/04/20 12:44:21 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012/04/18 15:21:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2012/04/17 00:57:51 | 004,465,601 | R--- | C] (Swearware) -- C:\Documents and Settings\Ray\Desktop\ComboFix.exe
[2012/04/17 00:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/04/16 23:21:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012/04/11 03:43:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/02 12:38:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/02 12:38:46 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/02 12:38:38 | 000,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2012/05/02 12:38:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/02 12:37:58 | 000,002,619 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2012/05/02 12:19:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/02 12:15:02 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/02 11:57:29 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\Ray\PCTuneUp.config
[2012/05/02 11:28:00 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\Word 2010.lnk
[2012/05/02 03:33:19 | 096,885,911 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/05/01 19:32:13 | 000,068,700 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/05/01 05:27:51 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/05/01 02:45:25 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Jasc Paint Shop Pro 8.lnk
[2012/05/01 02:42:33 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\PhotoStitch.lnk
[2012/04/30 12:20:03 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Ray\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2010.lnk
[2012/04/29 18:37:46 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\DSCN4571.JPG
[2012/04/29 18:12:20 | 000,088,069 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\pspbrwse.jbf
[2012/04/28 02:57:06 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/04/27 08:21:16 | 000,624,914 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2012/04/26 09:43:40 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/04/24 20:38:25 | 000,785,087 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\1956 International Deposit Receipt 4.2012.jpg
[2012/04/23 03:17:57 | 000,001,685 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon MX340 series User Registration.LNK
[2012/04/23 03:16:43 | 000,001,680 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon Solution Menu.lnk
[2012/04/23 03:16:29 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon Easy-PhotoPrint EX.lnk
[2012/04/23 03:14:07 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon MP Navigator EX 3.1.lnk
[2012/04/23 03:13:33 | 000,001,652 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon My Printer.lnk
[2012/04/23 03:13:15 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon MX340 series On-screen Manual.lnk
[2012/04/23 01:39:17 | 000,068,463 | ---- | M] () -- C:\Program Files\RMPly00.exe
[2012/04/21 15:48:54 | 000,002,401 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\O&O Defrag.lnk
[2012/04/21 13:50:03 | 000,270,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/04/21 03:42:21 | 000,436,250 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/21 03:42:21 | 000,068,980 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/21 03:35:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/20 14:25:51 | 000,055,242 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\Return label -- fuel pump.jpg
[2012/04/19 18:04:42 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Ray\defogger_reenable
[2012/04/17 14:11:08 | 000,824,689 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\More Things Flashlight Kit.JPG
[2012/04/17 13:47:07 | 009,981,906 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\More_things flashlight kit.pspimage
[2012/04/17 01:10:21 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\Ray\Desktop\esetsmartinstaller_enu.exe
[2012/04/17 00:58:49 | 000,000,008 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/04/17 00:57:51 | 004,465,601 | R--- | M] (Swearware) -- C:\Documents and Settings\Ray\Desktop\ComboFix.exe
[2012/04/16 16:48:09 | 000,709,145 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\3.16.2012 Caluori Declaration Ryobi.pdf
[2012/04/14 01:29:22 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/04/12 02:24:31 | 000,061,403 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\1and1.jpg
[2012/04/11 07:51:51 | 000,323,971 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\billing statement 3-31-12.pdf
[2012/04/11 03:40:05 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/04/11 01:17:31 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\Ray\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2012/04/10 14:23:43 | 000,940,898 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\Trailer 2.jpg
[2012/04/10 14:23:21 | 001,025,224 | ---- | M] () -- C:\Documents and Settings\Ray\Desktop\Trailer 1.jpg
[2012/04/10 00:09:05 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/01 05:27:51 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/05/01 02:42:33 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\PhotoStitch.lnk
[2012/04/29 18:37:46 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\DSCN4571.JPG
[2012/04/24 20:34:14 | 000,785,087 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\1956 International Deposit Receipt 4.2012.jpg
[2012/04/23 03:53:50 | 000,002,619 | ---- | C] () -- C:\WINDOWS\System32\OODBS.lor
[2012/04/23 03:17:57 | 000,001,685 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon MX340 series User Registration.LNK
[2012/04/23 03:16:43 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon Solution Menu.lnk
[2012/04/23 03:16:29 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon Easy-PhotoPrint EX.lnk
[2012/04/23 03:14:07 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon MP Navigator EX 3.1.lnk
[2012/04/23 03:13:33 | 000,001,652 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon My Printer.lnk
[2012/04/23 03:13:15 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon MX340 series On-screen Manual.lnk
[2012/04/23 01:39:16 | 000,068,463 | ---- | C] () -- C:\Program Files\RMPly00.exe
[2012/04/21 15:48:30 | 000,002,401 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\O&O Defrag.lnk
[2012/04/20 13:09:03 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\CNC1741D.TBL
[2012/04/20 12:25:43 | 000,055,242 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\Return label -- fuel pump.jpg
[2012/04/19 18:04:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ray\defogger_reenable
[2012/04/18 02:21:44 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/04/18 02:21:44 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/04/17 14:11:07 | 000,824,689 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\More Things Flashlight Kit.JPG
[2012/04/17 13:50:00 | 000,088,069 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\pspbrwse.jbf
[2012/04/17 13:46:21 | 009,981,906 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\More_things flashlight kit.pspimage
[2012/04/16 23:23:39 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/04/16 16:48:06 | 000,709,145 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\3.16.2012 Caluori Declaration Ryobi.pdf
[2012/04/16 16:47:06 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/14 01:29:22 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/04/14 01:29:20 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/04/12 02:24:31 | 000,061,403 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\1and1.jpg
[2012/04/11 07:51:31 | 000,323,971 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\billing statement 3-31-12.pdf
[2012/04/11 01:17:31 | 000,001,486 | ---- | C] () -- C:\Documents and Settings\Ray\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2012/04/10 14:23:42 | 000,940,898 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\Trailer 2.jpg
[2012/04/10 14:23:20 | 001,025,224 | ---- | C] () -- C:\Documents and Settings\Ray\Desktop\Trailer 1.jpg
[2012/04/10 13:46:22 | 000,002,519 | ---- | C] () -- C:\Documents and Settings\Ray\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2010.lnk
[2012/04/06 05:36:41 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012/02/03 22:08:03 | 000,709,968 | ---- | C] () -- C:\WINDOWS\is-B5C2S.exe
[2011/07/13 01:19:16 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Ray\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/24 15:18:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2010/09/22 12:30:25 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/09/22 12:22:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/09/22 01:00:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/21 20:44:24 | 000,028,768 | ---- | C] () -- C:\WINDOWS\System32\javaw.exe
[2010/09/21 20:44:24 | 000,024,670 | ---- | C] () -- C:\WINDOWS\System32\java.exe
[2010/09/21 20:27:11 | 000,000,456 | ---- | C] () -- C:\WINDOWS\System32\pthsp.dat
[2010/09/21 19:45:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/09/21 19:39:51 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/09/21 12:27:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/09/21 12:26:13 | 000,270,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== LOP Check ==========

[2012/04/25 20:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/04/20 12:45:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/04/23 03:23:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012/03/06 23:02:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/09/30 12:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2012/05/02 03:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/04/21 01:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2010/11/12 20:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2012/04/25 20:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\Apowersoft
[2012/03/06 23:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\AVG2012
[2012/04/23 03:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\Canon
[2010/12/21 20:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\Flock
[2011/02/27 20:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\mjusbsp
[2012/05/02 01:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ray\Application Data\uTorrent

========== Purity Check ==========



< End of report >

#10 yarlac

yarlac
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 02 May 2012 - 03:32 PM

Here is a little miracle. ComboFix downloaded and ran. here is the result of the scan.

