MarkThaHeat Posted December 28, 2011 ID:510279 Share Posted December 28, 2011 Good Afternoon ,During times of heavy resource consumption when playing games , my PC has inconsiderable heavy delays to the point where it is completely unplayable. I know its not a hardware issue as my PC meets and exceeds the specifications and I have played these same titles previously without any problems. I have had this issue before and detected a Trojan that was removed and everything was back to functioning normal once again. This instance I have ran multiple virus sweeps with Malware Bytes , AVG , MSSE etc. all to no avail. I then ran a virus scan online using Trend Micro and found an infection of four Trojans by the name of " TROJ SPNR.03K411 (2) , TROJ SPNR.03JT11 , TROJ SPNR.08JR11 " . Following the removal of these infections the problem still persisted which has me leading to think there is some sort of hidden process or there are remnants left from the previous infection that wasn't completely removed. Any help on this matter would be greatly appreciated.Thank You.DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29Run by TwenTY20zOfHazE at 16:44:17 on 2011-12-25Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1054 [GMT -5:00].AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}FW: ZoneAlarm Free Firewall *Enabled* .============== Running Processes ===============.C:\PROGRA~1\AVG\AVG10\avgchsvx.exeC:\WINDOWS\system32\svchost.exe -k DcomLaunchsvchost.exeC:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\CheckPoint\ZoneAlarm\vsmon.exeC:\Program Files\CheckPoint\ZAForceField\IswSvc.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exeC:\Program Files\AVG\AVG10\avgwdsvc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\Program Files\CheckPoint\ZAForceField\ForceField.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Blaze Media Pro\NMSAccess32.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\AVG\AVG10\avgnsx.exeC:\Program Files\AVG\AVG10\avgemcx.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exesvchost.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exeC:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exeC:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\AVG\AVG10\avgtray.exeC:\Program Files\Microsoft IntelliType Pro\itype.exeC:\Program Files\PowerISO\PWRISOVM.EXEC:\Program Files\Winamp\winampa.exeC:\Program Files\Logitech\Gaming Software\LWEMon.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\Microsoft IntelliType Pro\dpupdchk.exeC:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exeC:\Program Files\CheckPoint\ZoneAlarm\zatray.exeC:\Program Files\AVG Secure Search\vprot.exeC:\WINDOWS\system32\RunDLL32.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\PeerGuardian2\pg2.exeC:\PROGRA~1\AVG\AVG10\avgrsx.exeC:\Program Files\AVG\AVG10\avgcsrvx.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\plugin-container.exe.============== Pseudo HJT Report ===============.uStart Page = about:blankmStart Page = about:blankuInternet Connection Wizard,ShellNext = iexploreuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%suURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dllmURLSearchHooks: H - No FileBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dllBHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dllBHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLLBHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\prxtbZone.dllBHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\9.0.0.18\AVG Secure Search_toolbar.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dllBHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLLBHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dllTB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dllTB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dllTB: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\prxtbZone.dllTB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dllTB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\9.0.0.18\AVG Secure Search_toolbar.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dllTB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No FileuRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"uRun: [PeerGuardian] c:\program files\peerguardian2\pg2.exeuRun: [Aim] "c:\program files\aim7\aim.exe" /d locale=en-USuRun: [GBMPro8Agent] c:\program files\genie-soft\gbmpro8\GBMAgent.exemRun: [ehTray] c:\windows\ehome\ehtray.exemRun: [NUSB3MON] "c:\program files\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"mRun: [RTHDCPL] RTHDCPL.EXEmRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exemRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXEmRun: [WinampAgent] "c:\program files\winamp\winampa.exe"mRun: [GBMPro8Agent] c:\program files\genie-soft\gbmpro8\GBMAgent.exemRun: [start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /nouimRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32mRun: [iMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXEmRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNCmRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNCmRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMENamemRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkeymRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exemRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [Live Update 5] c:\program files\msi\live update 5\LU5.exe /remindermRun: [iSW] c:\program files\checkpoint\zaforcefield\ForceField.exe /icon="hidden"mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"mRun: [vProt] "c:\program files\avg secure search\vprot.exe"mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartupmRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -loginmRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquietmRun: [systemProtector] "c:\program files\advanced system optimizer 3\SystemProtector.exe" /autorunmRunOnce: [symInstallStub] c:\windows\system32\adobe\shockwave 11\SymInstallStub.exe /partnerid=adobe /productlist=nss /staging=false /delay=5 /lang=English /desktopshortcut=1 /startmenushortcut=1 /tasktries=1dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -tStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exeIE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dllDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cabDPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cabDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1306591376061DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: DhcpNameServer = 192.168.1.1 68.237.161.12TCP: Interfaces\{A402117F-F411-4574-AEEC-320E0932777F} : DhcpNameServer = 192.168.1.1 68.237.161.12Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLLHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\9.0.1\ViProtocol.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLLSEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\twenty20zofhaze\application data\mozilla\firefox\profiles\4sk90nti.default\FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=20100324223133512&tb_oid=24-03-2010&tb_mrud=29-05-2011FF - prefs.js: browser.search.selectedEngine - AVG Secure SearchFF - prefs.js: browser.startup.homepage - hxxps://www.google.com/webhp?hl=en&output=html&nomo=1FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query=FF - plugin: c:\documents and settings\twenty20zofhaze\application data\mozilla\firefox\profiles\4sk90nti.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dllFF - plugin: c:\documents and settings\twenty20zofhaze\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dllFF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLLFF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLLFF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dllFF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dllFF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dllFF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dllFF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dllFF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dllFF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dllFF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dllFF - plugin: c:\program files\nos\bin\np_gp.dllFF - plugin: c:\program files\veetle\player\npvlc.dllFF - plugin: c:\program files\veetle\plugins\npVeetle.dllFF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll.---- FIREFOX POLICIES ----FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, falseFF - user.js: browser.sessionstore.resume_from_crash - falseFF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false.============= SERVICES / DRIVERS ===============.R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-4 297168]R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]R1 MpKsl590d8685;MpKsl590d8685;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{abd6fe1f-103e-4732-9247-89ea9455e346}\MpKsl590d8685.sys [2011-12-25 29904]R1 MpKsl74feb407;MpKsl74feb407;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{abd6fe1f-103e-4732-9247-89ea9455e346}\MpKsl74feb407.sys [2011-12-25 29904]R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2011-11-9 525840]R2 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\advanced system optimizer 3\ASO3DefragSrv.exe [2011-5-28 238824]R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-8-18 7390560]R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016]R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497280]R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-5-28 2253120]R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]R2 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\9.0.1\ToolbarUpdater.exe [2011-12-8 855904]R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480]R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 27216]R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [2011-5-28 45472]R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files\msi\live update 5\msibios32_100507.sys [2011-11-6 25912]R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\msi\live update 5\NTIOLib.sys [2011-11-6 7680]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-12-10 62336]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-12-10 141440]R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2011-5-28 27136]S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\tffsmon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]S0 TFSysMon;TfSysMon;c:\windows\system32\drivers\tfsysmon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]S1 7989609drv;7989609drv;c:\windows\system32\drivers\7989609drv.sys --> c:\windows\system32\drivers\7989609drv.sys [?]S1 MpKsl0598a10d;MpKsl0598a10d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eae906b5-58ab-460f-aa5b-7a1a67fdc9ae}\mpksl0598a10d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eae906b5-58ab-460f-aa5b-7a1a67fdc9ae}\MpKsl0598a10d.sys [?]S1 MpKsl0a3872f4;MpKsl0a3872f4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fb7c8397-dc9b-40ed-a1d7-eac2066089ad}\mpksl0a3872f4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fb7c8397-dc9b-40ed-a1d7-eac2066089ad}\MpKsl0a3872f4.sys [?]S1 MpKsl10b6fe46;MpKsl10b6fe46;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eae906b5-58ab-460f-aa5b-7a1a67fdc9ae}\mpksl10b6fe46.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eae906b5-58ab-460f-aa5b-7a1a67fdc9ae}\MpKsl10b6fe46.sys [?]S1 MpKsl1297e534;MpKsl1297e534;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c9880e43-070c-4075-80f5-97844f40c3c6}\mpksl1297e534.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c9880e43-070c-4075-80f5-97844f40c3c6}\MpKsl1297e534.sys [?]S1 MpKsl19bced5e;MpKsl19bced5e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{891e801f-aeae-47c5-8ca9-af4a91242c91}\mpksl19bced5e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{891e801f-aeae-47c5-8ca9-af4a91242c91}\MpKsl19bced5e.sys [?]S1 MpKsl2314177c;MpKsl2314177c;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{edfd08a2-f6cc-4d4e-9330-960bc0a82a31}\mpksl2314177c.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{edfd08a2-f6cc-4d4e-9330-960bc0a82a31}\MpKsl2314177c.sys [?]S1 MpKsl23f3f158;MpKsl23f3f158;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{87c61ea8-c2e1-4a7a-958e-779490a34fb4}\mpksl23f3f158.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{87c61ea8-c2e1-4a7a-958e-779490a34fb4}\MpKsl23f3f158.sys [?]S1 MpKsl25a56b84;MpKsl25a56b84;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5c1a6bf7-68a9-4c4d-bff8-f6560b46968f}\mpksl25a56b84.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5c1a6bf7-68a9-4c4d-bff8-f6560b46968f}\MpKsl25a56b84.sys [?]S1 MpKsl27379ed7;MpKsl27379ed7;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fb3c2939-f561-46d1-b62a-773ad427ec77}\mpksl27379ed7.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fb3c2939-f561-46d1-b62a-773ad427ec77}\MpKsl27379ed7.sys [?]S1 MpKsl2842aac3;MpKsl2842aac3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4c1607df-6fa5-4a9e-8d2a-6df1801047bb}\mpksl2842aac3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4c1607df-6fa5-4a9e-8d2a-6df1801047bb}\MpKsl2842aac3.sys [?]S1 MpKsl2b0bdbc4;MpKsl2b0bdbc4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fb7c8397-dc9b-40ed-a1d7-eac2066089ad}\mpksl2b0bdbc4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fb7c8397-dc9b-40ed-a1d7-eac2066089ad}\MpKsl2b0bdbc4.sys [?]S1 MpKsl2d47d129;MpKsl2d47d129;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c9880e43-070c-4075-80f5-97844f40c3c6}\mpksl2d47d129.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c9880e43-070c-4075-80f5-97844f40c3c6}\MpKsl2d47d129.sys [?]S1 MpKsl3305eb99;MpKsl3305eb99;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e20b495d-b1bc-4db2-a1b7-87dedda82b90}\mpksl3305eb99.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e20b495d-b1bc-4db2-a1b7-87dedda82b90}\MpKsl3305eb99.sys [?]S1 MpKsl3401f868;MpKsl3401f868;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e20b495d-b1bc-4db2-a1b7-87dedda82b90}\mpksl3401f868.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e20b495d-b1bc-4db2-a1b7-87dedda82b90}\MpKsl3401f868.sys [?]S1 MpKsl347efce5;MpKsl347efce5;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fb7c8397-dc9b-40ed-a1d7-eac2066089ad}\mpksl347efce5.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fb7c8397-dc9b-40ed-a1d7-eac2066089ad}\MpKsl347efce5.sys [?]S1 MpKsl34a59b0e;MpKsl34a59b0e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{95edbc0c-acba-4f8e-98dd-8821c823adba}\mpksl34a59b0e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{95edbc0c-acba-4f8e-98dd-8821c823adba}\MpKsl34a59b0e.sys [?]S1 MpKsl3c5c4e0a;MpKsl3c5c4e0a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{890ade05-7f22-4fff-ae1c-dd10b33ef1ac}\mpksl3c5c4e0a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{890ade05-7f22-4fff-ae1c-dd10b33ef1ac}\MpKsl3c5c4e0a.sys [?]S1 MpKsl3de503e5;MpKsl3de503e5;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{32a02c1b-1e40-4b3b-baf9-a54e762104de}\mpksl3de503e5.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{32a02c1b-1e40-4b3b-baf9-a54e762104de}\MpKsl3de503e5.sys [?]S1 MpKsl43574dee;MpKsl43574dee;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{87c61ea8-c2e1-4a7a-958e-779490a34fb4}\mpksl43574dee.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{87c61ea8-c2e1-4a7a-958e-779490a34fb4}\MpKsl43574dee.sys [?]S1 MpKsl4468f080;MpKsl4468f080;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f5622473-d12d-4cac-aeb7-5c859744bbdd}\mpksl4468f080.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f5622473-d12d-4cac-aeb7-5c859744bbdd}\MpKsl4468f080.sys [?]S1 MpKsl44e04ee3;MpKsl44e04ee3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{edfd08a2-f6cc-4d4e-9330-960bc0a82a31}\mpksl44e04ee3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{edfd08a2-f6cc-4d4e-9330-960bc0a82a31}\MpKsl44e04ee3.sys [?]S1 MpKsl45468207;MpKsl45468207;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{468f0a69-3ce1-4325-bb9c-db4141ddf25e}\mpksl45468207.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{468f0a69-3ce1-4325-bb9c-db4141ddf25e}\MpKsl45468207.sys [?]S1 MpKsl4871fb62;MpKsl4871fb62;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7e3d015f-ad54-4339-a9c4-6ed385b35861}\mpksl4871fb62.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7e3d015f-ad54-4339-a9c4-6ed385b35861}\MpKsl4871fb62.sys [?]S1 MpKsl49c4bc59;MpKsl49c4bc59;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5c1a6bf7-68a9-4c4d-bff8-f6560b46968f}\mpksl49c4bc59.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5c1a6bf7-68a9-4c4d-bff8-f6560b46968f}\MpKsl49c4bc59.sys [?]S1 MpKsl4a3a8a5a;MpKsl4a3a8a5a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5c1a6bf7-68a9-4c4d-bff8-f6560b46968f}\mpksl4a3a8a5a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5c1a6bf7-68a9-4c4d-bff8-f6560b46968f}\MpKsl4a3a8a5a.sys [?]S1 MpKsl4c6eb6a3;MpKsl4c6eb6a3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{de3293ad-02d7-49c9-bf75-cd825d33a55d}\mpksl4c6eb6a3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{de3293ad-02d7-49c9-bf75-cd825d33a55d}\MpKsl4c6eb6a3.sys [?]S1 MpKsl4e6ef89f;MpKsl4e6ef89f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b41d6da1-8ccb-40c4-ab05-35448374a70e}\mpksl4e6ef89f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b41d6da1-8ccb-40c4-ab05-35448374a70e}\MpKsl4e6ef89f.sys [?]S1 MpKsl4eecc878;MpKsl4eecc878;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{95edbc0c-acba-4f8e-98dd-8821c823adba}\mpksl4eecc878.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{95edbc0c-acba-4f8e-98dd-8821c823adba}\MpKsl4eecc878.sys [?]S1 MpKsl519b7ddb;MpKsl519b7ddb;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fa8bd3b6-e388-4b27-8593-b324d9b85c4b}\mpksl519b7ddb.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fa8bd3b6-e388-4b27-8593-b324d9b85c4b}\MpKsl519b7ddb.sys [?]S1 MpKsl51c7791d;MpKsl51c7791d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5d4c9958-30b4-434c-af65-f0d3fff4b5d2}\mpksl51c7791d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5d4c9958-30b4-434c-af65-f0d3fff4b5d2}\MpKsl51c7791d.sys [?]S1 MpKsl51f5c93a;MpKsl51f5c93a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2ef02a97-a5c8-442e-a741-5503e0da2741}\mpksl51f5c93a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2ef02a97-a5c8-442e-a741-5503e0da2741}\MpKsl51f5c93a.sys [?]S1 MpKsl54a50c22;MpKsl54a50c22;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7889cd4e-555f-4500-a5b1-3903174d463f}\mpksl54a50c22.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7889cd4e-555f-4500-a5b1-3903174d463f}\MpKsl54a50c22.sys [?]S1 MpKsl5ba98317;MpKsl5ba98317;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5c1a6bf7-68a9-4c4d-bff8-f6560b46968f}\mpksl5ba98317.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5c1a6bf7-68a9-4c4d-bff8-f6560b46968f}\MpKsl5ba98317.sys [?]S1 MpKsl6149e9a0;MpKsl6149e9a0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1b5f96d2-7ce8-4c65-ac9d-96c41a5593ce}\mpksl6149e9a0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1b5f96d2-7ce8-4c65-ac9d-96c41a5593ce}\MpKsl6149e9a0.sys [?]S1 MpKsl64e9dc04;MpKsl64e9dc04;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eae906b5-58ab-460f-aa5b-7a1a67fdc9ae}\mpksl64e9dc04.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eae906b5-58ab-460f-aa5b-7a1a67fdc9ae}\MpKsl64e9dc04.sys [?]S1 MpKsl65dd8335;MpKsl65dd8335;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5ca35170-c2f8-4507-bab4-34681d48d266}\mpksl65dd8335.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5ca35170-c2f8-4507-bab4-34681d48d266}\MpKsl65dd8335.sys [?]S1 MpKsl704bf366;MpKsl704bf366;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{52bcf8eb-9420-4295-b9f5-dbd3447b8a23}\mpksl704bf366.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{52bcf8eb-9420-4295-b9f5-dbd3447b8a23}\MpKsl704bf366.sys [?]S1 MpKsl708a3b9b;MpKsl708a3b9b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{95edbc0c-acba-4f8e-98dd-8821c823adba}\mpksl708a3b9b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{95edbc0c-acba-4f8e-98dd-8821c823adba}\MpKsl708a3b9b.sys [?]S1 MpKsl728aa061;MpKsl728aa061;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b00a444c-c56b-49df-b472-75d7fc88ea57}\mpksl728aa061.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b00a444c-c56b-49df-b472-75d7fc88ea57}\MpKsl728aa061.sys [?]S1 MpKsl73969a5c;MpKsl73969a5c;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f8a183db-aa09-4e2e-bba3-02e0a29d13a9}\mpksl73969a5c.