caewe12

Can you clarify if I should stay in safe mode? Thanks. CAE

Hi, Right after posting Webroot SecureAnywhere found this file: wgsdgsdgdsgsd.exe Not taking action...let me know. CAE

Hi, I have Windows XP. I should have come straight to the forum but instead did some self medicating (I know bad idea). Not sure if I can even recall everything I've done but if you need me to I can try. I am able to boot up and access the internet and am no longer being redirected. Here are the logs. Thank you for your help. Cheryl E. PS - Somehow Yahoo.genieo got invited to the party. I tried to get rid of it but don't think I did. I reset my homepage but think it's stil lurking. DDS (Ver_2012-11-07.01) - NTFS_x86 NETWORK Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31 Run by Ekenbarger's at 8:05:40 on 2012-11-18 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2558.2136 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} AV: Webroot SecureAnywhere *Enabled/Updated* {D486329C-1488-4CEB-9CC8-D662B732D904} . ============== Running Processes ================ . C:\Program Files\Webroot\WRSA.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Webroot\WRSA.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.cox.net/ uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s dURLSearchHooks: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - <orphaned> dURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned> BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\documents and settings\ekenbarger's\application data\defaulttab\defaulttab\DefaultTabBHO.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Upromise TurboSaver: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe mRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16 mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [HostManager] c:\program files\common files\aol\1178326658\ee\AOLSoftware.exe mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe mRun: [dla] c:\windows\system32\dla\tfswctrl.exe mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k mRun: [WRSVC] "c:\program files\webroot\WRSA.exe" -ul uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoViewOnDrive = dword:0 uPolicies-Explorer: NoDrives = dword:0 uPolicies-Explorer: DisableLocalMachineRun = dword:0 uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0 uPolicies-Explorer: DisableCurrentUserRun = dword:0 uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0 uPolicies-Explorer: NoDriveTypeAutoRun = dword:0 uPolicies-Explorer: NoFile = dword:0 uPolicies-Explorer: HideClock = dword:0 uPolicies-Explorer: NoDevMgrUpdate = dword:0 uPolicies-Explorer: NoDFSTab = dword:0 uPolicies-Explorer: NoWindowsUpdate = dword:0 uPolicies-Explorer: NoEncryptOnMove = dword:0 uPolicies-Explorer: NoRunasInstallPrompt = dword:0 uPolicies-Explorer: NoResolveTrack = dword:0 uPolicies-Explorer: NoStartMenuSubFolders = dword:0 uPolicies-System: NoDispAppearancePage = dword:0 uPolicies-System: NoDispSettingsPage = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoViewOnDrive = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: DisableLocalMachineRun = dword:0 mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0 mPolicies-Explorer: DisableCurrentUserRun = dword:0 mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:0 mPolicies-Explorer: NoFile = dword:0 mPolicies-Explorer: HideClock = dword:0 mPolicies-Explorer: NoDevMgrUpdate = dword:0 mPolicies-Explorer: NoDFSTab = dword:0 mPolicies-Explorer: NoWindowsUpdate = dword:0 mPolicies-Explorer: NoEncryptOnMove = dword:0 mPolicies-Explorer: NoRunasInstallPrompt = dword:0 mPolicies-Explorer: NoResolveTrack = dword:0 mPolicies-Explorer: NoStartMenuSubFolders = dword:0 mPolicies-System: NoDispAppearancePage = dword:0 mPolicies-System: NoDispSettingsPage = dword:0 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoViewOnDrive = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: DisableLocalMachineRun = dword:0 mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0 mPolicies-Explorer: DisableCurrentUserRun = dword:0 mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:0 mPolicies-Explorer: NoFile = dword:0 mPolicies-Explorer: HideClock = dword:0 mPolicies-Explorer: NoDevMgrUpdate = dword:0 mPolicies-Explorer: NoDFSTab = dword:0 mPolicies-Explorer: NoWindowsUpdate = dword:0 mPolicies-Explorer: NoEncryptOnMove = dword:0 mPolicies-Explorer: NoRunasInstallPrompt = dword:0 mPolicies-Explorer: NoResolveTrack = dword:0 mPolicies-Explorer: NoStartMenuSubFolders = dword:0 mPolicies-System: NoDispAppearancePage = dword:0 mPolicies-System: NoDispSettingsPage = dword:0 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxps://www6.iepdirect.com/ScriptX_6_5/smsx.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212869638656 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://e-talk1.whps.org/dwa7W.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: Interfaces\{830D72BE-6132-4A2A-B8DD-7BC8B69A920B} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Yahoo (By Genieo) FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3106777&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=CDxdm003YYus&ptb=CF74B0F9-D5D0-4EC8-AC35-8A70571C102D&ind=2011081120&ptnrS=CDxdm003YYus&si=CK2Cs7C9yKoCFaUZQgodWFpFyg&n=77dea9a0&psa=&st=kwd&searchfor= FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll FF - plugin: c:\program files\nos\bin\np_gp.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - ExtSQL: 2012-11-11 19:40; addon@defaulttab.com; c:\documents and settings\ekenbarger's\application data\mozilla\firefox\profiles\fi5w6q0t.default\extensions\addon@defaulttab.com.xpi FF - ExtSQL: !HIDDEN! 2010-01-25 20:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension . ============= SERVICES / DRIVERS =============== . R0 WRkrn;WRkrn;c:\windows\system32\drivers\WRkrn.sys [2012-11-17 112656] R2 WRSVC;WRSVC;c:\program files\webroot\WRSA.exe [2012-11-17 729544] S2 DefaultTabSearch;DefaultTabSearch;c:\program files\defaulttab\DefaultTabSearch.exe [2012-11-8 568832] S2 DefaultTabUpdate;DefaultTabUpdate;c:\documents and settings\ekenbarger's\application data\defaulttab\defaulttab\DTUpdate.exe [2012-11-11 107520] S2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [2006-5-21 34916] S2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2004-8-10 5120] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-1-18 34248] S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-1-18 40552] S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-10 14336] S3 SymSnapService;SymSnapService;c:\program files\norton ghost\shared\drivers\SymSnapService.exe [2007-12-20 1553896] . =============== Created Last 30 ================ . 2012-11-17 21:17:57 871040 ----a-w- c:\windows\system32\drivers\cIdshrGq.sys 2012-11-17 16:41:17 871040 ----a-w- c:\windows\system32\drivers\tYMsoVkA.sys 2012-11-17 13:23:12 150712 ----a-w- c:\windows\system32\WRusr.dll 2012-11-17 13:23:12 112656 ----a-w- c:\windows\system32\drivers\WRkrn.sys 2012-11-17 13:23:09 -------- d-----w- c:\program files\Webroot 2012-11-17 13:21:19 -------- d-----w- c:\documents and settings\all users\application data\WRData 2012-11-17 12:58:59 -------- d-----w- C:\CCE_Quarantine 2012-11-17 09:33:02 -------- d-----w- c:\documents and settings\ekenbarger's\application data\Utduu 2012-11-17 09:33:02 -------- d-----w- c:\documents and settings\ekenbarger's\application data\Bykegy 2012-11-11 12:08:39 -------- d-----w- c:\program files\DefaultTab 2012-11-11 12:08:28 -------- d-----w- c:\documents and settings\ekenbarger's\application data\DefaultTab 2012-11-06 22:50:59 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-11-06 00:54:32 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro 2012-10-30 22:48:56 696760 ---ha-w- c:\windows\system32\FlashPlayerApp.exe . ==================== Find3M ==================== . 2012-10-30 22:48:56 73656 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-24 22:56:12 417792 ------w- c:\windows\Setup1.exe 2012-09-24 22:56:10 73216 ----a-w- c:\windows\ST6UNST.EXE 2012-09-17 14:09:15 56 --sh--r- c:\windows\system32\86307A10A8.sys 2012-09-17 14:09:15 1786 --sha-w- c:\windows\system32\KGyGaAvL.sys 2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14:52 1469440 ---h--w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:15 385024 ---ha-w- c:\windows\system32\html.iec 2012-08-24 13:53:22 177664 ---ha-w- c:\windows\system32\wintrust.dll 2012-08-21 17:01:22 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-08-21 17:01:22 106928 ---ha-w- c:\windows\system32\GEARAspi.dll 2012-08-21 13:33:26 2148864 ---ha-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58:09 2027520 ---ha-w- c:\windows\system32\ntkrnlpa.exe . ============= FINISH: 8:10:02.42 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-07.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume2 Install Date: 9/20/2005 7:58:34 PM System Uptime: 11/18/2012 7:59:01 AM (1 hours ago) . Motherboard: Dell Inc. | | 0X8582 Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 146 GiB total, 88.342 GiB free. D: is CDROM () E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1331: 8/8/2012 5:11:21 AM - System Checkpoint RP1332: 8/9/2012 6:05:24 AM - System Checkpoint RP1333: 8/10/2012 7:00:43 AM - System Checkpoint RP1334: 8/11/2012 7:54:45 AM - System Checkpoint RP1335: 8/12/2012 8:49:36 AM - System Checkpoint RP1336: 8/13/2012 9:26:33 AM - System Checkpoint RP1337: 8/14/2012 10:20:49 AM - System Checkpoint RP1338: 8/15/2012 11:15:03 AM - System Checkpoint RP1339: 8/15/2012 8:00:17 PM - Software Distribution Service 3.0 RP1340: 8/16/2012 8:20:22 PM - System Checkpoint RP1341: 8/17/2012 9:14:20 PM - System Checkpoint RP1342: 8/18/2012 9:33:22 PM - System Checkpoint RP1343: 8/19/2012 10:55:05 PM - System Checkpoint RP1344: 8/20/2012 11:26:30 PM - System Checkpoint RP1345: 8/22/2012 12:20:33 AM - System Checkpoint RP1346: 8/23/2012 1:14:46 AM - System Checkpoint RP1347: 8/24/2012 1:41:48 AM - System Checkpoint RP1348: 8/25/2012 2:35:58 AM - System Checkpoint RP1349: 8/26/2012 3:30:15 AM - System Checkpoint RP1350: 8/27/2012 4:25:33 AM - System Checkpoint RP1351: 8/28/2012 5:20:47 AM - System Checkpoint RP1352: 8/29/2012 6:16:11 AM - System Checkpoint RP1353: 8/30/2012 7:25:33 AM - System Checkpoint RP1354: 8/31/2012 8:04:39 AM - System Checkpoint RP1355: 9/1/2012 11:07:15 AM - System Checkpoint RP1356: 9/2/2012 11:53:21 AM - System Checkpoint RP1357: 9/3/2012 12:56:42 PM - System Checkpoint RP1358: 9/4/2012 1:48:12 PM - System Checkpoint RP1359: 9/5/2012 1:53:11 PM - System Checkpoint RP1360: 9/6/2012 2:27:28 PM - System Checkpoint RP1361: 9/7/2012 2:34:12 PM - System Checkpoint RP1362: 9/8/2012 3:51:01 PM - System Checkpoint RP1363: 9/9/2012 4:10:08 PM - System Checkpoint RP1364: 9/10/2012 5:19:29 PM - System Checkpoint RP1365: 9/11/2012 6:02:17 PM - System Checkpoint RP1366: 9/12/2012 6:56:26 PM - System Checkpoint RP1367: 9/12/2012 8:00:16 PM - Software Distribution Service 3.0 RP1368: 9/13/2012 8:50:41 PM - System Checkpoint RP1369: 9/14/2012 9:45:05 PM - System Checkpoint RP1370: 9/16/2012 7:58:00 AM - System Checkpoint RP1371: 9/17/2012 8:31:00 AM - System Checkpoint RP1372: 9/18/2012 9:23:31 AM - System Checkpoint RP1373: 9/19/2012 10:17:53 AM - System Checkpoint RP1374: 9/20/2012 11:12:06 AM - System Checkpoint RP1375: 9/21/2012 12:06:20 PM - System Checkpoint RP1376: 9/21/2012 8:00:16 PM - Software Distribution Service 3.0 RP1377: 9/22/2012 8:20:32 PM - System Checkpoint RP1378: 9/23/2012 8:59:04 PM - System Checkpoint RP1379: 9/24/2012 7:01:47 PM - Printer Driver Amyuni PDF Converter 2.07 Installed RP1380: 9/25/2012 7:37:03 PM - System Checkpoint RP1381: 9/26/2012 8:31:29 PM - System Checkpoint RP1382: 9/27/2012 8:46:55 PM - System Checkpoint RP1383: 9/28/2012 8:48:24 PM - System Checkpoint RP1384: 9/29/2012 9:20:59 PM - System Checkpoint RP1385: 9/30/2012 10:11:15 PM - System Checkpoint RP1386: 10/1/2012 11:03:59 PM - System Checkpoint RP1387: 10/2/2012 11:08:15 PM - System Checkpoint RP1388: 10/3/2012 11:53:58 PM - System Checkpoint RP1389: 10/5/2012 12:49:35 AM - System Checkpoint RP1390: 10/6/2012 1:43:57 AM - System Checkpoint RP1391: 10/7/2012 2:38:22 AM - System Checkpoint RP1392: 10/8/2012 3:32:45 AM - System Checkpoint RP1393: 10/9/2012 4:25:49 AM - System Checkpoint RP1394: 10/10/2012 5:20:04 AM - System Checkpoint RP1395: 10/11/2012 6:00:58 AM - System Checkpoint RP1396: 10/11/2012 8:00:17 PM - Software Distribution Service 3.0 RP1397: 10/12/2012 8:21:37 PM - System Checkpoint RP1398: 10/13/2012 9:17:01 PM - System Checkpoint RP1399: 10/14/2012 9:54:14 PM - System Checkpoint RP1400: 10/15/2012 10:09:47 PM - System Checkpoint RP1401: 10/16/2012 11:03:50 PM - System Checkpoint RP1402: 10/17/2012 11:57:50 PM - System Checkpoint RP1403: 10/19/2012 12:03:03 AM - System Checkpoint RP1404: 10/20/2012 12:25:17 AM - System Checkpoint RP1405: 10/21/2012 1:19:49 AM - System Checkpoint RP1406: 10/22/2012 2:14:18 AM - System Checkpoint RP1407: 10/23/2012 3:11:16 AM - System Checkpoint RP1408: 10/24/2012 3:59:05 AM - System Checkpoint RP1409: 10/25/2012 4:46:09 AM - System Checkpoint RP1410: 10/26/2012 5:22:58 AM - System Checkpoint RP1411: 10/27/2012 6:17:06 AM - System Checkpoint RP1412: 10/28/2012 7:11:14 AM - System Checkpoint RP1413: 10/29/2012 8:21:12 AM - System Checkpoint RP1414: 10/30/2012 8:29:42 AM - System Checkpoint RP1415: 10/31/2012 8:47:06 AM - System Checkpoint RP1416: 11/1/2012 9:41:31 AM - System Checkpoint RP1417: 11/2/2012 10:37:09 AM - System Checkpoint RP1418: 11/3/2012 11:43:21 AM - System Checkpoint RP1419: 11/4/2012 1:55:24 PM - System Checkpoint . ==== Installed Programs ====================== . ABBYY FineReader 6.0 Sprint Acrobat.com Adobe Reader X (10.1.4) AOL Coach Version 1.0(Build:20040229.1 en) AOL Uninstaller (Choose which Products to Remove) AOLIcon Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Software Suite ATI Control Panel ATI Display Driver Bonjour Compatibility Pack for the 2007 Office system Creative MediaSource DAO 3.5 DB CIF Cam DefaultTab DefaultTab Chrome Dell Media Experience Dell Photo AIO Printer 924 Dell Picture Studio v3.0 Dell Support 3.2.1 Dell System Restore EarthLink setup files ERUNT 1.1j ESET Online Scanner v3 FoneSync Get High Speed Internet! GIMP 2.6.6 Google Chrome Google Drive Google Earth Google SketchUp 6 Google Toolbar for Internet Explorer Google Update Helper Google Updater High Definition Audio Driver Package - KB835221 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB942288-v3) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) Intel Matrix Storage Manager Intel® 537EP V9x DF PCI Modem Intel® PRO Network Connections Software v9.2.4.11 Intel® PROSafe for Wired Connections Internet Explorer Default Page iTunes Jasc Paint Shop Photo Album 5 Jasc Paint Shop Pro Studio, Dell Editon Java Auto Updater Java 6 Update 31 LiveUpdate 3.2 (Symantec Corporation) Macromedia Flash Player Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Picture It! Publishing 2001 Microsoft Plus! Digital Media Edition Installer Microsoft Plus! Photo Story 2 LE Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Word 2000 SR-1 Microsoft Works 2001 Setup Launcher Microsoft Works 6.0 Microsoft Works Suite Add-in for Microsoft Word MobileMe Control Panel Modem Event Monitor Modem Helper Modem On Hold Move Networks Media Player for Internet Explorer Mozilla Firefox 10.0.2 (x86 en-US) MSN MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 6 Service Pack 2 (KB973686) Musicmatch for Windows Media Player NetZeroInstallers NickToons Racing Nikon Message Center Norton Ghost Pdf995 PdfEdit995 Photo Click PictureProject PowerDVD 5.5 QuickBooks Simple Start Special Edition Quicken Basic 2000 QuickTime Rayman Raving Rabbids RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.1 Safari Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Windows (KB2564958) Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Encoder (KB2447961) Security Update for Windows Media Encoder (KB954156) Security Update for Windows Media Encoder (KB979332) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2491683) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950759) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953838) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956390) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960714) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB963027) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969897) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972260) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Shockwave Sonic DLA Sonic RecordNow Audio Sonic RecordNow Copy Sonic RecordNow Data Sonic Update Manager Sound Blaster Live! 24-bit SPORE™ SPORE™ Galactic Adventures STICKIDS TaxCut Basic 2006 Type to Learn 3 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB972636) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB976749) Update for Windows Internet Explorer 8 (KB980182) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB942763) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Viewpoint Media Player WebFldrs XP Webroot SecureAnywhere Windows Genuine Advantage v1.3.0254.0 Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Installer Clean Up Windows Internet Explorer 8 Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Player 10 Windows Media Player 11 Windows PowerShell 1.0 Windows XP Service Pack 3 WordPerfect Office 12 Works Suite OS Pack Works Synchronization . ==== Event Viewer Messages From Past Week ======== . 11/18/2012 8:01:01 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm 11/17/2012 9:31:43 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found. 11/17/2012 8:54:52 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume. 11/17/2012 8:13:33 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the SymSnapService service, but this action failed with the following error: An instance of the service is already running. 11/17/2012 8:12:33 PM, error: Service Control Manager [7034] - The WAN Miniport (ATW) Service service terminated unexpectedly. It has done this 1 time(s). 11/17/2012 8:12:33 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s). 11/17/2012 8:12:33 PM, error: Service Control Manager [7034] - The Intel® Matrix Storage Event Monitor service terminated unexpectedly. It has done this 1 time(s). 11/17/2012 8:12:33 PM, error: Service Control Manager [7031] - The SymSnapService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/17/2012 8:12:32 PM, error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s). 11/17/2012 8:12:32 PM, error: Service Control Manager [7034] - The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s). 11/17/2012 8:12:32 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s). 11/17/2012 8:12:32 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s). 11/17/2012 8:12:32 PM, error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 1 time(s). 11/17/2012 8:12:32 PM, error: Service Control Manager [7031] - The Norton Ghost service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 11/17/2012 8:12:32 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/17/2012 7:48:02 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the WRSVC service, but this action failed with the following error: An instance of the service is already running. 11/17/2012 7:47:52 PM, error: Service Control Manager [7031] - The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 11/11/2012 9:30:10 PM, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: Access is denied. 11/11/2012 9:29:45 PM, error: SRService [104] - The System Restore initialization process failed. 11/11/2012 9:05:21 PM, error: Service Control Manager [7034] - The DefaultTabUpdate service terminated unexpectedly. It has done this 1 time(s). 11/11/2012 8:52:01 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 11/11/2012 8:26:15 AM, error: System Error [1003] - Error code 1000007e, parameter1 c0000005, parameter2 87bdf097, parameter3 ba4f7a90, parameter4 ba4f778c. 11/11/2012 7:38:47 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} 11/11/2012 7:30:16 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avipbb avkmgr Fips intelppm ssmdrv 11/11/2012 7:08:52 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} . ==== End Of File =========================== RogueKiller V8.3.0 [Nov 18 2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website: http://tigzy.geekstogo.com/roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Safe mode with network support User : Ekenbarger's [Admin rights] Mode : Scan -- Date : 11/18/2012 08:19:14 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJPOL] HKCU\[...]\System : DisableCMD (0) -> FOUND [HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJPOL] HKLM\[...]\System : DisableCMD (0) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : Root.MBR ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Maxtor 6Y160M0 +++++ --- User --- [MBR] e8c4ef311439380bf8161fe3e04c23d1 [bSP] b72667633f4c7c2babf1970635a88ab8 : MBR Code unknown Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 149071 Mo 2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 305411715 | Size: 3459 Mo User != LL1 ... KO! --- LL1 --- [MBR] 1234b9627f851ba5c40b58d46ae5bfa5 [bSP] b72667633f4c7c2babf1970635a88ab8 : MBR Code unknown [possible maxSST in 3!] Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 149071 Mo 2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 305411715 | Size: 3459 Mo 3 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 312496380 | Size: 1 Mo User != LL2 ... KO! --- LL2 --- [MBR] 1234b9627f851ba5c40b58d46ae5bfa5 [bSP] b72667633f4c7c2babf1970635a88ab8 : MBR Code unknown [possible maxSST in 3!] Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 149071 Mo 2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 305411715 | Size: 3459 Mo 3 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 312496380 | Size: 1 Mo +++++ PhysicalDrive1: WDC WD5000AADS-00S9B0 +++++ Error reading User MBR! User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1]_S_11182012_02d0819.txt >> RKreport[1]_S_11182012_02d0819.txt