ComboFix 12-05-02.03 - Ray 05/02/2012 13:19:13.5.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1458 [GMT -7:00]
Running from: c:\documents and settings\Ray\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Ray\Application Data\Microsoft\~DFKddf0272.tmp
c:\documents and settings\Ray\WINDOWS
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2012-04-02 to 2012-05-02 )))))))))))))))))))))))))))))))
.
.
2012-05-02 18:32 . 2012-05-02 18:32 -------- d-----w- C:\_OTL
2012-05-01 12:29 . 2012-05-01 12:31 -------- d-----w- c:\documents and settings\Ray\Application Data\vlc
2012-05-01 12:25 . 2012-05-01 12:25 -------- d-----w- c:\program files\VideoLAN
2012-05-01 09:40 . 1998-01-23 19:22 304128 ----a-w- c:\windows\IsUninst.exe
2012-04-26 03:09 . 2010-12-30 22:19 16640 ---ha-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2012-04-26 03:09 . 2012-04-26 03:09 -------- d-----w- c:\documents and settings\Ray\Application Data\Apowersoft
2012-04-23 10:23 . 2012-04-23 10:23 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJScan
2012-04-23 10:23 . 2012-04-23 10:23 -------- d-----w- c:\documents and settings\Ray\Application Data\Canon
2012-04-23 10:01 . 2012-04-23 10:16 -------- d-----w- c:\program files\Common Files\Canon
2012-04-23 10:00 . 2012-04-23 10:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2012-04-23 08:39 . 2012-04-23 08:39 68463 ----a-w- c:\program files\RMPly00.exe
2012-04-22 09:46 . 2012-04-22 09:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2012-04-22 00:37 . 2012-04-22 00:37 -------- d-----w- c:\windows\system32\oodag
2012-04-21 22:47 . 2012-04-21 22:47 -------- d-----w- c:\program files\OO Software
2012-04-21 10:35 . 2012-04-21 10:35 -------- d-----w- c:\documents and settings\Ray\Local Settings\Application Data\CRE
2012-04-21 10:34 . 2012-04-21 10:34 -------- d-----w- c:\program files\Conduit
2012-04-21 10:34 . 2012-04-27 22:45 -------- d-----w- c:\documents and settings\Ray\Local Settings\Application Data\uTorrentControl2
2012-04-21 10:34 . 2012-04-21 10:34 -------- d-----w- c:\documents and settings\Ray\Local Settings\Application Data\Conduit
2012-04-21 10:33 . 2012-04-21 10:34 -------- d-----w- c:\program files\uTorrentControl2
2012-04-21 09:26 . 2012-04-21 09:26 -------- d-----w- c:\program files\MSXML 4.0
2012-04-21 08:39 . 2012-04-21 08:39 -------- d-----w- c:\program files\Yontoo
2012-04-21 08:39 . 2012-04-21 08:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Tarma Installer
2012-04-21 08:38 . 2012-04-21 08:38 -------- d-----w- c:\program files\1ClickDownload
2012-04-20 21:22 . 2012-04-20 21:22 -------- d-----w- c:\program files\Common Files\SWF Studio
2012-04-20 20:14 . 2012-05-01 09:41 -------- d-----w- c:\program files\Canon
2012-04-20 20:09 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2012-04-20 20:09 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2012-04-20 20:09 . 2009-10-19 23:29 307200 ----a-w- c:\windows\system32\CNC340L.dll
2012-04-20 20:09 . 2009-10-06 01:09 1310720 ----a-w- c:\windows\system32\CNC340C.dll
2012-04-20 20:09 . 2009-10-06 01:08 110592 ----a-w- c:\windows\system32\CNC340I.dll
2012-04-20 20:09 . 2009-10-06 01:05 102400 ----a-w- c:\windows\system32\CNC340U.dll
2012-04-20 20:09 . 2008-08-26 01:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2012-04-20 20:09 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2012-04-20 20:09 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2012-04-20 19:50 . 2012-04-20 19:50 -------- d-----w- c:\windows\system32\STRING
2012-04-20 19:50 . 2009-10-09 22:01 137216 ----a-w- c:\windows\system32\CNMNPUI.DLL
2012-04-20 19:50 . 2009-10-09 22:01 354816 ----a-w- c:\windows\system32\CNMNPPM.DLL
2012-04-20 19:50 . 2012-04-20 19:50 -------- d-----w- c:\windows\system32\CHM
2012-04-20 19:44 . 2010-05-16 12:00 70656 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPA5.DLL
2012-04-20 19:44 . 2010-05-16 12:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDA5.DLL
2012-04-20 19:44 . 2010-05-16 12:00 277504 ----a-w- c:\windows\system32\CNMLMA5.DLL
2012-04-20 19:44 . 2012-04-23 10:09 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2012-04-20 19:44 . 2010-06-03 22:12 94208 ----a-w- c:\windows\system32\CNC340O.dll
2012-04-20 19:44 . 2009-09-10 16:00 179200 ----a-w- c:\windows\system32\CNMIUA5.DLL
2012-04-18 22:21 . 2012-04-18 22:21 -------- d-----w- c:\windows\Sun
2012-04-18 09:21 . 2012-01-09 16:20 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-04-18 09:21 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-04-18 09:21 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-04-17 06:21 . 2012-04-17 06:21 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-04-16 23:47 . 2012-04-22 07:53 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-22 07:53 . 2011-07-13 06:11 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 22:56 . 2010-12-31 17:37 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-01 11:01 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2004-08-04 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2004-08-04 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-02-04 05:08 . 2012-02-04 05:08 709968 ----a-w- c:\windows\is-B5C2S.exe
2012-02-03 09:22 . 2004-08-04 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-04-11_10.40.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-29 06:42 . 2009-06-29 06:42 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 94208 c:\windows\twain_32\MX340 series\SG_THA.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 73728 c:\windows\twain_32\MX340 series\SG_KOR.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 73728 c:\windows\twain_32\MX340 series\SG_JPN.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 61440 c:\windows\twain_32\MX340 series\SG_CHT.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 61440 c:\windows\twain_32\MX340 series\SG_CHS.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 98304 c:\windows\twain_32\MX340 series\SG_ARA.dll
+ 2012-04-20 20:09 . 2009-07-08 17:58 86016 c:\windows\twain_32\MX340 series\rstcol.dll
+ 2012-04-20 20:09 . 2009-03-10 00:56 98304 c:\windows\twain_32\MX340 series\MC2Plus.dll
+ 2012-04-20 20:09 . 2007-12-06 20:46 73728 c:\windows\twain_32\MX340 series\IJFSHLIB.dll
+ 2012-04-20 20:09 . 2007-11-09 15:48 53248 c:\windows\twain_32\MX340 series\HSL.DLL
+ 2012-04-20 20:09 . 2008-11-19 20:31 73728 c:\windows\twain_32\MX340 series\DDT.dll
+ 2012-04-20 19:44 . 2010-06-03 22:12 94208 c:\windows\twain_32\MX340 series\cncisco3.dll
+ 2012-04-20 20:09 . 2009-06-16 22:38 30720 c:\windows\twain_32\MX340 series\CNC340.DAT
+ 2012-04-20 20:09 . 2005-04-15 22:34 57344 c:\windows\twain_32\MX340 series\BaLCo.dll
+ 2008-04-14 00:12 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
- 2008-04-14 00:12 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2012-04-20 19:50 . 2009-10-09 22:01 11264 c:\windows\system32\STRING\CNMNPPRCUS.DLL
+ 2012-04-20 19:50 . 2009-10-09 22:01 11776 c:\windows\system32\STRING\CNMNPPRCIT.DLL
+ 2012-04-20 19:50 . 2009-10-09 22:01 12288 c:\windows\system32\STRING\CNMNPPRCFR.DLL
+ 2012-04-20 19:50 . 2009-10-09 22:01 12288 c:\windows\system32\STRING\CNMNPPRCES.DLL
+ 2012-04-20 19:50 . 2009-10-09 22:01 12800 c:\windows\system32\STRING\CNMNPPRCDE.DLL
+ 2012-04-23 10:08 . 2009-04-25 12:00 69632 c:\windows\system32\spool\prtprocs\w32x86\CNMPP9O.DLL
+ 2012-04-23 10:08 . 2009-04-25 12:00 27136 c:\windows\system32\spool\prtprocs\w32x86\CNMPD9O.DLL
+ 2012-04-23 10:19 . 2010-05-16 12:00 12288 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMW3A5.DLL
+ 2012-04-23 10:19 . 2010-05-16 12:00 59024 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMVSA5.EXE
+ 2012-04-23 10:19 . 2010-05-16 12:00 14336 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMVSA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 78336 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMSRA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 89600 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMSQA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 17552 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMSEA5.EXE
+ 2012-04-23 10:18 . 2010-05-16 12:00 93696 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMSDA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 12288 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMPIA5.DLL
+ 2012-04-23 10:19 . 2010-05-16 07:00 30320 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMP2A5.DAT
+ 2012-04-23 10:19 . 2010-05-16 07:00 27140 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMP1A5.DAT
+ 2012-04-23 10:19 . 2010-05-16 07:00 23280 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMP0A5.DAT
+ 2012-04-23 10:18 . 2010-05-16 12:00 27648 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMOPA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 62976 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMLHA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 86016 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMICA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 57856 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMEIA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 13824 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMBU3A5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 35840 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMBS3A5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 13824 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMBM3A5.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:24 62976 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkUS.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:55 65536 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkTW.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkTR.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:55 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkTH.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkSE.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkRU.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkPT.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkPL.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkNO.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkNL.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:54 65536 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkKR.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:24 58368 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkJP.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkIT.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkID.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkHU.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkGR.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:52 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkFR.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkFI.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:53 77824 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkES.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkDK.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:52 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkDE.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkCZ.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:55 65536 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkCN.DLL
+ 2012-04-23 10:19 . 2009-11-25 22:54 69632 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFCkAR.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:29 52736 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCF2Mk.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 12288 c:\windows\system32\spool\drivers\w32x86\3\CNMW3A5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 59024 c:\windows\system32\spool\drivers\w32x86\3\CNMVSA5.EXE
+ 2012-04-20 19:44 . 2010-05-16 12:00 14336 c:\windows\system32\spool\drivers\w32x86\3\CNMVSA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 78336 c:\windows\system32\spool\drivers\w32x86\3\CNMSRA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 89600 c:\windows\system32\spool\drivers\w32x86\3\CNMSQA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 17552 c:\windows\system32\spool\drivers\w32x86\3\CNMSEA5.EXE
+ 2012-04-20 19:44 . 2010-05-16 12:00 93696 c:\windows\system32\spool\drivers\w32x86\3\CNMSDA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 12288 c:\windows\system32\spool\drivers\w32x86\3\CNMPIA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 07:00 30320 c:\windows\system32\spool\drivers\w32x86\3\CNMP2A5.DAT
+ 2012-04-20 19:44 . 2010-05-16 07:00 27140 c:\windows\system32\spool\drivers\w32x86\3\CNMP1A5.DAT
+ 2012-04-20 19:44 . 2010-05-16 07:00 23280 c:\windows\system32\spool\drivers\w32x86\3\CNMP0A5.DAT