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f8a183db-aa09-4e2e-bba3-02e0a29d13a9}\MpKsl73969a5c.sys [?]S1 MpKsl73c3bd66;MpKsl73c3bd66;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fd39350d-5a7a-4520-b441-3de74d3b3db8}\mpksl73c3bd66.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fd39350d-5a7a-4520-b441-3de74d3b3db8}\MpKsl73c3bd66.sys [?]S1 MpKsl73d9b3b4;MpKsl73d9b3b4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f002796d-ec16-4073-9ac6-f7cdc83448aa}\mpksl73d9b3b4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f002796d-ec16-4073-9ac6-f7cdc83448aa}\MpKsl73d9b3b4.sys [?]S1 MpKsl7bd7e6a9;MpKsl7bd7e6a9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d9f4f46b-fd9a-4d2e-af35-a4bb6c244780}\mpksl7bd7e6a9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d9f4f46b-fd9a-4d2e-af35-a4bb6c244780}\MpKsl7bd7e6a9.sys [?]S1 MpKsl7c638330;MpKsl7c638330;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7e3d015f-ad54-4339-a9c4-6ed385b35861}\mpksl7c638330.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7e3d015f-ad54-4339-a9c4-6ed385b35861}\MpKsl7c638330.sys [?]S1 MpKsl7e40de05;MpKsl7e40de05;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{de3293ad-02d7-49c9-bf75-cd825d33a55d}\mpksl7e40de05.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{de3293ad-02d7-49c9-bf75-cd825d33a55d}\MpKsl7e40de05.sys [?]S1 MpKsl80c9917e;MpKsl80c9917e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5ca35170-c2f8-4507-bab4-34681d48d266}\mpksl80c9917e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5ca35170-c2f8-4507-bab4-34681d48d266}\MpKsl80c9917e.sys [?]S1 MpKsl83a72b0e;MpKsl83a72b0e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{38739d11-7db6-4ccb-86ad-407d27cc9396}\mpksl83a72b0e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{38739d11-7db6-4ccb-86ad-407d27cc9396}\MpKsl83a72b0e.sys [?]S1 MpKsl84b89d5d;MpKsl84b89d5d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5fee835f-0a76-4131-a4ed-d465efef220a}\mpksl84b89d5d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5fee835f-0a76-4131-a4ed-d465efef220a}\MpKsl84b89d5d.sys [?]S1 MpKsl85f9f263;MpKsl85f9f263;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f2892512-8826-4155-8fd9-4d2068558df0}\mpksl85f9f263.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f2892512-8826-4155-8fd9-4d2068558df0}\MpKsl85f9f263.sys [?]S1 MpKsl865578ff;MpKsl865578ff;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b9652e93-00e8-46a6-80c4-1082fe1f1c98}\mpksl865578ff.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b9652e93-00e8-46a6-80c4-1082fe1f1c98}\MpKsl865578ff.sys [?]S1 MpKsl92607528;MpKsl92607528;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{468f0a69-3ce1-4325-bb9c-db4141ddf25e}\mpksl92607528.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{468f0a69-3ce1-4325-bb9c-db4141ddf25e}\MpKsl92607528.sys [?]S1 MpKsl9ad6e6b2;MpKsl9ad6e6b2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0b140760-c8fe-4780-99bf-7b8f4c7ad4e7}\mpksl9ad6e6b2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0b140760-c8fe-4780-99bf-7b8f4c7ad4e7}\MpKsl9ad6e6b2.sys [?]S1 MpKsl9d79ddd9;MpKsl9d79ddd9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1b3c04cb-3b3a-4291-b12e-0fda486a8108}\mpksl9d79ddd9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1b3c04cb-3b3a-4291-b12e-0fda486a8108}\MpKsl9d79ddd9.sys [?]S1 MpKsl9de07d11;MpKsl9de07d11;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f8eea8cf-b39e-4e27-8685-cd7a0a3e47f9}\mpksl9de07d11.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f8eea8cf-b39e-4e27-8685-cd7a0a3e47f9}\MpKsl9de07d11.sys [?]S1 MpKsla0713dbf;MpKsla0713dbf;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4c1607df-6fa5-4a9e-8d2a-6df1801047bb}\mpksla0713dbf.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4c1607df-6fa5-4a9e-8d2a-6df1801047bb}\MpKsla0713dbf.sys [?]S1 MpKsla0ed5967;MpKsla0ed5967;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f6482d8d-6f2a-4744-9fa2-148a40e4b195}\mpksla0ed5967.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f6482d8d-6f2a-4744-9fa2-148a40e4b195}\MpKsla0ed5967.sys [?]S1 MpKsla225631e;MpKsla225631e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8f387a42-433c-4364-855f-0a3726046aa4}\mpksla225631e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8f387a42-433c-4364-855f-0a3726046aa4}\MpKsla225631e.sys [?]S1 MpKsla74a3746;MpKsla74a3746;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{468f0a69-3ce1-4325-bb9c-db4141ddf25e}\mpksla74a3746.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{468f0a69-3ce1-4325-bb9c-db4141ddf25e}\MpKsla74a3746.sys [?]S1 MpKslad9d4725;MpKslad9d4725;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{32a02c1b-1e40-4b3b-baf9-a54e762104de}\mpkslad9d4725.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{32a02c1b-1e40-4b3b-baf9-a54e762104de}\MpKslad9d4725.sys [?]S1 MpKslb5c5ca62;MpKslb5c5ca62;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d0829fed-2eb6-456d-906c-65b6fadabb9d}\mpkslb5c5ca62.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d0829fed-2eb6-456d-906c-65b6fadabb9d}\MpKslb5c5ca62.sys [?]S1 MpKslb85d5af2;MpKslb85d5af2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{30237fad-72fa-4d6f-a84c-176f6ad1eca5}\mpkslb85d5af2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{30237fad-72fa-4d6f-a84c-176f6ad1eca5}\MpKslb85d5af2.sys [?]S1 MpKslbb9f2aff;MpKslbb9f2aff;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a38244b1-4a96-498e-89ed-d215f973a886}\mpkslbb9f2aff.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a38244b1-4a96-498e-89ed-d215f973a886}\MpKslbb9f2aff.sys [?]S1 MpKslbe6db7ad;MpKslbe6db7ad;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{05c039df-f59d-4b3c-827b-0ba08c93dca6}\mpkslbe6db7ad.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{05c039df-f59d-4b3c-827b-0ba08c93dca6}\MpKslbe6db7ad.sys [?]S1 MpKslc0b8cde2;MpKslc0b8cde2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{87213bf0-2d89-435c-9a41-4041bf1a1ae3}\mpkslc0b8cde2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{87213bf0-2d89-435c-9a41-4041bf1a1ae3}\MpKslc0b8cde2.sys [?]S1 MpKslc1d0872f;MpKslc1d0872f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eae906b5-58ab-460f-aa5b-7a1a67fdc9ae}\mpkslc1d0872f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eae906b5-58ab-460f-aa5b-7a1a67fdc9ae}\MpKslc1d0872f.sys [?]S1 MpKslc89dbf09;MpKslc89dbf09;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{685e8400-b619-4030-ac08-e4d5a882b42b}\mpkslc89dbf09.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{685e8400-b619-4030-ac08-e4d5a882b42b}\MpKslc89dbf09.sys [?]S1 MpKslcaa37dcb;MpKslcaa37dcb;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6072bad3-11a9-4fc1-a56a-ee2dcc162447}\mpkslcaa37dcb.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6072bad3-11a9-4fc1-a56a-ee2dcc162447}\MpKslcaa37dcb.sys [?]S1 MpKslcdcbf57a;MpKslcdcbf57a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{afd91ee5-b159-40ab-a252-1c8f15444805}\mpkslcdcbf57a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{afd91ee5-b159-40ab-a252-1c8f15444805}\MpKslcdcbf57a.sys [?]S1 MpKsld540f9b2;MpKsld540f9b2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7e3d015f-ad54-4339-a9c4-6ed385b35861}\mpksld540f9b2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7e3d015f-ad54-4339-a9c4-6ed385b35861}\MpKsld540f9b2.sys [?]S1 MpKsld67133c7;MpKsld67133c7;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{993da9fd-e2d6-406b-9465-fd83adc88cb0}\mpksld67133c7.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{993da9fd-e2d6-406b-9465-fd83adc88cb0}\MpKsld67133c7.sys [?]S1 MpKsld97aac3b;MpKsld97aac3b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3688b08d-7f7e-4361-953f-36d5d56065bb}\mpksld97aac3b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3688b08d-7f7e-4361-953f-36d5d56065bb}\MpKsld97aac3b.sys [?]S1 MpKsldc293362;MpKsldc293362;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{13c0cfc5-66ec-42e7-a022-dcf48de6ab1a}\mpksldc293362.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{13c0cfc5-66ec-42e7-a022-dcf48de6ab1a}\MpKsldc293362.sys [?]S1 MpKslddf25d39;MpKslddf25d39;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{52bcf8eb-9420-4295-b9f5-dbd3447b8a23}\mpkslddf25d39.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{52bcf8eb-9420-4295-b9f5-dbd3447b8a23}\MpKslddf25d39.sys [?]S1 MpKsldea974db;MpKsldea974db;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9ac02783-50a3-4be8-a949-26adfbe0f956}\mpksldea974db.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9ac02783-50a3-4be8-a949-26adfbe0f956}\MpKsldea974db.sys [?]S1 MpKsldeab5511;MpKsldeab5511;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{993da9fd-e2d6-406b-9465-fd83adc88cb0}\mpksldeab5511.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{993da9fd-e2d6-406b-9465-fd83adc88cb0}\MpKsldeab5511.sys [?]S1 MpKsle654c836;MpKsle654c836;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8dc9948e-f69c-431d-8e2d-f8bae6585a68}\mpksle654c836.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8dc9948e-f69c-431d-8e2d-f8bae6585a68}\MpKsle654c836.sys [?]S1 MpKslec570b94;MpKslec570b94;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3a559833-429e-4929-84cf-8b42b7e248d4}\mpkslec570b94.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3a559833-429e-4929-84cf-8b42b7e248d4}\MpKslec570b94.sys [?]S1 MpKslf048c4a6;MpKslf048c4a6;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5ca35170-c2f8-4507-bab4-34681d48d266}\mpkslf048c4a6.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5ca35170-c2f8-4507-bab4-34681d48d266}\MpKslf048c4a6.sys [?]S1 MpKslf8f898f7;MpKslf8f898f7;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f2892512-8826-4155-8fd9-4d2068558df0}\mpkslf8f898f7.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f2892512-8826-4155-8fd9-4d2068558df0}\MpKslf8f898f7.sys [?]S1 MpKslf9a1e809;MpKslf9a1e809;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fa8bd3b6-e388-4b27-8593-b324d9b85c4b}\mpkslf9a1e809.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fa8bd3b6-e388-4b27-8593-b324d9b85c4b}\MpKslf9a1e809.sys [?]S1 MpKslfb2623eb;MpKslfb2623eb;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e7e1e334-7aeb-425e-a4b9-1a734d08a01e}\mpkslfb2623eb.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e7e1e334-7aeb-425e-a4b9-1a734d08a01e}\MpKslfb2623eb.sys [?]S1 MpKslfb70c984;MpKslfb70c984;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5bbc80d5-416b-4f57-bdce-3e8a2396e30a}\mpkslfb70c984.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5bbc80d5-416b-4f57-bdce-3e8a2396e30a}\MpKslfb70c984.sys [?]S1 MpKslfd1b6cf5;MpKslfd1b6cf5;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{de5ad70f-223b-4b92-bc90-d8cbeda6af6d}\mpkslfd1b6cf5.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{de5ad70f-223b-4b92-bc90-d8cbeda6af6d}\MpKslfd1b6cf5.sys [?]S1 MpKslff244a6f;MpKslff244a6f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c06b90bd-baea-4940-b64f-21197138ad2e}\mpkslff244a6f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c06b90bd-baea-4940-b64f-21197138ad2e}\MpKslff244a6f.sys [?]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-28 135664]S3 ADASPROT;SYSTWEAKASO;c:\program files\advanced system optimizer 3\adasprot32.sys [2011-5-28 6656]S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-5-28 1691480]S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-5-28 167264]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-28 135664]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-21 30963576]S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2011-5-28 14336]S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\tfnetmon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]S3 TunngleService;TunngleService;c:\program files\tunngle\TnglCtrl.exe [2011-5-28 751464]S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2011-5-28 14336]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]S3 XoftSpyService;XoftSpyService;c:\program files\common files\xoftspyse\6\xoftspyservice.exe [2010-9-29 582424].=============== Created Last 30 ================.2011-12-25 21:28:26 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{abd6fe1f-103e-4732-9247-89ea9455e346}\MpKsl74feb407.sys2011-12-25 21:09:55 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2011-12-25 07:14:44 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{abd6fe1f-103e-4732-9247-89ea9455e346}\MpKsl590d8685.sys2011-12-25 07:14:32 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{abd6fe1f-103e-4732-9247-89ea9455e346}\offreg.dll2011-12-25 07:14:27 6823496 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{abd6fe1f-103e-4732-9247-89ea9455e346}\mpengine.dll2011-12-24 00:12:01 -------- d-sha-r- C:\cmdcons2011-12-24 00:09:24 98816 ----a-w- c:\windows\sed.exe2011-12-24 00:09:24 518144 ----a-w- c:\windows\SWREG.exe2011-12-24 00:09:24 256000 ----a-w- c:\windows\PEV.exe2011-12-24 00:09:24 208896 ----a-w- c:\windows\MBR.exe2011-12-23 22:43:01 -------- d-----w- c:\program files\common files\ParetoLogic2011-12-23 22:43:01 -------- d-----w- c:\documents and settings\all users\application data\ParetoLogic2011-12-23 22:42:58 -------- d-----w- c:\program files\common files\XoftSpySE2011-12-23 22:42:58 -------- d-----w- c:\documents and settings\all users\application data\XoftSpySE2011-12-23 22:42:50 -------- d-----w- c:\program files\XoftSpySE62011-12-23 20:03:07 22032 ----a-w- c:\windows\DCEBoot.exe2011-12-23 08:00:32 -------- d-----w- c:\program files\ESET2011-12-22 19:49:42 -------- d-----w- c:\documents and settings\twenty20zofhaze\application data\QuickScan2011-12-19 22:07:49 -------- d-----w- c:\documents and settings\twenty20zofhaze\application data\PCToolsFirewallPlus2011-12-19 22:07:44 -------- d-----w- c:\documents and settings\twenty20zofhaze\application data\Spam Monitor2011-12-18 18:34:21 -------- d--h--w- c:\windows\PIF2011-12-09 23:11:59 -------- d-----w- c:\documents and settings\all users\application data\PC Tools2011-12-09 03:37:01 -------- d-----w- c:\documents and settings\twenty20zofhaze\application data\AVG Secure Search2011-12-08 21:33:50 -------- d-----w- c:\documents and settings\twenty20zofhaze\local settings\application data\mpress2011-12-08 11:52:28 -------- d-----w- c:\documents and settings\all users\application data\AVG Secure Search2011-12-08 11:52:21 -------- d-----w- c:\program files\common files\AVG Secure Search2011-12-08 11:52:19 -------- d-----w- c:\program files\AVG Secure Search2011-11-28 19:53:10 -------- d-----w- c:\documents and settings\twenty20zofhaze\local settings\application data\WB Games2011-11-28 18:07:02 -------- d-----w- c:\documents and settings\all users\application data\RELOADED2011-11-28 17:33:59 -------- d-----w- c:\program files\Snowblind Studios.==================== Find3M ====================.2011-12-24 08:55:56 285280 ----a-w- c:\windows\system32\nvdrsdb1.bin2011-12-24 08:55:56 1 ----a-w- c:\windows\system32\nvdrssel.bin2011-12-24 08:55:45 285280 ----a-w- c:\windows\system32\nvdrsdb0.bin2011-12-23 21:55:07 114688 ----a-w- c:\windows\DUMP4e4e.tmp2011-12-23 20:09:17 3292 ----a-w- c:\windows\system32\ASOROSet.bin2011-12-02 18:00:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2011-11-23 13:25:32 1859584 ------w- c:\windows\system32\win32k.sys2011-11-17 02:00:16 124712 ----a-w- c:\program files\steam_api.dll2011-11-13 17:05:02 1752400 ----a-w- c:\program files\SkyrimLauncher.exe2011-11-13 16:56:56 214016 ----a-w- c:\program files\binkw32.dll2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll2011-11-04 19:20:51 43520 ------w- c:\windows\system32\licmgr10.dll2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl2011-11-04 11:23:59 385024 ------w- c:\windows\system32\html.iec2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll2011-10-28 05:31:48 33280 ------w- c:\windows\system32\csrsrv.dll2011-10-25 13:37:08 2148864 ------w- c:\windows\system32\ntoskrnl.exe2011-10-25 12:52:02 2027008 ------w- c:\windows\system32\ntkrnlpa.exe2011-10-24 17:28:48 58696 ------w- c:\windows\system32\AOLParconLink.exe2011-10-18 16:22:55 50425024 ------w- c:\program files\bf3.exe2011-10-14 22:38:00 456192 ------w- c:\windows\system32\encdec.dll2011-10-10 14:22:41 692736 ------w- c:\windows\system32\inetcomm.dll2011-10-03 09:06:03 472808 ------w- c:\windows\system32\deployJava1.dll2011-10-03 06:37:52 73728 ------w- c:\windows\system32\javacpl.cpl2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll2009-12-27 22:40:30 2801683 ------w- c:\program files\BMP.exe.============= FINISH: 16:45:53.34 =============== Link to post Share on other sites More sharing options...
MrCharlie Posted December 29, 2011 ID:510817 Share Posted December 29, 2011 Welcome to the forum.Please download Farbar Service Scanner and run it on the computer with the issue.Make sure the following options are checked:Internet Services Windows Firewall System Restore [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply. Please download and run RogueKiller.Choose 1 to scan the systemPost back the report.MrC Link to post Share on other sites More sharing options...
MarkThaHeat Posted December 30, 2011 Author ID:511483 Share Posted December 30, 2011 Good Afternoon , Thank you for the reply ....Farbar Service Scanner Ran by TwenTY20zOfHazE (administrator) on 30-12-2011 at 17:48:29Microsoft Windows XP Professional Service Pack 3 (X86)Boot Mode: Normal****************************************************************Internet Services:============Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Yahoo IP is accessible.Windows Firewall:=============Firewall Disabled Policy: ==================[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall"=DWORD:0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall"=DWORD:0System Restore:============System Restore Disabled Policy: ========================File Check:========C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legitC:\WINDOWS\system32\Drivers\afd.sys => MD5 is legitC:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legitC:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legitC:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legitC:\WINDOWS\system32\dnsrslvr.dll => MD5 is legitC:\WINDOWS\system32\ipnathlp.dll => MD5 is legitC:\WINDOWS\system32\netman.dll => MD5 is legitC:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legitC:\WINDOWS\system32\srsvc.dll => MD5 is legitC:\WINDOWS\system32\Drivers\sr.sys => MD5 is legitC:\WINDOWS\system32\svchost.exe => MD5 is legitC:\WINDOWS\system32\rpcss.dll => MD5 is legitC:\WINDOWS\system32\services.exe => MD5 is legitExtra List:=======Avgtdix(8) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3) 0x0A000000040000000100000002000000030000005A000000080000000500000006000000070000000A000000**** End of log ****RogueKiller V6.2.1 [12/28/2011] by Tigzymail: tigzyRK<at>gmail<dot>comFeedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/Blog: http://tigzyrk.blogspot.comOperating System: Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser: TwenTY20zOfHazE [Admin rights]Mode: Scan -- Date : 12/30/2011 17:53:08¤¤¤ Bad processes: 1 ¤¤¤[sUSP PATH] ComboFix.exe -- C:\Documents and Settings\TwenTY20zOfHazE\Desktop\ComboFix.exe -> KILLED [TermProc]¤¤¤ Registry Entries: 1 ¤¤¤[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver: [LOADED] ¤¤¤¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: +++++--- User ---[MBR] 30275c24501a2200e5d665993bef87bc[bSP] 8ab19b39771ddc17ff0e4c4fcd044678 : MBR Code unknownPartition table:0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 63 | Size: 250056 MoUser = LL1 ... OK!User = LL2 ... OK!+++++ PhysicalDrive1: +++++--- User ---[MBR] 7084dba39dc439d522f93af6e868bd1b[bSP] 00a2a4f5817293c65c24b47447ff76e5 : MBR Code unknownPartition table:0 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 16065 | Size: 79982 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1].txt >>RKreport[1].txt Link to post Share on other sites More sharing options...
MrCharlie Posted December 30, 2011 ID:511498 Share Posted December 30, 2011 C:\Documents and Settings\TwenTY20zOfHazE\Desktop\ComboFix.exe I see you have ComboFix on the system, did you run it??If so can you post the log.MrC Link to post Share on other sites More sharing options...