Was infected with File Restore and FBI MoneyPak in the same week. Trying to clean it up but in way over my head. Help. Please. CAE

Hi, Sorry to bother you but I'm confused on how to remove the Combo-Fix. Am I suppose to use RUN to open it and then try to uninstall it or am I typing combo-fix.exe /uninstall in the RUN box? Help. Thanks. CAE

Hi, I uninstalled Spybot yesterday. Finding this list a bit daunting but will tackle it this week. Will let you know if I run into trouble. Thanks. CAE Hi again, I also have Adobe Air and Adobe Download Manager. Should I uninstall these as well?

Hi, I installed Avira and updated. Then did a bit of surfing and everything seemed fine. I wasn't redirected and the speed was fine. I know my family is champing at the bit to get on Facebook but I think that Facebook is probably how this all started. I told them not to click on any links but is there a better way to protect the computer? Thanks. CAE

I haven't used the pc to do anything. Can I surf a bit and see what (if anything) happens? Also how should I go about reinstalling or creating access to the missing programs? Can I install the Avira anti-virus now? Can I delete the logs and .exe files I downloaded? Please know that I am very appreicative of your time and guidance. CAE

Hi, I ran the scan. Nothing detected. Here is the log. Thanks. CAE Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.08.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Ekenbarger's :: JAM1 [administrator] 3/8/2012 7:06:03 PM mbam-log-2012-03-08 (19-06-03).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 312608 Time elapsed: 45 minute(s), 39 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Yes, I waited until the prescan finished. I can try again and be exact but as I recall the only button not lit was delete. Thanks. CAE

Nope - delete still not available. CAE

Ok. Deleted it and ran the scan. Here's the report should I leave the program open? Thanks. CAE RogueKiller V7.2.1 [02/29/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: Ekenbarger's [Admin rights] Mode: Scan -- Date: 03/05/2012 19:46:58 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 9 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : Bomgar Support Reconnect [1297805904] ("C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-4D5AF24F\bomgar-scc.exe" -nomulti) -> FOUND [sUSP PATH] HKUS\S-1-5-21-1946173170-350803515-410004273-1006[...]\Run : Bomgar Support Reconnect [1297805904] ("C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-4D5AF24F\bomgar-scc.exe" -nomulti) -> FOUND [WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Maxtor 6Y160M0 +++++ --- User --- [MBR] e8c4ef311439380bf8161fe3e04c23d1 [bSP] b72667633f4c7c2babf1970635a88ab8 : MBR Code unknown Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 149071 Mo 2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 305411715 | Size: 3459 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: WDC WD5000AADS-00S9B0 +++++ --- User --- [MBR] 9ff5de6a7f5bd44494e6713738cfaa5e [bSP] 766475e27f711b63811094046f843551 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476937 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

Ok. Just wanted to confirm that I wasn't scanning. When I click on Registry the delete button is not available. Help. Thanks. CAE

Sorry confused..after prescan do I scan? CAE

Hi, Ran the scan. Here's the log. Thanks. CAE RogueKiller V7.2.1 [02/29/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: Ekenbarger's [Admin rights] Mode: Scan -- Date: 03/05/2012 19:46:58 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 9 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : Bomgar Support Reconnect [1297805904] ("C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-4D5AF24F\bomgar-scc.exe" -nomulti) -> FOUND [sUSP PATH] HKUS\S-1-5-21-1946173170-350803515-410004273-1006[...]\Run : Bomgar Support Reconnect [1297805904] ("C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-4D5AF24F\bomgar-scc.exe" -nomulti) -> FOUND [WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Maxtor 6Y160M0 +++++ --- User --- [MBR] e8c4ef311439380bf8161fe3e04c23d1 [bSP] b72667633f4c7c2babf1970635a88ab8 : MBR Code unknown Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 149071 Mo 2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 305411715 | Size: 3459 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: WDC WD5000AADS-00S9B0 +++++ --- User --- [MBR] 9ff5de6a7f5bd44494e6713738cfaa5e [bSP] 766475e27f711b63811094046f843551 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476937 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