+ 2012-04-20 19:44 . 2010-05-16 12:00 27648 c:\windows\system32\spool\drivers\w32x86\3\CNMOPA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 62976 c:\windows\system32\spool\drivers\w32x86\3\CNMLHA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 86016 c:\windows\system32\spool\drivers\w32x86\3\CNMICA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 57856 c:\windows\system32\spool\drivers\w32x86\3\CNMEIA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 13824 c:\windows\system32\spool\drivers\w32x86\3\CNMBU3A5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 35840 c:\windows\system32\spool\drivers\w32x86\3\CNMBS3A5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 13824 c:\windows\system32\spool\drivers\w32x86\3\CNMBM3A5.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:24 62976 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkUS.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:55 65536 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkTW.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkTR.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:55 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkTH.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkSE.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkRU.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkPT.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkPL.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkNO.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkNL.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 65536 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkKR.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:24 58368 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkJP.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkIT.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkID.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkHU.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkGR.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:52 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkFR.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkFI.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 77824 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkES.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkDK.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:52 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkDE.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 73728 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkCZ.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:55 65536 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkCN.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 69632 c:\windows\system32\spool\drivers\w32x86\3\CNCFCkAR.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:29 52736 c:\windows\system32\spool\drivers\w32x86\3\CNCF2Mk.DLL
+ 2004-08-04 12:00 . 2012-04-21 10:42 68980 c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2011-11-18 12:35 60416 c:\windows\system32\packager.exe
+ 2005-05-11 10:09 . 2005-05-11 10:09 10240 c:\windows\system32\oodagrs.dll
+ 2004-08-04 12:00 . 2011-09-26 18:41 20480 c:\windows\system32\oleaccrc.dll
- 2004-08-04 12:00 . 2011-04-25 16:11 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 66560 c:\windows\system32\mshtmled.dll
+ 2009-03-08 11:31 . 2012-03-01 11:01 55296 c:\windows\system32\msfeedsbs.dll
- 2009-03-08 11:31 . 2011-04-25 16:11 55296 c:\windows\system32\msfeedsbs.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 23040 c:\windows\system32\mciseq.dll
+ 2004-08-04 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll
- 2004-08-04 12:00 . 2011-04-25 16:11 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-03 23:08 . 2008-04-13 18:45 49408 c:\windows\system32\drivers\stream.sys
- 2004-08-03 23:08 . 2008-04-13 18:45 49408 c:\windows\system32\drivers\stream.sys
+ 2005-05-11 08:37 . 2005-05-11 08:37 30720 c:\windows\system32\drivers\oobctm.sys
+ 2004-08-04 12:00 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 45568 c:\windows\system32\dnsrslvr.dll
- 2010-11-13 05:10 . 2011-04-25 16:11 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-11-13 05:10 . 2012-03-01 11:01 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-03 23:08 . 2008-04-13 18:45 49408 c:\windows\system32\dllcache\stream.sys
+ 2011-11-18 12:35 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
+ 2004-08-04 12:00 . 2011-09-26 18:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2009-03-08 11:31 . 2012-03-01 11:01 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2009-03-08 11:31 . 2011-04-25 16:11 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2010-11-13 05:10 . 2011-04-25 16:11 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-11-13 05:10 . 2012-03-01 11:01 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2009-03-08 11:34 . 2012-03-01 11:01 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2009-03-08 11:34 . 2011-04-25 16:11 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 11:33 . 2012-03-01 11:01 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-03-08 11:33 . 2011-04-25 16:11 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-09-21 19:29 . 2008-04-13 18:45 60160 c:\windows\system32\dllcache\drmk.sys
+ 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2009-12-14 07:08 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2009-12-14 07:08 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2004-08-04 12:00 . 2011-10-28 05:31 33280 c:\windows\system32\csrsrv.dll
- 2004-08-04 12:00 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll
+ 2012-04-20 19:44 . 2009-09-10 08:59 74752 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstJP.dll
+ 2011-12-25 10:49 . 2011-12-25 10:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2012-04-21 09:26 . 2012-04-21 09:26 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2012-04-21 09:27 . 2012-04-21 09:27 32768 c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2012-04-21 22:47 . 2012-04-21 22:47 65536 c:\windows\Installer\{53480370-6CA2-47EC-BC05-02B4B9271C31}\oodcnt_exe.53480300_6789_44B8_908F_AD7D7990104B.exe
+ 2012-04-21 22:47 . 2012-04-21 22:47 25214 c:\windows\Installer\{53480370-6CA2-47EC-BC05-02B4B9271C31}\oodcnt_ds.53480300_6789_44B8_908F_AD7D7990104B.exe
+ 2012-04-21 22:47 . 2012-04-21 22:47 25214 c:\windows\Installer\{53480370-6CA2-47EC-BC05-02B4B9271C31}\ARPPRODUCTICON.exe
+ 2011-06-06 19:55 . 2011-06-06 19:55 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\ViewerPS.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\reader_sl.exe
+ 2011-06-06 19:55 . 2011-06-06 19:55 88992 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\PDFPrevHndlr.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\eula.exe
+ 2011-06-06 19:55 . 2011-06-06 19:55 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\acrotextextractor.exe
+ 2011-06-06 19:55 . 2011-06-06 19:55 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroRd32Info.exe
+ 2011-06-06 19:55 . 2011-06-06 19:55 63912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\acroiehelpershim.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroIEHelper.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\Acrofx32.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 12800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 43520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll
+ 2012-04-21 10:52 . 2012-04-21 10:52 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\888b745ca99d39692c2e9af222e5eae8\UIAutomationProvider.ni.dll
+ 2012-04-21 21:08 . 2012-04-21 21:08 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\dab766b18e6fe0a8f53a93c56be7b40e\System.Windows.Presentation.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\31b65443e56a470d199f293085576e05\System.Web.DynamicData.Design.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\89dfd3999ad1d72c59243d7b4bf40d5a\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll
+ 2012-04-21 10:47 . 2012-04-21 10:47 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3aa4296d4aa01fe0533de2c15f818d5f\PresentationFontCache.ni.exe
+ 2012-04-21 10:46 . 2012-04-21 10:46 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\820acb71782d9cd006800b3ac7e1ca53\PresentationCFFRasterizer.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\d07f0222f62dbed7898a6e2e909d407a\Microsoft.Vsa.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f56fa961accf8b6c7d9ab47c3c467dc2\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e21106b9afc7590985daca688e1749e1\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\cbd15cbb5eacaf606d052b4267e97640\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 84992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5fe663ce5fa40c5a764b3dda0cd8f4b3\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\46d1d2e105ca9a4e833077305feda17c\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3e6032d395b1bfc5882f7d6d27763730\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\395b63fe26a7460dfbc33c5712de3d1d\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\371458b677f7da0ca8e48bd3ae9eaad9\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\36342ea4de2efe60fb871dc5ea151ce6\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1b164a2f67c75ef95f214e393a7e1684\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\02af0ddfacf0bfcbc95058e324bf09e7\Microsoft.Office.InfoPath.Permission.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\ipdmctrl\51f76e5ca2698979a0be4edb9a2379fa\ipdmctrl.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe
+ 2012-04-21 20:59 . 2012-04-21 20:59 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-21 09:33 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2012-04-21 09:33 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2012-04-21 10:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2641690\update\spcustom.dll
+ 2012-04-21 10:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2641690\spmsg.dll
+ 2012-04-21 10:19 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893-v2\update\spcustom.dll
+ 2012-04-21 10:19 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893-v2\spmsg.dll
+ 2012-04-21 09:29 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2509553\update\spcustom.dll
+ 2012-04-21 09:29 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2509553\spmsg.dll
+ 2009-04-20 17:06 . 2009-04-20 17:06 45568 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsrslvr.dll
+ 2012-04-21 09:36 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2508429\update\spcustom.dll
+ 2012-04-21 09:36 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2508429\spmsg.dll
+ 2012-04-21 10:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll
+ 2012-04-21 10:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507938\spmsg.dll
+ 2011-04-26 11:02 . 2011-04-26 11:02 33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll
+ 2012-04-21 09:45 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507618\update\spcustom.dll
+ 2012-04-21 09:45 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507618\spmsg.dll
+ 2012-04-21 09:32 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2506212\update\spcustom.dll
+ 2012-04-21 09:32 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2506212\spmsg.dll
+ 2012-04-21 10:20 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2012-04-21 10:20 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2012-04-21 10:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll
+ 2012-04-21 10:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476490\spmsg.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-04-20 20:09 . 2009-06-03 01:06 6157 c:\windows\twain_32\MX340 series\SCNDB.DAT
+ 2012-04-20 20:09 . 2009-09-25 17:55 9040 c:\windows\twain_32\MX340 series\CNC340T.DAT
- 2010-11-13 04:44 . 2010-08-26 12:52 5120 c:\windows\system32\xpsp4res.dll
+ 2010-11-13 04:44 . 2011-02-17 12:32 5120 c:\windows\system32\xpsp4res.dll
+ 2012-04-20 19:50 . 2009-10-09 22:01 9216 c:\windows\system32\STRING\CNMNPPRCJP.DLL
+ 2012-04-20 19:50 . 2009-10-09 22:01 8192 c:\windows\system32\STRING\CNMNPPRCCN.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 8704 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNML2A5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 9728 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMFUA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 8704 c:\windows\system32\spool\drivers\w32x86\3\CNML2A5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 9728 c:\windows\system32\spool\drivers\w32x86\3\CNMFUA5.DLL
+ 2005-05-11 08:37 . 2005-05-11 08:37 9216 c:\windows\system32\ootmapi.dll
+ 2005-05-11 10:12 . 2005-05-11 10:12 3584 c:\windows\system32\oodbsrs.dll
+ 2005-05-11 10:08 . 2005-05-11 10:08 9728 c:\windows\system32\oodagmg.dll
+ 2010-09-21 19:29 . 2008-04-14 00:11 4096 c:\windows\system32\dllcache\ksuser.dll
+ 2012-04-20 19:45 . 2009-10-22 18:24 3072 c:\windows\system32\CNCFLkUS.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:55 2560 c:\windows\system32\CNCFLkTW.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 3072 c:\windows\system32\CNCFLkTR.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:55 3072 c:\windows\system32\CNCFLkTH.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 3584 c:\windows\system32\CNCFLkSE.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 3584 c:\windows\system32\CNCFLkRU.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 3584 c:\windows\system32\CNCFLkPT.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 3584 c:\windows\system32\CNCFLkPL.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 3072 c:\windows\system32\CNCFLkNO.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 3584 c:\windows\system32\CNCFLkNL.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 3072 c:\windows\system32\CNCFLkKR.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:24 2560 c:\windows\system32\CNCFLkJP.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 3584 c:\windows\system32\CNCFLkIT.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 3584 c:\windows\system32\CNCFLkID.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 3072 c:\windows\system32\CNCFLkHU.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 3584 c:\windows\system32\CNCFLkGR.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:52 3584 c:\windows\system32\CNCFLkFR.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 3584 c:\windows\system32\CNCFLkFI.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 3584 c:\windows\system32\CNCFLkES.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 3072 c:\windows\system32\CNCFLkDK.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:52 3584 c:\windows\system32\CNCFLkDE.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:53 3072 c:\windows\system32\CNCFLkCZ.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:55 2560 c:\windows\system32\CNCFLkCN.DLL