MarkThaHeat Posted December 31, 2011 Author ID:511628 Share Posted December 31, 2011 Yes I ran it twice now to no avail , here is the most recent log , I split it in more than one post because it was too long :ComboFix 11-12-30.02 - TwenTY20zOfHazE 12/30/2011 21:17:39.2.4 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1127 [GMT -5:00]Running from: c:\documents and settings\TwenTY20zOfHazE\Desktop\ComboFix.exeAV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb..((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-31 )))))))))))))))))))))))))))))))..2011-12-30 23:25 . 2011-12-30 23:25 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CA2E752-F939-4143-A140-017461DA7C17}\offreg.dll2011-12-30 22:52 . 2011-12-30 22:52 111872 ----a-w- c:\windows\system32\drivers\TrueSight.sys2011-12-30 19:05 . 2011-11-21 10:47 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CA2E752-F939-4143-A140-017461DA7C17}\mpengine.dll2011-12-29 07:21 . 2011-12-29 07:31 -------- d-----w- c:\program files\mmm2011-12-29 07:21 . 2010-01-04 07:14 614912 ------w- c:\windows\eiunin21.exe2011-12-29 01:07 . 2011-12-29 19:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy2011-12-29 01:05 . 2009-01-25 18:14 15224 ----a-w- c:\windows\system32\sdnclean.exe2011-12-29 01:04 . 2011-12-29 01:11 -------- d-----w- c:\program files\Spybot - Search & Destroy 22011-12-29 00:47 . 2011-12-29 00:47 -------- d-----w- c:\documents and settings\TwenTY20zOfHazE\Application Data\Avira2011-12-29 00:45 . 2011-12-29 18:30 81984 ----a-w- c:\windows\system32\bdod.bin2011-12-29 00:34 . 2011-12-29 00:59 -------- d-----w- c:\documents and settings\TwenTY20zOfHazE\Local Settings\Application Data\Comodo2011-12-29 00:29 . 2011-12-29 00:59 -------- d-----w- c:\documents and settings\All Users\Application Data\CPA_VA2011-12-29 00:20 . 2011-12-29 00:20 149272 ----a-w- c:\windows\system32\drivers\dwprot.sys2011-12-29 00:17 . 2011-12-15 20:00 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys2011-12-29 00:17 . 2011-12-15 20:00 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys2011-12-29 00:17 . 2011-12-15 20:00 134856 ----a-w- c:\windows\system32\drivers\avipbb.sys2011-12-29 00:17 . 2011-12-29 00:17 -------- d-----w- c:\program files\Avira2011-12-29 00:17 . 2011-12-29 00:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira2011-12-29 00:16 . 2011-12-29 00:16 -------- d-----w- c:\documents and settings\TwenTY20zOfHazE\Application Data\BitDefender2011-12-29 00:16 . 2011-12-29 00:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo2011-12-29 00:15 . 2011-12-29 01:00 -------- d-----w- c:\program files\Comodo2011-12-29 00:14 . 2011-12-29 00:26 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender2011-12-29 00:14 . 2011-12-29 00:14 -------- d-----w- c:\program files\BitDefender2011-12-29 00:12 . 2011-12-29 00:15 -------- d-----w- c:\program files\Common Files\BitDefender2011-12-28 23:58 . 2011-12-28 23:58 -------- d-----w- c:\documents and settings\TwenTY20zOfHazE\Local Settings\Application Data\G DATA2011-12-28 23:50 . 2011-12-29 00:44 -------- d-----w- c:\program files\Anti Trojan Elite2011-12-28 23:32 . 2011-12-28 23:32 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys2011-12-28 01:05 . 2011-08-16 10:45 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll2011-12-26 08:41 . 2011-12-26 08:41 -------- d-----w- c:\documents and settings\TwenTY20zOfHazE\Application Data\f-secure2011-12-26 08:41 . 2011-12-26 08:41 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure2011-12-25 23:10 . 2011-12-27 12:02 -------- d-----w- c:\program files\Common Files\Symantec Shared2011-12-25 23:10 . 2011-12-25 23:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton2011-12-23 22:43 . 2011-12-23 22:43 -------- d-----w- c:\program files\Common Files\ParetoLogic2011-12-23 22:43 . 2011-12-23 22:43 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic2011-12-23 22:42 . 2011-12-23 22:42 -------- d-----w- c:\program files\Common Files\XoftSpySE2011-12-23 22:42 . 2011-12-23 22:42 -------- d-----w- c:\documents and settings\All Users\Application Data\XoftSpySE2011-12-23 22:42 . 2011-12-23 22:43 -------- d-----w- c:\program files\XoftSpySE62011-12-23 20:03 . 2011-12-23 20:03 22032 ----a-w- c:\windows\DCEBoot.exe2011-12-23 08:00 . 2011-12-23 08:00 -------- d-----w- c:\program files\ESET2011-12-22 19:49 . 2011-12-22 19:49 -------- d-----w- c:\documents and settings\TwenTY20zOfHazE\Application Data\QuickScan2011-12-19 22:07 . 2011-12-19 22:07 -------- d-----w- c:\documents and settings\TwenTY20zOfHazE\Application Data\PCToolsFirewallPlus2011-12-19 22:07 . 2011-12-19 22:07 -------- d-----w- c:\documents and settings\TwenTY20zOfHazE\Application Data\Spam Monitor2011-12-18 18:34 . 2011-12-18 18:34 -------- d--h--w- c:\windows\PIF2011-12-09 23:11 . 2011-12-22 20:05 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools2011-12-09 03:37 . 2011-12-09 03:37 -------- d-----w- c:\documents and settings\TwenTY20zOfHazE\Application Data\AVG Secure Search2011-12-08 21:33 . 2011-12-08 21:52 -------- d-----w- c:\documents and settings\TwenTY20zOfHazE\Local Settings\Application Data\mpress2011-12-08 11:52 . 2011-12-08 19:17 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search2011-12-08 11:52 . 2011-12-08 11:52 -------- d-----w- c:\program files\Common Files\AVG Secure Search2011-12-08 11:52 . 2011-12-08 11:52 -------- d-----w- c:\program files\AVG Secure Search...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2011-12-29 00:45 . 2009-04-15 20:13 146312 ----a-w- c:\windows\system32\drivers\bdfm.sys2011-12-29 00:21 . 2011-05-28 17:27 114688 ----a-w- c:\windows\DUMPad57.tmp2011-12-23 21:55 . 2011-05-28 17:27 114688 ----a-w- c:\windows\DUMP4e4e.tmp2011-12-02 18:00 . 2011-05-28 20:56 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2011-11-23 13:25 . 2011-05-28 17:21 1859584 ------w- c:\windows\system32\win32k.sys2011-11-21 10:47 . 2011-05-30 08:43 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2011-11-17 02:00 . 2011-11-17 11:33 124712 ----a-w- c:\program files\steam_api.dll2011-11-13 17:05 . 2011-11-13 17:12 1752400 ----a-w- c:\program files\SkyrimLauncher.exe2011-11-13 16:56 . 2011-11-13 17:12 214016 ----a-w- c:\program files\binkw32.dll2011-11-04 19:20 . 2011-05-28 17:21 916992 ----a-w- c:\windows\system32\wininet.dll2011-11-04 19:20 . 2011-05-28 17:20 43520 ------w- c:\windows\system32\licmgr10.dll2011-11-04 19:20 . 2011-05-28 17:19 1469440 ------w- c:\windows\system32\inetcpl.cpl2011-11-04 11:23 . 2011-05-28 17:19 385024 ------w- c:\windows\system32\html.iec2011-11-01 16:07 . 2011-05-28 17:21 1288704 ----a-w- c:\windows\system32\ole32.dll2011-10-28 05:31 . 2011-05-28 17:19 33280 ------w- c:\windows\system32\csrsrv.dll2011-10-25 13:37 . 2011-05-28 17:21 2148864 ------w- c:\windows\system32\ntoskrnl.exe2011-10-25 12:52 . 2011-05-28 17:23 2027008 ------w- c:\windows\system32\ntkrnlpa.exe2011-10-24 17:28 . 2011-10-24 17:32 58696 ------w- c:\windows\system32\AOLParconLink.exe2011-10-18 16:22 . 2011-10-26 14:03 50425024 ------w- c:\program files\bf3.exe2011-10-14 22:38 . 2011-05-28 17:19 456192 ------w- c:\windows\system32\encdec.dll2011-10-10 14:22 . 2011-05-28 17:19 692736 ------w- c:\windows\system32\inetcomm.dll2011-10-08 04:50 . 2011-10-26 17:25 919872 ----a-w- c:\windows\system32\nvdispco32.dll2011-10-08 04:50 . 2011-10-26 17:25 877376 ----a-w- c:\windows\system32\nvgenco32.dll2011-10-08 04:50 . 2011-05-28 21:00 65536 ----a-w- c:\windows\system32\OpenCL.dll2011-10-08 04:50 . 2011-05-28 21:00 17956864 ----a-w- c:\windows\system32\nvoglnt.dll2011-10-08 04:50 . 2011-05-28 21:00 5595136 ----a-w- c:\windows\system32\nvcuda.dll2011-10-08 04:50 . 2011-05-28 21:00 2398016 ----a-w- c:\windows\system32\nvcuvid.dll2011-10-08 04:50 . 2011-05-28 21:00 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll2011-10-08 04:50 . 2011-05-28 21:00 2449408 ----a-w- c:\windows\system32\nvapi.dll2011-10-08 04:50 . 2011-05-28 21:00 17240064 ----a-w- c:\windows\system32\nvcompiler.dll2011-10-08 04:50 . 2011-05-28 17:23 4226688 ----a-w- c:\windows\system32\nv4_disp.dll2011-10-08 04:50 . 2011-05-28 17:22 12791488 ----a-w- c:\windows\system32\drivers\nv4_mini.sys2011-10-08 04:50 . 2011-04-08 02:15 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll2011-10-08 04:50 . 2011-04-08 02:15 54272 ----a-w- c:\windows\system32\nvwddi.dll2011-10-08 04:50 . 2011-04-08 02:15 203072 ----a-w- c:\windows\system32\nvmctray.dll2011-10-08 04:50 . 2011-04-08 02:15 16744256 ----a-w- c:\windows\system32\nvcpl.dll2011-10-08 04:50 . 2011-04-08 02:15 298304 ----a-w- c:\windows\system32\nvsvc32.exe2011-10-08 04:50 . 2011-04-08 02:15 220992 ----a-w- c:\windows\system32\nvcolor.exe2011-10-03 09:06 . 2011-05-28 23:14 472808 ------w- c:\windows\system32\deployJava1.dll2011-10-03 06:37 . 2011-05-28 23:14 73728 ------w- c:\windows\system32\javacpl.cpl2009-12-27 22:40 . 2011-07-11 22:12 2801683 ------w- c:\program files\BMP.exe2011-11-09 01:38 . 2011-10-01 15:44 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll..((((((((((((((((((((((((((((( SnapShot@2011-12-24_00.25.33 ))))))))))))))))))))))))))))))))))))))))).- 2006-12-02 04:08 . 2006-12-02 04:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll+ 2006-12-02 05:08 . 2006-12-02 05:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll- 2006-12-02 04:08 . 2006-12-02 04:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll+ 2006-12-02 05:08 . 2006-12-02 05:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll- 2006-12-02 04:08 . 2006-12-02 04:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll- 2006-12-02 04:08 . 2006-12-02 04:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll- 2006-12-02 04:08 . 2006-12-02 04:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll- 2006-12-02 04:08 . 2006-12-02 04:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll+ 2006-12-02 05:08 . 2006-12-02 05:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll+ 2006-12-02 05:08 . 2006-12-02 05:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll- 2006-12-02 04:08 . 2006-12-02 04:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll+ 2006-12-02 05:08 . 2006-12-02 05:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll- 2006-12-02 04:08 . 2006-12-02 04:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll+ 2006-12-02 05:08 . 2006-12-02 05:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll- 2006-12-02 04:08 . 2006-12-02 04:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll+ 2006-12-02 05:26 . 2006-12-02 05:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll- 2006-12-02 04:26 . 2006-12-02 04:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll- 2006-12-02 04:25 . 2006-12-02 04:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll+ 2006-12-02 05:25 . 2006-12-02 05:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll+ 2011-12-30 23:25 . 2011-12-30 23:25 16384 c:\windows\Temp\Perflib_Perfdata_d00.dat+ 2011-06-05 18:48 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll- 2011-06-05 18:48 . 2010-12-21 16:36 17272 c:\windows\system32\spmsg.dll- 2004-10-28 07:52 . 2011-11-06 17:12 88662 c:\windows\system32\perfc009.dat+ 2004-10-28 07:52 . 2011-12-29 19:05 88662 c:\windows\system32\perfc009.dat+ 2002-01-05 08:38 . 2002-01-05 08:38 54784 c:\windows\system32\msvci70.dll- 2002-01-05 11:38 . 2002-01-05 11:38 54784 c:\windows\system32\msvci70.dll+ 2011-12-29 00:17 . 2010-06-17 19:14 28520 c:\windows\system32\drivers\ssmdrv.sys+ 2004-10-28 08:24 . 2011-12-29 00:27 49152 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat+ 2004-10-28 08:24 . 2011-12-29 00:27 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat- 2004-10-28 08:24 . 2011-12-21 21:56 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat+ 2011-12-29 00:29 . 2011-12-29 00:29 80048 c:\windows\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT- 2004-10-28 08:24 . 2011-12-21 21:56 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat+ 2011-12-29 00:28 . 2011-12-29 00:27 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat+ 2011-06-01 22:49 . 2011-12-25 21:33 87901 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe+ 2011-12-15 10:45 . 2011-12-15 10:45 86016 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll+ 2011-12-15 10:29 . 2011-12-15 10:29 73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll- 2011-04-26 06:07 . 2011-04-26 06:07 73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll+ 2011-12-15 10:29 . 2011-12-15 10:29 64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll- 2011-04-26 06:07 . 2011-04-26 06:07 64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll+ 2011-12-15 10:46 . 2011-12-15 10:46 12800 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 11120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll+ 2011-05-17 14:27 . 2011-05-17 14:27 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll- 2010-03-18 17:16 . 2010-03-18 17:16 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll- 2011-10-14 16:31 . 2011-10-14 16:31 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll- 2011-10-14 16:31 . 2011-10-14 16:31 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll- 2011-10-14 16:31 . 2011-10-14 16:31 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll- 2011-10-14 16:31 . 2011-10-14 16:31 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll- 2011-10-14 16:31 . 2011-10-14 16:31 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll- 2011-10-14 16:30 . 2011-10-14 16:30 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll- 2011-10-14 16:30 . 2011-10-14 16:30 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll- 2011-10-14 16:30 . 2011-10-14 16:30 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll- 2011-10-14 16:30 . 2011-10-14 16:30 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll- 2011-10-14 16:30 . 2011-10-14 16:30 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll- 2011-10-14 16:30 . 2011-10-14 16:30 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll- 2011-10-14 16:30 . 2011-10-14 16:30 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll- 2011-10-14 16:30 . 2011-10-14 16:30 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll- 2011-10-14 16:30 . 2011-10-14 16:30 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll- 2011-10-14 16:30 . 2011-10-14 16:30 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll+ 2011-12-28 01:21 . 2011-12-28 01:21 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll- 2011-10-14 16:30 . 2011-10-14 16:30 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll- 2011-10-14 16:30 . 2011-10-14 16:30 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll- 2011-10-14 16:29 . 2011-10-14 16:29 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll- 2011-10-14 16:30 . 2011-10-14 16:30 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll+ 2011-12-25 21:34 . 2011-12-25 21:34 10134 c:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe+ 2011-12-29 00:17 . 2011-12-29 00:17 57344 c:\windows\Installer\{44B436FA-FB33-4B24-8AD1-D8C9A50474E9}\texticon.exe+ 2011-12-29 00:17 . 2011-12-29 00:17 22486 c:\windows\Installer\{44B436FA-FB33-4B24-8AD1-D8C9A50474E9}\register_icon.exe+ 2011-12-29 00:17 . 2011-12-29 00:17 32768 c:\windows\Installer\{44B436FA-FB33-4B24-8AD1-D8C9A50474E9}\maintenance_icon.exe+ 2011-12-29 00:17 . 2011-12-29 00:17 61440 c:\windows\Installer\{44B436FA-FB33-4B24-8AD1-D8C9A50474E9}\helpicon.exe+ 2011-12-28 01:40 . 2011-12-28 01:40 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\1c177e9aa7a1661ddec16c2f9f30947c\UIAutomationProvider.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\e4f0e0d45a1739bad6cc96377c9dd7f2\System.Windows.Presentation.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\385b56be2d617548e4b731dd050a1f32\System.Web.ApplicationServices.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e08ecf530f270cd45c72318b67826cb1\System.ServiceModel.Channels.ni.dll+ 2011-12-28 01:41 . 2011-12-28 01:41 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\117b65133fc00228bc249d1c61c387ea\System.AddIn.Contract.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\432eb09604ab71ee1aa4622bfbc4afee\Microsoft.VisualC.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\06ac8d640d2dfa7d4bb23c03584304ef\Accessibility.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\569ae3c239c7270b687996583ca97c28\UIAutomationProvider.ni.dll- 2011-10-14 16:48 . 2011-10-14 16:48 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\569ae3c239c7270b687996583ca97c28\UIAutomationProvider.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\dae96db9fac82bbd377a769302c2e1e0\System.Windows.Presentation.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\dae96db9fac82bbd377a769302c2e1e0\System.Windows.Presentation.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a54a122f1070ab71931dd9679ddd8e90\System.Web.DynamicData.Design.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a54a122f1070ab71931dd9679ddd8e90\System.Web.DynamicData.Design.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll- 2011-10-14 16:45 . 2011-10-14 16:45 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\63a7dfb7d8e0a4d8d5dde7ff42227b78\PresentationFontCache.ni.exe+ 2011-12-28 01:27 . 2011-12-28 01:27 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\63a7dfb7d8e0a4d8d5dde7ff42227b78\PresentationFontCache.ni.exe+ 2011-12-28 01:27 . 2011-12-28 01:27 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\ec8a45a9155e7c64504ca87b3d3c498c\PresentationCFFRasterizer.ni.dll- 2011-10-14 16:44 . 2011-10-14 16:44 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\ec8a45a9155e7c64504ca87b3d3c498c\PresentationCFFRasterizer.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\a615508098c5f4f5a34e89d22527c9de\Microsoft.WSMan.Runtime.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\a615508098c5f4f5a34e89d22527c9de\Microsoft.WSMan.Runtime.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\eaa8d72317e5b8047e413939cc71ffba\Microsoft.Vsa.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\eaa8d72317e5b8047e413939cc71ffba\Microsoft.Vsa.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\17fc30ccabf04ef1cf60a571067bc6dc\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\17fc30ccabf04ef1cf60a571067bc6dc\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll+ 2011-12-28 01:34 . 2011-12-28 01:34 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe- 2011-10-14 17:32 . 2011-10-14 17:32 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe- 2011-10-14 17:31 . 2011-10-14 17:31 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll+ 2011-12-28 01:33 . 2011-12-28 01:33 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll- 2003-06-13 21:23 . 2003-06-13 21:23 50176 c:\windows\AppPatch\AppLoc.exe+ 2003-06-13 22:23 . 2003-06-13 22:23 50176 c:\windows\AppPatch\AppLoc.exe- 2003-06-13 21:23 . 2003-06-13 21:23 81408 c:\windows\AppPatch\AlLayer.dll+ 2003-06-13 22:23 . 2003-06-13 22:23 81408 c:\windows\AppPatch\AlLayer.dll+ 2011-12-28 01:30 . 2010-10-18 11:10 7680 c:\windows\ie8updates\KB2598845-IE8\iecompat.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\5cc246adea1b07b9c2a76bbe86fbfe2e\dfsvc.ni.exe+ 2011-12-28 01:21 . 2011-12-28 01:21 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll- 2011-10-14 16:30 . 2011-10-14 16:30 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll- 2011-10-14 16:30 . 2011-10-14 16:30 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll+ 2006-12-02 03:54 . 2006-12-02 03:54 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll- 2006-12-02 02:54 . 2006-12-02 02:54 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll+ 2006-12-02 03:54 . 2006-12-02 03:54 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll- 2006-12-02 02:54 . 2006-12-02 02:54 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll- 2006-12-02 02:54 . 2006-12-02 02:54 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll+ 2006-12-02 03:54 . 2006-12-02 03:54 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll+ 2007-01-31 19:50 . 2007-01-31 19:50 913408 c:\windows\system32\xreglib.dll+ 2008-10-09 21:31 . 2008-10-09 21:31 192512 c:\windows\system32\txmlutil.dll- 2004-10-28 07:52 . 2011-11-06 17:12 508824 c:\windows\system32\perfh009.dat+ 2004-10-28 07:52 . 2011-12-29 19:05 508824 c:\windows\system32\perfh009.dat- 2011-05-28 21:00 . 2011-11-28 19:39 285280 c:\windows\system32\nvdrsdb1.bin+ 2011-05-28 21:00 . 2011-12-24 08:55 285280 c:\windows\system32\nvdrsdb1.bin+ 2011-05-28 21:00 . 2011-12-24 08:55 285280 c:\windows\system32\nvdrsdb0.bin- 2011-05-28 21:00 . 2011-11-28 19:39 285280 c:\windows\system32\nvdrsdb0.bin+ 2003-02-21 09:42 . 2003-02-21 09:42 348160 c:\windows\system32\msvcr71.dll- 2011-04-25 21:52 . 2011-04-25 21:52 348160 c:\windows\system32\msvcr71.dll+ 2002-01-05 07:37 . 2002-01-05 07:37 344064 c:\windows\system32\msvcr70.dll- 2002-01-05 11:37 . 2002-01-05 11:37 344064 c:\windows\system32\msvcr70.dll- 2011-04-25 21:52 . 2011-04-25 21:52 499712 c:\windows\system32\msvcp71.dll+ 2003-03-19 01:14 . 2003-03-19 01:14 499712 c:\windows\system32\msvcp71.dll+ 2002-01-05 08:40 . 2002-01-05 08:40 487424 c:\windows\system32\msvcp70.dll- 2002-01-05 11:40 . 2002-01-05 11:40 487424 c:\windows\system32\msvcp70.dll- 2002-01-05 12:36 . 2002-01-05 12:36 964608 c:\windows\system32\mfc70u.dll+ 2002-01-05 08:36 . 2002-01-05 08:36 964608 c:\windows\system32\mfc70u.dll+ 2002-01-05 08:48 . 2002-01-05 08:48 974848 c:\windows\system32\mfc70.dll- 2002-01-05 12:48 . 2002-01-05 12:48 974848 c:\windows\system32\mfc70.dll+ 2009-04-06 21:44 . 2009-04-06 21:44 266376 c:\windows\system32\drivers\bdfsfltr.sys+ 2007-04-11 16:11 . 2007-04-11 16:11 511328 c:\windows\system32\capicom.dll+ 2011-12-15 10:29 . 2011-12-15 10:29 279992 c:\windows\system32\Adobe\Shockwave 11\SymCCIS.dll+ 2011-12-15 10:45 . 2011-12-15 10:45 114176 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe+ 2011-12-15 10:47 . 2011-12-15 10:47 434176 c:\windows\system32\Adobe\Shockwave 11\Proj.dll+ 2011-12-15 10:45 . 2011-12-15 10:45 365056 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll+ 2011-12-15 10:33 . 2011-12-15 10:33 990208 c:\windows\system32\Adobe\Shockwave 11\iml32.dll+ 2011-12-15 10:44 . 2011-12-15 10:44 543232 c:\windows\system32\Adobe\Shockwave 11\Control.dll+ 2011-12-15 10:53 . 2011-12-15 10:53 113592 c:\windows\system32\Adobe\Director\SWDNLD.EXE+ 2011-12-15 10:53 . 2011-12-15 10:53 281016 c:\windows\system32\Adobe\Director\SwDir.dll+ 2011-12-15 10:46 . 2011-12-15 10:46 145920 c:\windows\system32\Adobe\Director\np32dsw.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 916312 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 236880 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 191840 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe+ 2011-05-17 14:27 . 2011-05-17 14:27 413520 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll+ 2011-05-17 14:27 . 2011-05-17 14:27 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll- 2011-04-12 19:11 . 2011-04-12 19:11 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll- 2011-10-14 16:31 . 2011-10-14 16:31 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll- 2011-10-14 16:31 . 2011-10-14 16:31 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll- 2011-10-14 16:30 . 2011-10-14 16:30 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll- 2011-10-14 16:30 . 2011-10-14 16:30 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll- 2011-10-14 16:30 . 2011-10-14 16:30 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll- 2011-10-14 16:30 . 2011-10-14 16:30 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll- 2011-10-14 16:30 . 2011-10-14 16:30 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll- 2011-10-14 16:30 . 2011-10-14 16:30 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll- 2011-10-14 16:30 . 2011-10-14 16:30 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll- 2011-10-14 16:30 . 2011-10-14 16:30 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll- 2011-10-14 16:30 . 2011-10-14 16:30 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll- 2011-10-14 16:30 . 2011-10-14 16:30 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll- 2011-10-14 16:30 . 2011-10-14 16:30 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll- 2011-10-14 16:30 . 2011-10-14 16:30 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll- 2011-10-14 16:30 . 2011-10-14 16:30 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll- 2011-10-14 16:30 . 2011-10-14 16:30 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll- 2011-10-14 16:30 . 2011-10-14 16:30 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll- 2011-10-14 16:30 . 2011-10-14 16:30 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll- 2011-10-14 16:30 . 2011-10-14 16:30 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll- 2011-10-14 16:30 . 2011-10-14 16:30 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll- 2011-10-14 16:30 . 2011-10-14 16:30 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll- 2011-10-14 16:30 . 2011-10-14 16:30 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll- 2011-10-14 16:30 . 2011-10-14 16:30 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll- 2011-10-14 16:30 . 2011-10-14 16:30 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll- 2011-10-14 16:30 . 2011-10-14 16:30 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll- 2011-10-14 16:30 . 2011-10-14 16:30 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll- 2011-10-14 16:30 . 2011-10-14 16:30 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll- 2011-10-14 16:30 . 2011-10-14 16:30 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll- 2011-10-14 16:30 . 2011-10-14 16:30 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll- 2011-10-14 16:30 . 2011-10-14 16:30 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll- 2011-10-14 16:30 . 2011-10-14 16:30 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll Link to post Share on other sites More sharing options...