Ok. Tried Windows Explorer and it brought me to My Documents. Should I consider uninstalling and reinstalling some of the programs? Is my computer clean? Thanks. CAE

Hi, Not sure I know what Windows Explorer is (should I?) but know how to get to programs folders/files. The programs are there and there are files in them. What next? CAE

Ok. Folder/files under ALL PROGRAMS still empty. Thanks. CAE

Hi, No threats found. Here is the log. Thxs. CAE 13:11:46.0890 7624 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07 13:11:47.0218 7624 ============================================================ 13:11:47.0218 7624 Current date / time: 2012/03/04 13:11:47.0218 13:11:47.0218 7624 SystemInfo: 13:11:47.0218 7624 13:11:47.0218 7624 OS Version: 5.1.2600 ServicePack: 3.0 13:11:47.0218 7624 Product type: Workstation 13:11:47.0218 7624 ComputerName: JAM1 13:11:47.0218 7624 UserName: Ekenbarger's 13:11:47.0218 7624 Windows directory: C:\WINDOWS 13:11:47.0218 7624 System windows directory: C:\WINDOWS 13:11:47.0218 7624 Processor architecture: Intel x86 13:11:47.0218 7624 Number of processors: 2 13:11:47.0218 7624 Page size: 0x1000 13:11:47.0218 7624 Boot type: Normal boot 13:11:47.0218 7624 ============================================================ 13:11:47.0687 7624 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 13:11:47.0703 7624 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 13:11:47.0718 7624 \Device\Harddisk0\DR0: 13:11:47.0718 7624 MBR used 13:11:47.0718 7624 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x12327F3C 13:11:47.0718 7624 \Device\Harddisk1\DR1: 13:11:47.0718 7624 MBR used 13:11:47.0718 7624 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800 13:11:47.0828 7624 Initialize success 13:11:47.0828 7624 ============================================================ 13:11:56.0171 7460 ============================================================ 13:11:56.0171 7460 Scan started 13:11:56.0171 7460 Mode: Manual; 13:11:56.0171 7460 ============================================================ 13:11:56.0828 7460 Scan interrupted by user! 13:11:56.0828 7460 Scan interrupted by user! 13:11:56.0828 7460 Scan interrupted by user! 13:11:56.0828 7460 ============================================================ 13:11:56.0828 7460 Scan finished 13:11:56.0828 7460 ============================================================ 13:11:56.0843 7440 Detected object count: 0 13:11:56.0843 7440 Actual detected object count: 0 13:12:31.0609 7476 ============================================================ 13:12:31.0609 7476 Scan started 13:12:31.0609 7476 Mode: Manual; 13:12:31.0609 7476 ============================================================ 13:12:31.0890 7476 Abiosdsk - ok 13:12:31.0953 7476 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 13:12:31.0953 7476 abp480n5 - ok 13:12:32.0062 7476 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 13:12:32.0062 7476 ACPI - ok 13:12:32.0109 7476 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 13:12:32.0109 7476 ACPIEC - ok 13:12:32.0171 7476 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 13:12:32.0171 7476 adpu160m - ok 13:12:32.0234 7476 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 13:12:32.0250 7476 aec - ok 13:12:32.0328 7476 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 13:12:32.0328 7476 AFD - ok 13:12:32.0453 7476 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 13:12:32.0453 7476 agp440 - ok 13:12:32.0515 7476 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 13:12:32.0515 7476 agpCPQ - ok 13:12:32.0578 7476 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 13:12:32.0593 7476 Aha154x - ok 13:12:32.0656 7476 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 13:12:32.0656 7476 aic78u2 - ok 13:12:32.0718 7476 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 13:12:32.0718 7476 aic78xx - ok 13:12:32.0781 7476 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 13:12:32.0781 7476 AliIde - ok 13:12:32.0843 7476 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 13:12:32.0843 7476 alim1541 - ok 13:12:32.0921 7476 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 13:12:32.0921 7476 amdagp - ok 13:12:33.0000 7476 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 13:12:33.0000 7476 amsint - ok 13:12:33.0062 7476 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 13:12:33.0062 7476 asc - ok 13:12:33.0125 7476 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 13:12:33.0125 7476 asc3350p - ok 13:12:33.0187 7476 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 13:12:33.0187 7476 asc3550 - ok 13:12:33.0281 7476 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 13:12:33.0281 7476 AsyncMac - ok 13:12:33.0468 7476 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 13:12:33.0468 7476 atapi - ok 13:12:33.0500 7476 Atdisk - ok 13:12:33.0562 7476 ati2mtag (b8142104502f794689c1c0bcbfb53b98) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 13:12:33.0578 7476 ati2mtag - ok 13:12:33.0625 7476 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 13:12:33.0625 7476 Atmarpc - ok 13:12:33.0671 7476 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 13:12:33.0671 7476 audstub - ok 13:12:33.0703 7476 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 13:12:33.0703 7476 Beep - ok 13:12:33.0750 7476 bvrp_pci (c945dc4eee3f624dfd07788ea7f0db0a) C:\WINDOWS\system32\drivers\bvrp_pci.sys 13:12:33.0750 7476 bvrp_pci - ok 13:12:33.0750 7476 catchme - ok 13:12:33.0828 7476 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 13:12:33.0828 7476 cbidf - ok 13:12:33.0875 7476 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 13:12:33.0875 7476 cbidf2k - ok 13:12:33.0953 7476 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 13:12:33.0953 7476 CCDECODE - ok 13:12:34.0015 7476 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 13:12:34.0015 7476 cd20xrnt - ok 13:12:34.0078 7476 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 13:12:34.0078 7476 Cdaudio - ok 13:12:34.0109 7476 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 13:12:34.0109 7476 Cdfs - ok 13:12:34.0156 7476 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 13:12:34.0156 7476 Cdrom - ok 13:12:34.0187 7476 Changer - ok 13:12:34.0250 7476 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys 13:12:34.0250 7476 CmdIde - ok 13:12:34.0328 7476 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 13:12:34.0328 7476 Cpqarray - ok 13:12:34.0453 7476 ctsfm2k (b459ae4afca570088adddbe55eabbc92) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys 13:12:34.0453 7476 ctsfm2k - ok 13:12:34.0500 7476 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 13:12:34.0500 7476 dac2w2k - ok 13:12:34.0546 7476 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 13:12:34.0562 7476 dac960nt - ok 13:12:34.0625 7476 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 13:12:34.0625 7476 Disk - ok 13:12:34.0718 7476 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 13:12:34.0734 7476 dmboot - ok 13:12:34.0843 7476 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 13:12:34.0859 7476 dmio - ok 13:12:34.0921 7476 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 13:12:34.0921 7476 dmload - ok 13:12:34.0984 7476 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 13:12:34.0984 7476 DMusic - ok 13:12:35.0031 7476 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 13:12:35.0031 7476 dpti2o - ok 13:12:35.0093 7476 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 13:12:35.0093 7476 drmkaud - ok 13:12:35.0171 7476 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys 13:12:35.0171 7476 drvmcdb - ok 13:12:35.0218 7476 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys 13:12:35.0218 7476 drvnddm - ok 13:12:35.0328 7476 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys 13:12:35.0328 7476 DSproct - ok 13:12:35.0421 7476 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys 13:12:35.0421 7476 E100B - ok 13:12:35.0546 7476 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 13:12:35.0562 7476 Fastfat - ok 13:12:35.0609 7476 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 13:12:35.0609 7476 Fdc - ok 13:12:35.0671 7476 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 13:12:35.0671 7476 Fips - ok 13:12:35.0750 7476 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 13:12:35.0750 7476 Flpydisk - ok 13:12:35.0828 7476 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 13:12:35.0828 7476 FltMgr - ok 13:12:35.0890 7476 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 13:12:35.0890 7476 Fs_Rec - ok 13:12:35.0937 7476 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 13:12:35.0937 7476 Ftdisk - ok 13:12:36.0015 7476 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 13:12:36.0015 7476 GEARAspiWDM - ok 13:12:36.0093 7476 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 13:12:36.0093 7476 Gpc - ok 13:12:36.0140 7476 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 13:12:36.0140 7476 HDAudBus - ok 13:12:36.0171 7476 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 13:12:36.0187 7476 HidUsb - ok 13:12:36.0250 7476 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 13:12:36.0250 7476 hpn - ok 13:12:36.0375 7476 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 13:12:36.0375 7476 HTTP - ok 13:12:36.0453 7476 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 13:12:36.0453 7476 i2omgmt - ok 13:12:36.0500 7476 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 13:12:36.0500 7476 i2omp - ok 13:12:36.0546 7476 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 13:12:36.0562 7476 i8042prt - ok 13:12:36.0609 7476 iastor (d593517879e65167df35f6015814ac59) C:\WINDOWS\system32\drivers\iastor.sys 13:12:36.0625 7476 iastor - ok 13:12:36.0718 7476 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 13:12:36.0718 7476 Imapi - ok 13:12:36.0781 7476 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 13:12:36.0781 7476 ini910u - ok 13:12:36.0890 7476 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys 13:12:36.0906 7476 IntelC51 - ok 13:12:36.0937 7476 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys 13:12:36.0953 7476 IntelC52 - ok 13:12:36.0984 7476 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys 13:12:36.0984 7476 IntelC53 - ok 13:12:37.0031 7476 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys 13:12:37.0031 7476 IntelIde - ok 13:12:37.0125 7476 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 13:12:37.0125 7476 intelppm - ok 13:12:37.0203 7476 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 13:12:37.0203 7476 Ip6Fw - ok 13:12:37.0265 7476 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 13:12:37.0265 7476 IpFilterDriver - ok 13:12:37.0328 7476 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 13:12:37.0328 7476 IpInIp - ok 13:12:37.0437 7476 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 13:12:37.0437 7476 IpNat - ok 13:12:37.0468 7476 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 13:12:37.0484 7476 IPSec - ok 13:12:37.0531 7476 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 13:12:37.0531 7476 IRENUM - ok 13:12:37.0578 7476 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 13:12:37.0578 7476 isapnp - ok 13:12:37.0609 7476 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 13:12:37.0609 7476 Kbdclass - ok 13:12:37.0640 7476 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 13:12:37.0640 7476 kbdhid - ok 13:12:37.0671 7476 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 13:12:37.0671 7476 kmixer - ok 13:12:37.0718 7476 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 13:12:37.0734 7476 KSecDD - ok 13:12:37.0796 7476 lbrtfdc - ok 13:12:37.0828 7476 mcdbus - ok 13:12:37.0921 7476 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys 13:12:37.0921 7476 mferkdk - ok 13:12:38.0015 7476 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys 13:12:38.0015 7476 mfesmfk - ok 13:12:38.0062 7476 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 13:12:38.0062 7476 mnmdd - ok 13:12:38.0125 7476 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 13:12:38.0125 7476 Modem - ok 13:12:38.0171 7476 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys 13:12:38.0171 7476 MODEMCSA - ok 13:12:38.0203 7476 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys 13:12:38.0203 7476 mohfilt - ok 13:12:38.0234 7476 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 13:12:38.0234 7476 Mouclass - ok 13:12:38.0312 7476 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 13:12:38.0312 7476 mouhid - ok 13:12:38.0359 7476 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 13:12:38.0359 7476 MountMgr - ok 13:12:38.0406 7476 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 13:12:38.0406 7476 mraid35x - ok 13:12:38.0546 7476 mrtRate (6075de2ad531f6e30c9995dfda22001f) C:\WINDOWS\system32\drivers\mrtRate.sys 13:12:38.0546 7476 mrtRate - ok 13:12:38.0593 7476 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 13:12:38.0593 7476 MRxDAV - ok 13:12:38.0671 7476 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 13:12:38.0687 7476 MRxSmb - ok 13:12:38.0718 7476 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 13:12:38.0718 7476 Msfs - ok 13:12:38.0781 7476 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 13:12:38.0781 7476 MSKSSRV - ok 13:12:38.0859 7476 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 13:12:38.0859 7476 MSPCLOCK - ok 13:12:38.0921 7476 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 