+ 2012-04-20 19:45 . 2009-11-25 22:54 3072 c:\windows\system32\CNCFLkAR.DLL
+ 2012-04-23 10:08 . 2008-09-03 18:01 3584 c:\windows\system32\CNCFLhUS.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:19 2560 c:\windows\system32\CNCFLhTW.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3072 c:\windows\system32\CNCFLhTR.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:19 3584 c:\windows\system32\CNCFLhTH.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3584 c:\windows\system32\CNCFLhSE.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3584 c:\windows\system32\CNCFLhRU.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:17 3584 c:\windows\system32\CNCFLhPT.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3584 c:\windows\system32\CNCFLhPL.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3072 c:\windows\system32\CNCFLhNO.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:17 3584 c:\windows\system32\CNCFLhNL.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:19 3072 c:\windows\system32\CNCFLhKR.DLL
+ 2012-04-23 10:08 . 2008-09-03 18:01 3072 c:\windows\system32\CNCFLhJP.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:17 3584 c:\windows\system32\CNCFLhIT.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:19 3584 c:\windows\system32\CNCFLhID.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3072 c:\windows\system32\CNCFLhHU.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3584 c:\windows\system32\CNCFLhGR.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:17 3584 c:\windows\system32\CNCFLhFR.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3584 c:\windows\system32\CNCFLhFI.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:17 3584 c:\windows\system32\CNCFLhES.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3072 c:\windows\system32\CNCFLhDK.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:17 3584 c:\windows\system32\CNCFLhDE.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3072 c:\windows\system32\CNCFLhCZ.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:19 2560 c:\windows\system32\CNCFLhCN.DLL
+ 2012-04-23 10:08 . 2008-09-25 19:18 3072 c:\windows\system32\CNCFLhAR.DLL
+ 2012-04-21 10:39 . 2012-04-21 10:39 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-02-17 12:32 . 2011-02-17 12:32 5120 c:\windows\$hf_mig$\KB2508429\SP3QFE\xpsp4res.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2012-04-20 20:09 . 2009-03-11 23:20 487424 c:\windows\twain_32\MX340 series\usip.dll
+ 2012-04-20 20:09 . 2010-06-15 17:33 241664 c:\windows\twain_32\MX340 series\TPM.dll
+ 2012-04-20 20:09 . 2009-09-17 20:58 139264 c:\windows\twain_32\MX340 series\TDGLIB.dll
+ 2012-04-20 20:09 . 2009-01-21 18:41 122880 c:\windows\twain_32\MX340 series\softfare.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 102400 c:\windows\twain_32\MX340 series\SG_TRK.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 106496 c:\windows\twain_32\MX340 series\SG_SVE.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 106496 c:\windows\twain_32\MX340 series\SG_RUS.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 110592 c:\windows\twain_32\MX340 series\SG_PTB.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 110592 c:\windows\twain_32\MX340 series\SG_PLK.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 102400 c:\windows\twain_32\MX340 series\SG_NOR.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 114688 c:\windows\twain_32\MX340 series\SG_NLD.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 114688 c:\windows\twain_32\MX340 series\SG_ITA.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 106496 c:\windows\twain_32\MX340 series\SG_IND.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 110592 c:\windows\twain_32\MX340 series\SG_HUN.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 114688 c:\windows\twain_32\MX340 series\SG_FRA.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 102400 c:\windows\twain_32\MX340 series\SG_FIN.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 114688 c:\windows\twain_32\MX340 series\SG_ESP.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 102400 c:\windows\twain_32\MX340 series\SG_ENU.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 114688 c:\windows\twain_32\MX340 series\SG_ELL.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 110592 c:\windows\twain_32\MX340 series\SG_DEU.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 102400 c:\windows\twain_32\MX340 series\SG_DAN.dll
+ 2012-04-20 20:09 . 2010-05-26 00:05 106496 c:\windows\twain_32\MX340 series\SG_CSY.dll
+ 2012-04-20 20:09 . 2007-07-02 18:04 114688 c:\windows\twain_32\MX340 series\scrprmvl.dll
+ 2012-04-20 20:09 . 2010-01-14 17:55 118784 c:\windows\twain_32\MX340 series\SCRPRMV.DLL
+ 2012-04-20 20:09 . 2010-06-15 17:34 139264 c:\windows\twain_32\MX340 series\SCNIF.dll
+ 2012-04-20 20:09 . 2010-06-15 17:34 335872 c:\windows\twain_32\MX340 series\SCNFLW.dll
+ 2012-04-20 20:09 . 2010-06-15 17:32 208896 c:\windows\twain_32\MX340 series\SCNDB.dll
+ 2012-04-20 20:09 . 2008-01-23 23:45 454656 c:\windows\twain_32\MX340 series\RACSLIB.dll
+ 2012-04-20 20:09 . 2009-01-22 18:09 139264 c:\windows\twain_32\MX340 series\MC2.dll
+ 2012-04-20 20:09 . 2004-06-07 19:58 290816 c:\windows\twain_32\MX340 series\libBLC.dll
+ 2012-04-20 20:09 . 2008-11-07 21:20 176128 c:\windows\twain_32\MX340 series\CUBS.dll
+ 2012-04-20 19:44 . 2010-06-03 22:12 103424 c:\windows\twain_32\MX340 series\cncisco6.dll
+ 2012-04-20 20:09 . 2009-06-30 22:53 148344 c:\windows\twain_32\MX340 series\CNC340P.DAT
+ 2012-04-20 20:09 . 2005-08-24 22:51 126976 c:\windows\twain_32\MX340 series\CFine2.dll
+ 2012-04-20 20:09 . 2008-11-05 17:10 118784 c:\windows\twain_32\MX340 series\CAPS.dll
+ 2012-04-20 20:09 . 2009-11-26 18:32 118784 c:\windows\twain_32\MX340 series\AG.dll
- 2004-08-04 12:00 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
+ 2004-08-04 12:00 . 2011-11-25 21:57 293376 c:\windows\system32\winsrv.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 176128 c:\windows\system32\winmm.dll
+ 2004-08-04 12:00 . 2011-10-14 14:47 176128 c:\windows\system32\winmm.dll
- 2004-08-04 12:00 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll
+ 2004-08-04 12:00 . 2011-11-16 14:21 354816 c:\windows\system32\winhttp.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 105984 c:\windows\system32\url.dll
- 2004-08-04 12:00 . 2009-03-08 11:34 105984 c:\windows\system32\url.dll
+ 2008-07-30 02:59 . 2011-09-26 18:41 611328 c:\windows\system32\uiautomationcore.dll
+ 2012-04-23 10:18 . 2010-05-16 12:00 423936 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMURA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 308736 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMUBA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 802816 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMSMA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 670208 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMSBA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 182784 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMPVA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 190976 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMLRA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 586240 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMDRA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 337408 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMD5A5.DLL
+ 2012-04-23 10:19 . 2010-05-16 12:00 103424 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMCPA5.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:24 128000 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFIMk.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:27 623104 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCFDLk.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:29 238592 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCF2Uk.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:29 101376 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCF2Gk.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:25 260096 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCAWSk.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:27 634368 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCAPFk.EXE
+ 2012-04-23 10:19 . 2009-10-22 18:26 381440 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCAMGk.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:26 631808 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCAAIk.DLL
+ 2012-04-23 10:19 . 2009-10-22 18:27 260608 c:\windows\system32\spool\drivers\w32x86\canonmx340_series_fa4f0a\CNCAABk.EXE
+ 2012-04-20 19:44 . 2010-05-16 12:00 423936 c:\windows\system32\spool\drivers\w32x86\3\CNMURA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 308736 c:\windows\system32\spool\drivers\w32x86\3\CNMUBA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 802816 c:\windows\system32\spool\drivers\w32x86\3\CNMSMA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 670208 c:\windows\system32\spool\drivers\w32x86\3\CNMSBA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 182784 c:\windows\system32\spool\drivers\w32x86\3\CNMPVA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 190976 c:\windows\system32\spool\drivers\w32x86\3\CNMLRA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 586240 c:\windows\system32\spool\drivers\w32x86\3\CNMDRA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 337408 c:\windows\system32\spool\drivers\w32x86\3\CNMD5A5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 103424 c:\windows\system32\spool\drivers\w32x86\3\CNMCPA5.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:24 128000 c:\windows\system32\spool\drivers\w32x86\3\CNCFIMk.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:27 623104 c:\windows\system32\spool\drivers\w32x86\3\CNCFDLk.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:29 238592 c:\windows\system32\spool\drivers\w32x86\3\CNCF2Uk.dll
+ 2012-04-20 19:45 . 2009-10-22 18:29 101376 c:\windows\system32\spool\drivers\w32x86\3\CNCF2Gk.dll
+ 2012-04-20 19:45 . 2009-10-22 18:25 260096 c:\windows\system32\spool\drivers\w32x86\3\CNCAWSk.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:27 634368 c:\windows\system32\spool\drivers\w32x86\3\CNCAPFk.EXE
+ 2012-04-20 19:45 . 2009-10-22 18:26 381440 c:\windows\system32\spool\drivers\w32x86\3\CNCAMGk.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:26 631808 c:\windows\system32\spool\drivers\w32x86\3\CNCAAIk.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:27 260608 c:\windows\system32\spool\drivers\w32x86\3\CNCAABk.EXE
- 2004-08-04 12:00 . 2008-04-14 00:12 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-04 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-04 12:00 . 2011-11-16 14:21 152064 c:\windows\system32\schannel.dll
+ 2004-08-04 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\sbe.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 270848 c:\windows\system32\sbe.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 386048 c:\windows\system32\qdvd.dll
+ 2004-08-04 12:00 . 2011-11-03 15:28 386048 c:\windows\system32\qdvd.dll
+ 2004-08-04 12:00 . 2012-04-21 10:42 436250 c:\windows\system32\perfh009.dat
+ 2005-05-11 10:12 . 2005-05-11 10:12 112223 c:\windows\system32\oodbs.exe
+ 2005-05-11 10:09 . 2005-05-11 10:09 225280 c:\windows\system32\oodag.exe
+ 2004-08-04 12:00 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll
+ 2004-08-04 12:00 . 2011-09-26 18:41 220160 c:\windows\system32\oleacc.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2011-04-25 16:11 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2004-08-04 12:00 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 611840 c:\windows\system32\mstime.dll
- 2004-08-04 12:00 . 2011-04-25 16:11 611840 c:\windows\system32\mstime.dll
- 2009-03-08 11:32 . 2011-04-25 16:11 602112 c:\windows\system32\msfeeds.dll
+ 2009-03-08 11:32 . 2012-03-01 11:01 602112 c:\windows\system32\msfeeds.dll
- 2004-08-04 12:00 . 2010-09-18 19:23 974848 c:\windows\system32\mfc42u.dll
+ 2004-08-04 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\mfc42u.dll
+ 2004-08-04 12:00 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll
+ 2012-04-16 23:47 . 2012-04-22 07:53 353440 c:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
+ 2012-04-16 23:47 . 2012-04-22 07:53 424608 c:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.dll
+ 2012-04-16 23:47 . 2012-04-22 07:53 253088 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
- 2010-09-22 02:40 . 2011-05-02 15:31 692736 c:\windows\system32\inetcomm.dll
+ 2010-09-22 02:40 . 2011-10-10 14:22 692736 c:\windows\system32\inetcomm.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2011-04-25 16:11 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2011-04-25 16:11 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2012-02-29 12:17 174080 c:\windows\system32\ie4uinit.exe
+ 2010-09-21 19:26 . 2012-04-21 20:50 270192 c:\windows\system32\FNTCACHE.DAT
- 2010-09-21 19:26 . 2011-02-20 09:49 270192 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-04 12:00 . 2011-10-18 11:13 186880 c:\windows\system32\encdec.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 186880 c:\windows\system32\encdec.dll
+ 2004-08-04 12:00 . 2011-02-17 13:18 357888 c:\windows\system32\drivers\srv.sys
+ 2010-09-22 02:38 . 2012-01-09 16:20 139784 c:\windows\system32\drivers\rdpwd.sys
+ 2010-09-21 19:29 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys
- 2010-09-21 19:29 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2004-08-04 12:00 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
+ 2004-08-04 12:00 . 2011-07-15 13:29 456320 c:\windows\system32\drivers\mrxsmb.sys