MarkThaHeat Posted December 31, 2011 Author ID:511631 Share Posted December 31, 2011 + 2011-12-28 01:21 . 2011-12-28 01:21 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll- 2011-10-14 16:30 . 2011-10-14 16:30 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll- 2011-10-14 16:30 . 2011-10-14 16:30 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll- 2011-10-14 16:30 . 2011-10-14 16:30 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll- 2011-10-14 16:30 . 2011-10-14 16:30 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll- 2011-10-14 16:31 . 2011-10-14 16:31 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll- 2011-10-14 16:31 . 2011-10-14 16:31 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll- 2011-10-14 16:31 . 2011-10-14 16:31 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll- 2011-10-14 16:31 . 2011-10-14 16:31 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll- 2011-10-14 16:31 . 2011-10-14 16:31 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll- 2011-10-14 16:30 . 2011-10-14 16:30 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll- 2011-10-14 16:30 . 2011-10-14 16:30 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll- 2011-10-14 16:30 . 2011-10-14 16:30 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll- 2011-10-14 16:30 . 2011-10-14 16:30 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll- 2011-10-14 16:30 . 2011-10-14 16:30 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll- 2011-10-14 16:30 . 2011-10-14 16:30 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll- 2011-10-14 16:30 . 2011-10-14 16:30 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll- 2011-10-14 16:30 . 2011-10-14 16:30 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll- 2011-10-14 16:30 . 2011-10-14 16:30 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll- 2011-10-14 16:30 . 2011-10-14 16:30 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll- 2011-10-14 16:30 . 2011-10-14 16:30 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll+ 2011-12-25 21:34 . 2011-12-25 21:34 430592 c:\windows\Installer\73423.msi+ 2011-12-24 07:49 . 2011-12-24 07:49 409600 c:\windows\Installer\1aacd0b.msi+ 2010-03-18 17:16 . 2010-03-18 17:16 915800 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\wpftxt_x86.dll+ 2011-12-28 01:30 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2598845-IE8\spuninst\updspapi.dll+ 2011-12-28 01:30 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2598845-IE8\spuninst\spuninst.exe+ 2011-12-28 01:55 . 2011-12-28 01:55 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\962b04386ebf18f5871d5ceefa83ba4b\WindowsFormsIntegration.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\5b96ee4992d9559ba5483c769bc5c889\UIAutomationTypes.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\1c29539a07226b411e0a1a47aed57183\UIAutomationClient.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\bd729791a7504ef9ecb4ad6ebfd94935\System.Xml.Linq.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\dcad72e49476386b76a81d2df187c32c\System.Windows.Input.Manipulations.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\caf1d94cb89859c72d6c8cd8774068d3\System.Transactions.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\aab1c287bc73a03c51b55fb3f102c27e\System.ServiceProcess.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\bd104bb2f798661c5a972249582b5441\System.ServiceModel.Routing.ni.dll+ 2011-12-28 01:24 . 2011-12-28 01:24 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\aecd169d75edbcbe626d2a222a02e9f3\System.Security.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\44d18693baaee5ee0e6f6fd4910e8f81\System.Runtime.Remoting.ni.dll+ 2011-12-28 01:20 . 2011-12-28 01:20 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\97126244f88693adb36f94116d8d0dda\System.Numerics.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\56fe9070b1d56613fd5cf7c73ec3b26f\System.Net.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\420c9d9b271bc26d1b6f437f1f4913a9\System.Messaging.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\b71ea67c5bfa5b660efc12eb1c6ea4af\System.Management.Instrumentation.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\267d7dbdbe126590fba4a11c1ab12926\System.IO.Log.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\4ca1f130cbacf72beedf13da42b93e75\System.IdentityModel.Selectors.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\fd4f85af43b2c177c8d085a8ba3f4993\System.EnterpriseServices.Wrapper.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\fd4f85af43b2c177c8d085a8ba3f4993\System.EnterpriseServices.ni.dll+ 2011-12-28 01:24 . 2011-12-28 01:24 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\b806ef4a19c8157e7858e0a15f9cf48d\System.Dynamic.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\4178d8536c67896ab77af36a48ee7ec4\System.DirectoryServices.Protocols.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\324617c0a492d6acc64325c836553f2c\System.DirectoryServices.AccountManagement.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\ca25f888c067fa170d8bba824efa2ca8\System.Device.ni.dll+ 2011-12-28 01:41 . 2011-12-28 01:41 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\282487a15f595c199b6cc640ea8995e8\System.Data.DataSetExtensions.ni.dll+ 2011-12-28 01:23 . 2011-12-28 01:23 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\4844dd28e0611d1ebd1e449fe822c2a5\System.Configuration.ni.dll+ 2011-12-28 01:41 . 2011-12-28 01:41 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\06f71e66b9913a24c22f85a0caef3ae4\System.Configuration.Install.ni.dll+ 2011-12-28 01:41 . 2011-12-28 01:41 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\fa608e0882b98981cb6fd6e0754bdff8\System.ComponentModel.DataAnnotations.ni.dll+ 2011-12-28 01:24 . 2011-12-28 01:24 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\a91d48ec926171da7de01cf2a10b1dfc\System.ComponentModel.Composition.ni.dll+ 2011-12-28 01:41 . 2011-12-28 01:41 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\f407937d4694c46537c470007a1df957\System.AddIn.ni.dll+ 2011-12-28 01:41 . 2011-12-28 01:41 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\80347a66af30b5c14c0114baee4c64f8\System.Activities.DurableInstancing.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\fcbb4a33ebdc8562603bc7f725a088ce\SMSvcHost.ni.exe+ 2011-12-28 01:40 . 2011-12-28 01:40 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\398a52caf1e9fd1a6ea9dd589b0f6e68\SMDiagnostics.ni.dll+ 2011-12-28 01:23 . 2011-12-28 01:23 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d2d4bdbd9e2196e04dcdd68994a1f952\PresentationFramework.Royale.ni.dll+ 2011-12-28 01:25 . 2011-12-28 01:25 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9211f2faac02f0082b201a95731736c4\PresentationFramework.Aero.ni.dll+ 2011-12-28 01:24 . 2011-12-28 01:24 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\6e48fb2ce01b4758a68f61651d6461d8\PresentationFramework.Luna.ni.dll+ 2011-12-28 01:24 . 2011-12-28 01:24 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\351819dc653a07a310cf1387b3266936\PresentationFramework.Classic.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\edec5402d5424967ba20de137835ed2a\Microsoft.VisualBasic.Compatibility.Data.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\f4ab32c177d931f26072a14c27efc3b5\Microsoft.Transactions.Bridge.Dtc.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\48ad8351ab66166c853d410d3282a408\CustomMarshalers.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe+ 2011-12-28 01:35 . 2011-12-28 01:35 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe- 2011-10-14 16:48 . 2011-10-14 16:48 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\605a648f185a7eb6ea449798edbe2a0d\WindowsFormsIntegration.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\605a648f185a7eb6ea449798edbe2a0d\WindowsFormsIntegration.ni.dll- 2011-10-14 16:48 . 2011-10-14 16:48 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f102afdffdbe2565bcedb7fa0626b865\UIAutomationTypes.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f102afdffdbe2565bcedb7fa0626b865\UIAutomationTypes.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\a3743d6698a4877de2bed79fd7b7428b\UIAutomationClient.ni.dll- 2011-10-14 16:48 . 2011-10-14 16:48 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\a3743d6698a4877de2bed79fd7b7428b\UIAutomationClient.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3533d614ebecd4344efbee619dd11a74\System.Web.Routing.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3533d614ebecd4344efbee619dd11a74\System.Web.Routing.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e5d6b9f0d43c4621d655d0ce4ea0f6ea\System.Web.Extensions.Design.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e5d6b9f0d43c4621d655d0ce4ea0f6ea\System.Web.Extensions.Design.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\1dfa7febbad1aa406dc0218962f51c72\System.Web.Entity.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\1dfa7febbad1aa406dc0218962f51c72\System.Web.Entity.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\b0d54d94445ff1a7cf025610ba6a1dd3\System.Web.Entity.Design.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\b0d54d94445ff1a7cf025610ba6a1dd3\System.Web.Entity.Design.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a527c4a04618bd0b3fbc4eb979d923e4\System.Web.DynamicData.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a527c4a04618bd0b3fbc4eb979d923e4\System.Web.DynamicData.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\b2a84980f206431821d85d5155d5916f\System.Net.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\b2a84980f206431821d85d5155d5916f\System.Net.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\f36eded354122da9555a6c7cdbdb5431\System.Management.Instrumentation.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\f36eded354122da9555a6c7cdbdb5431\System.Management.Instrumentation.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll+ 2011-12-28 01:33 . 2011-12-28 01:33 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll+ 2011-12-28 01:33 . 2011-12-28 01:33 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll- 2011-10-14 17:34 . 2011-10-14 17:34 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca06e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll- 2011-10-14 16:47 . 2011-10-14 16:47 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca06e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11cdd1c0d65428cd3505d3813d36638c\System.DirectoryServices.AccountManagement.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11cdd1c0d65428cd3505d3813d36638c\System.DirectoryServices.AccountManagement.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll+ 2011-12-28 01:37 . 2011-12-28 01:37 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll+ 2011-12-28 01:37 . 2011-12-28 01:37 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3f179f373f31817a914b639a56cc0497\System.Data.Services.Design.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3f179f373f31817a914b639a56cc0497\System.Data.Services.Design.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\fee1a48b769a8c4beb335ee5ce006091\System.Data.Entity.Design.ni.dll+ 2011-12-28 01:37 . 2011-12-28 01:37 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\fee1a48b769a8c4beb335ee5ce006091\System.Data.Entity.Design.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\b9d9ff5d03e90ede1116794f2c7dd6da\System.Data.DataSetExtensions.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\b9d9ff5d03e90ede1116794f2c7dd6da\System.Data.DataSetExtensions.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3048737e9e3bf5173121a084337256bc\System.AddIn.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3048737e9e3bf5173121a084337256bc\System.AddIn.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe+ 2011-12-28 01:35 . 2011-12-28 01:35 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe- 2011-10-14 17:32 . 2011-10-14 17:32 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll+ 2011-12-28 01:34 . 2011-12-28 01:34 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe+ 2011-12-28 01:34 . 2011-12-28 01:34 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe+ 2011-12-28 01:28 . 2011-12-28 01:28 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ddfde0924e873301edba5525d88f834d\PresentationFramework.Royale.ni.dll- 2011-10-14 16:46 . 2011-10-14 16:46 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ddfde0924e873301edba5525d88f834d\PresentationFramework.Royale.ni.dll+ 2011-12-28 01:28 . 2011-12-28 01:28 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c81f3913e9137bb784d4bee92d7685a3\PresentationFramework.Aero.ni.dll- 2011-10-14 16:46 . 2011-10-14 16:46 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c81f3913e9137bb784d4bee92d7685a3\PresentationFramework.Aero.ni.dll- 2011-10-14 16:46 . 2011-10-14 16:46 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\80d76470241fb4c14222a376e555f94a\PresentationFramework.Classic.ni.dll+ 2011-12-28 01:28 . 2011-12-28 01:28 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\80d76470241fb4c14222a376e555f94a\PresentationFramework.Classic.ni.dll+ 2011-12-28 01:28 . 2011-12-28 01:28 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2e61301e065a359186924efb2f7a5a30\PresentationFramework.Luna.ni.dll- 2011-10-14 16:46 . 2011-10-14 16:46 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2e61301e065a359186924efb2f7a5a30\PresentationFramework.Luna.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe+ 2011-12-28 01:35 . 2011-12-28 01:35 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe+ 2011-12-28 01:36 . 2011-12-28 01:36 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\a976a4b51c81150402b0abee38f41ab1\Microsoft.WSMan.Management.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\a976a4b51c81150402b0abee38f41ab1\Microsoft.WSMan.Management.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll+ 2011-12-28 01:34 . 2011-12-28 01:34 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df4a7b6bc850621fa2d38fb08f910ef7\Microsoft.PowerShell.Security.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df4a7b6bc850621fa2d38fb08f910ef7\Microsoft.PowerShell.Security.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b3d3d76cfc8350587616860fb0f64ccc\Microsoft.PowerShell.ConsoleHost.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b3d3d76cfc8350587616860fb0f64ccc\Microsoft.PowerShell.ConsoleHost.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\75470af1cd12c5273ff2d2cac41d0a8b\Microsoft.PowerShell.GraphicalHost.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\75470af1cd12c5273ff2d2cac41d0a8b\Microsoft.PowerShell.GraphicalHost.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 737792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\592e4b99037ec91cd4201d1ee28895b7\Microsoft.PowerShell.Commands.Management.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 737792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\592e4b99037ec91cd4201d1ee28895b7\Microsoft.PowerShell.Commands.Management.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3a03ec48148fa16aa65fd9ba5df49cb8\Microsoft.PowerShell.Commands.Diagnostics.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3a03ec48148fa16aa65fd9ba5df49cb8\Microsoft.PowerShell.Commands.Diagnostics.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\47ff0720cb80a0fc0bbd15ddc3d12adc\Microsoft.Build.Utilities.v3.5.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\47ff0720cb80a0fc0bbd15ddc3d12adc\Microsoft.Build.Utilities.v3.5.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\dc278e1123086ae32fec8f7e9751db14\Microsoft.Build.Conversion.v3.5.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\dc278e1123086ae32fec8f7e9751db14\Microsoft.Build.Conversion.v3.5.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe+ 2011-12-28 01:34 . 2011-12-28 01:34 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe+ 2011-12-28 01:33 . 2011-12-28 01:33 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll- 2003-06-10 14:43 . 2003-06-10 14:43 380928 c:\windows\AppPatch\ALRes804.dll+ 2003-06-10 15:43 . 2003-06-10 15:43 380928 c:\windows\AppPatch\ALRes804.dll- 2003-06-10 14:43 . 2003-06-10 14:43 380928 c:\windows\AppPatch\ALRes412.dll+ 2003-06-10 15:43 . 2003-06-10 15:43 380928 c:\windows\AppPatch\ALRes412.dll- 2003-06-10 14:43 . 2003-06-10 14:43 380928 c:\windows\AppPatch\ALRes411.dll+ 2003-06-10 15:43 . 2003-06-10 15:43 380928 c:\windows\AppPatch\ALRes411.dll+ 2003-06-11 18:19 . 2003-06-11 18:19 380928 c:\windows\AppPatch\ALRes40D.dll- 2003-06-11 17:19 . 2003-06-11 17:19 380928 c:\windows\AppPatch\ALRes40D.dll- 2003-06-13 21:23 . 2003-06-13 21:23 340992 c:\windows\AppPatch\ALRes409.dll+ 2003-06-13 22:23 . 2003-06-13 22:23 340992 c:\windows\AppPatch\ALRes409.dll- 2003-06-10 14:43 . 2003-06-10 14:43 380928 c:\windows\AppPatch\ALRes407.dll+ 2003-06-10 15:43 . 2003-06-10 15:43 380928 c:\windows\AppPatch\ALRes407.dll+ 2003-06-10 15:43 . 2003-06-10 15:43 380928 c:\windows\AppPatch\ALRes404.dll- 2003-06-10 14:43 . 2003-06-10 14:43 380928 c:\windows\AppPatch\ALRes404.dll+ 2003-06-10 15:43 . 2003-06-10 15:43 380928 c:\windows\AppPatch\ALRes401.dll- 2003-06-10 14:43 . 2003-06-10 14:43 380928 c:\windows\AppPatch\ALRes401.dll- 2006-12-02 04:25 . 2006-12-02 04:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll+ 2006-12-02 05:25 . 2006-12-02 05:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll- 2006-12-02 04:25 . 2006-12-02 04:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll+ 2006-12-02 05:25 . 2006-12-02 05:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll- 2003-03-20 08:12 . 2003-03-20 08:12 1047552 c:\windows\system32\MFC71u.dll+ 2003-03-19 02:12 . 2003-03-19 02:12 1047552 c:\windows\system32\mfc71u.dll+ 2003-03-19 02:20 . 2003-03-19 02:20 1060864 c:\windows\system32\mfc71.dll- 2003-03-20 08:20 . 2003-03-20 08:20 1060864 c:\windows\system32\MFC71.dll+ 2011-12-15 10:53 . 2011-12-15 10:53 1040824 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1163633.exe+ 2011-12-15 10:29 . 2011-12-15 10:29 2376368 c:\windows\system32\Adobe\Shockwave 11\gt.exe+ 2011-12-15 10:29 . 2011-12-15 10:29 1208832 c:\windows\system32\Adobe\Shockwave 11\gi.dll+ 2011-12-15 10:35 . 2011-12-15 10:35 1742336 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll- 2010-03-18 17:16 . 2010-03-18 17:16 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 1368920 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 6428520 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 3788128 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 2261832 c:\windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe- 2010-03-18 17:16 . 2010-03-18 17:16 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 6097256 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.dll+ 2011-05-17 14:27 . 2011-05-17 14:27 2975064 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.dll+ 2011-04-06 21:48 . 2011-04-06 21:48 1354584 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Core.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll- 2011-10-14 16:30 . 2011-10-14 16:30 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll- 2011-10-14 16:30 . 2011-10-14 16:30 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll- 2011-10-14 16:30 . 2011-10-14 16:30 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll- 2011-10-14 16:30 . 2011-10-14 16:30 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll- 2011-10-14 16:30 . 2011-10-14 16:30 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll- 2011-10-14 16:30 . 2011-10-14 16:30 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll- 2011-10-14 16:30 . 2011-10-14 16:30 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll- 2011-10-14 16:30 . 2011-10-14 16:30 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll- 2011-10-14 16:30 . 2011-10-14 16:30 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll+ 2011-12-28 01:21 . 2011-12-28 01:21 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll- 2011-10-14 16:30 . 2011-10-14 16:30 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll+ 2011-12-28 01:32 . 2011-12-28 01:32 1067008 c:\windows\Installer\b15f591.msi+ 2011-12-29 00:17 . 2011-12-29 00:17 5095424 c:\windows\Installer\20bfd65.msi+ 2010-03-18 17:16 . 2010-03-18 17:16 1663320 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\wpfgfx_x86.dll+ 2010-03-18 17:16 . 2010-03-18 17:16 1303896 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\WindowsBase_x86.dll+ 2010-03-18 17:16 . 2010-03-18 17:16 6346600 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationFramework_x86.dll+ 2010-03-18 17:16 . 2010-03-18 17:16 3545952 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationCore_x86.dll+ 2011-12-28 01:23 . 2011-12-28 01:23 3857920 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\9dacf8a5033dfbcb435be166d2f42cdf\WindowsBase.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\ac9379a0db1d8da11fbc46f09da411db\UIAutomationClientsideProviders.ni.dll+ 2011-12-28 01:20 . 2011-12-28 01:20 3652608 c:\windows\assembly\NativeImages_v4.0.30319_32\Temp\778-0\WindowsBase.dll+ 2011-12-28 01:22 . 2011-12-28 01:22 9086464 c:\windows\assembly\NativeImages_v4.0.30319_32\System\5286fe2d0167eb835a9f11025f1cb756\System.ni.dll+ 2011-12-28 01:23 . 2011-12-28 01:23 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\419103071a5a5d17738afbe9dd03d58a\System.Xml.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a3ffdc1316821b5ceb32c9a788334329\System.Xaml.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\e3a0483820fafd51c8cd4576de6eb45f\System.Windows.Forms.DataVisualization.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\4cbc10b8a84a7ef0fcf9d2885bfe9832\System.Web.Services.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\6663f8ba0327399c1a5b313707cff36f\System.Speech.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 1392640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a19563d781ccd0807a41d27701d485c6\System.ServiceModel.Activities.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\9be7f7f68d488eb02161d3f0663a61a4\System.ServiceModel.Discovery.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\41a4f6cc5d596e952fd880ae1a47308f\System.Runtime.DurableInstancing.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\0a30a201408744c5315446aef7fb3d5a\System.Printing.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\7c4eea005578d9990f604fda345fb2b4\System.Management.