13:12:38.0921 7476 MSPQM - ok 13:12:39.0015 7476 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 13:12:39.0015 7476 mssmbios - ok 13:12:39.0046 7476 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 13:12:39.0046 7476 MSTEE - ok 13:12:39.0156 7476 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 13:12:39.0156 7476 Mup - ok 13:12:39.0234 7476 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 13:12:39.0234 7476 NABTSFEC - ok 13:12:39.0328 7476 NAL (9121d8ffff773c66bbf4955e4f7aac23) C:\WINDOWS\system32\Drivers\iqvw32.sys 13:12:39.0328 7476 NAL - ok 13:12:39.0437 7476 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 13:12:39.0437 7476 NDIS - ok 13:12:39.0484 7476 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 13:12:39.0484 7476 NdisIP - ok 13:12:39.0609 7476 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 13:12:39.0609 7476 NdisTapi - ok 13:12:39.0687 7476 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 13:12:39.0687 7476 Ndisuio - ok 13:12:39.0718 7476 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 13:12:39.0718 7476 NdisWan - ok 13:12:39.0812 7476 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 13:12:39.0812 7476 NDProxy - ok 13:12:39.0875 7476 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 13:12:39.0875 7476 NetBIOS - ok 13:12:39.0937 7476 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 13:12:39.0937 7476 NetBT - ok 13:12:40.0046 7476 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 13:12:40.0046 7476 Npfs - ok 13:12:40.0093 7476 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 13:12:40.0109 7476 Ntfs - ok 13:12:40.0140 7476 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 13:12:40.0140 7476 Null - ok 13:12:40.0281 7476 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 13:12:40.0343 7476 nv - ok 13:12:40.0421 7476 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 13:12:40.0421 7476 NwlnkFlt - ok 13:12:40.0500 7476 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 13:12:40.0500 7476 NwlnkFwd - ok 13:12:40.0593 7476 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys 13:12:40.0593 7476 omci - ok 13:12:40.0671 7476 ossrv (c720c25b2d0c93dc425155f5b6a707f3) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys 13:12:40.0671 7476 ossrv - ok 13:12:40.0734 7476 P17 (3a7290f2c423b80ba95becae015b9b1b) C:\WINDOWS\system32\drivers\P17.sys 13:12:40.0750 7476 P17 - ok 13:12:40.0843 7476 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 13:12:40.0843 7476 Parport - ok 13:12:40.0906 7476 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 13:12:40.0906 7476 PartMgr - ok 13:12:40.0953 7476 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 13:12:40.0953 7476 ParVdm - ok 13:12:41.0000 7476 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 13:12:41.0015 7476 PCI - ok 13:12:41.0125 7476 PCIDump - ok 13:12:41.0234 7476 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 13:12:41.0234 7476 PCIIde - ok 13:12:41.0390 7476 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 13:12:41.0390 7476 Pcmcia - ok 13:12:41.0437 7476 PDCOMP - ok 13:12:41.0546 7476 PDFRAME - ok 13:12:41.0609 7476 PDRELI - ok 13:12:41.0640 7476 PDRFRAME - ok 13:12:41.0750 7476 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 13:12:41.0750 7476 perc2 - ok 13:12:41.0843 7476 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 13:12:41.0843 7476 perc2hib - ok 13:12:41.0968 7476 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys 13:12:41.0968 7476 pfc - ok 13:12:42.0046 7476 PfModNT (c8a2d6ff660ac601b7bb9a9b16a5c25e) C:\WINDOWS\system32\drivers\PfModNT.sys 13:12:42.0046 7476 PfModNT - ok 13:12:42.0140 7476 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 13:12:42.0140 7476 PptpMiniport - ok 13:12:42.0171 7476 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 13:12:42.0171 7476 PSched - ok 13:12:42.0203 7476 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 13:12:42.0203 7476 Ptilink - ok 13:12:42.0296 7476 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys 13:12:42.0296 7476 PxHelp20 - ok 13:12:42.0343 7476 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 13:12:42.0343 7476 ql1080 - ok 13:12:42.0375 7476 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 13:12:42.0390 7476 Ql10wnt - ok 13:12:42.0468 7476 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 13:12:42.0468 7476 ql12160 - ok 13:12:42.0531 7476 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 13:12:42.0531 7476 ql1240 - ok 13:12:42.0578 7476 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 13:12:42.0578 7476 ql1280 - ok 13:12:42.0640 7476 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 13:12:42.0640 7476 RasAcd - ok 13:12:42.0734 7476 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 13:12:42.0734 7476 Rasl2tp - ok 13:12:42.0765 7476 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 13:12:42.0781 7476 RasPppoe - ok 13:12:42.0812 7476 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 13:12:42.0812 7476 Raspti - ok 13:12:42.0906 7476 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 13:12:42.0906 7476 Rdbss - ok 13:12:42.0953 7476 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sy@ 13:12:42.0953 7476 RDPCDD - ok 13:12:43.0031 7476 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 13:12:43.0046 7476 rdpdr - ok 13:12:43.0140 7476 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 13:12:43.0140 7476 RDPWD - ok 13:12:43.0203 7476 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 13:12:43.0203 7476 redbook - ok 13:12:43.0296 7476 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 13:12:43.0296 7476 Secdrv - ok 13:12:43.0437 7476 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 13:12:43.0437 7476 serenum - ok 13:12:43.0546 7476 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 13:12:43.0546 7476 Serial - ok 13:12:43.0593 7476 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 13:12:43.0593 7476 Sfloppy - ok 13:12:43.0625 7476 Simbad - ok 13:12:43.0718 7476 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 13:12:43.0718 7476 sisagp - ok 13:12:43.0765 7476 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 13:12:43.0765 7476 SLIP - ok 13:12:43.0859 7476 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 13:12:43.0859 7476 Sparrow - ok 13:12:43.0968 7476 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 13:12:43.0968 7476 splitter - ok 13:12:44.0046 7476 SQTECH905C (e3879c514f59402e1a7ce58a5511816f) C:\WINDOWS\system32\Drivers\Capt905c.sys 13:12:44.0046 7476 SQTECH905C - ok 13:12:44.0093 7476 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 13:12:44.0093 7476 sr - ok 13:12:44.0187 7476 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 13:12:44.0187 7476 Srv - ok 13:12:44.0250 7476 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys 13:12:44.0250 7476 sscdbhk5 - ok 13:12:44.0343 7476 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys 13:12:44.0359 7476 ssrtln - ok 13:12:44.0484 7476 STHDA (6b14c6e98f752ebbab24a4e0bd0f3a24) C:\WINDOWS\system32\drivers\sthda.sys 13:12:44.0484 7476 STHDA - ok 13:12:44.0578 7476 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 13:12:44.0578 7476 streamip - ok 13:12:44.0640 7476 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 13:12:44.0640 7476 swenum - ok 13:12:44.0671 7476 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 13:12:44.0671 7476 swmidi - ok 13:12:44.0734 7476 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 13:12:44.0750 7476 symc810 - ok 13:12:44.0812 7476 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 13:12:44.0812 7476 symc8xx - ok 13:12:44.0890 7476 symsnap (c9273531eac75ee225e3170fb6107fa3) C:\WINDOWS\system32\DRIVERS\symsnap.sys 13:12:44.0890 7476 symsnap - ok 13:12:44.0953 7476 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 13:12:44.0953 7476 sym_hi - ok 13:12:45.0015 7476 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 13:12:45.0015 7476 sym_u3 - ok 13:12:45.0093 7476 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 13:12:45.0093 7476 sysaudio - ok 13:12:45.0203 7476 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 13:12:45.0203 7476 Tcpip - ok 13:12:45.0281 7476 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 13:12:45.0281 7476 TDPIPE - ok 13:12:45.0328 7476 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 13:12:45.0359 7476 TDTCP - ok 13:12:45.0406 7476 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 13:12:45.0406 7476 TermDD - ok 13:12:45.0515 7476 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys 13:12:45.0515 7476 tfsnboio - ok 13:12:45.0546 7476 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys 13:12:45.0546 7476 tfsncofs - ok 13:12:45.0578 7476 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys 13:12:45.0578 7476 tfsndrct - ok 13:12:45.0625 7476 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys 13:12:45.0625 7476 tfsndres - ok 13:12:45.0640 7476 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys 13:12:45.0656 7476 tfsnifs - ok 13:12:45.0671 7476 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys 13:12:45.0687 7476 tfsnopio - ok 13:12:45.0718 7476 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys 13:12:45.0718 7476 tfsnpool - ok 13:12:45.0750 7476 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys 13:12:45.0750 7476 tfsnudf - ok 13:12:45.0828 7476 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys 13:12:45.0843 7476 tfsnudfa - ok 13:12:45.0890 7476 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys 13:12:45.0890 7476 TosIde - ok 13:12:46.0000 7476 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 13:12:46.0000 7476 Udfs - ok 13:12:46.0062 7476 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 13:12:46.0062 7476 ultra - ok 13:12:46.0171 7476 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 13:12:46.0187 7476 Update - ok 13:12:46.0281 7476 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys 13:12:46.0281 7476 USBAAPL - ok 13:12:46.0390 7476 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 13:12:46.0390 7476 usbccgp - ok 13:12:46.0484 7476 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 13:12:46.0484 7476 usbehci - ok 13:12:46.0515 7476 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 13:12:46.0515 7476 usbhub - ok 13:12:46.0562 7476 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 13:12:46.0578 7476 usbprint - ok 13:12:46.0671 7476 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 13:12:46.0687 7476 usbscan - ok 13:12:46.0765 7476 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 13:12:46.0765 7476 USBSTOR - ok 13:12:46.0906 7476 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 13:12:46.0921 7476 usbuhci - ok 13:12:46.0953 7476 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys 13:12:46.0953 7476 USB_RNDIS - ok 13:12:47.0046 7476 v2imount (b4d63048d6358e7c6ab61b98b8cff263) C:\WINDOWS\system32\DRIVERS\v2imount.sys 13:12:47.0046 7476 v2imount - ok 13:12:47.0078 7476 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 13:12:47.0078 7476 VgaSave - ok 13:12:47.0156 7476 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 13:12:47.0156 7476 viaagp - ok 13:12:47.0203 7476 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 13:12:47.0203 7476 ViaIde - ok 13:12:47.0312 7476 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 13:12:47.0312 7476 VolSnap - ok 13:12:47.0359 7476 VProEventMonitor (e78781b2c86c92a0a738df566460f716) C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys 13:12:47.0359 7476 VProEventMonitor - ok 13:12:47.0421 7476 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 13:12:47.0421 7476 Wanarp - ok 13:12:47.0515 7476 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys 13:12:47.0515 7476 wanatw - ok 13:12:47.0546 7476 WDICA - ok 13:12:47.0578 7476 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 13:12:47.0593 7476 wdmaud - ok 13:12:47.0640 7476 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\WINDOWS\system32\DRIVERS\wimfltr.sys 13:12:47.0640 7476 WimFltr - ok 13:12:47.0734 7476 WinDriver6 (097a8291df541f9b9af2c500797cdcaa) C:\WINDOWS\system32\drivers\windrvr6.sys 13:12:47.0734 7476 WinDriver6 - ok 13:12:47.0859 7476 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 13:12:47.0859 7476 WpdUsb - ok 13:12:47.0921 7476 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 13:12:47.0921 7476 WS2IFSL - ok 13:12:47.0968 7476 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 13:12:47.0968 7476 WSTCODEC - ok 13:12:48.0078 7476 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 13:12:48.0078 7476 WudfPf - ok 13:12:48.0140 7476 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 13:12:48.0140 7476 WudfRd - ok 13:12:48.0171 7476 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0 13:12:48.0203 7476 \Device\Harddisk0\DR0 - ok 13:12:48.0203 7476 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1 13:12:48.0203 7476 \Device\Harddisk1\DR1 - ok 13:12:48.0218 7476 Boot (0x1200) (750a31ed83f6b4d7ea53cc00c6315a26) \Device\Harddisk0\DR0\Partition0 13:12:48.0234 7476 \Device\Harddisk0\DR0\Partition0 - ok 13:12:48.0234 7476 Boot (0x1200) (fe5a37ecfc9d550099d7fe5d7d31efb7) \Device\Harddisk1\DR1\Partition0 13:12:48.0234 7476 \Device\Harddisk1\DR1\Partition0 - ok 13:12:48.0234 7476 ============================================================ 13:12:48.0234 7476 Scan finished 13:12:48.0234 7476 ============================================================ 13:12:48.0234 7988 Detected object count: 0 13:12:48.0234 7988 Actual detected object count: 0