- 2004-08-04 12:00 . 2011-04-29 16:19 456320 c:\windows\system32\drivers\mrxsmb.sys
- 2004-08-04 12:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-04 12:00 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-04 12:00 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
- 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2009-12-24 06:59 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll
- 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2010-06-18 17:45 . 2011-11-25 21:57 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2011-10-14 14:47 . 2011-10-14 14:47 176128 c:\windows\system32\dllcache\winmm.dll
+ 2009-03-08 11:34 . 2012-03-01 11:01 916992 c:\windows\system32\dllcache\wininet.dll
+ 2008-12-16 12:30 . 2011-11-16 14:21 354816 c:\windows\system32\dllcache\winhttp.dll
- 2008-12-16 12:30 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll
- 2009-03-08 11:34 . 2009-03-08 11:34 105984 c:\windows\system32\dllcache\url.dll
+ 2009-03-08 11:34 . 2012-03-01 11:01 105984 c:\windows\system32\dllcache\url.dll
+ 2010-11-13 04:53 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2009-06-25 08:25 . 2011-11-16 14:21 152064 c:\windows\system32\dllcache\schannel.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
+ 2011-11-03 15:28 . 2011-11-03 15:28 386048 c:\windows\system32\dllcache\qdvd.dll
+ 2010-09-21 19:29 . 2008-04-13 19:19 146048 c:\windows\system32\dllcache\portcls.sys
+ 2010-12-20 17:32 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2004-08-04 12:00 . 2011-09-26 18:41 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2009-03-08 11:34 . 2012-03-01 11:01 206848 c:\windows\system32\dllcache\occache.dll
- 2009-03-08 11:34 . 2011-04-25 16:11 206848 c:\windows\system32\dllcache\occache.dll
+ 2011-12-11 09:26 . 2011-04-21 13:37 105472 c:\windows\system32\dllcache\mup.sys
- 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2009-03-08 11:32 . 2012-03-01 11:01 611840 c:\windows\system32\dllcache\mstime.dll
- 2009-03-08 11:32 . 2011-04-25 16:11 611840 c:\windows\system32\dllcache\mstime.dll
+ 2010-11-13 05:10 . 2012-03-01 11:01 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2010-11-13 05:10 . 2011-04-25 16:11 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-11-13 04:50 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
- 2010-11-13 04:50 . 2011-04-29 16:19 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-09-18 19:23 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
- 2010-09-18 19:23 . 2010-09-18 19:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2010-11-13 04:55 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2004-08-03 23:15 . 2008-04-13 19:16 141056 c:\windows\system32\dllcache\ks.sys
+ 2010-01-29 15:01 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2010-01-29 15:01 . 2011-05-02 15:31 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2012-02-29 14:10 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll
+ 2010-11-13 05:10 . 2012-03-01 11:01 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2010-11-13 05:10 . 2011-04-25 16:11 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-03-08 11:31 . 2012-03-01 11:01 184320 c:\windows\system32\dllcache\iepeers.dll
- 2009-03-08 11:31 . 2011-04-25 16:11 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-11-13 05:10 . 2012-03-01 11:01 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-11-13 05:10 . 2011-04-25 16:11 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2009-03-08 21:09 . 2011-04-25 16:11 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 21:09 . 2012-03-01 11:01 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 11:32 . 2012-02-29 12:17 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2011-10-18 11:13 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
+ 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2011-09-28 07:06 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
+ 2010-09-01 11:51 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2008-06-20 11:40 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
+ 2004-08-04 12:00 . 2011-09-28 07:06 599040 c:\windows\system32\crypt32.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 599040 c:\windows\system32\crypt32.dll
+ 2012-04-23 10:08 . 2009-04-25 12:00 236032 c:\windows\system32\CNMLM9O.DLL
+ 2012-04-20 19:45 . 2009-10-22 18:24 168448 c:\windows\system32\CNCFMSk.EXE
+ 2012-04-23 10:08 . 2008-09-03 18:02 167936 c:\windows\system32\CNCFMSh.EXE
+ 2012-04-20 19:45 . 2009-10-22 18:30 296960 c:\windows\system32\CNCF2Lk.DLL
+ 2012-04-23 10:08 . 2008-09-03 18:09 225792 c:\windows\system32\CNCF2Lh.DLL
+ 2012-04-20 19:44 . 2009-09-10 08:59 101376 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstUS.dll
+ 2012-04-20 19:44 . 2009-09-23 09:12 101376 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstTW.dll
+ 2012-04-20 19:44 . 2009-10-01 16:21 104960 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstTR.dll
+ 2012-04-20 19:44 . 2009-09-23 15:42 101376 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstTH.dll
+ 2012-04-20 19:44 . 2009-10-01 16:20 104960 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstSE.dll
+ 2012-04-20 19:44 . 2009-10-01 16:18 107008 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstRU.dll
+ 2012-04-20 19:44 . 2009-10-01 16:17 108032 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstPT.dll
+ 2012-04-20 19:44 . 2009-10-01 16:15 111104 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstPL.dll
+ 2012-04-20 19:44 . 2009-10-01 16:14 103424 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstNO.dll
+ 2012-04-20 19:44 . 2009-10-01 16:12 112640 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstNL.dll
+ 2012-04-20 19:44 . 2009-09-23 08:30 101376 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstKR.dll
+ 2012-04-20 19:44 . 2009-10-01 16:09 113152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstIT.dll
+ 2012-04-20 19:44 . 2009-09-23 09:18 105984 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstID.dll
+ 2012-04-20 19:44 . 2009-10-01 16:07 109568 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstHU.dll
+ 2012-04-20 19:44 . 2009-10-01 16:07 122880 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstGR.dll
+ 2012-04-20 19:44 . 2009-10-01 16:06 114688 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstFR.dll
+ 2012-04-20 19:44 . 2009-10-01 16:00 102912 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstFI.dll
+ 2012-04-20 19:44 . 2009-10-01 15:57 115200 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstES.dll
+ 2012-04-20 19:44 . 2009-10-01 15:55 106496 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstDK.dll
+ 2012-04-20 19:44 . 2009-10-01 15:54 118784 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstDE.dll
+ 2012-04-20 19:44 . 2009-10-01 15:52 104960 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstCZ.dll
+ 2012-04-20 19:44 . 2009-09-23 09:01 101376 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstCN.dll
+ 2012-04-20 19:44 . 2009-10-01 15:51 101376 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\RES\DLL\IJInstAR.dll
+ 2012-04-20 19:44 . 2009-09-10 09:11 457560 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\DelDrv.exe
+ 2004-08-04 12:00 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll
+ 2011-12-25 10:49 . 2011-12-25 10:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2010-05-11 13:40 . 2010-05-11 13:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-03-25 13:15 . 2011-03-25 13:15 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2010-05-11 13:40 . 2010-05-11 13:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-12-25 12:40 . 2011-12-25 12:40 819200 c:\windows\Installer\14c2a655.msp
+ 2012-04-21 09:27 . 2012-04-21 09:27 432640 c:\windows\Installer\14af67be.msi
+ 2012-04-21 09:26 . 2012-04-21 09:26 429568 c:\windows\Installer\14af67b7.msi
+ 2011-06-06 19:55 . 2011-06-06 19:55 249232 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\sqlite.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 394136 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\pdfshell.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 103848 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\PDFPrevHndlrShim.exe
+ 2011-06-06 19:55 . 2011-06-06 19:55 183696 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\nppdf32.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AiodLite.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 937920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\adobearm.exe
+ 2011-06-06 19:55 . 2011-06-06 19:55 102808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroRdIF.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 755088 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroPDF.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 296344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\acrobroker.exe
+ 2011-06-06 19:55 . 2011-06-06 19:55 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\a3dutils.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 916480 c:\windows\ie8updates\KB2675157-IE8\wininet.dll
+ 2012-04-21 10:43 . 2009-03-08 11:34 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll
+ 2012-04-21 10:44 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll
+ 2012-04-21 10:44 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe
+ 2012-04-21 10:43 . 2011-04-25 16:11 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll
+ 2012-04-21 10:43 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe
- 2010-11-13 04:50 . 2011-04-29 16:19 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-11-13 04:50 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2012-04-21 21:01 . 2012-04-21 21:01 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\edc5691acfb65ac37f49de2ec497083a\WsatConfig.ni.exe
+ 2012-04-21 10:52 . 2012-04-21 10:52 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\4ad8369d6a60765d7e9b43cdf9023f41\WindowsFormsIntegration.ni.dll
+ 2012-04-21 10:52 . 2012-04-21 10:52 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f102afdffdbe2565bcedb7fa0626b865\UIAutomationTypes.ni.dll
+ 2012-04-21 10:52 . 2012-04-21 10:52 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\68f4157e570c77df653057c0583395bd\UIAutomationClient.ni.dll
+ 2012-04-21 21:08 . 2012-04-21 21:08 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c2a12bd4056b44f8005a7eb3af161e6a\System.Xml.Linq.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\fc63b434b2f253cd27625487f7b02ac0\System.Web.Routing.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\67877f896b2b0e42286e838fe307f3fd\System.Web.RegularExpressions.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\86650d4fb220f94f25bb5da42a03d454\System.Web.Extensions.Design.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\654465871e547e131668874de7c60b8c\System.Web.Entity.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f0d6895f6e709d425cb5da6053c603d2\System.Web.Entity.Design.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3f3b7dc7208e302e39a2dfb5b2cb953b\System.Web.DynamicData.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\e9cddd213343f15d611b14620d649bb0\System.Web.Abstractions.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\a4b2b1ee81acd843970d9a81b281f1c1\System.Net.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e3436edde657a5111d39d5b2eecf9715\System.Management.Instrumentation.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\974ded7dd3bca225a1b90de778846c78\System.IO.Log.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\01eba24390736a59c39becd825b5756e\System.IdentityModel.Selectors.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.Wrapper.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.ni.dll
+ 2012-04-21 10:51 . 2012-04-21 10:51 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e9ae7ae6d1e9edc7aaf819889cd1c692\System.Drawing.Design.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\78a370dc153011708dd9e4cb0e606bfc\System.DirectoryServices.Protocols.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6e644fc7464d9fe23fc9cd6001296f2f\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\bac39be66bb9f987c1948b766833f8e6\System.Data.Services.Client.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2b5ecd231320e57010043c408783d80b\System.Data.Services.Design.ni.dll
+ 2012-04-21 21:05 . 2012-04-21 21:05 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4ac9ac2326720485aefd4d79d2024945\System.Data.Entity.Design.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\d504d550fd0a6994fcb1466ea7be92af\System.Data.DataSetExtensions.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\28637135c6939e74450bbbf110b12643\System.Configuration.Install.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\958b5c0114d664ab5ba72575c301e2ea\System.AddIn.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4dcff3b0e79fc27e31549bb2af00efb5\SMSvcHost.ni.exe
+ 2012-04-21 21:01 . 2012-04-21 21:01 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bd3bfd5b6ef659dac4d6cccb34577d33\SMDiagnostics.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\edec83be646eb52204c991371751a428\ServiceModelReg.ni.exe
+ 2012-04-21 10:49 . 2012-04-21 10:49 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\52015457bc28e7a9a563d9eab8ab0015\PresentationFramework.Royale.ni.dll
+ 2012-04-21 10:48 . 2012-04-21 10:48 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a680814559114706a33282e9df4b7a\PresentationFramework.Classic.ni.dll
+ 2012-04-21 10:48 . 2012-04-21 10:48 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2713754549b1114c9152d33efe5f72c7\PresentationFramework.Aero.ni.dll
+ 2012-04-21 10:49 . 2012-04-21 10:49 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1552f18ca434c1dca6d082df476d089a\PresentationFramework.Luna.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7c51497b188c82e2ccbe6315549ce023\MSBuild.ni.exe