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\16c385f23b5e493899f0d206dfb60094\System.IdentityModel.ni.dll+ 2011-12-28 01:23 . 2011-12-28 01:23 1652736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\17bfc7131aca3a393f430121f79307bd\System.Drawing.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\83a815291644645a3ab1ce55452e1e61\System.DirectoryServices.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\1c2d038775f2c9d42468261118019e6b\System.Deployment.ni.dll+ 2011-12-28 01:24 . 2011-12-28 01:24 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\14d8a7579839b11151cd901b846d0afb\System.Data.ni.dll+ 2011-12-28 01:23 . 2011-12-28 01:24 2549760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\05f8ccf31515e720b1663e710e992211\System.Data.SqlXml.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\c05998cb3411b039bdfb5d852e1413be\System.Data.Services.Client.ni.dll+ 2011-12-28 01:24 . 2011-12-28 01:24 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\d622a2c40d37cfdb88e4eea7315a323e\System.Data.Linq.ni.dll+ 2011-12-28 01:23 . 2011-12-28 01:23 7069696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\44a7d2597981a82da8b9e3e2298602de\System.Core.ni.dll+ 2011-12-28 01:41 . 2011-12-28 01:41 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\e69e487d338ceb3883b7d175885f0794\System.Activities.ni.dll+ 2011-12-28 01:41 . 2011-12-28 01:41 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\cc25c620acedf02fd6b5c46238643cab\System.Activities.Presentation.ni.dll+ 2011-12-28 01:41 . 2011-12-28 01:41 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\49577d8acbf16b6091f5466feae43403\System.Activities.Core.Presentation.ni.dll+ 2011-12-28 01:41 . 2011-12-28 01:41 2907136 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\2d23bb6dd81b41002c8f927b95b7b226\ReachFramework.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\ec64d7c99f7e030d39c355ce7a968600\PresentationUI.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\c7dd3d91f33a79c70db8bd805a483f4b\Microsoft.VisualBasic.Activities.Compiler.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 1136128 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\596251e8604d886f1edfcd2671a2f371\Microsoft.VisualBasic.Compatibility.ni.dll+ 2011-12-28 01:40 . 2011-12-28 01:40 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\51df2ad80d91a7669dd1856a9c1061f9\Microsoft.VisualBasic.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\477c9b916a9aee0a8beb041ee00a5fcb\Microsoft.Transactions.Bridge.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\614f6f698d269e2c56bf23feba58551c\Microsoft.JScript.ni.dll+ 2011-12-28 01:24 . 2011-12-28 01:24 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\f03a7f8f2393a04fac7fecc1c55bd02e\Microsoft.CSharp.ni.dll- 2011-10-14 16:45 . 2011-10-14 16:45 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\02f642a258ffcab5e6cb400e6d0fe057\WindowsBase.ni.dll+ 2011-12-28 01:27 . 2011-12-28 01:27 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\02f642a258ffcab5e6cb400e6d0fe057\WindowsBase.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\e62dc3c11acf17b7e1933c8bc73a2da3\UIAutomationClientsideProviders.ni.dll- 2011-10-14 16:48 . 2011-10-14 16:48 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\e62dc3c11acf17b7e1933c8bc73a2da3\UIAutomationClientsideProviders.ni.dll+ 2011-12-28 01:27 . 2011-12-28 01:27 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll- 2011-10-14 16:44 . 2011-10-14 16:44 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll- 2011-10-14 16:48 . 2011-10-14 16:48 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\17902fdb0e0d3bc8b49bce693415fe7e\System.WorkflowServices.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\17902fdb0e0d3bc8b49bce693415fe7e\System.WorkflowServices.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f72c5f649951b0403e62bfab6c453e6f\System.Workflow.Runtime.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f72c5f649951b0403e62bfab6c453e6f\System.Workflow.Runtime.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0aa4f4174204c93cc5181df4a6b2fb09\System.Workflow.ComponentModel.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0aa4f4174204c93cc5181df4a6b2fb09\System.Workflow.ComponentModel.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\921629dc69a5a895101097c88ae67897\System.Workflow.Activities.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\921629dc69a5a895101097c88ae67897\System.Workflow.Activities.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\eb8678a59280d15589f7dba6a102ba42\System.Web.Extensions.ni.dll+ 2011-12-28 01:39 . 2011-12-28 01:39 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\eb8678a59280d15589f7dba6a102ba42\System.Web.Extensions.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\10d7daa3d1e62a0e40587cdc707be93f\System.Speech.ni.dll- 2011-10-14 16:47 . 2011-10-14 16:47 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\10d7daa3d1e62a0e40587cdc707be93f\System.Speech.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\26b01859047f9747004d0030e3f745e4\System.ServiceModel.Web.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\26b01859047f9747004d0030e3f745e4\System.ServiceModel.Web.ni.dll+ 2011-12-28 01:33 . 2011-12-28 01:33 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\318f2630b19127e5c0328c956d3b6141\System.Printing.ni.dll- 2011-10-14 16:47 . 2011-10-14 16:47 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\318f2630b19127e5c0328c956d3b6141\System.Printing.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\3959e9012ee532343861eb35c6c72b24\System.Management.Automation.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\3959e9012ee532343861eb35c6c72b24\System.Management.Automation.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll+ 2011-12-28 01:33 . 2011-12-28 01:33 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll- 2011-10-14 16:47 . 2011-10-14 16:47 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll+ 2011-12-28 01:28 . 2011-12-28 01:28 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll- 2011-10-14 16:46 . 2011-10-14 16:46 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll+ 2011-12-28 01:37 . 2011-12-28 01:37 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\541142d8742e6e88f1e729fafee04e71\System.Data.Services.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\541142d8742e6e88f1e729fafee04e71\System.Data.Services.ni.dll- 2011-10-14 16:47 . 2011-10-14 16:47 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\d96a94076acb8e0c5a96a1b2de4b3a7a\System.Data.Linq.ni.dll+ 2011-12-28 01:28 . 2011-12-28 01:28 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\d96a94076acb8e0c5a96a1b2de4b3a7a\System.Data.Linq.ni.dll+ 2011-12-28 01:37 . 2011-12-28 01:37 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\b70adfee3b5ed7e0688d13f24cbec556\System.Data.Entity.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\b70adfee3b5ed7e0688d13f24cbec556\System.Data.Entity.ni.dll+ 2011-12-28 01:28 . 2011-12-28 01:28 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll- 2011-10-14 16:46 . 2011-10-14 16:46 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll+ 2011-12-28 01:28 . 2011-12-28 01:28 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24fa02c099932cbbe03960b224a8657d\ReachFramework.ni.dll- 2011-10-14 16:46 . 2011-10-14 16:46 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24fa02c099932cbbe03960b224a8657d\ReachFramework.ni.dll- 2011-10-14 16:46 . 2011-10-14 16:46 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a200cbfb7be9d4775cfb342437b3931e\PresentationUI.ni.dll+ 2011-12-28 01:28 . 2011-12-28 01:28 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a200cbfb7be9d4775cfb342437b3931e\PresentationUI.ni.dll+ 2011-12-28 01:27 . 2011-12-28 01:27 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\37fd70ad5f3726031995041b246fe862\PresentationBuildTasks.ni.dll- 2011-10-14 16:44 . 2011-10-14 16:44 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\37fd70ad5f3726031995041b246fe862\PresentationBuildTasks.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll+ 2011-12-28 01:34 . 2011-12-28 01:34 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fe2b7a2fb77d0a98d5258aa6d8a754d6\Microsoft.PowerShell.GPowerShell.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fe2b7a2fb77d0a98d5258aa6d8a754d6\Microsoft.PowerShell.GPowerShell.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e89e0098dc73443654763f1d63fe07ba\Microsoft.PowerShell.Editor.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e89e0098dc73443654763f1d63fe07ba\Microsoft.PowerShell.Editor.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7c0df343514ab15e0fe9b11e9b013b11\Microsoft.PowerShell.Commands.Utility.ni.dll+ 2011-12-28 01:36 . 2011-12-28 01:36 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7c0df343514ab15e0fe9b11e9b013b11\Microsoft.PowerShell.Commands.Utility.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\8ad32b72258899177c07dc5912b5b748\Microsoft.JScript.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\8ad32b72258899177c07dc5912b5b748\Microsoft.JScript.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll- 2011-10-14 17:33 . 2011-10-14 17:33 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\415cef6abab5bb959f200f6c537bc289\Microsoft.Build.Tasks.v3.5.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\415cef6abab5bb959f200f6c537bc289\Microsoft.Build.Tasks.v3.5.ni.dll+ 2011-12-28 01:35 . 2011-12-28 01:35 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll+ 2011-05-19 03:55 . 2011-05-19 03:55 19624448 c:\windows\Installer\b15f565.msp Link to post Share on other sites More sharing options...
MarkThaHeat Posted December 31, 2011 Author ID:511633 Share Posted December 31, 2011 + 2011-12-28 01:24 . 2011-12-28 01:24 13138432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2de8b7360d6a58fa7fd1b451fa88dde6\System.Windows.Forms.ni.dll+ 2011-12-28 01:55 . 2011-12-28 01:55 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\559ebac0a85ae55da09827b8048f77bd\System.ServiceModel.ni.dll+ 2011-12-28 01:54 . 2011-12-28 01:54 13346816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\78afce4e1bd3d345ef1fff004659191c\System.Data.Entity.ni.dll+ 2011-12-28 01:26 . 2011-12-28 01:26 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\813a0913bea1269e48613509609e72b4\PresentationFramework.ni.dll+ 2011-12-28 01:24 . 2011-12-28 01:24 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8244412387a82c0acd3d63622e22cef5\PresentationCore.ni.dll+ 2011-12-28 01:19 . 2011-12-28 01:19 14407680 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll- 2011-10-14 16:47 . 2011-10-14 16:47 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll- 2011-10-14 17:34 . 2011-10-14 17:34 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll+ 2011-12-28 01:38 . 2011-12-28 01:38 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll+ 2011-12-28 01:34 . 2011-12-28 01:34 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll- 2011-10-14 17:32 . 2011-10-14 17:32 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll- 2011-10-14 16:47 . 2011-10-14 16:47 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b7e3e46b32176f76558\System.Design.ni.dll+ 2011-12-28 01:29 . 2011-12-28 01:29 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b7e3e46b32176f76558\System.Design.ni.dll- 2011-10-14 16:46 . 2011-10-14 16:46 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0a5d5d16dc9082b0ea955f70faa459c8\PresentationFramework.ni.dll+ 2011-12-28 01:28 . 2011-12-28 01:28 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0a5d5d16dc9082b0ea955f70faa459c8\PresentationFramework.ni.dll+ 2011-12-28 01:27 . 2011-12-28 01:27 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f5e71b3c856300c4ee7e3c6185417462\PresentationCore.ni.dll- 2011-10-14 16:45 . 2011-10-14 16:45 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f5e71b3c856300c4ee7e3c6185417462\PresentationCore.ni.dll+ 2011-12-28 01:27 . 2011-12-28 01:27 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll- 2011-10-14 16:44 . 2011-10-14 16:44 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll+ 2011-04-07 02:43 . 2011-04-07 02:43 123313664 c:\windows\Installer\b15f57c.msp.-- Snapshot reset to current date --.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912].[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}].[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]2011-05-09 09:49 176936 ----a-w- c:\program files\ZoneAlarm_Security\prxtbZone.dll.[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]2011-12-08 11:52 1547104 ----a-w- c:\program files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll.[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]2011-01-17 20:54 175912 ------w- c:\program files\Vuze_Remote\prxtbVuze.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZone.dll" [2011-05-09 176936]"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll" [2011-12-08 1547104].[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}].[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}].[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}][HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1][HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj].[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912].[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}].[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-28 39408]"PeerGuardian"="c:\program files\PeerGuardian2\pg2.exe" [2005-09-18 1382400]"Aim"="c:\program files\AIM7\aim.exe" [2011-05-03 4321112]"GBMPro8Agent"="c:\program files\Genie-Soft\GBMPro8\GBMAgent.exe" [2008-07-28 189056]"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]"RTHDCPL"="RTHDCPL.EXE" [2011-04-14 20053608]"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656]"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-04-13 1298320]"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-03-22 74752]"GBMPro8Agent"="c:\program files\Genie-Soft\GBMPro8\GBMAgent.exe" [2008-07-28 189056]"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-10 44032]"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]"Live Update 5"="c:\program files\MSI\Live Update 5\LU5.exe" [2011-11-04 1858064]"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-11-03 738944]"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2011-11-10 73360]"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-12-08 827232]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]"NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2011-12-29 782336]"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2011-10-05 3578272]"Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2011-10-05 3025304]"SystemProtector"="c:\program files\Advanced System Optimizer 3\SystemProtector.exe" [2010-04-19 9999080].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-01-10 519584].c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904].[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128].[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart\0\0sdnclean.exe.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]"DisableMonitoring"=dword:00000001.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0).[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"="c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"="c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="c:\\Program Files\\AIM7\\aim.exe"="c:\\Program Files\\Capcom\\Super Street Fighter IV\\SSFIV.exe"="c:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"="c:\\Program Files\\THQ\\Company of Heroes\\RelicDownloader\\RelicDownloader.exe"="c:\\Program Files\\Veetle\\Player\\VeetleNet.exe"="c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"="c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"="c:\\Program Files\\Tunngle\\tnglctrl.exe"="c:\\Program Files\\Tunngle\\tunngle.exe"="c:\\Program Files\\Vuze\\Azureus.exe"="c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"="c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"="c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"="c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"="c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"="c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"="c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management .R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2/22/2011 7:13 AM 22992]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [3/16/2011 3:03 PM 32592]R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [1/7/2011 5:41 AM 248656]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [4/4/2011 11:59 PM 297168]R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [12/28/2011 7:17 PM 36000]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [12/28/2011 6:32 PM 239168]R1 SDHookDriver;Spybot-S&D 2 Hook Driver;c:\program files\Spybot - Search & Destroy 2\SDHookDrv32.sys [12/28/2011 8:06 PM 38504]R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12/28/2011 7:17 PM 86224]R2 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\Advanced System Optimizer 3\ASO3DefragSrv.exe [5/28/2011 3:28 AM 238824]R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [8/18/2011 12:33 AM 7390560]R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2/8/2011 4:33 AM 269520]R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [10/13/2011 5:21 PM 249648]R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [11/3/2011 9:44 AM 27016]R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [11/3/2011 9:44 AM 497280]R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [5/28/2011 4:01 PM 2253120]R2 SDHookService;Spybot S&D 2 Live Protection Service;c:\program files\Spybot - Search & Destroy 2\SDHookSvc.exe [12/28/2011 8:06 PM 130976]R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [12/28/2011 8:06 PM 955816]R2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [12/8/2011 6:52 AM 855904]R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [4/14/2011 8:28 PM 134480]R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2/10/2011 6:53 AM 24144]R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2/10/2011 6:53 AM 27216]R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [5/28/2011 8:37 PM 45472]R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files\MSI\Live Update 5\msibios32_100507.sys [11/6/2011 11:56 AM 25912]R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [11/6/2011 11:56 AM 7680]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [12/10/2010 12:50 PM 62336]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [12/10/2010 12:50 PM 141440]R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [5/28/2011 4:17 AM 27136]S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys [12/28/2011 7:20 PM 149272]S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]S0 TFSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]S1 7989609drv;7989609drv;c:\windows\system32\DRIVERS\7989609drv.sys --> c:\windows\system32\DRIVERS\7989609drv.sys [?]S1 MpKsl0598a10d;MpKsl0598a10d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EAE906B5-58AB-460F-AA5B-7A1A67FDC9AE}\MpKsl0598a10d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EAE906B5-58AB-460F-AA5B-7A1A67FDC9AE}\MpKsl0598a10d.sys [?]S1 MpKsl0a3872f4;MpKsl0a3872f4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FB7C8397-DC9B-40ED-A1D7-EAC2066089AD}\MpKsl0a3872f4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FB7C8397-DC9B-40ED-A1D7-EAC2066089AD}\MpKsl0a3872f4.sys [?]S1 MpKsl10b6fe46;MpKsl10b6fe46;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EAE906B5-58AB-460F-AA5B-7A1A67FDC9AE}\MpKsl10b6fe46.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EAE906B5-58AB-460F-AA5B-7A1A67FDC9AE}\MpKsl10b6fe46.sys [?]S1 MpKsl1297e534;MpKsl1297e534;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C9880E43-070C-4075-80F5-97844F40C3C6}\MpKsl1297e534.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C9880E43-070C-4075-80F5-97844F40C3C6}\MpKsl1297e534.sys [?]S1 MpKsl19bced5e;MpKsl19bced5e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{891E801F-AEAE-47C5-8CA9-AF4A91242C91}\MpKsl19bced5e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{891E801F-AEAE-47C5-8CA9-AF4A91242C91}\MpKsl19bced5e.sys [?]S1 MpKsl2314177c;MpKsl2314177c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EDFD08A2-F6CC-4D4E-9330-960BC0A82A31}\MpKsl2314177c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EDFD08A2-F6CC-4D4E-9330-960BC0A82A31}\MpKsl2314177c.sys [?]S1 MpKsl23f3f158;MpKsl23f3f158;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{87C61EA8-C2E1-4A7A-958E-779490A34FB4}\MpKsl23f3f158.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{87C61EA8-C2E1-4A7A-958E-779490A34FB4}\MpKsl23f3f158.sys [?]S1 MpKsl25a56b84;MpKsl25a56b84;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C1A6BF7-68A9-4C4D-BFF8-F6560B46968F}\MpKsl25a56b84.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C1A6BF7-68A9-4C4D-BFF8-F6560B46968F}\MpKsl25a56b84.sys [?]S1 MpKsl27379ed7;MpKsl27379ed7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FB3C2939-F561-46D1-B62A-773AD427EC77}\MpKsl27379ed7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FB3C2939-F561-46D1-B62A-773AD427EC77}\MpKsl27379ed7.sys [?]S1 MpKsl2842aac3;MpKsl2842aac3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4C1607DF-6FA5-4A9E-8D2A-6DF1801047BB}\MpKsl2842aac3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4C1607DF-6FA5-4A9E-8D2A-6DF1801047BB}\MpKsl2842aac3.sys [?]S1 MpKsl2b0bdbc4;MpKsl2b0bdbc4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FB7C8397-DC9B-40ED-A1D7-EAC2066089AD}\MpKsl2b0bdbc4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FB7C8397-DC9B-40ED-A1D7-EAC2066089AD}\MpKsl2b0bdbc4.sys [?]S1 MpKsl2d47d129;MpKsl2d47d129;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C9880E43-070C-4075-80F5-97844F40C3C6}\MpKsl2d47d129.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C9880E43-070C-4075-80F5-97844F40C3C6}\MpKsl2d47d129.sys [?]S1 MpKsl3305eb99;MpKsl3305eb99;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E20B495D-B1BC-4DB2-A1B7-87DEDDA82B90}\MpKsl3305eb99.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E20B495D-B1BC-4DB2-A1B7-87DEDDA82B90}\MpKsl3305eb99.sys [?]S1 MpKsl3401f868;MpKsl3401f868;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E20B495D-B1BC-4DB2-A1B7-87DEDDA82B90}\MpKsl3401f868.