33killerlog.txt Hi, Completed all the steps. As far as my system the program files are still empty. TDSS log too long so I attached. Here are the other logs. Thank you for your help! CAE ComboFix 12-03-03.01 - Ekenbarger's 03/03/2012 17:52:46.3.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2558.1970 [GMT -5:00] Running from: c:\documents and settings\Ekenbarger's\Desktop\Combo-Fix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\oobe\msoobe.exe c:\windows\system32\oobe\oobebaln.exe . . ((((((((((((((((((((((((( Files Created from 2012-02-03 to 2012-03-03 ))))))))))))))))))))))))))))))) . . 2012-03-03 01:56 . 2012-03-03 01:56 -------- d-----w- c:\program files\Sigmatel 2012-03-03 01:56 . 2005-03-23 04:20 339968 ----a-w- c:\windows\stsystra.exe 2012-03-03 01:56 . 2005-03-22 09:22 143441 ----a-w- c:\windows\system32\stac97.cpl 2012-03-03 01:56 . 2005-03-22 09:20 90112 ----a-w- c:\windows\system32\stacapi.dll 2012-02-24 01:05 . 2012-02-24 01:05 -------- d-sh--w- c:\documents and settings\Default User\IETldCache 2012-02-23 23:41 . 2011-06-24 14:10 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys 2012-02-23 23:41 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys 2012-02-23 23:38 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll 2012-02-23 23:38 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\dllcache\iacenc.dll 2012-02-23 23:38 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys 2012-02-20 23:54 . 2012-02-20 23:54 -------- d-----w- C:\fixpoliciestool 2012-02-20 19:03 . 2012-02-20 19:03 -------- d-----w- c:\documents and settings\Ekenbarger's\Application Data\Malwarebytes 2012-02-20 19:03 . 2012-02-20 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-02-20 19:02 . 2012-02-20 19:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-02-19 22:45 . 2012-02-19 22:45 14664 ----a-w- c:\windows\stinger.sys 2012-02-19 22:43 . 2012-02-19 22:55 -------- d-----w- c:\program files\stinger 2012-02-18 18:12 . 2012-02-23 22:54 -------- d-----w- c:\program files\trend micro 2012-02-18 18:12 . 2012-02-23 22:55 -------- d-----w- C:\rsit 2012-02-18 15:13 . 2012-02-25 19:00 -------- d-----w- C:\ARK 2012-02-18 00:58 . 2012-02-18 00:58 -------- d-----w- c:\documents and settings\Ekenbarger's\Application Data\QuickScan 2012-02-18 00:46 . 2012-02-18 00:46 -------- d-----w- c:\program files\Common Files\Java 2012-02-18 00:45 . 2012-02-18 00:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Ask 2012-02-18 00:45 . 2012-02-18 00:45 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-02-16 01:00 . 2012-02-16 02:13 -------- d-----w- C:\Combo-Fix 2012-02-12 20:12 . 2012-02-12 20:12 -------- d-----w- c:\program files\ESET 2012-02-10 01:04 . 2012-02-10 01:04 -------- d-----w- C:\_OTL 2012-02-10 00:40 . 2012-02-11 15:24 -------- d-----w- c:\program files\ERUNT . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-12 16:53 . 2004-08-10 17:51 1859968 ----a-w- c:\windows\system32\win32k.sys 2011-12-26 20:43 . 2011-05-06 19:29 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-12-17 19:46 . 2004-08-10 17:51 916992 ----a-w- c:\windows\system32\wininet.dll 2011-12-17 19:46 . 2004-08-10 17:51 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-12-17 19:46 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-12-16 12:22 . 2004-08-10 17:51 385024 ----a-w- c:\windows\system32\html.iec . . ((((((((((((((((((((((((((((( SnapShot@2012-02-16_01.54.03 ))))))))))))))))))))))))))))))))))))))))) . + 2011-05-14 01:17 . 2011-05-14 01:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll + 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll + 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll + 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll + 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll + 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll + 2011-05-14 00:45 . 2011-05-14 00:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll + 2011-05-14 00:45 . 2011-05-14 00:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll + 2011-05-14 00:45 . 2011-05-14 00:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll + 2011-05-14 00:45 . 2011-05-14 00:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll + 2011-05-14 06:06 . 2011-05-14 06:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll + 2011-05-14 06:23 . 2011-05-14 06:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll + 2011-05-13 23:37 . 2011-05-13 23:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll + 2012-03-03 20:22 . 2012-03-03 20:22 16384 c:\windows\Temp\Perflib_Perfdata_84c.dat + 2012-03-03 23:02 . 2012-03-03 23:02 16384 c:\windows\Temp\Perflib_Perfdata_848.dat + 2012-03-03 23:02 . 2012-03-03 23:02 16384 c:\windows\Temp\Perflib_Perfdata_58c.dat + 2007-01-29 08:58 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe - 2007-01-29 08:58 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe + 2010-02-22 02:04 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll - 2010-02-22 02:04 . 2007-11-30 10:39 17272 c:\windows\system32\spmsg.dll + 2004-08-10 17:51 . 2012-03-03 01:57 72160 c:\windows\system32\perfc009.dat + 2004-08-10 17:51 . 2011-11-18 12:35 60416 c:\windows\system32\packager.exe + 2004-08-10 17:51 . 2011-09-26 16:41 20480 c:\windows\system32\oleaccrc.dll + 2004-08-10 17:51 . 2011-12-17 19:46 66560 c:\windows\system32\mshtmled.dll - 2004-08-10 17:51 . 2011-02-22 23:06 66560 c:\windows\system32\mshtmled.dll + 2009-03-08 08:31 . 2011-12-17 19:46 55296 c:\windows\system32\msfeedsbs.dll - 2009-03-08 08:31 . 2011-02-22 23:06 55296 c:\windows\system32\msfeedsbs.dll + 2004-08-10 17:51 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll - 2004-08-10 17:51 . 2008-04-14 00:11 23040 c:\windows\system32\mciseq.dll - 2004-08-10 17:51 . 2011-02-22 23:06 25600 c:\windows\system32\jsproxy.dll + 2004-08-10 17:51 . 2011-12-17 19:46 25600 c:\windows\system32\jsproxy.dll + 2004-08-10 17:51 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys + 2009-08-21 22:05 . 2011-12-17 19:46 12800 c:\windows\system32\dllcache\xpshims.dll - 2009-08-21 22:05 . 2011-02-22 23:06 12800 c:\windows\system32\dllcache\xpshims.dll + 2011-11-18 12:35 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe + 2004-08-10 18:02 . 2008-04-14 00:12 51200 c:\windows\system32\dllcache\oobebaln.exe + 2011-09-26 16:41 . 2011-09-26 16:41 20480 c:\windows\system32\dllcache\oleaccrc.dll + 2004-08-10 18:02 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\msoobe.exe + 2006-05-10 05:23 . 2011-12-17 19:46 66560 c:\windows\system32\dllcache\mshtmled.dll - 2006-05-10 05:23 . 2011-02-22 23:06 66560 c:\windows\system32\dllcache\mshtmled.dll + 2009-08-21 22:05 . 2011-12-17 19:46 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2009-08-21 22:05 . 2011-02-22 23:06 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll - 2009-03-08 08:34 . 2011-02-22 23:06 43520 c:\windows\system32\dllcache\licmgr10.dll + 2009-03-08 08:34 . 2011-12-17 19:46 43520 c:\windows\system32\dllcache\licmgr10.dll - 2006-05-10 05:22 . 2011-02-22 23:06 25600 c:\windows\system32\dllcache\jsproxy.dll + 2006-05-10 05:22 . 2011-12-17 19:46 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-12-14 07:08 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll - 2009-12-14 07:08 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll - 2004-08-10 17:50 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll + 2004-08-10 17:50 . 2011-10-28 05:31 33280 c:\windows\system32\csrsrv.dll + 2012-02-25 01:16 . 2012-02-25 01:15 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2005-09-20 23:48 . 2012-01-12 01:11 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2005-09-20 23:48 . 2012-02-25 01:15 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2012-02-25 01:16 . 2012-02-25 01:15 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2011-12-25 08:49 . 2011-12-25 08:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe - 2010-09-23 19:55 . 2010-09-23 19:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll + 2011-12-25 16:07 . 2011-12-25 16:07 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll - 2010-09-23 06:26 . 2010-09-23 06:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2011-12-25 03:55 . 2011-12-25 03:55 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2011-12-25 03:55 . 2011-12-25 03:55 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll - 2010-09-23 06:26 . 2010-09-23 06:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll + 2011-12-25 03:55 . 2011-12-25 03:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll - 2010-09-23 06:26 . 2010-09-23 06:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll - 2010-09-23 07:17 . 2010-09-23 07:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2011-12-25 04:49 . 2011-12-25 04:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2011-12-25 04:49 . 2011-12-25 04:49 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll - 2010-09-23 07:17 . 2010-09-23 07:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll + 2012-02-24 01:26 . 2012-02-24 01:26 34632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe - 2011-05-12 00:00 . 2011-05-12 00:00 34632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe + 2011-01-27 13:51 . 2012-02-24 01:06 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - 2011-01-27 13:51 . 2011-04-21 00:01 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2012-02-24 01:06 . 2011-02-22 23:06 12800 c:\windows\ie8updates\KB2647516-IE8\xpshims.dll + 2012-02-24 01:06 . 2011-02-22 23:06 66560 c:\windows\ie8updates\KB2647516-IE8\mshtmled.dll + 2012-02-24 01:06 . 2011-02-22 23:06 55296 c:\windows\ie8updates\KB2647516-IE8\msfeedsbs.dll + 2012-02-24 01:06 . 2011-02-22 23:06 43520 c:\windows\ie8updates\KB2647516-IE8\licmgr10.dll + 2012-02-24 01:06 . 2011-02-22 23:06 25600 c:\windows\ie8updates\KB2647516-IE8\jsproxy.dll + 2012-02-24 01:11 . 2012-02-24 01:11 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f0763d5c\System.Drawing.Design.dll + 2012-02-24 01:11 . 2012-02-24 01:11 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_6607c41f\CustomMarshalers.dll + 2012-02-24 01:29 . 2012-02-24 01:29 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\888b745ca99d39692c2e9af222e5eae8\UIAutomationProvider.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\dab766b18e6fe0a8f53a93c56be7b40e\System.Windows.Presentation.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\31b65443e56a470d199f293085576e05\System.Web.DynamicData.Design.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\89dfd3999ad1d72c59243d7b4bf40d5a\System.ComponentModel.DataAnnotations.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll + 2012-02-24 01:27 . 2012-02-24 01:27 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3aa4296d4aa01fe0533de2c15f818d5f\PresentationFontCache.ni.exe + 2012-02-24 01:27 . 2012-02-24 01:27 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\820acb71782d9cd006800b3ac7e1ca53\PresentationCFFRasterizer.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\d07f0222f62dbed7898a6e2e909d407a\Microsoft.Vsa.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9855d3fb15e6c63a811b1f0b66d78428\Microsoft.PowerShell.Commands.Utility.resources.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7618f444d33b1311e952ba9285e4a4b2\Microsoft.PowerShell.Security.resources.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1b23e2c0707d81e7eb14f78552562635\Microsoft.PowerShell.Commands.Management.resources.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\05bbffbe100ede49139819641a41dfda\Microsoft.PowerShell.ConsoleHost.resources.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe + 2012-02-24 01:30 . 2012-02-24 01:30 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll - 2011-04-14 00:06 . 2011-04-14 00:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2012-02-24 01:25 . 2012-02-24 01:25 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2011-04-14 00:06 . 2011-04-14 00:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2012-02-24 01:25 . 2012-02-24 01:25 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2012-02-24 01:26 . 2012-02-24 01:26 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2011-04-14 00:06 . 2011-04-14 00:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2012-02-24 01:25 . 2012-02-24 01:25 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2011-04-14 00:06 . 2011-04-14 00:06 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2011-04-14 00:06 . 2011-04-14 00:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2012-02-24 01:26 . 2012-02-24 01:26 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2012-02-24 01:26 . 2012-02-24 01:26 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2011-04-14 00:06 . 2011-04-14 00:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2012-02-24 01:26 . 2012-02-24 01:26 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2011-04-14 00:06 . 2011-04-14 00:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2011-04-14 00:06 . 2011-04-14 00:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2012-02-24 01:26 . 2012-02-24 01:26 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2012-02-24 01:26 . 2012-02-24 01:26 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2011-04-14 00:06 . 2011-04-14 00:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2011-04-14 00:06 . 2011-04-14 00:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2012-02-24 01:25 . 2012-02-24 01:25 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2012-02-24 01:25 . 2012-02-24 01:25 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2011-04-14 00:06 . 2011-04-14 00:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2012-02-24 01:26 . 2012-02-24 01:26 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2011-04-14 00:06 . 2011-04-14 00:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2012-02-24 01:25 . 2012-02-24 01:25 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2011-04-14 00:06 . 2011-04-14 00:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-02-24 01:11 . 2012-02-24 01:11 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll - 2010-10-03 00:00 . 2010-10-03 00:00 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll - 2011-04-14 00:06 . 2011-04-14 00:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2012-02-24 01:26 . 2012-02-24 01:26 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2012-02-24 01:25 . 