+ 2012-04-21 21:00 . 2012-04-21 21:00 183808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ff869e449ec408402dee904bb006c8c4\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 365056 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f53ed4e9e427ff9cccd78e68e5579313\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 664064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\daf13e455e4ce3d7bfd47287d3e28a63\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 303104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c2eeb51c4cf6c5bd6c26a0c12df9230b\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 622080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6f197492ea6f1d517aeca004dc18fb88\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 112128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6eb568dffe76c0790c45056530aaa500\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 337920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6ad3e35af29ed14c222748e455abf53d\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\68df33f8fa92e66b8d7fad481884bf22\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5b110b2fd49f8aab104d96743e9149a1\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4513873215c270570a078aa7781d7dcb\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3c464dc81d0dfd25b72cbc7a76b56448\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 192000 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2e3be79199c945f406076be7237c4115\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 161792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2a1704cff78255c7feb478c758f8e3ed\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1ec47c8f617d0d08d6d69c6f6ec6457c\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\02efe4d8a684ae6d8004d59ad80ab19c\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f0f6dd614d294295c5d8386cc4192034\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\f4e36adcbc27b9c28597f52d6c8fdec3\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\d4249393424f255150a91231c560f59a\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 815616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\b4733fe46420b03239b36d136f548bb9\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\0efd03aee130586a02a23f54897685e8\Microsoft.Office.Tools.v9.0.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 375808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\fc131a2a34e764b964ebf75a1c7cd536\Microsoft.Office.Interop.InfoPath.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 114688 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\bc713f204ed6dce1ddbd57657d17e102\Microsoft.Office.InfoPath.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 206848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\af97a63f9934f2f16550edda7b06fc30\Microsoft.Office.InfoPath.Client.Internal.Host.Interop.ni.dll
+ 2012-04-21 21:02 . 2012-04-21 21:02 268800 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\b7ec182c921c1ed80b9108f9aab2157e\Microsoft.Office.BusinessApplications.Diagnostics.ni.dll
+ 2012-04-21 21:02 . 2012-04-21 21:02 343040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\02bf1e69e27e79cddee43d65d88cade7\Microsoft.BusinessData.ni.dll
+ 2012-04-21 21:02 . 2012-04-21 21:02 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\fd1338828beec8737fed8f50f4fcc567\Microsoft.Build.Utilities.ni.dll
+ 2012-04-21 21:02 . 2012-04-21 21:02 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\0d5f999c4b7e51151548c37c676c1b8e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\792168ce8fe03a3db43e12cf736cf91e\Microsoft.Build.Engine.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\0a5277c34ddc1f55df1defb4231e814f\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a8df37aadb089f1f34d3d2f103966fbc\ComSvcConfig.ni.exe
+ 2012-04-21 20:59 . 2012-04-21 20:59 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\25ce400b547f517258c8afb0480390ea\AspNetMMCExt.ni.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-04-21 09:33 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2012-04-21 09:33 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2012-04-21 09:33 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2012-04-21 10:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2641690\update\updspapi.dll
+ 2012-04-21 10:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2641690\update\update.exe
+ 2012-04-21 10:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2641690\spuninst.exe
+ 2011-09-28 07:05 . 2011-09-28 07:05 599552 c:\windows\$hf_mig$\KB2641690\SP3QFE\crypt32.dll
+ 2012-04-21 10:19 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893-v2\update\updspapi.dll
+ 2012-04-21 10:19 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893-v2\update\update.exe
+ 2012-04-21 10:19 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893-v2\spuninst.exe
+ 2011-10-10 14:21 . 2011-10-10 14:21 692736 c:\windows\$hf_mig$\KB2544893-v2\SP3QFE\inetcomm.dll
+ 2012-04-21 09:29 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2509553\update\updspapi.dll
+ 2012-04-21 09:29 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2509553\update\update.exe
+ 2012-04-21 09:29 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2509553\spuninst.exe
+ 2008-06-20 11:16 . 2008-06-20 11:16 225856 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys
+ 2008-06-20 11:59 . 2008-06-20 11:59 361600 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
+ 2008-06-20 17:43 . 2008-06-20 17:43 245248 c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
+ 2011-03-03 06:53 . 2011-03-03 06:53 149504 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsapi.dll
+ 2008-10-16 15:07 . 2008-10-16 15:07 138496 c:\windows\$hf_mig$\KB2509553\SP3QFE\afd.sys
+ 2012-04-21 09:36 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508429\update\updspapi.dll
+ 2012-04-21 09:36 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508429\update\update.exe
+ 2012-04-21 09:36 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508429\spuninst.exe
+ 2011-02-17 13:19 . 2011-02-17 13:19 357888 c:\windows\$hf_mig$\KB2508429\SP3QFE\srv.sys
+ 2012-04-21 10:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll
+ 2012-04-21 10:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507938\update\update.exe
+ 2012-04-21 10:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507938\spuninst.exe
+ 2011-04-26 11:02 . 2011-04-26 11:02 293376 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
+ 2012-04-21 09:45 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507618\update\updspapi.dll
+ 2012-04-21 09:45 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507618\update\update.exe
+ 2012-04-21 09:45 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507618\spuninst.exe
+ 2011-02-15 13:05 . 2011-02-15 13:05 290432 c:\windows\$hf_mig$\KB2507618\SP3QFE\atmfd.dll
+ 2012-04-21 09:32 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506212\update\updspapi.dll
+ 2012-04-21 09:32 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506212\update\update.exe
+ 2012-04-21 09:32 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506212\spuninst.exe
+ 2011-02-08 13:32 . 2011-02-08 13:32 974848 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42u.dll
+ 2011-02-08 13:32 . 2011-02-08 13:32 978944 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42.dll
+ 2012-04-21 10:20 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2012-04-21 10:20 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2012-04-21 10:20 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2012-04-21 10:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
+ 2012-04-21 10:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
+ 2012-04-21 10:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
+ 2010-12-20 17:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
+ 2009-07-21 07:03 . 2009-07-21 07:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2008-09-30 23:42 . 2008-09-30 23:42 1286152 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2012-04-20 20:09 . 2008-12-26 17:57 1159168 c:\windows\twain_32\MX340 series\SGCFLTR.dll
+ 2012-04-20 20:09 . 2010-06-15 17:39 1245184 c:\windows\twain_32\MX340 series\SG_IMG.dll
+ 2012-04-20 20:09 . 2010-06-15 17:39 1081344 c:\windows\twain_32\MX340 series\SCNUI.dll
+ 2012-04-20 20:09 . 2009-04-30 15:45 1875968 c:\windows\twain_32\MX340 series\FDP.dll
+ 2012-04-20 20:09 . 2009-06-16 22:40 2102320 c:\windows\twain_32\MX340 series\CNC340R.DAT
+ 2004-08-04 12:00 . 2012-03-01 11:01 1212416 c:\windows\system32\urlmon.dll
+ 2012-04-23 10:18 . 2010-05-16 12:00 2915840 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMUIA5.DLL
+ 2012-04-23 10:18 . 2010-05-16 12:00 2308608 c:\windows\system32\spool\drivers\w32x86\canonmx340_series43ab\CNMCBA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 2915840 c:\windows\system32\spool\drivers\w32x86\3\CNMUIA5.DLL
+ 2012-04-20 19:44 . 2010-05-16 12:00 2308608 c:\windows\system32\spool\drivers\w32x86\3\CNMCBA5.DLL
+ 2004-08-04 12:00 . 2011-11-03 15:28 1292288 c:\windows\system32\quartz.dll
+ 2004-08-04 12:00 . 2011-11-01 16:07 1288704 c:\windows\system32\ole32.dll
- 2004-08-04 12:00 . 2010-12-09 13:38 2192768 c:\windows\system32\ntoskrnl.exe
+ 2004-08-04 12:00 . 2011-10-25 13:33 2192768 c:\windows\system32\ntoskrnl.exe
+ 2004-08-03 22:59 . 2011-10-25 12:52 2069376 c:\windows\system32\ntkrnlpa.exe
- 2004-08-03 22:59 . 2010-12-09 13:07 2069376 c:\windows\system32\ntkrnlpa.exe
+ 2009-07-21 07:05 . 2009-07-21 07:05 1348432 c:\windows\system32\msxml4.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 5978624 c:\windows\system32\mshtml.dll
+ 2009-03-08 11:32 . 2012-03-01 11:01 2000384 c:\windows\system32\iertutil.dll
+ 2010-08-31 13:42 . 2012-02-03 09:22 1860096 c:\windows\system32\dllcache\win32k.sys
+ 2009-03-08 11:34 . 2012-03-01 11:01 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2009-11-27 17:11 . 2011-11-03 15:28 1292288 c:\windows\system32\dllcache\quartz.dll
+ 2010-07-16 12:05 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
- 2010-11-13 04:44 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-11-13 04:44 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-11-13 04:44 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2010-11-13 04:44 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-08 02:02 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-02-08 02:02 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2010-11-13 04:44 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2010-11-13 04:44 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-03-08 11:41 . 2012-03-01 11:01 5978624 c:\windows\system32\dllcache\mshtml.dll
+ 2010-11-13 05:10 . 2012-03-01 11:01 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-03-25 13:15 . 2011-03-25 13:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2008-07-25 18:17 . 2008-07-25 18:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-10-26 10:39 . 2011-10-26 10:39 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2010-05-11 13:40 . 2010-05-11 13:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-04-14 08:29 . 2012-04-14 08:29 2295808 c:\windows\Installer\e1ef73b.msi
+ 2012-04-21 22:47 . 2012-04-21 22:47 2802688 c:\windows\Installer\676b80.msi
+ 2011-10-31 05:54 . 2011-10-31 05:54 2748416 c:\windows\Installer\14c2a666.msp
+ 2011-12-26 16:59 . 2011-12-26 16:59 4368896 c:\windows\Installer\14c2a64e.msp
+ 2011-06-06 19:55 . 2011-06-06 19:55 2215312 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\rt3d.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 1189004 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\JSByteCodeWin.bin
+ 2011-06-06 19:55 . 2011-06-06 19:55 6543768 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\authplay.dll
+ 2011-06-06 19:55 . 2011-06-06 19:55 1240992 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AdobeCollabSync.exe
+ 2011-06-06 19:55 . 2011-06-06 19:55 1480600 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroRd32.exe
+ 2012-04-21 10:43 . 2011-04-25 16:11 1211904 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll
+ 2012-04-21 10:43 . 2011-05-30 22:19 5964800 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
+ 2012-04-21 10:43 . 2011-04-25 16:11 1991680 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll
- 2010-11-13 04:44 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-11-13 04:44 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-11-13 04:44 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2010-11-13 04:44 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-08 02:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-08 02:02 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2010-11-13 04:44 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-11-13 04:44 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2012-04-21 09:56 . 2012-04-21 09:56 4550656 c:\windows\assembly\tmp\T05AFKPU\mscorlib.dll
+ 2012-04-21 10:38 . 2012-04-21 10:38 5246976 c:\windows\assembly\tmp\S49EJOTY\System.Web.dll
+ 2012-04-21 10:30 . 2012-04-21 10:30 2933248 c:\windows\assembly\tmp\DKPUZ49E\System.Data.dll
+ 2012-04-21 10:46 . 2012-04-21 10:46 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\174c2f776741812aed02c337bbcd1dae\WindowsBase.ni.dll
+ 2012-04-21 10:52 . 2012-04-21 10:52 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\94f5164ff4f664c5e4e7fb4c3af1abad\UIAutomationClientsideProviders.ni.dll
+ 2012-04-21 10:46 . 2012-04-21 10:46 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
+ 2012-04-21 10:52 . 2012-04-21 10:52 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