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E20B495D-B1BC-4DB2-A1B7-87DEDDA82B90}\MpKsl3401f868.sys [?]S1 MpKsl347efce5;MpKsl347efce5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FB7C8397-DC9B-40ED-A1D7-EAC2066089AD}\MpKsl347efce5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FB7C8397-DC9B-40ED-A1D7-EAC2066089AD}\MpKsl347efce5.sys [?]S1 MpKsl34a59b0e;MpKsl34a59b0e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{95EDBC0C-ACBA-4F8E-98DD-8821C823ADBA}\MpKsl34a59b0e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{95EDBC0C-ACBA-4F8E-98DD-8821C823ADBA}\MpKsl34a59b0e.sys [?]S1 MpKsl3c5c4e0a;MpKsl3c5c4e0a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{890ADE05-7F22-4FFF-AE1C-DD10B33EF1AC}\MpKsl3c5c4e0a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{890ADE05-7F22-4FFF-AE1C-DD10B33EF1AC}\MpKsl3c5c4e0a.sys [?]S1 MpKsl3de503e5;MpKsl3de503e5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{32A02C1B-1E40-4B3B-BAF9-A54E762104DE}\MpKsl3de503e5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{32A02C1B-1E40-4B3B-BAF9-A54E762104DE}\MpKsl3de503e5.sys [?]S1 MpKsl43574dee;MpKsl43574dee;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{87C61EA8-C2E1-4A7A-958E-779490A34FB4}\MpKsl43574dee.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{87C61EA8-C2E1-4A7A-958E-779490A34FB4}\MpKsl43574dee.sys [?]S1 MpKsl4468f080;MpKsl4468f080;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F5622473-D12D-4CAC-AEB7-5C859744BBDD}\MpKsl4468f080.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F5622473-D12D-4CAC-AEB7-5C859744BBDD}\MpKsl4468f080.sys [?]S1 MpKsl44e04ee3;MpKsl44e04ee3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EDFD08A2-F6CC-4D4E-9330-960BC0A82A31}\MpKsl44e04ee3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EDFD08A2-F6CC-4D4E-9330-960BC0A82A31}\MpKsl44e04ee3.sys [?]S1 MpKsl45468207;MpKsl45468207;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{468F0A69-3CE1-4325-BB9C-DB4141DDF25E}\MpKsl45468207.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{468F0A69-3CE1-4325-BB9C-DB4141DDF25E}\MpKsl45468207.sys [?]S1 MpKsl4871fb62;MpKsl4871fb62;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E3D015F-AD54-4339-A9C4-6ED385B35861}\MpKsl4871fb62.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E3D015F-AD54-4339-A9C4-6ED385B35861}\MpKsl4871fb62.sys [?]S1 MpKsl49c4bc59;MpKsl49c4bc59;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C1A6BF7-68A9-4C4D-BFF8-F6560B46968F}\MpKsl49c4bc59.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C1A6BF7-68A9-4C4D-BFF8-F6560B46968F}\MpKsl49c4bc59.sys [?]S1 MpKsl4a3a8a5a;MpKsl4a3a8a5a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C1A6BF7-68A9-4C4D-BFF8-F6560B46968F}\MpKsl4a3a8a5a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C1A6BF7-68A9-4C4D-BFF8-F6560B46968F}\MpKsl4a3a8a5a.sys [?]S1 MpKsl4c6eb6a3;MpKsl4c6eb6a3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DE3293AD-02D7-49C9-BF75-CD825D33A55D}\MpKsl4c6eb6a3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DE3293AD-02D7-49C9-BF75-CD825D33A55D}\MpKsl4c6eb6a3.sys [?]S1 MpKsl4e6ef89f;MpKsl4e6ef89f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B41D6DA1-8CCB-40C4-AB05-35448374A70E}\MpKsl4e6ef89f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B41D6DA1-8CCB-40C4-AB05-35448374A70E}\MpKsl4e6ef89f.sys [?]S1 MpKsl4eecc878;MpKsl4eecc878;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{95EDBC0C-ACBA-4F8E-98DD-8821C823ADBA}\MpKsl4eecc878.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{95EDBC0C-ACBA-4F8E-98DD-8821C823ADBA}\MpKsl4eecc878.sys [?]S1 MpKsl519b7ddb;MpKsl519b7ddb;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FA8BD3B6-E388-4B27-8593-B324D9B85C4B}\MpKsl519b7ddb.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FA8BD3B6-E388-4B27-8593-B324D9B85C4B}\MpKsl519b7ddb.sys [?]S1 MpKsl51c7791d;MpKsl51c7791d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5D4C9958-30B4-434C-AF65-F0D3FFF4B5D2}\MpKsl51c7791d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5D4C9958-30B4-434C-AF65-F0D3FFF4B5D2}\MpKsl51c7791d.sys [?]S1 MpKsl51f5c93a;MpKsl51f5c93a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EF02A97-A5C8-442E-A741-5503E0DA2741}\MpKsl51f5c93a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EF02A97-A5C8-442E-A741-5503E0DA2741}\MpKsl51f5c93a.sys [?]S1 MpKsl54a50c22;MpKsl54a50c22;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7889CD4E-555F-4500-A5B1-3903174D463F}\MpKsl54a50c22.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7889CD4E-555F-4500-A5B1-3903174D463F}\MpKsl54a50c22.sys [?]S1 MpKsl5ba98317;MpKsl5ba98317;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C1A6BF7-68A9-4C4D-BFF8-F6560B46968F}\MpKsl5ba98317.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C1A6BF7-68A9-4C4D-BFF8-F6560B46968F}\MpKsl5ba98317.sys [?]S1 MpKsl6149e9a0;MpKsl6149e9a0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1B5F96D2-7CE8-4C65-AC9D-96C41A5593CE}\MpKsl6149e9a0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1B5F96D2-7CE8-4C65-AC9D-96C41A5593CE}\MpKsl6149e9a0.sys [?]S1 MpKsl64e9dc04;MpKsl64e9dc04;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EAE906B5-58AB-460F-AA5B-7A1A67FDC9AE}\MpKsl64e9dc04.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EAE906B5-58AB-460F-AA5B-7A1A67FDC9AE}\MpKsl64e9dc04.sys [?]S1 MpKsl65dd8335;MpKsl65dd8335;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5CA35170-C2F8-4507-BAB4-34681D48D266}\MpKsl65dd8335.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5CA35170-C2F8-4507-BAB4-34681D48D266}\MpKsl65dd8335.sys [?]S1 MpKsl704bf366;MpKsl704bf366;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{52BCF8EB-9420-4295-B9F5-DBD3447B8A23}\MpKsl704bf366.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{52BCF8EB-9420-4295-B9F5-DBD3447B8A23}\MpKsl704bf366.sys [?]S1 MpKsl708a3b9b;MpKsl708a3b9b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{95EDBC0C-ACBA-4F8E-98DD-8821C823ADBA}\MpKsl708a3b9b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{95EDBC0C-ACBA-4F8E-98DD-8821C823ADBA}\MpKsl708a3b9b.sys [?]S1 MpKsl728aa061;MpKsl728aa061;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B00A444C-C56B-49DF-B472-75D7FC88EA57}\MpKsl728aa061.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B00A444C-C56B-49DF-B472-75D7FC88EA57}\MpKsl728aa061.sys [?]S1 MpKsl73969a5c;MpKsl73969a5c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8A183DB-AA09-4E2E-BBA3-02E0A29D13A9}\MpKsl73969a5c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8A183DB-AA09-4E2E-BBA3-02E0A29D13A9}\MpKsl73969a5c.sys [?]S1 MpKsl73c3bd66;MpKsl73c3bd66;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FD39350D-5A7A-4520-B441-3DE74D3B3DB8}\MpKsl73c3bd66.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FD39350D-5A7A-4520-B441-3DE74D3B3DB8}\MpKsl73c3bd66.sys [?]S1 MpKsl73d9b3b4;MpKsl73d9b3b4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F002796D-EC16-4073-9AC6-F7CDC83448AA}\MpKsl73d9b3b4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F002796D-EC16-4073-9AC6-F7CDC83448AA}\MpKsl73d9b3b4.sys [?]S1 MpKsl7bd7e6a9;MpKsl7bd7e6a9;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D9F4F46B-FD9A-4D2E-AF35-A4BB6C244780}\MpKsl7bd7e6a9.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D9F4F46B-FD9A-4D2E-AF35-A4BB6C244780}\MpKsl7bd7e6a9.sys [?]S1 MpKsl7c638330;MpKsl7c638330;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E3D015F-AD54-4339-A9C4-6ED385B35861}\MpKsl7c638330.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E3D015F-AD54-4339-A9C4-6ED385B35861}\MpKsl7c638330.sys [?]S1 MpKsl7e40de05;MpKsl7e40de05;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DE3293AD-02D7-49C9-BF75-CD825D33A55D}\MpKsl7e40de05.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DE3293AD-02D7-49C9-BF75-CD825D33A55D}\MpKsl7e40de05.sys [?]S1 MpKsl80c9917e;MpKsl80c9917e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5CA35170-C2F8-4507-BAB4-34681D48D266}\MpKsl80c9917e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5CA35170-C2F8-4507-BAB4-34681D48D266}\MpKsl80c9917e.sys [?]S1 MpKsl83a72b0e;MpKsl83a72b0e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{38739D11-7DB6-4CCB-86AD-407D27CC9396}\MpKsl83a72b0e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{38739D11-7DB6-4CCB-86AD-407D27CC9396}\MpKsl83a72b0e.sys [?]S1 MpKsl84b89d5d;MpKsl84b89d5d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5FEE835F-0A76-4131-A4ED-D465EFEF220A}\MpKsl84b89d5d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5FEE835F-0A76-4131-A4ED-D465EFEF220A}\MpKsl84b89d5d.sys [?]S1 MpKsl85f9f263;MpKsl85f9f263;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F2892512-8826-4155-8FD9-4D2068558DF0}\MpKsl85f9f263.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F2892512-8826-4155-8FD9-4D2068558DF0}\MpKsl85f9f263.sys [?]S1 MpKsl865578ff;MpKsl865578ff;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B9652E93-00E8-46A6-80C4-1082FE1F1C98}\MpKsl865578ff.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B9652E93-00E8-46A6-80C4-1082FE1F1C98}\MpKsl865578ff.sys [?]S1 MpKsl92607528;MpKsl92607528;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{468F0A69-3CE1-4325-BB9C-DB4141DDF25E}\MpKsl92607528.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{468F0A69-3CE1-4325-BB9C-DB4141DDF25E}\MpKsl92607528.sys [?]S1 MpKsl9ad6e6b2;MpKsl9ad6e6b2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0B140760-C8FE-4780-99BF-7B8F4C7AD4E7}\MpKsl9ad6e6b2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0B140760-C8FE-4780-99BF-7B8F4C7AD4E7}\MpKsl9ad6e6b2.sys [?]S1 MpKsl9d79ddd9;MpKsl9d79ddd9;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1B3C04CB-3B3A-4291-B12E-0FDA486A8108}\MpKsl9d79ddd9.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1B3C04CB-3B3A-4291-B12E-0FDA486A8108}\MpKsl9d79ddd9.sys [?]S1 MpKsl9de07d11;MpKsl9de07d11;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8EEA8CF-B39E-4E27-8685-CD7A0A3E47F9}\MpKsl9de07d11.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8EEA8CF-B39E-4E27-8685-CD7A0A3E47F9}\MpKsl9de07d11.sys [?]S1 MpKsla0713dbf;MpKsla0713dbf;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4C1607DF-6FA5-4A9E-8D2A-6DF1801047BB}\MpKsla0713dbf.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4C1607DF-6FA5-4A9E-8D2A-6DF1801047BB}\MpKsla0713dbf.sys [?]S1 MpKsla0ed5967;MpKsla0ed5967;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6482D8D-6F2A-4744-9FA2-148A40E4B195}\MpKsla0ed5967.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6482D8D-6F2A-4744-9FA2-148A40E4B195}\MpKsla0ed5967.sys [?]S1 MpKsla225631e;MpKsla225631e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F387A42-433C-4364-855F-0A3726046AA4}\MpKsla225631e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F387A42-433C-4364-855F-0A3726046AA4}\MpKsla225631e.sys [?]S1 MpKsla74a3746;MpKsla74a3746;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{468F0A69-3CE1-4325-BB9C-DB4141DDF25E}\MpKsla74a3746.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{468F0A69-3CE1-4325-BB9C-DB4141DDF25E}\MpKsla74a3746.sys [?]S1 MpKslad9d4725;MpKslad9d4725;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{32A02C1B-1E40-4B3B-BAF9-A54E762104DE}\MpKslad9d4725.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{32A02C1B-1E40-4B3B-BAF9-A54E762104DE}\MpKslad9d4725.sys [?]S1 MpKslb5c5ca62;MpKslb5c5ca62;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D0829FED-2EB6-456D-906C-65B6FADABB9D}\MpKslb5c5ca62.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D0829FED-2EB6-456D-906C-65B6FADABB9D}\MpKslb5c5ca62.sys [?]S1 MpKslb85d5af2;MpKslb85d5af2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{30237FAD-72FA-4D6F-A84C-176F6AD1ECA5}\MpKslb85d5af2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{30237FAD-72FA-4D6F-A84C-176F6AD1ECA5}\MpKslb85d5af2.sys [?]S1 MpKslbb9f2aff;MpKslbb9f2aff;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A38244B1-4A96-498E-89ED-D215F973A886}\MpKslbb9f2aff.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A38244B1-4A96-498E-89ED-D215F973A886}\MpKslbb9f2aff.sys [?]S1 MpKslbe6db7ad;MpKslbe6db7ad;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{05C039DF-F59D-4B3C-827B-0BA08C93DCA6}\MpKslbe6db7ad.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{05C039DF-F59D-4B3C-827B-0BA08C93DCA6}\MpKslbe6db7ad.sys [?]S1 MpKslc0b8cde2;MpKslc0b8cde2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{87213BF0-2D89-435C-9A41-4041BF1A1AE3}\MpKslc0b8cde2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{87213BF0-2D89-435C-9A41-4041BF1A1AE3}\MpKslc0b8cde2.sys [?]S1 MpKslc1d0872f;MpKslc1d0872f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EAE906B5-58AB-460F-AA5B-7A1A67FDC9AE}\MpKslc1d0872f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EAE906B5-58AB-460F-AA5B-7A1A67FDC9AE}\MpKslc1d0872f.sys [?]S1 MpKslc89dbf09;MpKslc89dbf09;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{685E8400-B619-4030-AC08-E4D5A882B42B}\MpKslc89dbf09.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{685E8400-B619-4030-AC08-E4D5A882B42B}\MpKslc89dbf09.sys [?]S1 MpKslcaa37dcb;MpKslcaa37dcb;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6072BAD3-11A9-4FC1-A56A-EE2DCC162447}\MpKslcaa37dcb.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6072BAD3-11A9-4FC1-A56A-EE2DCC162447}\MpKslcaa37dcb.sys [?]S1 MpKslcdcbf57a;MpKslcdcbf57a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFD91EE5-B159-40AB-A252-1C8F15444805}\MpKslcdcbf57a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFD91EE5-B159-40AB-A252-1C8F15444805}\MpKslcdcbf57a.sys [?]S1 MpKsld540f9b2;MpKsld540f9b2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E3D015F-AD54-4339-A9C4-6ED385B35861}\MpKsld540f9b2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E3D015F-AD54-4339-A9C4-6ED385B35861}\MpKsld540f9b2.sys [?]S1 MpKsld67133c7;MpKsld67133c7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{993DA9FD-E2D6-406B-9465-FD83ADC88CB0}\MpKsld67133c7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{993DA9FD-E2D6-406B-9465-FD83ADC88CB0}\MpKsld67133c7.sys [?]S1 MpKsld97aac3b;MpKsld97aac3b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3688B08D-7F7E-4361-953F-36D5D56065BB}\MpKsld97aac3b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3688B08D-7F7E-4361-953F-36D5D56065BB}\MpKsld97aac3b.sys [?]S1 MpKsldc293362;MpKsldc293362;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{13C0CFC5-66EC-42E7-A022-DCF48DE6AB1A}\MpKsldc293362.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{13C0CFC5-66EC-42E7-A022-DCF48DE6AB1A}\MpKsldc293362.sys [?]S1 MpKslddf25d39;MpKslddf25d39;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{52BCF8EB-9420-4295-B9F5-DBD3447B8A23}\MpKslddf25d39.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{52BCF8EB-9420-4295-B9F5-DBD3447B8A23}\MpKslddf25d39.sys [?]S1 MpKsldea974db;MpKsldea974db;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9AC02783-50A3-4BE8-A949-26ADFBE0F956}\MpKsldea974db.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9AC02783-50A3-4BE8-A949-26ADFBE0F956}\MpKsldea974db.sys [?]S1 MpKsldeab5511;MpKsldeab5511;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{993DA9FD-E2D6-406B-9465-FD83ADC88CB0}\MpKsldeab5511.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{993DA9FD-E2D6-406B-9465-FD83ADC88CB0}\MpKsldeab5511.sys [?]S1 MpKsle654c836;MpKsle654c836;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8DC9948E-F69C-431D-8E2D-F8BAE6585A68}\MpKsle654c836.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8DC9948E-F69C-431D-8E2D-F8BAE6585A68}\MpKsle654c836.sys [?]S1 MpKslec570b94;MpKslec570b94;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3A559833-429E-4929-84CF-8B42B7E248D4}\MpKslec570b94.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3A559833-429E-4929-84CF-8B42B7E248D4}\MpKslec570b94.sys [?]S1 MpKslf048c4a6;MpKslf048c4a6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5CA35170-C2F8-4507-BAB4-34681D48D266}\MpKslf048c4a6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5CA35170-C2F8-4507-BAB4-34681D48D266}\MpKslf048c4a6.sys [?]S1 MpKslf8f898f7;MpKslf8f898f7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F2892512-8826-4155-8FD9-4D2068558DF0}\MpKslf8f898f7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F2892512-8826-4155-8FD9-4D2068558DF0}\MpKslf8f898f7.sys [?]S1 MpKslf9a1e809;MpKslf9a1e809;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FA8BD3B6-E388-4B27-8593-B324D9B85C4B}\MpKslf9a1e809.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FA8BD3B6-E388-4B27-8593-B324D9B85C4B}\MpKslf9a1e809.sys [?]S1 MpKslfb2623eb;MpKslfb2623eb;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E7E1E334-7AEB-425E-A4B9-1A734D08A01E}\MpKslfb2623eb.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E7E1E334-7AEB-425E-A4B9-1A734D08A01E}\MpKslfb2623eb.sys [?]S1 MpKslfb70c984;MpKslfb70c984;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5BBC80D5-416B-4F57-BDCE-3E8A2396E30A}\MpKslfb70c984.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5BBC80D5-416B-4F57-BDCE-3E8A2396E30A}\MpKslfb70c984.sys [?]S1 MpKslfd1b6cf5;MpKslfd1b6cf5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DE5AD70F-223B-4B92-BC90-D8CBEDA6AF6D}\MpKslfd1b6cf5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DE5AD70F-223B-4B92-BC90-D8CBEDA6AF6D}\MpKslfd1b6cf5.sys [?]S1 MpKslff244a6f;MpKslff244a6f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C06B90BD-BAEA-4940-B64F-21197138AD2E}\MpKslff244a6f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C06B90BD-BAEA-4940-B64F-21197138AD2E}\MpKslff244a6f.sys [?]S2 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [10/21/2011 3:23 PM 196176]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/28/2011 12:31 AM 135664]S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [12/28/2011 8:05 PM 892336]S3 ADASPROT;SYSTWEAKASO;c:\program files\Advanced System Optimizer 3\adasprot32.sys [5/28/2011 3:28 AM 6656]S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5/28/2011 4:45 PM 1691480]S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [5/28/2011 7:00 PM 167264]S3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [4/15/2009 3:13 PM 146312]S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5/28/2011 12:31 AM 135664]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [1/21/2010 4:51 PM 30963576]S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [5/28/2011 12:21 PM 14336]S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 7:37 PM 4640000]S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]S3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [5/28/2011 4:17 AM 751464]S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [5/28/2011 12:21 PM 14336]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]S3 XoftSpyService;XoftSpyService;c:\program files\Common Files\XoftSpySE\6\xoftspyservice.exe [9/29/2010 1:43 PM 582424].[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelperWINRM REG_MULTI_SZ WINRMbdx REG_MULTI_SZ scan.Contents of the 'Scheduled Tasks' folder.2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-28 05:31].2011-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-28 05:31].2011-12-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1951331312-3607356801-2693221895-1005Core.job- c:\documents and settings\TwenTY20zOfHazE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-28 21:04].2011-12-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1951331312-3607356801-2693221895-1005UA.job- c:\documents and settings\TwenTY20zOfHazE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-28 21:04].2011-05-29 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job- c:\program files\Microsoft IntelliType Pro\itype.exe [2011-04-13 19:03].2011-12-30 c:\windows\Tasks\MP Scheduled Scan.job- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 19:39].2011-12-30 c:\windows\Tasks\ParetoLogic Registration3.job- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-09-29 18:43].2011-12-29 c:\windows\Tasks\ParetoLogic Update Version3.job- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-09-29 18:43].2011-12-29 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2011-12-29 20:46].2011-12-31 c:\windows\Tasks\User_Feed_Synchronization-{194DE050-D515-462E-9509-3F730C61C112}.job- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]..------- Supplementary Scan -------.uStart Page = about:blankmStart Page = about:blankuInternet Connection Wizard,ShellNext = iexploreuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105TCP: DhcpNameServer = 192.168.1.1 68.237.161.12Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dllFF - ProfilePath - c:\documents and settings\TwenTY20zOfHazE\Application Data\Mozilla\Firefox\Profiles\4sk90nti.default\FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=20100324223133512&tb_oid=24-03-2010&tb_mrud=29-05-2011FF - prefs.js: browser.search.selectedEngine - AVG Secure SearchFF - prefs.js: browser.startup.homepage - hxxps://www.google.com/webhp?hl=en&output=html&nomo=1FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query=FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, falseFF - user.js: browser.sessionstore.resume_from_crash - falseFF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false.- - - - ORPHANS REMOVED - - - -.Notify-SDWinLogon - SDWinLogon.dll...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2011-12-30 21:32Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ... .scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-1951331312-3607356801-2693221895-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Sawatex\FFHC Kasumi - Rebirth\‚ÿÔˆ-*Úâû0]"Order"=hex:08,00,00,00,02,00,00,00,18,01,00,00,01,00,00,00,02,00,00,00,86,00, 00,00,00,00,00,00,78,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,66,00,32,\.[HKEY_USERS\S-1-5-21-1951331312-3607356801-2693221895-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]"??"=hex:b1,bd,34,62,97,70,a8,06,f3,c9,cd,23,f1,5e,f6,0d,cb,c6,01,35,2f,8b,23, ca,1f,64,ce,9f,8f,59,3d,90,f6,6a,f3,1c,fa,9b,d8,57,82,f8,97,0c,eb,d0,bb,43,\"??"=hex:e2,06,90,c3,a9,ab,f7,ca,1c,f7,63,d7,3e,f2,89,5d.[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]"value"="?\05\06\1c\15\01\0d?".--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'winlogon.exe'(1328)c:\program files\Spybot - Search & Destroy 2\SDHook32.dllc:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll.- - - - - - - > 'lsass.exe'(1392)c:\program files\Spybot - Search & Destroy 2\SDHook32.dllc:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll.Completion time: 2011-12-30 21:38:47ComboFix-quarantined-files.txt 2011-12-31 02:38ComboFix2.txt 2011-12-24 00:29.Pre-Run: 8,949,407,744 bytes freePost-Run: 9,087,918,080 bytes free.- - End Of File - - 0E64D616E85F28A8958440C98CF7FBC7 Link to post Share on other sites More sharing options...