2012-02-24 01:25 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2011-04-14 00:06 . 2011-04-14 00:06 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2011-04-14 00:06 . 2011-04-14 00:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2012-02-24 01:26 . 2012-02-24 01:26 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2012-02-24 01:26 . 2012-02-24 01:26 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2011-04-14 00:06 . 2011-04-14 00:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2012-02-24 01:26 . 2012-02-24 01:26 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2011-04-14 00:06 . 2011-04-14 00:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2012-02-24 01:25 . 2012-02-24 01:25 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2011-04-14 00:06 . 2011-04-14 00:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2012-02-24 01:25 . 2012-02-24 01:25 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2011-04-14 00:06 . 2011-04-14 00:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2004-08-10 17:51 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll + 2004-08-10 17:51 . 2011-11-25 21:57 293376 c:\windows\system32\winsrv.dll - 2004-08-10 17:51 . 2008-04-14 00:12 176128 c:\windows\system32\winmm.dll + 2004-08-10 17:51 . 2011-10-14 14:47 176128 c:\windows\system32\winmm.dll - 2004-08-10 17:51 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll + 2004-08-10 17:51 . 2011-11-16 14:21 354816 c:\windows\system32\winhttp.dll - 2004-08-10 17:51 . 2009-03-08 08:34 105984 c:\windows\system32\url.dll + 2004-08-10 17:51 . 2011-12-17 19:46 105984 c:\windows\system32\url.dll + 2004-01-07 16:21 . 2004-01-07 16:21 237936 c:\windows\system32\unicows.dll + 2008-07-30 00:59 . 2011-09-26 16:41 611328 c:\windows\system32\uiautomationcore.dll + 2005-09-16 05:26 . 2005-03-22 09:23 103936 c:\windows\system32\staco.dll + 2004-08-10 17:51 . 2011-11-16 14:21 152064 c:\windows\system32\schannel.dll - 2004-08-10 17:51 . 2008-04-14 00:12 386048 c:\windows\system32\qdvd.dll + 2004-08-10 17:51 . 2011-11-03 15:28 386048 c:\windows\system32\qdvd.dll + 2004-08-10 17:51 . 2012-03-03 01:57 442894 c:\windows\system32\perfh009.dat - 2004-08-10 17:51 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll + 2004-08-10 17:51 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll + 2004-08-10 17:51 . 2011-09-26 16:41 220160 c:\windows\system32\oleacc.dll + 2004-08-10 17:51 . 2011-12-17 19:46 206848 c:\windows\system32\occache.dll - 2004-08-10 17:51 . 2011-02-22 23:06 206848 c:\windows\system32\occache.dll + 2004-08-10 17:51 . 2011-12-17 19:46 611840 c:\windows\system32\mstime.dll - 2004-08-10 17:51 . 2011-02-22 23:06 611840 c:\windows\system32\mstime.dll - 2009-03-08 08:32 . 2011-02-22 23:06 602112 c:\windows\system32\msfeeds.dll + 2009-03-08 08:32 . 2011-12-17 19:46 602112 c:\windows\system32\msfeeds.dll + 2012-02-18 00:45 . 2012-02-18 00:45 157472 c:\windows\system32\javaws.exe - 2011-02-15 23:10 . 2011-02-03 02:40 157472 c:\windows\system32\javaws.exe + 2012-02-18 00:45 . 2012-02-18 00:45 149280 c:\windows\system32\javaw.exe + 2012-02-18 00:45 . 2012-02-18 00:45 149280 c:\windows\system32\java.exe + 2004-08-10 18:02 . 2011-10-10 14:22 692736 c:\windows\system32\inetcomm.dll - 2004-08-10 18:02 . 2011-03-07 05:33 692736 c:\windows\system32\inetcomm.dll + 2004-08-10 17:51 . 2011-12-17 19:46 184320 c:\windows\system32\iepeers.dll - 2004-08-10 17:51 . 2011-02-22 23:06 184320 c:\windows\system32\iepeers.dll - 2004-08-10 17:51 . 2011-02-22 23:06 387584 c:\windows\system32\iedkcs32.dll + 2004-08-10 17:51 . 2011-12-17 19:46 387584 c:\windows\system32\iedkcs32.dll + 2004-08-10 17:51 . 2011-12-16 12:23 174080 c:\windows\system32\ie4uinit.exe + 2004-08-10 17:57 . 2012-02-24 01:42 351384 c:\windows\system32\FNTCACHE.DAT - 2004-08-10 17:57 . 2011-04-14 00:24 351384 c:\windows\system32\FNTCACHE.DAT + 2004-08-10 17:51 . 2011-10-18 11:13 186880 c:\windows\system32\encdec.dll - 2004-08-10 17:51 . 2011-02-09 13:53 186880 c:\windows\system32\encdec.dll + 2005-09-16 05:26 . 2005-04-01 00:22 180096 c:\windows\system32\drivers\sthda.sys - 2004-08-10 18:01 . 2008-04-14 00:13 139656 c:\windows\system32\drivers\rdpwd.sys + 2004-08-10 18:01 . 2011-06-24 14:10 139656 c:\windows\system32\drivers\rdpwd.sys + 2004-08-10 17:51 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys + 2005-09-16 05:26 . 2011-07-15 13:29 456320 c:\windows\system32\drivers\mrxsmb.sys + 2004-08-10 17:50 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys - 2004-08-10 17:50 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys - 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll + 2010-06-18 17:45 . 2011-11-25 21:57 293376 c:\windows\system32\dllcache\winsrv.dll + 2011-10-14 14:47 . 2011-10-14 14:47 176128 c:\windows\system32\dllcache\winmm.dll + 2006-05-10 05:23 . 2011-12-17 19:46 916992 c:\windows\system32\dllcache\wininet.dll + 2008-12-16 12:30 . 2011-11-16 14:21 354816 c:\windows\system32\dllcache\winhttp.dll - 2008-12-16 12:30 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll + 2006-09-18 14:15 . 2011-04-30 03:01 758784 c:\windows\system32\dllcache\vgx.dll - 2009-03-08 08:34 . 2009-03-08 08:34 105984 c:\windows\system32\dllcache\url.dll + 2009-03-08 08:34 . 2011-12-17 19:46 105984 c:\windows\system32\dllcache\url.dll + 2008-12-05 06:54 . 2011-11-16 14:21 152064 c:\windows\system32\dllcache\schannel.dll + 2011-11-03 15:28 . 2011-11-03 15:28 386048 c:\windows\system32\dllcache\qdvd.dll + 2010-12-20 17:32 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll + 2011-09-26 16:41 . 2011-09-26 16:41 220160 c:\windows\system32\dllcache\oleacc.dll + 2009-03-08 08:34 . 2011-12-17 19:46 206848 c:\windows\system32\dllcache\occache.dll - 2009-03-08 08:34 . 2011-02-22 23:06 206848 c:\windows\system32\dllcache\occache.dll - 2006-05-10 05:23 . 2011-02-22 23:06 611840 c:\windows\system32\dllcache\mstime.dll + 2006-05-10 05:23 . 2011-12-17 19:46 611840 c:\windows\system32\dllcache\mstime.dll + 2009-08-21 22:05 . 2011-12-17 19:46 602112 c:\windows\system32\dllcache\msfeeds.dll - 2009-08-21 22:05 . 2011-02-22 23:06 602112 c:\windows\system32\dllcache\msfeeds.dll + 2008-11-12 04:15 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys - 2008-08-14 09:17 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll + 2008-08-14 09:17 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll - 2009-08-21 22:05 . 2011-02-22 23:06 247808 c:\windows\system32\dllcache\ieproxy.dll + 2009-08-21 22:05 . 2011-12-17 19:46 247808 c:\windows\system32\dllcache\ieproxy.dll + 2006-05-10 05:22 . 2011-12-17 19:46 184320 c:\windows\system32\dllcache\iepeers.dll - 2006-05-10 05:22 . 2011-02-22 23:06 184320 c:\windows\system32\dllcache\iepeers.dll - 2010-06-10 10:15 . 2011-02-22 23:06 743424 c:\windows\system32\dllcache\iedvtool.dll + 2010-06-10 10:15 . 2011-12-17 19:46 743424 c:\windows\system32\dllcache\iedvtool.dll - 2009-03-08 18:09 . 2011-02-22 23:06 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2009-03-08 18:09 . 2011-12-17 19:46 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2009-03-08 08:32 . 2011-12-16 12:23 174080 c:\windows\system32\dllcache\ie4uinit.exe - 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll + 2011-02-09 13:53 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll + 2011-09-28 07:06 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll + 2008-06-20 11:40 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys - 2008-06-20 11:40 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys + 2004-08-10 17:50 . 2011-09-28 07:06 599040 c:\windows\system32\crypt32.dll - 2004-08-10 17:50 . 2008-04-14 00:11 599040 c:\windows\system32\crypt32.dll + 2011-12-25 08:49 . 2011-12-25 08:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll - 2011-01-18 08:39 . 2011-01-18 08:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2011-07-07 10:18 . 2011-07-07 10:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll - 2011-01-18 08:39 . 2011-01-18 08:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2011-03-25 11:15 . 2011-03-25 11:15 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2011-07-07 10:18 . 2011-07-07 10:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll - 2011-01-18 08:39 . 2011-01-18 08:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll - 2010-09-23 06:26 . 2010-09-23 06:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll + 2011-12-25 03:55 . 2011-12-25 03:55 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll + 2011-12-25 03:53 . 2011-12-25 03:53 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - 2010-09-23 06:25 . 2010-09-23 06:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - 2010-09-23 07:17 . 2010-09-23 07:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2011-12-25 04:49 . 2011-12-25 04:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2012-02-18 00:46 . 2012-02-18 00:46 203776 c:\windows\Installer\32890.msi + 2012-02-18 00:45 . 2012-02-18 00:45 901120 c:\windows\Installer\3287c.msi + 2011-12-25 10:40 . 2011-12-25 10:40 819200 c:\windows\Installer\165142.msp + 2012-02-24 01:04 . 2012-02-24 01:04 467456 c:\windows\Installer\1650fb.msi + 2012-02-24 01:06 . 2011-02-22 23:06 916480 c:\windows\ie8updates\KB2647516-IE8\wininet.dll + 2012-02-24 01:06 . 2009-03-08 08:34 105984 c:\windows\ie8updates\KB2647516-IE8\url.dll + 2012-02-24 01:06 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2647516-IE8\spuninst\updspapi.dll + 2012-02-24 01:06 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2647516-IE8\spuninst\spuninst.exe + 2012-02-24 01:06 . 2011-02-22 23:06 206848 c:\windows\ie8updates\KB2647516-IE8\occache.dll + 2012-02-24 01:06 . 2011-02-22 23:06 611840 c:\windows\ie8updates\KB2647516-IE8\mstime.dll + 2012-02-24 01:06 . 2011-02-22 23:06 602112 c:\windows\ie8updates\KB2647516-IE8\msfeeds.dll + 2012-02-24 01:06 . 2011-02-22 23:06 247808 c:\windows\ie8updates\KB2647516-IE8\ieproxy.dll + 2012-02-24 01:06 . 2011-02-22 23:06 184320 c:\windows\ie8updates\KB2647516-IE8\iepeers.dll + 2012-02-24 01:06 . 2011-02-22 23:06 743424 c:\windows\ie8updates\KB2647516-IE8\iedvtool.dll + 2012-02-24 01:06 . 2011-02-22 23:06 387584 c:\windows\ie8updates\KB2647516-IE8\iedkcs32.dll + 2012-02-24 01:06 . 2011-02-18 11:49 173568 c:\windows\ie8updates\KB2647516-IE8\ie4uinit.exe + 2012-02-24 01:01 . 2009-03-08 08:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll + 2012-02-24 01:01 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll + 2012-02-24 01:01 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe + 2008-11-12 04:15 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys + 2012-01-27 22:15 . 2012-01-27 22:15 728344 c:\windows\Downloaded Program Files\qsax.dll + 2012-02-24 01:12 . 2012-02-24 01:12 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_5fbc3779\System.Drawing.dll + 2012-02-24 01:13 . 2012-02-24 01:13 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_7b1acc5a\System.Drawing.Design.dll + 2012-02-24 01:13 . 2012-02-24 01:13 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_6500c1e8\CustomMarshalers.dll + 2012-02-24 01:31 . 2012-02-24 01:31 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\edc5691acfb65ac37f49de2ec497083a\WsatConfig.ni.exe + 2012-02-24 01:29 . 2012-02-24 01:29 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\4ad8369d6a60765d7e9b43cdf9023f41\WindowsFormsIntegration.ni.dll + 2012-02-24 01:29 . 2012-02-24 01:29 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f102afdffdbe2565bcedb7fa0626b865\UIAutomationTypes.ni.dll + 2012-02-24 01:29 . 2012-02-24 01:29 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\68f4157e570c77df653057c0583395bd\UIAutomationClient.ni.dll + 2012-02-24 01:34 . 2012-02-24 01:34 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c2a12bd4056b44f8005a7eb3af161e6a\System.Xml.Linq.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\fc63b434b2f253cd27625487f7b02ac0\System.Web.Routing.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\67877f896b2b0e42286e838fe307f3fd\System.Web.RegularExpressions.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\86650d4fb220f94f25bb5da42a03d454\System.Web.Extensions.Design.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\654465871e547e131668874de7c60b8c\System.Web.Entity.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f0d6895f6e709d425cb5da6053c603d2\System.Web.Entity.Design.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3f3b7dc7208e302e39a2dfb5b2cb953b\System.Web.DynamicData.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\e9cddd213343f15d611b14620d649bb0\System.Web.Abstractions.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\a4b2b1ee81acd843970d9a81b281f1c1\System.Net.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e3436edde657a5111d39d5b2eecf9715\System.Management.Instrumentation.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 160256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\5d6a0e02b8e1cff94d07d2507667edc7\System.Management.Automation.resources.ni.dll + 2012-02-24 01:30 . 2012-02-24 01:30 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\974ded7dd3bca225a1b90de778846c78\System.IO.Log.ni.dll + 2012-02-24 01:30 . 2012-02-24 01:30 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\01eba24390736a59c39becd825b5756e\System.IdentityModel.Selectors.ni.dll + 2012-02-24 01:32 . 2012-02-24 01:32 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.Wrapper.dll + 2012-02-24 01:32 . 2012-02-24 01:32 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e9ae7ae6d1e9edc7aaf819889cd1c692\System.Drawing.Design.ni.dll + 2012-02-24 01:32 . 2012-02-24 01:32 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\78a370dc153011708dd9e4cb0e606bfc\System.DirectoryServices.Protocols.ni.dll + 2012-02-24 01:32 . 2012-02-24 01:32 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6e644fc7464d9fe23fc9cd6001296f2f\System.DirectoryServices.AccountManagement.ni.dll + 2012-02-24 01:32 . 2012-02-24 01:32 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\bac39be66bb9f987c1948b766833f8e6\System.Data.Services.Client.ni.dll + 2012-02-24 01:32 . 2012-02-24 01:32 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2b5ecd231320e57010043c408783d80b\System.Data.Services.Design.ni.dll + 2012-02-24 01:32 . 2012-02-24 01:32 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4ac9ac2326720485aefd4d79d2024945\System.Data.Entity.Design.