+ 2012-04-21 21:08 . 2012-04-21 21:08 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c4c671c737b553db8e07664816475333\System.WorkflowServices.ni.dll
+ 2012-04-21 21:08 . 2012-04-21 21:08 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\248ea47105ff4af6ee75e6fdd5b450a1\System.Workflow.Runtime.ni.dll
+ 2012-04-21 21:08 . 2012-04-21 21:08 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\80a288b6611668160334668cc2608e4a\System.Workflow.ComponentModel.ni.dll
+ 2012-04-21 21:08 . 2012-04-21 21:08 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\4c27548df5897320840ee0d65db38742\System.Workflow.Activities.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\030cde14924eefebc06c240dbfe093a4\System.Web.Mobile.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6379c8ca8ae11effb415139990923ff1\System.Web.Extensions.ni.dll
+ 2012-04-21 10:51 . 2012-04-21 10:51 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e456140d5d6c43d7383bd36d3f9e12c6\System.Speech.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\285dfbf2380436e187cb624bd1cd4683\System.ServiceModel.Web.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
+ 2012-04-21 10:51 . 2012-04-21 10:51 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d51e6bb07124a1d780d1e024858e0dc1\System.Printing.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\8ef05061cd205c4f2a8583d97f32a603\System.IdentityModel.ni.dll
+ 2012-04-21 10:51 . 2012-04-21 10:51 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\77d0e93f024055d04c07cc2700b4c590\System.DirectoryServices.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\707a05a7d5a8d99dd56d1d50311a60d2\System.Deployment.ni.dll
+ 2012-04-21 10:50 . 2012-04-21 10:50 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\857300fa64d09c69125451fd8894f3da\System.Data.SqlXml.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\e9d4a1fb13572c769ddd9b86e55baab4\System.Data.Services.ni.dll
+ 2012-04-21 10:50 . 2012-04-21 10:50 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3d9c33f71d15a3e2e240092a244eba3\System.Data.Linq.ni.dll
+ 2012-04-21 21:05 . 2012-04-21 21:05 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\424160369b301ccd1b6fd86265611955\System.Data.Entity.ni.dll
+ 2012-04-21 10:49 . 2012-04-21 10:49 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\0a6d6717e76be12295711ff02c7aa1d4\System.Core.ni.dll
+ 2012-04-21 10:49 . 2012-04-21 10:49 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\33cdfb4c322a528260016ac759230501\ReachFramework.ni.dll
+ 2012-04-21 10:49 . 2012-04-21 10:49 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a6def83aee1aaf3336675ce58ac09013\PresentationUI.ni.dll
+ 2012-04-21 10:46 . 2012-04-21 10:46 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\59cd6ce5a254006179eee92952cd2272\PresentationBuildTasks.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 1301504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c43ed235345a4018280fba62955fae06\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
+ 2012-04-21 21:04 . 2012-04-21 21:04 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f7071f9a1c0523540f6aa7f11c302fb6\Microsoft.Transactions.Bridge.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 1354240 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\96051ed65cb1df28ff6ed31e1b79ab1a\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 1787904 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\c91d1ece8dbe6d1e213a46c0311af629\Microsoft.Office.InfoPath.Client.Internal.Host.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 1184256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\0a770169f111f7eb1aa17abe9cc6cf6f\Microsoft.Office.Interop.InfoPath.SemiTrust.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 4751360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\adf2672588cce2b49efa44fae7cf7603\Microsoft.Office.BusinessApplications.SyncServices.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 2091008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\2f463cbc62cc1719043d59e5d1a73018\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll
+ 2012-04-21 21:03 . 2012-04-21 21:03 3235840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\1205bb6efbe1e1894130dd636be1a290\Microsoft.Office.BusinessData.ni.dll
+ 2012-04-21 21:02 . 2012-04-21 21:02 1563136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\06709987192cd52a8175cb7b5d8653ed\Microsoft.Office.BusinessApplications.Runtime.ni.dll
+ 2012-04-21 21:06 . 2012-04-21 21:06 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\806b1d127ed3e906db972751e87585c4\Microsoft.JScript.ni.dll
+ 2012-04-21 21:02 . 2012-04-21 21:02 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\912789fd859e0887e10a935cade08e72\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-04-21 21:02 . 2012-04-21 21:02 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\6c1d3eec78906cc2a2ecffb013114c50\Microsoft.Build.Tasks.ni.dll
+ 2012-04-21 21:01 . 2012-04-21 21:01 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d6edd4b4619a9052d3dfe50c3067d5e0\Microsoft.Build.Engine.ni.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-04-21 10:40 . 2012-04-21 10:40 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-12-31 11:22 . 2010-12-31 11:22 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-04-21 10:03 . 2012-04-21 10:03 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-04-21 10:39 . 2012-04-21 10:39 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-21 10:41 . 2012-04-21 10:41 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-07-27 03:11 . 2011-07-27 03:11 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2010-11-13 05:07 . 2012-03-29 10:02 55154568 c:\windows\system32\MRT.exe
+ 2009-03-08 11:39 . 2012-03-02 13:01 11082752 c:\windows\system32\ieframe.dll
+ 2010-11-13 05:10 . 2012-03-02 13:01 11082752 c:\windows\system32\dllcache\ieframe.dll
+ 2012-04-04 11:17 . 2012-04-04 11:17 16613376 c:\windows\Installer\e1ef73c.msp
+ 2011-03-28 10:27 . 2011-03-28 10:27 15456256 c:\windows\Installer\14c2a66e.msp
+ 2011-07-12 03:43 . 2011-07-12 03:43 11641344 c:\windows\Installer\14c2a65f.msp
+ 2011-06-06 19:55 . 2011-06-06 19:55 24731544 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroRd32.dll
+ 2012-04-21 10:43 . 2011-04-26 17:11 11081728 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll
+ 2012-04-21 10:48 . 2012-04-21 10:48 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD556.tmp\PresentationFramework.dll
+ 2012-04-21 10:51 . 2012-04-21 10:51 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
+ 2012-04-21 21:07 . 2012-04-21 21:07 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
+ 2012-04-21 21:00 . 2012-04-21 21:00 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1cdcd6d97627d345d5ff446e6ec88b97\System.ServiceModel.ni.dll
+ 2012-04-21 10:51 . 2012-04-21 10:51 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c8f8fb506c32500acc1b6190d054f26\System.Design.ni.dll
+ 2012-04-21 10:47 . 2012-04-21 10:47 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0665bba8c9962deadc418881eb3a2a2a\PresentationCore.ni.dll
+ 2012-04-21 10:44 . 2012-04-21 10:44 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 08:49 176936 ----a-w- c:\program files\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{687578B9-7132-4A7A-80E4-30EE31099E03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MRC"="c:\ray's files\XXX\PC Tune-Up\PCTuneUp.exe" [2009-10-06 2960704]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-22 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-06-11 147456]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
1-Click Answers.lnk - c:\program files\1-Click Answers\answers.exe [2010-12-29 806912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2003-06-20 14:03 110592 ----a-w- c:\windows\system32\LgNotify.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart\0OODBS
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-11-02 01:30 2508104 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-09-04 01:43 767312 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdloader]
2010-12-03 12:39 50592 ----a-w- c:\documents and settings\Ray\Application Data\mjusbsp\cdloader2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
2003-10-06 04:11 421888 ----a-w- c:\program files\Dell\QuickSet\quickset.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
2009-09-29 00:56 140640 ----a-w- c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 23:06 1840424 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-06-08 16:31 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgr.exe]
2003-05-29 00:32 86016 ----a-w- c:\program files\Intel\NCS\PROSet\PRONoMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-09-22 08:31 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Ray\\Application Data\\mjusbsp\\magicJack.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [7/11/2011 1:14 AM 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/13/2011 6:30 AM 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [10/7/2011 6:23 AM 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7/11/2011 1:14 AM 295248]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [12/6/2007 12:03 PM 660768]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 6:09 AM 192776]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/31/2010 10:37 AM 654408]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [5/23/2011 1:03 AM 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [7/11/2011 1:14 AM 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [7/11/2011 1:14 AM 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/4/2011 6:21 AM 16720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/31/2010 10:37 AM 22344]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [11/23/2011 2:36 AM 2391832]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/22/2010 1:30 AM 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/16/2012 4:47 PM 253088]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [4/25/2012 8:09 PM 16640]
S3 ATIXPGAA;ATIXPGAA;c:\dell\drivers\R74793\atixpgaa.sys [9/22/2010 1:35 PM 11648]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [5/23/2011 1:03 AM 30944]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/22/2010 1:30 AM 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [3/25/2010 10:25 AM 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000]
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 07:53]
.
2012-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 08:30]
.
2012-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 08:30]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Answers... - file://c:\program files\1-Click Answers\Html\atiemenu.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 208.180.42.100 66.76.175.100 208.180.42.68
FF - ProfilePath - c:\documents and settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msnbc.msn.com/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Google Docs Viewer: adonis.cuhk@gmail.com - %profile%\extensions\adonis.cuhk@gmail.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG2012\Firefox4
FF - user.js: extentions.y2layers.installId - e776b98d-4709-4039-8819-c21167b84bd2
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube
FF - user.js: extensions.autoDisableScopes - 14
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-02 13:25
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="2091AC0A9CE9A0D9B1987930E5CE7AF895DACCAA46B5BBA2615E49F70BE78095287A272ECA9CB7660DACC33AA4452086A37188B442FC14E71CB622C4B67A299BCBD60112A1999717F42BADC6ACEF7CF7ED26F122CCF061FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D14075D575E7D6A3B9808A6A0AC4980AC79334B7745034C4506788F15A174E9FC63225D2127E5A5DADF8A2E39CA7D80F082E40578E3C4A75FF490B591CDCB0421A9A3BEC0979CE01C0FC4BA8FBD809895DD5DD05E7C155D5E6791C64D2F2F86E67F8B99E5B811778AF51E261E0A6E8E47952BE32CACBFA829C4623320DEE7B69A21CFB2D847A9D8F8BDB5AF47AFE89AFD66B79675D3442DFB795D0B73C1F13E5FC856777B477ED80C151F3A7BEFC6590510E6666495556FE5F84F84447AFE2DA73CF973BEFCDEAF3E2F6250C6D293CC7A558BF4B5595B57CBB37CF9A7727274BDBD8ADB2B73C976DB43FC9CC3240C56D0FDEF05BBCEF1B4E3A618E842D7E46ABD97CA86DAF9F6AD898A5D6E22F2A440CED55101DA61E7B7B94B4E734E1C244B1919F16FFEA0CFB93AC369BA279101B711ACDF750C49427630233CDE1AF22F349492293459BDEF603934F699AA17FECA83D5C114DC7BB6E87833F31688D6BAA747D9121841EC2BCE249ED245995FABEFE9290E306F37B1ED9A847C271083AF0CA0C8BE83230C8692EC513D1E730A48FD5C03D344F77AD1C572234E42397BAAAC5F3C35007D3CB9A058986A2A4CF84D33454292ECC00A6C17309E593EA3047C369897F1BBE2E4B4CF01C6820E4E5465AE61494169A5ED08EAD78EFC9682A4A9BBB43E640B7CAF975A553420973306ECF4C502C6A0197160AD408911669AABE834F29BECE4830AB86116BBD5374BBE786D58D7011B21A7E3B196AB60F145AA29F9E09D65E1C826A0E758B925807DEFCDE6543AC105D3E037ACD817A61DF3758ACAE43496C3AE7B8DD40813872941D2E710479A4DAFE138B2B65CEE97F326A6DFC93855426C2CC371F3E02DE810A06173FD94F35C108B885FCE485ED8237499B37CE6FC98E2CEFBEF7476732934BD5A56A9F4409BBE25F1FE55970F847C86F142CE52254251B2E764E92DD39BB8CC42A3ED70FDADF819D8050F9BB3A8769B927A8DAD5359080D0CDCCC3E4188E5965E288B6634261FE3E596A7F680C62A8725026B838AED78253419F5B9B32DA7F4BBE1A70BE68FB6978412AA222ED5D52F18B17FAF5482B9D4ED0F268023380EDB2882CAE2A4E46958E4850AE8F73EDB8C9B1644E3BF8D078D0BE802C690CECC4C377160CBF99802617B359AEAA05FC1AEA4EE97245E7B40D021048E187D073C604149B8F1FD90F27D8098179AEB0C31B7EC31BB48C42A66B60C7139D1F07057"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1184)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LgNotify.dll
.
Completion time: 2012-05-02 13:27:25
ComboFix-quarantined-files.txt 2012-05-02 20:27
ComboFix2.txt 2012-04-11 10:41
ComboFix3.txt 2012-03-07 00:40
.
Pre-Run: 113,902,784,512 bytes free
Post-Run: 114,432,520,192 bytes free
.
- - End Of File - - B861F5771546286652C3F4BFA8FE171A