MrCharlie Posted January 1, 2012 ID:512099 Share Posted January 1, 2012 AV: AVG Anti-Virus Free Edition 2011 AV: Microsoft Security Essentials You're running two anti-virus programs, you have to uninstall one of them....I suggest you keep MSE and uninstall AVG.Let me know, MrC Link to post Share on other sites More sharing options...
MarkThaHeat Posted January 1, 2012 Author ID:512213 Share Posted January 1, 2012 I had these two AV applications installed simultaneously concurrently for years and this performance decrease only started happening a month ago which should negate that as being the issue. The system performs fine under normal operation , just under higher demanding situations it begins to compromise such as gaming. But I will remove one of the AV applications anyway because what you say is actually correct although one again I doubt that's the issue outlaid here. Upon removal of MSSE the system still remains the same. Link to post Share on other sites More sharing options...
MrCharlie Posted January 2, 2012 ID:512462 Share Posted January 2, 2012 I also see you have Spybot running too.ComboFix is a very powerful tool and it comes up clean.-------------Run TDSSKiller just to double check for rootkits.....Please download and run TDSSKiller as outlined in the post below:http://forums.malwarebytes.org/index.php?showtopic=100665&view=findpost&p=499595Post back the log, MrC Link to post Share on other sites More sharing options...
MarkThaHeat Posted January 2, 2012 Author ID:512568 Share Posted January 2, 2012 Apologize about the duplicate post , figured two heads were better than one. I removed spybot also , I pretty much downloaded about twenty different AV applications in desperation. As of right now I only have one real time scanner active. Here is the TDSS Log:14:26:32.0236 3676 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:1614:26:32.0799 3676 ============================================================14:26:32.0799 3676 Current date / time: 2012/01/02 14:26:32.079914:26:32.0799 3676 SystemInfo:14:26:32.0799 3676 14:26:32.0799 3676 OS Version: 5.1.2600 ServicePack: 3.014:26:32.0799 3676 Product type: Workstation14:26:32.0846 3676 ComputerName: BLOCK-PROVIDER14:26:32.0846 3676 UserName: TwenTY20zOfHazE14:26:32.0846 3676 Windows directory: C:\WINDOWS14:26:32.0846 3676 System windows directory: C:\WINDOWS14:26:32.0846 3676 Processor architecture: Intel x8614:26:32.0846 3676 Number of processors: 414:26:32.0846 3676 Page size: 0x100014:26:32.0846 3676 Boot type: Normal boot14:26:32.0846 3676 ============================================================14:26:34.0549 3676 Initialize success14:27:38.0471 5108 ============================================================14:27:38.0471 5108 Scan started14:27:38.0471 5108 Mode: Manual; SigCheck; TDLFS; 14:27:38.0471 5108 ============================================================14:27:40.0080 5108 7989609drv - ok14:27:40.0096 5108 Abiosdsk - ok14:27:40.0127 5108 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS14:27:42.0299 5108 abp480n5 - ok14:27:42.0549 5108 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys14:27:42.0690 5108 ACPI - ok14:27:42.0736 5108 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys14:27:42.0830 5108 ACPIEC - ok14:27:42.0908 5108 ADASPROT (e9b047e166480f67fb6d50b3eec8bd35) C:\Program Files\Advanced System Optimizer 3\adasprot32.sys14:27:42.0940 5108 ADASPROT ( UnsignedFile.Multi.Generic ) - warning14:27:42.0940 5108 ADASPROT - detected UnsignedFile.Multi.Generic (1)14:27:42.0955 5108 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys14:27:43.0018 5108 adpu160m - ok14:27:43.0065 5108 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys14:27:43.0174 5108 aec - ok14:27:43.0221 5108 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys14:27:43.0440 5108 AFD - ok14:27:43.0518 5108 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys14:27:43.0627 5108 agp440 - ok14:27:43.0643 5108 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys14:27:43.0705 5108 agpCPQ - ok14:27:43.0721 5108 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys14:27:43.0783 5108 Aha154x - ok14:27:43.0815 5108 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys14:27:43.0924 5108 aic78u2 - ok14:27:43.0940 5108 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys14:27:44.0002 5108 aic78xx - ok14:27:44.0033 5108 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys14:27:44.0127 5108 AliIde - ok14:27:44.0143 5108 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys14:27:44.0236 5108 alim1541 - ok14:27:44.0315 5108 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys14:27:44.0455 5108 Ambfilt - ok14:27:44.0471 5108 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys14:27:44.0533 5108 amdagp - ok14:27:44.0565 5108 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys14:27:44.0611 5108 amsint - ok14:27:44.0627 5108 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys14:27:44.0721 5108 asc - ok14:27:44.0736 5108 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys14:27:44.0799 5108 asc3350p - ok14:27:44.0815 5108 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys14:27:44.0893 5108 asc3550 - ok14:27:44.0924 5108 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys14:27:45.0049 5108 AsyncMac - ok14:27:45.0065 5108 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys14:27:45.0127 5108 atapi - ok14:27:45.0143 5108 Atdisk - ok14:27:45.0190 5108 ATE_PROCMON - ok14:27:45.0221 5108 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys14:27:45.0268 5108 Atmarpc - ok14:27:45.0283 5108 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys14:27:45.0346 5108 audstub - ok14:27:45.0393 5108 AVGIDSDriver (2d18221aab3db2d408d6c55c0f23090a) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys14:27:45.0408 5108 AVGIDSDriver - ok14:27:45.0440 5108 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys14:27:45.0455 5108 AVGIDSEH - ok14:27:45.0471 5108 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys14:27:45.0486 5108 AVGIDSFilter - ok14:27:45.0502 5108 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys14:27:45.0502 5108 AVGIDSShim - ok14:27:45.0518 5108 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys14:27:45.0533 5108 Avgldx86 - ok14:27:45.0549 5108 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys14:27:45.0565 5108 Avgmfx86 - ok14:27:45.0580 5108 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys14:27:45.0580 5108 Avgrkx86 - ok14:27:45.0596 5108 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys14:27:45.0611 5108 Avgtdix - ok14:27:45.0658 5108 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys14:27:45.0768 5108 Beep - ok14:27:45.0846 5108 catchme - ok14:27:45.0877 5108 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys14:27:45.0986 5108 cbidf - ok14:27:45.0986 5108 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys14:27:46.0080 5108 cbidf2k - ok14:27:46.0111 5108 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys14:27:46.0174 5108 CCDECODE - ok14:27:46.0190 5108 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys14:27:46.0221 5108 cd20xrnt - ok14:27:46.0236 5108 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys14:27:46.0299 5108 Cdaudio - ok14:27:46.0315 5108 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys14:27:46.0361 5108 Cdfs - ok14:27:46.0377 5108 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys14:27:46.0455 5108 Cdrom - ok14:27:46.0471 5108 Changer - ok14:27:46.0486 5108 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys14:27:46.0533 5108 CmdIde - ok14:27:46.0565 5108 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys14:27:46.0627 5108 Cpqarray - ok14:27:46.0627 5108 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys14:27:46.0705 5108 dac2w2k - ok14:27:46.0721 5108 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys14:27:46.0783 5108 dac960nt - ok14:27:46.0815 5108 dc3d (13f87920b684b23d1fa803e1bb017507) C:\WINDOWS\system32\DRIVERS\dc3d.sys14:27:46.0846 5108 dc3d - ok14:27:46.0877 5108 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys14:27:46.0940 5108 Disk - ok14:27:46.0986 5108 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys14:27:47.0127 5108 dmboot - ok14:27:47.0143 5108 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys14:27:47.0221 5108 dmio - ok14:27:47.0268 5108 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys14:27:47.0330 5108 dmload - ok14:27:47.0346 5108 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys14:27:47.0408 5108 DMusic - ok14:27:47.0424 5108 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys14:27:47.0471 5108 dpti2o - ok14:27:47.0486 5108 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys14:27:47.0549 5108 drmkaud - ok14:27:47.0580 5108 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys14:27:47.0596 5108 dtsoftbus01 - ok14:27:47.0643 5108 DwProt (09180c7f43f365b1530a707b9d1a83bd) C:\WINDOWS\system32\drivers\dwprot.sys14:27:47.0643 5108 Suspicious file (Forged): C:\WINDOWS\system32\drivers\dwprot.sys. Real md5: 09180c7f43f365b1530a707b9d1a83bd, Fake md5: 0ffbfb144c6e09bb6d354acfee97785d14:27:47.0643 5108 DwProt ( ForgedFile.Multi.Generic ) - warning14:27:47.0643 5108 DwProt - detected ForgedFile.Multi.Generic (1)14:27:47.0658 5108 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys14:27:47.0721 5108 Fastfat - ok14:27:47.0736 5108 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys14:27:47.0815 5108 Fdc - ok14:27:47.0830 5108 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys14:27:47.0908 5108 Fips - ok14:27:47.0908 5108 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys14:27:47.0971 5108 Flpydisk - ok14:27:48.0002 5108 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys14:27:48.0065 5108 FltMgr - ok14:27:48.0111 5108 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys14:27:48.0174 5108 Fs_Rec - ok14:27:48.0205 5108 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys14:27:48.0268 5108 Ftdisk - ok14:27:48.0283 5108 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys14:27:48.0346 5108 Gpc - ok14:27:48.0377 5108 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys14:27:48.0455 5108 HDAudBus - ok14:27:48.0471 5108 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys14:27:48.0549 5108 HidUsb - ok14:27:48.0565 5108 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys14:27:48.0627 5108 hpn - ok14:27:48.0658 5108 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys14:27:48.0705 5108 HTTP - ok14:27:48.0736 5108 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys14:27:48.0783 5108 i2omgmt - ok14:27:48.0799 5108 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys14:27:48.0861 5108 i2omp - ok14:27:48.0893 5108 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys14:27:48.0940 5108 i8042prt - ok14:27:48.0955 5108 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys14:27:49.0018 5108 Imapi - ok14:27:49.0049 5108 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys14:27:49.0096 5108 ini910u - ok14:27:49.0283 5108 IntcAzAudAddService (824c303baa9ec62696debb913f58a466) C:\WINDOWS\system32\drivers\RtkHDAud.sys14:27:49.0533 5108 IntcAzAudAddService - ok14:27:49.0768 5108 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys14:27:49.0830 5108 IntelIde - ok14:27:49.0861 5108 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys14:27:49.0924 5108 intelppm - ok14:27:49.0940 5108 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys14:27:50.0002 5108 Ip6Fw - ok14:27:50.0033 5108 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys14:27:50.0080 5108 IpFilterDriver - ok14:27:50.0111 5108 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys14:27:50.0158 5108 IpInIp - ok14:27:50.0174 5108 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys14:27:50.0252 5108 IpNat - ok14:27:50.0268 5108 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys14:27:50.0346 5108 IPSec - ok14:27:50.0361 5108 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys14:27:50.0393 5108 IRENUM - ok14:27:50.0408 5108 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys14:27:50.0471 5108 isapnp - ok14:27:50.0549 5108 ISWKL (08a811bfd207dfdec588881c18bacbaa) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys14:27:50.0565 5108 ISWKL - ok14:27:50.0596 5108 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys14:27:50.0674 5108 Kbdclass - ok14:27:50.0674 5108 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys14:27:50.0736 5108 kbdhid - ok14:27:50.0768 5108 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys14:27:50.0846 5108 kmixer - ok14:27:50.0861 5108 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys14:27:50.0955 5108 KSecDD - ok14:27:50.0971 5108 lbrtfdc - ok14:27:51.0002 5108 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys14:27:51.0018 5108 MHNDRV ( UnsignedFile.Multi.Generic ) - warning14:27:51.0018 5108 MHNDRV - detected UnsignedFile.Multi.Generic (1)14:27:51.0049 5108 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys14:27:51.0096 5108 mnmdd - ok14:27:51.0111 5108 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys14:27:51.0174 5108 Modem - ok14:27:51.0236 5108 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys14:27:51.0315 5108 Monfilt - ok14:27:51.0361 5108 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys14:27:51.0424 5108 motmodem - ok14:27:51.0455 5108 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys14:27:51.0518 5108 Mouclass - ok14:27:51.0549 5108 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys14:27:51.0627 5108 mouhid - ok14:27:51.0658 5108 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys14:27:51.0721 5108 MountMgr - ok14:27:51.0799 5108 MpKsl0598a10d - ok14:27:51.0815 5108 MpKsl0a3872f4 - ok14:27:51.0815 5108 MpKsl10b6fe46 - ok14:27:51.0815 5108 MpKsl1297e534 - ok14:27:51.0815 5108 MpKsl19bced5e - ok14:27:51.0815 5108 MpKsl2314177c - ok14:27:51.0830 5108 MpKsl23f3f158 - ok14:27:51.0830 5108 MpKsl25a56b84 - ok14:27:51.0830 5108 MpKsl27379ed7 - ok14:27:51.0846 5108 MpKsl2842aac3 - ok14:27:51.0846 5108 MpKsl2b0bdbc4 - ok14:27:51.0846 5108 MpKsl2d47d129 - ok14:27:51.0861 5108 MpKsl3305eb99 - ok14:27:51.0861 5108 MpKsl3401f868 - ok14:27:51.0861 5108 MpKsl347efce5 - ok14:27:51.0861 5108 MpKsl34a59b0e - ok14:27:51.0877 5108 MpKsl3c5c4e0a - ok14:27:51.0877 5108 MpKsl3de503e5 - ok14:27:51.0877 5108 MpKsl43574dee - ok14:27:51.0877 5108 MpKsl4468f080 - ok14:27:51.0893 5108 MpKsl44e04ee3 - ok14:27:51.0893 5108 MpKsl45468207 - ok14:27:51.0893 5108 MpKsl4871fb62 - ok14:27:51.0893 5108 MpKsl49c4bc59 - ok14:27:51.0893 5108 MpKsl4a3a8a5a - ok14:27:51.0893 5108 MpKsl4c6eb6a3 - ok14:27:51.0908 5108 MpKsl4e6ef89f - ok14:27:51.0908 5108 MpKsl4eecc878 - ok14:27:51.0908 5108 MpKsl519b7ddb - ok14:27:51.0908 5108 MpKsl51c7791d - ok14:27:51.0908 5108 MpKsl51f5c93a - ok14:27:51.0924 5108 MpKsl54a50c22 - ok14:27:51.0924 5108 MpKsl5ba98317 - ok14:27:51.0924 5108 MpKsl6149e9a0 - ok14:27:51.0924 5108 MpKsl64e9dc04 - ok14:27:51.0924 5108 MpKsl65dd8335 - ok14:27:51.0940 5108 MpKsl704bf366 - ok14:27:51.0940 5108 MpKsl708a3b9b - ok14:27:51.0940 5108 MpKsl728aa061 - ok14:27:51.0940 5108 MpKsl73969a5c - ok14:27:51.0940 5108 MpKsl73c3bd66 - ok14:27:51.0955 5108 MpKsl73d9b3b4 - ok14:27:51.0955 5108 MpKsl7bd7e6a9 - ok14:27:51.0955 5108 MpKsl7c638330 - ok14:27:51.0955 5108 MpKsl7e40de05 - ok14:27:51.0971 5108 MpKsl80c9917e - ok14:27:51.0971 5108 MpKsl83a72b0e - ok14:27:51.0971 5108 MpKsl84b89d5d - ok14:27:51.0971 5108 MpKsl85f9f263 - ok14:27:51.0971 5108 MpKsl865578ff - ok14:27:51.0971 5108 MpKsl92607528 - ok14:27:51.0986 5108 MpKsl9ad6e6b2 - ok14:27:51.0986 5108 MpKsl9d79ddd9 - ok14:27:51.0986 5108 MpKsl9de07d11 - ok14:27:51.0986 5108 MpKsla0713dbf - ok14:27:51.0986 5108 MpKsla0ed5967 - ok14:27:52.0002 5108 MpKsla225631e - ok14:27:52.0002 5108 MpKsla74a3746 - ok14:27:52.0002 5108 MpKslad9d4725 - ok14:27:52.0002 5108 MpKslb5c5ca62 - ok14:27:52.0002 5108 MpKslb85d5af2 - ok14:27:52.0002 5108 MpKslbb9f2aff - ok14:27:52.0018 5108 MpKslbe6db7ad - ok14:27:52.0018 5108 MpKslc0b8cde2 - ok14:27:52.0018 5108 MpKslc1d0872f - ok14:27:52.0018 5108 MpKslc89dbf09 - ok14:27:52.0018 5108 MpKslcaa37dcb - ok14:27:52.0033 5108 MpKslcdcbf57a - ok14:27:52.0033 5108 MpKsld540f9b2 - ok14:27:52.0033 5108 MpKsld67133c7 - ok14:27:52.0033 5108 MpKsld97aac3b - ok14:27:52.0033 5108 MpKsldc293362 - ok14:27:52.0033 5108 MpKslddf25d39 - ok14:27:52.0049 5108 MpKsldea974db - ok14:27:52.0049 5108 MpKsldeab5511 - ok14:27:52.0049 5108 MpKsle654c836 - ok14:27:52.0049 5108 MpKslec570b94 - ok14:27:52.0049 5108 MpKslf048c4a6 - ok14:27:52.0065 5108 MpKslf8f898f7 - ok14:27:52.0065 5108 MpKslf9a1e809 - ok14:27:52.0065 5108 MpKslfb2623eb - ok14:27:52.0065 5108 MpKslfb70c984 - ok14:27:52.0065 5108 MpKslfd1b6cf5 - ok14:27:52.0080 5108 MpKslff244a6f - ok14:27:52.0111 5108 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys14:27:52.0174 5108 mraid35x - ok14:27:52.0205 5108 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys14:27:52.0268 5108 MRxDAV - ok14:27:52.0361 5108 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys14:27:52.0408 5108 MRxSmb - ok14:27:52.0424 5108 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys14:27:52.0471 5108 Msfs - ok14:27:52.0549 5108 MSI_MSIBIOS_010507 (3846c05a66a3f5cd1d33e1a323c1762c) C:\Program Files\MSI\Live Update 5\msibios32_100507.sys14:27:52.0565 5108 MSI_MSIBIOS_010507 - ok14:27:52.0580 5108 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys14:27:52.0658 5108 MSKSSRV - ok14:27:52.0690 5108 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys14:27:52.0736 5108 MSPCLOCK - ok14:27:52.0752 5108 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys14:27:52.0815 5108 MSPQM - ok14:27:52.0861 5108 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys14:27:52.0924 5108 mssmbios - ok14:27:52.0955 5108 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys14:27:53.0018 5108 MSTEE - ok14:27:53.0049 5108 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys14:27:53.0096 5108 Mup - ok14:27:53.0127 5108 mxnic (e1cdf20697d992cf83ff86dd04df1285) C:\WINDOWS\system32\DRIVERS\mxnic.sys14:27:53.0190 5108 mxnic - ok14:27:53.0221 