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\d504d550fd0a6994fcb1466ea7be92af\System.Data.DataSetExtensions.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\28637135c6939e74450bbbf110b12643\System.Configuration.Install.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\958b5c0114d664ab5ba72575c301e2ea\System.AddIn.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4dcff3b0e79fc27e31549bb2af00efb5\SMSvcHost.ni.exe + 2012-02-24 01:31 . 2012-02-24 01:31 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bd3bfd5b6ef659dac4d6cccb34577d33\SMDiagnostics.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\edec83be646eb52204c991371751a428\ServiceModelReg.ni.exe + 2012-02-24 01:28 . 2012-02-24 01:28 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\52015457bc28e7a9a563d9eab8ab0015\PresentationFramework.Royale.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a680814559114706a33282e9df4b7a\PresentationFramework.Classic.ni.dll + 2012-02-24 01:24 . 2012-02-24 01:24 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\447392b739fcc0dd9bf43d38ed157799\PresentationFramework.Classic.ni.dll + 2012-02-24 01:24 . 2012-02-24 01:24 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3d11f3e778bdb89425a689c18afb1041\PresentationFramework.Aero.ni.dll + 2012-02-24 01:24 . 2012-02-24 01:24 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c273f5d4639fe3a367d224afea4c9e3\PresentationFramework.Luna.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2713754549b1114c9152d33efe5f72c7\PresentationFramework.Aero.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1552f18ca434c1dca6d082df476d089a\PresentationFramework.Luna.ni.dll + 2012-02-24 01:24 . 2012-02-24 01:24 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\04a3aea7cd8f46069bfa3e94fc0c3306\PresentationFramework.Royale.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7c51497b188c82e2ccbe6315549ce023\MSBuild.ni.exe + 2012-02-24 01:31 . 2012-02-24 01:31 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f0f6dd614d294295c5d8386cc4192034\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fb938a1d399e2cfca2304bdca4fe76dc\Microsoft.PowerShell.Security.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a03adbb7c3084d986da6e22dcce9805f\Microsoft.PowerShell.Commands.Utility.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8a25afef0d57ac430ba392595eba639f\Microsoft.PowerShell.Commands.Management.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\875af0c2a5e8a4bed88232b6f445cfaa\Microsoft.PowerShell.ConsoleHost.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\fd1338828beec8737fed8f50f4fcc567\Microsoft.Build.Utilities.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\0d5f999c4b7e51151548c37c676c1b8e\Microsoft.Build.Utilities.v3.5.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\792168ce8fe03a3db43e12cf736cf91e\Microsoft.Build.Engine.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\0a5277c34ddc1f55df1defb4231e814f\Microsoft.Build.Conversion.v3.5.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a8df37aadb089f1f34d3d2f103966fbc\ComSvcConfig.ni.exe + 2012-02-24 01:30 . 2012-02-24 01:30 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\25ce400b547f517258c8afb0480390ea\AspNetMMCExt.ni.dll - 2011-04-14 00:06 . 2011-04-14 00:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-02-24 01:25 . 2012-02-24 01:25 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2011-04-14 00:06 . 2011-04-14 00:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2012-02-24 01:25 . 2012-02-24 01:25 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2012-02-24 01:26 . 2012-02-24 01:26 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2011-04-14 00:06 . 2011-04-14 00:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2012-02-24 01:26 . 2012-02-24 01:26 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2011-04-14 00:06 . 2011-04-14 00:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2011-04-14 00:06 . 2011-04-14 00:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2012-02-24 01:25 . 2012-02-24 01:25 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2012-02-24 01:25 . 2012-02-24 01:25 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2011-04-14 00:06 . 2011-04-14 00:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2011-04-14 00:06 . 2011-04-14 00:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-02-24 01:25 . 2012-02-24 01:25 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2011-04-14 00:06 . 2011-04-14 00:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-02-24 01:25 . 2012-02-24 01:25 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-02-24 01:26 . 2012-02-24 01:26 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2011-04-14 00:06 . 2011-04-14 00:06 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2011-04-14 00:06 . 2011-04-14 00:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2012-02-24 01:25 . 2012-02-24 01:25 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2011-04-14 00:06 . 2011-04-14 00:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2012-02-24 01:25 . 2012-02-24 01:25 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2012-02-24 01:26 . 2012-02-24 01:26 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2011-04-14 00:06 . 2011-04-14 00:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2012-02-24 01:26 . 2012-02-24 01:26 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2011-04-14 00:06 . 2011-04-14 00:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-02-24 01:26 . 2012-02-24 01:26 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2011-04-14 00:06 . 2011-04-14 00:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2012-02-24 01:26 . 2012-02-24 01:26 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2011-04-14 00:06 . 2011-04-14 00:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2012-02-24 01:25 . 2012-02-24 01:25 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2011-04-14 00:06 . 2011-04-14 00:06 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2012-02-24 01:25 . 2012-02-24 01:25 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2011-04-14 00:06 . 2011-04-14 00:06 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2011-04-14 00:06 . 2011-04-14 00:06 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2012-02-24 01:25 . 2012-02-24 01:25 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2011-04-14 00:06 . 2011-04-14 00:06 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2012-02-24 01:25 . 2012-02-24 01:25 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2012-02-24 01:26 . 2012-02-24 01:26 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2011-04-14 00:06 . 2011-04-14 00:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2011-04-14 00:06 . 2011-04-14 00:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2012-02-24 01:26 . 2012-02-24 01:26 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2012-02-24 01:25 . 2012-02-24 01:25 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2011-04-14 00:06 . 2011-04-14 00:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2012-02-24 01:25 . 2012-02-24 01:25 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2011-04-14 00:06 . 2011-04-14 00:06 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2012-02-24 01:25 . 2012-02-24 01:25 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2011-04-14 00:06 . 2011-04-14 00:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2011-04-14 00:06 . 2011-04-14 00:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-02-24 01:25 . 2012-02-24 01:25 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-02-24 01:25 . 2012-02-24 01:25 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2011-04-14 00:06 . 2011-04-14 00:06 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2011-05-14 01:04 . 2011-05-14 01:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll + 2011-05-14 01:04 . 2011-05-14 01:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll + 2004-08-10 17:51 . 2011-12-17 19:46 1212416 c:\windows\system32\urlmon.dll + 2004-08-10 17:51 . 2011-11-03 15:28 1292288 c:\windows\system32\quartz.dll + 2004-08-10 17:51 . 2011-11-01 16:07 1288704 c:\windows\system32\ole32.dll - 2004-08-10 17:51 . 2010-12-09 13:42 2148864 c:\windows\system32\ntoskrnl.exe + 2004-08-10 17:51 . 2011-10-25 13:37 2148864 c:\windows\system32\ntoskrnl.exe + 2004-08-04 03:59 . 2011-10-25 12:52 2027008 c:\windows\system32\ntkrnlpa.exe - 2004-08-04 03:59 . 2010-12-09 13:07 2027008 c:\windows\system32\ntkrnlpa.exe + 2004-08-10 17:51 . 2011-12-17 19:46 5979136 c:\windows\system32\mshtml.dll + 2009-03-08 08:32 . 2011-12-17 19:46 2000384 c:\windows\system32\iertutil.dll + 2008-10-15 05:42 . 2012-01-12 16:53 1859968 c:\windows\system32\dllcache\win32k.sys + 2006-05-10 05:23 . 2011-12-17 19:46 1212416 c:\windows\system32\dllcache\urlmon.dll + 2008-05-07 05:12 . 2011-11-03 15:28 1292288 c:\windows\system32\dllcache\quartz.dll + 2010-07-16 12:05 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll + 2009-04-15 22:38 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe - 2009-04-15 22:38 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe + 2009-04-15 22:38 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe - 2009-04-15 22:38 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe - 2009-02-07 23:02 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe + 2009-02-07 23:02 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe + 2009-04-15 22:38 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe - 2009-04-15 22:38 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe + 2006-05-19 15:08 . 2011-12-17 19:46 5979136 c:\windows\system32\dllcache\mshtml.dll + 2009-08-21 22:05 . 2011-12-17 19:46 2000384 c:\windows\system32\dllcache\iertutil.dll - 2008-07-25 16:17 . 2008-07-25 16:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2011-03-25 11:15 . 2011-03-25 11:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2011-12-25 08:50 . 2011-12-25 08:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2011-10-26 08:39 . 2011-10-26 08:39 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2011-07-07 10:18 . 2011-07-07 10:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - 2011-01-18 08:39 . 2011-01-18 08:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2011-07-07 10:18 . 2011-07-07 10:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2011-12-25 16:07 . 2011-12-25 16:07 2064384 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll + 2011-12-25 16:06 . 2011-12-25 16:06 1269760 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll - 2010-09-23 19:55 . 2010-09-23 19:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll + 2011-12-25 16:06 . 2011-12-25 16:06 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll - 2010-09-23 06:26 . 2010-09-23 06:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll + 2011-12-25 03:54 . 2011-12-25 03:54 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll + 2011-12-25 03:53 . 2011-12-25 03:53 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - 2010-09-23 19:55 . 2010-09-23 19:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2011-12-25 16:06 . 2011-12-25 16:06 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2011-11-01 18:34 . 2011-11-01 18:34 1552384 c:\windows\Installer\165179.msp + 2011-10-31 03:54 . 2011-10-31 03:54 2748416 c:\windows\Installer\165167.msp + 2011-08-10 22:43 . 2011-08-10 22:43 3795968 c:\windows\Installer\16515f.msp + 2011-04-29 17:28 . 2011-04-29 17:28 1995264 c:\windows\Installer\16514b.msp + 2011-12-26 14:59 . 2011-12-26 14:59 4368896 c:\windows\Installer\165121.msp + 2011-11-01 18:34 . 2011-11-01 18:34 2531840 c:\windows\Installer\16510c.msp + 2011-07-27 12:39 . 2011-07-27 12:39 9892352 c:\windows\Installer\165103.msp + 2011-11-11 21:16 . 2011-11-11 21:16 8458240 c:\windows\Installer\1650eb.msp + 2009-08-17 22:38 . 2009-08-17 22:38 8554872 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\OARTCONV.DLL + 2012-02-24 01:06 . 2011-02-22 23:06 1210880 c:\windows\ie8updates\KB2647516-IE8\urlmon.dll + 2012-02-24 01:06 . 2011-02-22 23:06 5962240 c:\windows\ie8updates\KB2647516-IE8\mshtml.dll + 2012-02-24 01:06 . 2011-02-22 23:06 1991680 c:\windows\ie8updates\KB2647516-IE8\iertutil.dll - 2009-04-15 22:38 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2009-04-15 22:38 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2009-04-15 22:38 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe - 2009-04-15 22:38 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe - 2009-02-07 23:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2009-02-07 23:02 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2009-04-15 22:38 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe - 2009-04-15 22:38 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2012-02-24 01:12 . 2012-02-24 01:12 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_d85c62d6\System.dll + 2012-02-24 01:11 . 2012-02-24 01:11 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_68f44619\System.dll + 2012-02-24 01:12 . 2012-02-24 01:12 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_bd962795\System.Xml.dll + 2012-02-24 01:13 . 2012-02-24 01:13 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_2ae29469\System.Xml.dll + 2012-02-24 01:12 . 2012-02-24 01:12 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a79b3090\System.Windows.Forms.dll + 2012-02-24 01:13 . 2012-02-24 01:13 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_6f08129f\System.Windows.Forms.dll + 2012-02-24 01:13 . 2012-02-24 01:13 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_ba662c92\System.Drawing.dll + 2012-02-24 01:12 . 2012-02-24 01:12 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_a55dafde\System.Design.dll + 2012-02-24 01:13 . 2012-02-24 01:13 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_071cbbf6\System.Design.dll + 2012-02-24 01:13 . 2012-02-24 01:13 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_dcd9acc7\mscorlib.dll + 2012-02-24 01:12 . 2012-02-24 01:12 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a8d6feb5\mscorlib.dll + 2012-02-24 01:27 . 2012-02-24 01:27 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\174c2f776741812aed02c337bbcd1dae\WindowsBase.ni.dll + 2012-02-24 01:29 . 2012-02-24 01:29 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\94f5164ff4f664c5e4e7fb4c3af1abad\UIAutomationClientsideProviders.ni.dll + 2012-02-24 01:27 . 