#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:18 PM

Posted 03 May 2012 - 08:30 AM

Open notepad and copy/paste the text in the quote box below into it:


Folder::
c:\program files\Conduit
c:\program files\Yontoo
c:\program files\uTorrentControl2

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"=-
[-HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{687578B9-7132-4A7A-80E4-30EE31099E03}"=-

ClearJavaCache::


Save this as CFScript.txt on your desktop.

Posted Image

Referring to the picture above, drag CFScript into ComboFix.exe
Then post the resultant log.

Let me know what problem persists.

#12 yarlac

yarlac
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 04 May 2012 - 01:24 AM

OLT FIX still locks up my computer I have to remove the battery and power plug to reboot.

COMBOFIX LOG

ComboFix 12-05-03.03 - Ray 05/03/2012 22:26:19.6.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1543 [GMT -7:00]
Running from: c:\documents and settings\Ray\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Ray\Desktop\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Conduit
c:\program files\Conduit\Community Alerts\Alert.dll
c:\program files\uTorrentControl2
c:\program files\uTorrentControl2\GottenAppsContextMenu.xml
c:\program files\uTorrentControl2\ldrtbuTor.dll
c:\program files\uTorrentControl2\OtherAppsContextMenu.xml
c:\program files\uTorrentControl2\prxtbuTor.dll
c:\program files\uTorrentControl2\SharedAppsContextMenu.xml
c:\program files\uTorrentControl2\tbuTor.dll
c:\program files\uTorrentControl2\toolbar.cfg
c:\program files\uTorrentControl2\ToolbarContextMenu.xml
c:\program files\uTorrentControl2\uninstall.exe
c:\program files\uTorrentControl2\uTorrentControl2ToolbarHelper.exe
c:\program files\Yontoo
c:\program files\Yontoo\YontooIEClient.dll
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2012-04-04 to 2012-05-04 )))))))))))))))))))))))))))))))
.
.
2012-05-03 10:41 . 2012-05-03 10:41 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJEGV
2012-05-02 18:32 . 2012-05-02 18:32 -------- d-----w- C:\_OTL
2012-05-01 12:29 . 2012-05-01 12:31 -------- d-----w- c:\documents and settings\Ray\Application Data\vlc
2012-05-01 12:25 . 2012-05-01 12:25 -------- d-----w- c:\program files\VideoLAN
2012-05-01 09:40 . 1998-01-23 19:22 304128 ----a-w- c:\windows\IsUninst.exe
2012-04-26 03:09 . 2010-12-30 22:19 16640 ---ha-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2012-04-26 03:09 . 2012-04-26 03:09 -------- d-----w- c:\documents and settings\Ray\Application Data\Apowersoft
2012-04-23 10:23 . 2012-04-23 10:23 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJScan
2012-04-23 10:23 . 2012-04-23 10:23 -------- d-----w- c:\documents and settings\Ray\Application Data\Canon
2012-04-23 10:01 . 2012-04-23 10:16 -------- d-----w- c:\program files\Common Files\Canon
2012-04-23 10:00 . 2012-04-23 10:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2012-04-23 08:39 . 2012-04-23 08:39 68463 ----a-w- c:\program files\RMPly00.exe
2012-04-22 09:46 . 2012-04-22 09:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2012-04-22 00:37 . 2012-04-22 00:37 -------- d-----w- c:\windows\system32\oodag
2012-04-21 22:47 . 2012-04-21 22:47 -------- d-----w- c:\program files\OO Software
2012-04-21 10:35 . 2012-04-21 10:35 -------- d-----w- c:\documents and settings\Ray\Local Settings\Application Data\CRE
2012-04-21 10:34 . 2012-04-27 22:45 -------- d-----w- c:\documents and settings\Ray\Local Settings\Application Data\uTorrentControl2
2012-04-21 10:34 . 2012-04-21 10:34 -------- d-----w- c:\documents and settings\Ray\Local Settings\Application Data\Conduit
2012-04-21 09:26 . 2012-04-21 09:26 -------- d-----w- c:\program files\MSXML 4.0
2012-04-21 08:39 . 2012-04-21 08:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Tarma Installer
2012-04-21 08:38 . 2012-04-21 08:38 -------- d-----w- c:\program files\1ClickDownload
2012-04-20 21:22 . 2012-04-20 21:22 -------- d-----w- c:\program files\Common Files\SWF Studio
2012-04-20 20:14 . 2012-05-01 09:41 -------- d-----w- c:\program files\Canon
2012-04-20 20:09 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2012-04-20 20:09 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2012-04-20 20:09 . 2009-10-19 23:29 307200 ----a-w- c:\windows\system32\CNC340L.dll
2012-04-20 20:09 . 2009-10-06 01:09 1310720 ----a-w- c:\windows\system32\CNC340C.dll
2012-04-20 20:09 . 2009-10-06 01:08 110592 ----a-w- c:\windows\system32\CNC340I.dll
2012-04-20 20:09 . 2009-10-06 01:05 102400 ----a-w- c:\windows\system32\CNC340U.dll
2012-04-20 20:09 . 2008-08-26 01:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2012-04-20 20:09 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2012-04-20 20:09 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2012-04-20 19:50 . 2012-04-20 19:50 -------- d-----w- c:\windows\system32\STRING
2012-04-20 19:50 . 2009-10-09 22:01 137216 ----a-w- c:\windows\system32\CNMNPUI.DLL
2012-04-20 19:50 . 2009-10-09 22:01 354816 ----a-w- c:\windows\system32\CNMNPPM.DLL
2012-04-20 19:50 . 2012-04-20 19:50 -------- d-----w- c:\windows\system32\CHM
2012-04-20 19:44 . 2010-05-16 12:00 70656 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPA5.DLL
2012-04-20 19:44 . 2010-05-16 12:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDA5.DLL
2012-04-20 19:44 . 2010-05-16 12:00 277504 ----a-w- c:\windows\system32\CNMLMA5.DLL
2012-04-20 19:44 . 2012-04-23 10:09 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2012-04-20 19:44 . 2010-06-03 22:12 94208 ----a-w- c:\windows\system32\CNC340O.dll
2012-04-20 19:44 . 2009-09-10 16:00 179200 ----a-w- c:\windows\system32\CNMIUA5.DLL
2012-04-18 22:21 . 2012-04-18 22:21 -------- d-----w- c:\windows\Sun
2012-04-18 09:21 . 2012-01-09 16:20 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-04-18 09:21 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-04-18 09:21 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-04-17 06:21 . 2012-04-17 06:21 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-04-16 23:47 . 2012-04-22 07:53 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-22 07:53 . 2011-07-13 06:11 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 22:56 . 2010-12-31 17:37 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-01 11:01 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2004-08-04 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2004-08-04 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-05-02_20.25.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-05-03 02:33 . 2012-05-03 02:33 2208768 c:\windows\Installer\fabb51.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MRC"="c:\ray's files\XXX\PC Tune-Up\PCTuneUp.exe" [2009-10-06 2960704]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-22 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-06-11 147456]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
1-Click Answers.lnk - c:\program files\1-Click Answers\answers.exe [2010-12-29 806912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2003-06-20 14:03 110592 ----a-w- c:\windows\system32\LgNotify.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart\0OODBS
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-11-02 01:30 2508104 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-09-04 01:43 767312 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdloader]
2010-12-03 12:39 50592 ----a-w- c:\documents and settings\Ray\Application Data\mjusbsp\cdloader2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
2003-10-06 04:11 421888 ----a-w- c:\program files\Dell\QuickSet\quickset.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
2009-09-29 00:56 140640 ----a-w- c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 23:06 1840424 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-06-08 16:31 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgr.exe]
2003-05-29 00:32 86016 ----a-w- c:\program files\Intel\NCS\PROSet\PRONoMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-09-22 08:31 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Ray\\Application Data\\mjusbsp\\magicJack.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [7/11/2011 1:14 AM 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/13/2011 6:30 AM 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [10/7/2011 6:23 AM 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7/11/2011 1:14 AM 295248]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [12/6/2007 12:03 PM 660768]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 6:09 AM 192776]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/31/2010 10:37 AM 654408]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [5/23/2011 1:03 AM 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [7/11/2011 1:14 AM 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [7/11/2011 1:14 AM 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/4/2011 6:21 AM 16720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/31/2010 10:37 AM 22344]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [11/23/2011 2:36 AM 2391832]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/22/2010 1:30 AM 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/16/2012 4:47 PM 253088]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [4/25/2012 8:09 PM 16640]
S3 ATIXPGAA;ATIXPGAA;c:\dell\drivers\R74793\atixpgaa.sys [9/22/2010 1:35 PM 11648]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [5/23/2011 1:03 AM 30944]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/22/2010 1:30 AM 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [3/25/2010 10:25 AM 30969208]
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 07:53]
.
2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 08:30]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 08:30]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Answers... - file://c:\program files\1-Click Answers\Html\atiemenu.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 208.180.42.100 66.76.175.100 208.180.42.68
FF - ProfilePath - c:\documents and settings\Ray\Application Data\Mozilla\Firefox\Profiles\cdx04dqr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msnbc.msn.com/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Google Docs Viewer: adonis.cuhk@gmail.com - %profile%\extensions\adonis.cuhk@gmail.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG2012\Firefox4
FF - user.js: extentions.y2layers.installId - e776b98d-4709-4039-8819-c21167b84bd2
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-uTorrentControl2 Toolbar - c:\program files\uTorrentControl2\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-03 22:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="2091AC0A9CE9A0D9B1987930E5CE7AF895DACCAA46B5BBA2615E49F70BE78095287A272ECA9CB7660DACC33AA4452086A37188B442FC14E71CB622C4B67A299BCBD60112A1999717F42BADC6ACEF7CF7ED26F122CCF061FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D14075D575E7D6A3B9808A6A0AC4980AC79334B7745034C4506788F15A174E9FC63225D2127E5A5DADF8A2E39CA7D80F082E40578E3C4A75FF490B591CDCB0421A9A3BEC0979CE01C0FC4BA8FBD809895DD5DD05E7C155D5E6791C64D2F2F86E67F8B99E5B811778AF51E261E0A6E8E47952BE32CACBFA829C4623320DEE7B69A21CFB2D847A9D8F8BDB5AF47AFE89AFD66B79675D3442DFB795D0B73C1F13E5FC856777B477ED80C151F3A7BEFC6590510E6666495556FE5F84F84447AFE2DA73CF973BEFCDEAF3E2F6250C6D293CC7A558BF4B5595B57CBB37CF9A7727274BDBD8ADB2B73C976DB43FC9CC3240C56D0FDEF05BBCEF1B4E3A618E842D7E46ABD97CA86DAF9F6AD898A5D6E22F2A440CED55101DA61E7B7B94B4E734E1C244B1919F16FFEA0CFB93AC369BA279101B711ACDF750C49427630233CDE1AF22F349492293459BDEF603934F699AA17FECA83D5C114DC7BB6E87833F31688D6BAA747D9121841EC2BCE249ED245995FABEFE9290E306F37B1ED9A847C271083AF0CA0C8BE83230C8692EC513D1E730A48FD5C03D344F77AD1C572234E42397BAAAC5F3C35007D3CB9A058986A2A4CF84D33454292ECC00A6C17309E593EA3047C369897F1BBE2E4B4CF01C6820E4E5465AE61494169A5ED08EAD78EFC9682A4A9BBB43E640B7CAF975A553420973306ECF4C502C6A0197160AD408911669AABE834F29BECE4830AB86116BBD5374BBE786D58D7011B21A7E3B196AB60F145AA29F9E09D65E1C826A0E758B925807DEFCDE6543AC105D3E037ACD817A61DF3758ACAE43496C3AE7B8DD40813872941D2E710479A4DAFE138B2B65CEE97F326A6DFC93855426C2CC371F3E02DE810A06173FD94F35C108B885FCE485ED8237499B37CE6FC98E2CEFBEF7476732934BD5A56A9F4409BBE25F1FE55970F847C86F142CE52254251B2E764E92DD39BB8CC42A3ED70FDADF819D8050F9BB3A8769B927A8DAD5359080D0CDCCC3E4188E5965E288B6634261FE3E596A7F680C62A8725026B838AED78253419F5B9B32DA7F4BBE1A70BE68FB6978412AA222ED5D52F18B17FAF5482B9D4ED0F268023380EDB2882CAE2A4E46958E4850AE8F73EDB8C9B1644E3BF8D078D0BE802C690CECC4C377160CBF99802617B359AEAA05FC1AEA4EE97245E7B40D021048E187D073C604149B8F1FD90F27D8098179AEB0C31B7EC31BB48C42A66B60C7139D1F07057"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1184)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LgNotify.dll
.
Completion time: 2012-05-03 22:35:28
ComboFix-quarantined-files.txt 2012-05-04 05:35
ComboFix2.txt 2012-05-02 20:27
ComboFix3.txt 2012-04-11 10:41
ComboFix4.txt 2012-03-07 00:40
.
Pre-Run: 113,812,905,984 bytes free
Post-Run: 114,118,692,864 bytes free
.
- - End Of File - - 94BC523ADA7D66EDDA5B480FDE7C1699

#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:18 PM

Posted 04 May 2012 - 09:16 AM

As far as you know are these proxy

uInternet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
uInternet Settings,ProxyOverride = <-loopback>


Related to this?
http://fiddler2.com/fiddler/help/hookup.asp

Did you install it?

After running programs are only ComboFix and OTL causing your computer to freeze?

#14 yarlac

yarlac
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 04 May 2012 - 02:43 PM

I have know idea what a proxy is or what http://fiddler2.com/fiddler/help/hookup.asp is I never installed it.

ComboFix now runs correctly and does not freeze my computer and it never did. What was happening ever since McDonalds WiFi episode that sent this computer bonkers, is ComboFix would give a choice that it could only run in a "reduced functionality"
mode then it would complete only segment #49. However a few days ago it began running again perfectly fine.

OLT completely freezes the commputer. I pasted the info in the Custon Scans/Fixes, however, when I run OLT my desktop icons disappeared, the bottom of OLT said "killing processes: NO NOT INTERUPT", OLT locks my computer from the instant I hit "RUN FIX"
the top blue bar of OLT says "Not Responding". The computer gets locked up and I have to unplug it and take the battery out to reboot it.

yarlac

system resources gets totally used up doing anything on this computer.

#15 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:18 PM

Posted 05 May 2012 - 07:58 AM

Unless it's required by your Internet Provider I would remove it.

In Internet Explorer go to Tools - Internet Options - Connections Tab - Lan Settings and remove the reference to 127.0.0.1:5577 if found, then uncheck "Use a proxy server" and check "Automatically detect settings".
===

If you use Firefox in Tools Menu > Options... > Advanced Tab > Network Tab > Connection > Settings. Select the Auto-detect proxy settings for this network option. Or no proxy if you do not need it.
===

If you use Firefox remove the proxy settings also.
http://support.mozilla.com/en-US/kb/Firefox+cannot+load+websites+but+other+programs+can?s=proxy+settings&as=s




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users