2012-02-24 01:27 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll + 2012-02-24 01:29 . 2012-02-24 01:29 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll + 2012-02-24 01:34 . 2012-02-24 01:34 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c4c671c737b553db8e07664816475333\System.WorkflowServices.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\248ea47105ff4af6ee75e6fdd5b450a1\System.Workflow.Runtime.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\80a288b6611668160334668cc2608e4a\System.Workflow.ComponentModel.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\4c27548df5897320840ee0d65db38742\System.Workflow.Activities.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\030cde14924eefebc06c240dbfe093a4\System.Web.Mobile.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6379c8ca8ae11effb415139990923ff1\System.Web.Extensions.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e456140d5d6c43d7383bd36d3f9e12c6\System.Speech.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\285dfbf2380436e187cb624bd1cd4683\System.ServiceModel.Web.ni.dll + 2012-02-24 01:30 . 2012-02-24 01:30 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d51e6bb07124a1d780d1e024858e0dc1\System.Printing.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 4950016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\10fdfb918f01ebc41f38a391334146a9\System.Management.Automation.ni.dll + 2012-02-24 01:30 . 2012-02-24 01:30 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\8ef05061cd205c4f2a8583d97f32a603\System.IdentityModel.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll + 2012-02-24 01:32 . 2012-02-24 01:32 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\77d0e93f024055d04c07cc2700b4c590\System.DirectoryServices.ni.dll + 2012-02-24 01:32 . 2012-02-24 01:32 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\707a05a7d5a8d99dd56d1d50311a60d2\System.Deployment.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\857300fa64d09c69125451fd8894f3da\System.Data.SqlXml.ni.dll + 2012-02-24 01:32 . 2012-02-24 01:32 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\e9d4a1fb13572c769ddd9b86e55baab4\System.Data.Services.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3d9c33f71d15a3e2e240092a244eba3\System.Data.Linq.ni.dll + 2012-02-24 01:32 . 2012-02-24 01:32 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\424160369b301ccd1b6fd86265611955\System.Data.Entity.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\0a6d6717e76be12295711ff02c7aa1d4\System.Core.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\33cdfb4c322a528260016ac759230501\ReachFramework.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a6def83aee1aaf3336675ce58ac09013\PresentationUI.ni.dll + 2012-02-24 01:27 . 2012-02-24 01:27 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\59cd6ce5a254006179eee92952cd2272\PresentationBuildTasks.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f7071f9a1c0523540f6aa7f11c302fb6\Microsoft.Transactions.Bridge.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\806b1d127ed3e906db972751e87585c4\Microsoft.JScript.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\912789fd859e0887e10a935cade08e72\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\6c1d3eec78906cc2a2ecffb013114c50\Microsoft.Build.Tasks.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d6edd4b4619a9052d3dfe50c3067d5e0\Microsoft.Build.Engine.ni.dll + 2012-02-24 01:26 . 2012-02-24 01:26 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2012-02-24 01:26 . 2012-02-24 01:26 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2011-04-14 00:06 . 2011-04-14 00:06 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2011-04-14 00:06 . 2011-04-14 00:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-02-24 01:25 . 2012-02-24 01:25 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-02-24 01:12 . 2012-02-24 01:12 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll - 2010-10-03 00:03 . 2010-10-03 00:03 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll - 2011-04-14 00:06 . 2011-04-14 00:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-02-24 01:25 . 2012-02-24 01:25 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-02-24 01:25 . 2012-02-24 01:25 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2012-02-24 01:26 . 2012-02-24 01:26 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2011-04-14 00:06 . 2011-04-14 00:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2012-02-24 01:26 . 2012-02-24 01:26 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2011-04-14 00:06 . 2011-04-14 00:06 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-02-24 01:11 . 2012-02-24 01:11 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - 2010-10-03 00:00 . 2010-10-03 00:00 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2012-02-24 01:11 . 2012-02-24 01:11 2064384 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-02-24 01:11 . 2012-02-24 01:11 1269760 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll + 2005-11-20 04:58 . 2012-01-27 04:20 52550552 c:\windows\system32\MRT.exe + 2009-03-08 08:39 . 2011-12-18 19:46 11082240 c:\windows\system32\ieframe.dll + 2009-07-19 22:48 . 2011-12-18 19:46 11082240 c:\windows\system32\dllcache\ieframe.dll + 2011-12-26 22:02 . 2011-12-26 22:02 12482048 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp + 2011-03-28 08:27 . 2011-03-28 08:27 15456256 c:\windows\Installer\165170.msp + 2011-07-12 01:43 . 2011-07-12 01:43 11641344 c:\windows\Installer\165156.msp + 2011-12-26 14:02 . 2011-12-26 14:02 19677184 c:\windows\Installer\16513b.msp + 2012-02-24 01:05 . 2012-02-24 01:05 20333056 c:\windows\Installer\165117.msp + 2012-02-24 01:06 . 2011-02-22 23:06 11080704 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll + 2012-02-24 01:29 . 2012-02-24 01:29 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll + 2012-02-24 01:33 . 2012-02-24 01:33 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll + 2012-02-24 01:31 . 2012-02-24 01:31 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1cdcd6d97627d345d5ff446e6ec88b97\System.ServiceModel.ni.dll + 2012-02-24 01:28 . 2012-02-24 01:28 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c8f8fb506c32500acc1b6190d054f26\System.Design.ni.dll + 2012-02-24 01:27 . 2012-02-24 01:27 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5060105fb9e169399fe45600b1e9215e\PresentationFramework.ni.dll + 2012-02-24 01:27 . 2012-02-24 01:27 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0665bba8c9962deadc418881eb3a2a2a\PresentationCore.ni.dll + 2012-02-24 01:26 . 2012-02-24 01:26 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll + 2012-02-24 01:20 . 2012-02-24 01:20 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c2678ff865d430dbcc94740aa5efdabc\mscorlib.ni.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-28 68856] "Bomgar Support Reconnect [1297805904]"="c:\documents and settings\All Users\Application Data\Bomgar-SCC-4D5AF24F\bomgar-scc.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-15 344064] "DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-06-07 69632] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-06-30 273544] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696] "NapsterShell"="c:\program files\Napster\napster.exe" [2008-05-29 323216] "HostManager"="c:\program files\Common Files\AOL\1178326658\ee\AOLSoftware.exe" [2006-09-26 50736] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035] "AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 71216] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"= "c:\\Program Files\\America Online 9.0\\waol.exe"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "c:\\Program Files\\Common Files\\AOL\\1178326658\\ee\\aolsoftware.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"= . R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [5/21/2006 8:02 AM 34916] R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [8/10/2004 12:50 PM 5120] R3 SymSnapService;SymSnapService;c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe [12/20/2007 5:13 PM 1553896] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/6/2010 7:17 AM 135664] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/6/2010 7:17 AM 135664] S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [8/10/2004 12:51 PM 14336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . Contents of the 'Scheduled Tasks' folder . 2012-02-19 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57] . 2012-03-03 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-12 19:03] . 2012-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 12:17] . 2012-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 12:17] . 2012-03-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1946173170-350803515-410004273-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47] . 2012-03-03 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1946173170-350803515-410004273-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47] . 2012-03-03 c:\windows\Tasks\User_Feed_Synchronization-{873B1363-0F14-410A-AFDF-0559EB90EA7E}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 08:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.cox.net/ uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s Trusted Zone: microsoft.com\www.update TCP: DhcpNameServer = 192.168.2.1 68.105.28.11 68.105.29.11 68.105.28.12 FF - ProfilePath - c:\documents and settings\Ekenbarger's\Application Data\Mozilla\Firefox\Profiles\fi5w6q0t.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3106777&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=CDxdm003YYus&ptb=CF74B0F9-D5D0-4EC8-AC35-8A70571C102D&ind=2011081120&ptnrS=CDxdm003YYus&si=CK2Cs7C9yKoCFaUZQgodWFpFyg&n=77dea9a0&psa=&st=kwd&searchfor= . - - - - ORPHANS REMOVED - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-03-03 18:02 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet005\Services\RDPCDD] "ImagePath"="System32\DRIVERS\RDPCDD.sy@" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1946173170-350803515-410004273-1006\Software\SecuROM\License information*] "datasecu"=hex:28,72,f8,1c,a1,7f,1f,4b,21,f0,dc,17,10,16,7b,fe,96,08,a1,81,ce, 92,9d,a3,99,2a,90,e3,34,37,f3,c6,11,c1,26,63,01,7c,1c,dd,c0,e4,dc,90,37,34,\ "rkeysecu"=hex:64,b6,bd,e1,3e,80,9e,c4,40,b4,90,83,87,8e,33,49 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(416) c:\windows\system32\WININET.dll c:\program files\Common Files\AOL\ACS\WLHook.dll c:\windows\system32\ieframe.dll c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\CTsvcCDA.EXE c:\program files\Intel\Intel Matrix Storage Manager\iaantmon.exe c:\program files\Norton Ghost\Agent\VProSvc.exe c:\windows\wanmpsvc.exe c:\windows\system32\MsPMSPSv.exe c:\windows\system32\wscntfy.exe c:\windows\stsystra.exe c:\windows\system32\msdtc.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Completion time: 2012-03-03 18:09:56 - machine was rebooted ComboFix-quarantined-files.txt 2012-03-03 23:09 ComboFix2.txt 2012-02-21 20:37 ComboFix3.txt 2012-02-16 02:12 . Pre-Run: 108,708,843,520 bytes free Post-Run: 108,785,934,336 bytes free . - - End Of File - - C41CBEEFA761411475E57FF2E3CFAFAD Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.03.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Ekenbarger's :: JAM1 [administrator] 3/3/2012 6:24:34 PM mbam-log-2012-03-03 (18-24-34).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 311000 Time elapsed: 44 minute(s), 1 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Hi, Didn't go exactly as above but seemed okay. Here is the log. ListParts by Farbar Version: 29-02-2012 Ran by Ekenbarger's (administrator) on 03-03-2012 at 13:54:30 Windows XP (X86) Running From: H:\ Language: 0409 ************************************************************ ========================= Memory info ====================== Percentage of memory in use: 19% Total physical RAM: 2558.09 MB Available physical RAM: 2046.62 MB Total Pagefile: 3168.61 MB Available Pagefile: 2839.8 MB Total Virtual: 2047.88 MB Available Virtual: 2000.34 MB ======================= Partitions ========================= 1 Drive c: () (Fixed) (Total:145.58 GB) (Free:101.35 GB) NTFS ==>[Drive with boot components (Windows XP)] 4 Drive f: (JAKE) (Fixed) (Total:465.76 GB) (Free:412.63 GB) NTFS 6 Drive h: () (Removable) (Total:3.74 GB) (Free:3.73 GB) FAT32 Disk ### Status Size Free Dyn Gpt -------- ---------- ------- ------- --- --- Disk 0 Online 149 GB 0 B Disk 1 Online 466 GB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 OEM 55 MB 32 KB Partition 2 Primary 146 GB 55 MB Partition 3 Unknown 3459 MB 146 GB Partition 4 Primary 1802 KB 149 GB ====================================================================================================== Disk: 0 Partition 1 Type : DE Hidden: Yes Active: No There is no volume associated with this partition. ====================================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 146 GB Healthy System (partition with boot components) ====================================================================================================== Disk: 0 Partition 3 Type : DB Hidden: Yes Active: No There is no volume associated with this partition. ====================================================================================================== Disk: 0 Partition 4 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 G Partition 2048 KB Healthy ====================================================================================================== Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 466 GB 1024 KB ====================================================================================================== Disk: 1 Partition 1 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 F JAKE NTFS Partition 466 GB Healthy ====================================================================================================== ****** End Of Log ******

oops

Hi, Hope the picture is enough. CAE

oops meant that to be sent as attached file...sorry

Hi, Decided to burn another disc - success. When I rebooted the computer I saw the Gparted Live default but wasn't quick enough and the screen went black then it scrolled through a lot of writing and ended up here (see attached picture of my screen). In the upper left hand corner it says package configuration. Please advise. Thanks. CAE