5108 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys14:27:53.0268 5108 NABTSFEC - ok14:27:53.0315 5108 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys14:27:53.0377 5108 NDIS - ok14:27:53.0393 5108 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys14:27:53.0455 5108 NdisIP - ok14:27:53.0502 5108 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys14:27:53.0549 5108 NdisTapi - ok14:27:53.0565 5108 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys14:27:53.0627 5108 Ndisuio - ok14:27:53.0658 5108 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys14:27:53.0721 5108 NdisWan - ok14:27:53.0752 5108 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys14:27:53.0799 5108 NDProxy - ok14:27:53.0815 5108 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys14:27:53.0877 5108 NetBIOS - ok14:27:53.0908 5108 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys14:27:53.0971 5108 NetBT - ok14:27:54.0002 5108 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys14:27:54.0049 5108 Npfs - ok14:27:54.0096 5108 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys14:27:54.0158 5108 Ntfs - ok14:27:54.0221 5108 NTIOLib_1_0_4 (cd2166c9511d336a058cde91778aaa69) C:\Program Files\MSI\Live Update 5\NTIOLib.sys14:27:54.0268 5108 NTIOLib_1_0_4 ( UnsignedFile.Multi.Generic ) - warning14:27:54.0268 5108 NTIOLib_1_0_4 - detected UnsignedFile.Multi.Generic (1)14:27:54.0315 5108 NuidFltr (9620a1d8160a550f064bbaf48d0f97cc) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys14:27:54.0346 5108 NuidFltr - ok14:27:54.0361 5108 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys14:27:54.0424 5108 Null - ok14:27:54.0471 5108 nusb3hub (f0cbf252811bc5fc49e7ecca3ee9519f) C:\WINDOWS\system32\DRIVERS\nusb3hub.sys14:27:54.0502 5108 nusb3hub - ok14:27:54.0518 5108 nusb3xhc (bdc5ff9b669b5475e3a6e47e5608205c) C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys14:27:54.0596 5108 nusb3xhc - ok14:27:54.0893 5108 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys14:27:55.0752 5108 nv - ok14:27:55.0861 5108 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys14:27:55.0924 5108 NwlnkFlt - ok14:27:55.0955 5108 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys14:27:56.0033 5108 NwlnkFwd - ok14:27:56.0096 5108 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys14:27:56.0174 5108 P3 - ok14:27:56.0205 5108 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys14:27:56.0268 5108 Parport - ok14:27:56.0299 5108 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys14:27:56.0361 5108 PartMgr - ok14:27:56.0393 5108 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys14:27:56.0455 5108 ParVdm - ok14:27:56.0471 5108 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys14:27:56.0533 5108 PCI - ok14:27:56.0549 5108 PCIDump - ok14:27:56.0565 5108 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys14:27:56.0611 5108 PCIIde - ok14:27:56.0643 5108 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys14:27:56.0705 5108 Pcmcia - ok14:27:56.0705 5108 PDCOMP - ok14:27:56.0721 5108 PDFRAME - ok14:27:56.0721 5108 PDRELI - ok14:27:56.0736 5108 PDRFRAME - ok14:27:56.0752 5108 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys14:27:56.0799 5108 perc2 - ok14:27:56.0830 5108 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys14:27:56.0877 5108 perc2hib - ok14:27:56.0908 5108 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys14:27:56.0971 5108 PptpMiniport - ok14:27:57.0002 5108 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys14:27:57.0065 5108 PSched - ok14:27:57.0080 5108 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys14:27:57.0143 5108 Ptilink - ok14:27:57.0174 5108 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys14:27:57.0174 5108 PxHelp20 - ok14:27:57.0190 5108 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys14:27:57.0236 5108 ql1080 - ok14:27:57.0252 5108 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys14:27:57.0315 5108 Ql10wnt - ok14:27:57.0330 5108 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys14:27:57.0377 5108 ql12160 - ok14:27:57.0408 5108 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys14:27:57.0471 5108 ql1240 - ok14:27:57.0471 5108 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys14:27:57.0533 5108 ql1280 - ok14:27:57.0533 5108 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys14:27:57.0596 5108 RasAcd - ok14:27:57.0596 5108 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys14:27:57.0658 5108 Rasl2tp - ok14:27:57.0690 5108 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys14:27:57.0736 5108 RasPppoe - ok14:27:57.0752 5108 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys14:27:57.0799 5108 Raspti - ok14:27:57.0815 5108 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys14:27:57.0893 5108 Rdbss - ok14:27:57.0908 5108 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys14:27:57.0971 5108 RDPCDD - ok14:27:58.0002 5108 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys14:27:58.0080 5108 rdpdr - ok14:27:58.0158 5108 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys14:27:58.0190 5108 RDPWD - ok14:27:58.0205 5108 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys14:27:58.0252 5108 redbook - ok14:27:58.0299 5108 RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\WINDOWS\system32\Drivers\RimUsb.sys14:27:58.0408 5108 RimUsb - ok14:27:58.0440 5108 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys14:27:58.0502 5108 RimVSerPort - ok14:27:58.0518 5108 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys14:27:58.0565 5108 ROOTMODEM - ok14:27:58.0627 5108 RTLE8023xp (bc34024636b0b47f6bbf96da525e307a) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys14:27:58.0674 5108 RTLE8023xp - ok14:27:58.0705 5108 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys14:27:58.0736 5108 SCDEmu ( UnsignedFile.Multi.Generic ) - warning14:27:58.0736 5108 SCDEmu - detected UnsignedFile.Multi.Generic (1)14:27:58.0783 5108 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys14:27:58.0815 5108 Secdrv - ok14:27:58.0846 5108 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys14:27:58.0893 5108 serenum - ok14:27:58.0908 5108 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys14:27:59.0002 5108 Serial - ok14:27:59.0018 5108 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys14:27:59.0065 5108 Sfloppy - ok14:27:59.0096 5108 Simbad - ok14:27:59.0127 5108 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys14:27:59.0174 5108 sisagp - ok14:27:59.0190 5108 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys14:27:59.0252 5108 SLIP - ok14:27:59.0315 5108 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys14:27:59.0361 5108 Sparrow - ok14:27:59.0393 5108 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys14:27:59.0440 5108 splitter - ok14:27:59.0502 5108 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\WINDOWS\System32\Drivers\sptd.sys14:27:59.0502 5108 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c914:27:59.0502 5108 sptd ( LockedFile.Multi.Generic ) - warning14:27:59.0502 5108 sptd - detected LockedFile.Multi.Generic (1)14:27:59.0518 5108 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys14:27:59.0565 5108 sr - ok14:27:59.0611 5108 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys14:27:59.0658 5108 Srv - ok14:27:59.0690 5108 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys14:27:59.0752 5108 streamip - ok14:27:59.0768 5108 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys14:27:59.0815 5108 swenum - ok14:27:59.0830 5108 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys14:27:59.0893 5108 swmidi - ok14:27:59.0924 5108 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys14:27:59.0971 5108 symc810 - ok14:27:59.0986 5108 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys14:28:00.0033 5108 symc8xx - ok14:28:00.0049 5108 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys14:28:00.0096 5108 sym_hi - ok14:28:00.0096 5108 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys14:28:00.0158 5108 sym_u3 - ok14:28:00.0190 5108 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys14:28:00.0236 5108 sysaudio - ok14:28:00.0283 5108 tap0901t (b7aee68d2e867cbf69b649b18fcedbbb) C:\WINDOWS\system32\DRIVERS\tap0901t.sys14:28:00.0408 5108 tap0901t ( UnsignedFile.Multi.Generic ) - warning14:28:00.0408 5108 tap0901t - detected UnsignedFile.Multi.Generic (1)14:28:00.0455 5108 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys14:28:00.0502 5108 Tcpip - ok14:28:00.0549 5108 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys14:28:00.0596 5108 TDPIPE - ok14:28:00.0627 5108 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys14:28:00.0674 5108 TDTCP - ok14:28:00.0705 5108 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys14:28:00.0752 5108 TermDD - ok14:28:00.0768 5108 TfFsMon - ok14:28:00.0768 5108 TfNetMon - ok14:28:00.0783 5108 TFSysMon - ok14:28:00.0815 5108 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys14:28:00.0861 5108 TosIde - ok14:28:00.0908 5108 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys14:28:00.0940 5108 TrueSight ( UnsignedFile.Multi.Generic ) - warning14:28:00.0940 5108 TrueSight - detected UnsignedFile.Multi.Generic (1)14:28:00.0955 5108 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys14:28:01.0033 5108 Udfs - ok14:28:01.0049 5108 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys14:28:01.0080 5108 ultra - ok14:28:01.0127 5108 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys14:28:01.0174 5108 Update - ok14:28:01.0221 5108 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys14:28:01.0283 5108 usbaudio - ok14:28:01.0315 5108 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys14:28:01.0393 5108 usbccgp - ok14:28:01.0424 5108 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys14:28:01.0471 5108 usbehci - ok14:28:01.0486 5108 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys14:28:01.0533 5108 usbhub - ok14:28:01.0580 5108 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys14:28:01.0627 5108 usbprint - ok14:28:01.0643 5108 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS14:28:01.0705 5108 USBSTOR - ok14:28:01.0736 5108 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys14:28:01.0783 5108 usbuhci - ok14:28:01.0799 5108 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys14:28:01.0877 5108 usbvideo - ok14:28:01.0908 5108 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys14:28:01.0955 5108 VgaSave - ok14:28:01.0971 5108 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys14:28:02.0033 5108 viaagp - ok14:28:02.0049 5108 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys14:28:02.0096 5108 ViaIde - ok14:28:02.0111 5108 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys14:28:02.0158 5108 VolSnap - ok14:28:02.0205 5108 Vsdatant (558cee3d9c470651f1843d51b42d761b) C:\WINDOWS\system32\vsdatant.sys14:28:02.0299 5108 Vsdatant - ok14:28:02.0330 5108 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys14:28:02.0393 5108 Wanarp - ok14:28:02.0408 5108 wanatw - ok14:28:02.0455 5108 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys14:28:02.0471 5108 Wdf01000 - ok14:28:02.0502 5108 WDICA - ok14:28:02.0518 5108 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys14:28:02.0565 5108 wdmaud - ok14:28:02.0611 5108 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\WINDOWS\system32\DRIVERS\wimfltr.sys14:28:02.0627 5108 WimFltr - ok14:28:02.0658 5108 WmBEnum (5d410936831f7fb58eff941eac3f6d3d) C:\WINDOWS\system32\drivers\WmBEnum.sys14:28:02.0674 5108 WmBEnum - ok14:28:02.0690 5108 WmFilter (7a13cfde92956ca61a0927d766c5ad4f) C:\WINDOWS\system32\drivers\WmFilter.sys14:28:02.0690 5108 WmFilter - ok14:28:02.0721 5108 WmVirHid (6f04646bc690f8bbfc344be32a60796d) C:\WINDOWS\system32\drivers\WmVirHid.sys14:28:02.0736 5108 WmVirHid - ok14:28:02.0736 5108 WmXlCore (1d6ca43d562333f4dfb40bcef2453f3a) C:\WINDOWS\system32\drivers\WmXlCore.sys14:28:02.0752 5108 WmXlCore - ok14:28:02.0783 5108 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys14:28:02.0861 5108 WS2IFSL - ok14:28:02.0877 5108 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS14:28:02.0940 5108 WSTCODEC - ok14:28:02.0971 5108 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys14:28:03.0018 5108 WudfPf - ok14:28:03.0049 5108 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys14:28:03.0065 5108 WudfRd - ok14:28:03.0096 5108 MBR (0x1B8) (a9bc6085158a2785b9eb6a494a4b11f1) \Device\Harddisk0\DR014:28:03.0315 5108 \Device\Harddisk0\DR0 - ok14:28:03.0315 5108 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR114:28:03.0393 5108 \Device\Harddisk1\DR1 - ok14:28:03.0393 5108 Boot (0x1200) (c7304e6f33de0547577dcb0377564904) \Device\Harddisk0\DR0\Partition014:28:03.0393 5108 \Device\Harddisk0\DR0\Partition0 - ok14:28:03.0393 5108 Boot (0x1200) (8e90b61dcaca3423e3887f95e74a8f52) \Device\Harddisk1\DR1\Partition014:28:03.0393 5108 \Device\Harddisk1\DR1\Partition0 - ok14:28:03.0393 5108 ============================================================14:28:03.0393 5108 Scan finished14:28:03.0393 5108 ============================================================14:28:03.0502 0416 Detected object count: 814:28:03.0502 0416 Actual detected object count: 814:29:19.0033 0416 ADASPROT ( UnsignedFile.Multi.Generic ) - skipped by user14:29:19.0033 0416 ADASPROT ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:29:19.0033 0416 DwProt ( ForgedFile.Multi.Generic ) - skipped by user14:29:19.0033 0416 DwProt ( ForgedFile.Multi.Generic ) - User select action: Skip 14:29:19.0033 0416 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user14:29:19.0033 0416 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:29:19.0049 0416 NTIOLib_1_0_4 ( UnsignedFile.Multi.Generic ) - skipped by user14:29:19.0049 0416 NTIOLib_1_0_4 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:29:19.0049 0416 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user14:29:19.0049 0416 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:29:19.0049 0416 sptd ( LockedFile.Multi.Generic ) - skipped by user14:29:19.0049 0416 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 14:29:19.0049 0416 tap0901t ( UnsignedFile.Multi.Generic ) - skipped by user14:29:19.0049 0416 tap0901t ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:29:19.0049 0416 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user14:29:19.0049 0416 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip Link to post Share on other sites More sharing options...
MrCharlie Posted January 3, 2012 ID:512680 Share Posted January 3, 2012 Find this file and upload it to VirusTotal for a free scan, let me know the results (copy the url)C:\WINDOWS\system32\drivers\dwprot.syshttp://www.virustotal.com/You may have to enable hidden files to see it:http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/#winxpMrC Link to post Share on other sites More sharing options...
MarkThaHeat Posted January 3, 2012 Author ID:512762 Share Posted January 3, 2012 http://www.virustotal.com/file-scan/reanalysis.html?id=8e539c0dfc63104393a9cfffe97b736304d7bcd3844af9d137d7308d47ede328-1325562701also I ran MBRCheck this is the log that came up , it said something about non standard or infected MBR :MBRCheck, version 1.2.3© 2010, ADCommand-line: Windows Version: Windows XP ProfessionalWindows Information: Service Pack 3 (build 2600)Logical Drives Mask: 0x0000003cKernel Drivers (total 188): 0x804D7000 \WINDOWS\system32\ntkrnlpa.exe 0x806E5000 \WINDOWS\system32\hal.dll 0xB85A8000 \WINDOWS\system32\KDCOM.DLL 0xB84B8000 \WINDOWS\system32\BOOTVID.dll 0xB7E91000 sptd.sys 0xB7E63000 ACPI.sys 0xB85AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS 0xB7E52000 pci.sys 0xB80A8000 isapnp.sys 0xB8670000 pciide.sys 0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS 0xB85AC000 aliide.sys 0xB85AE000 cmdide.sys 0xB85B0000 toside.sys 0xB85B2000 viaide.sys 0xB85B4000 intelide.sys 0xB80B8000 MountMgr.sys 0xB7E33000 ftdisk.sys 0xB85B6000 dmload.sys 0xB7E0D000 dmio.sys 0xB8330000 PartMgr.sys 0xB80C8000 VolSnap.sys 0xB84BC000 cpqarray.sys 0xB7DF5000 \WINDOWS\system32\DRIVERS\SCSIPORT.SYS 0xB7DDD000 atapi.sys 0xB84C0000 aha154x.sys 0xB8338000 sparrow.sys 0xB84C4000 symc810.sys 0xB80D8000 aic78xx.sys 0xB84C8000 dac960nt.sys 0xB80E8000 ql10wnt.sys 0xB84CC000 amsint.sys 0xB8340000 asc.sys 0xB84D0000 asc3550.sys 0xB8348000 mraid35x.sys 0xB8350000 i2omp.sys 0xB84D4000 ini910u.sys 0xB80F8000 ql1240.sys 0xB8108000 aic78u2.sys 0xB8358000 symc8xx.sys 0xB8360000 sym_hi.sys 0xB8368000 sym_u3.sys 0xB8370000 ABP480N5.SYS 0xB8378000 asc3350p.sys 0xB85B8000 cd20xrnt.sys 0xB8118000 ultra.sys 0xB7DC4000 adpu160m.sys 0xB8380000 dpti2o.sys 0xB8128000 ql1080.sys 0xB8138000 ql1280.sys 0xB8148000 ql12160.sys 0xB8388000 perc2.sys 0xB85BA000 perc2hib.sys 0xB8390000 hpn.sys 0xB84D8000 cbidf2k.sys 0xB7D98000 dac2w2k.sys 0xB8158000 disk.sys 0xB8168000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS 0xB7D78000 fltmgr.sys 0xB7D66000 sr.sys 0xB8178000 PxHelp20.sys 0xB7D4F000 KSecDD.sys 0xB7CC2000 Ntfs.sys 0xB7C95000 NDIS.sys 0xB8188000 sisagp.sys 0xB8198000 viaagp.sys 0xB7C7B000 Mup.sys 0xB8398000 avgrkx86.sys 0xB84DC000 AVGIDSEH.Sys 0xB81A8000 agp440.sys 0xB81B8000 alim1541.sys 0xB81C8000 amdagp.sys 0xB81D8000 agpCPQ.sys 0xB64B0000 \SystemRoot\system32\DRIVERS\nv4_mini.sys 0xB649C000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS 0xB84B0000 \SystemRoot\system32\DRIVERS\usbehci.sys 0xB6433000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0xB640B000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0xB63E8000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys 0xB85DA000 \SystemRoot\system32\DRIVERS\USBD.SYS 0xB63A6000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys 0xB82F8000 \SystemRoot\system32\DRIVERS\serial.sys 0xB7C13000 \SystemRoot\system32\DRIVERS\serenum.sys 0xB6392000 \SystemRoot\system32\DRIVERS\parport.sys 0xB8308000 \SystemRoot\system32\DRIVERS\intelppm.sys 0xB871E000 \SystemRoot\system32\DRIVERS\audstub.sys 0xB8318000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0xB7C0F000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0xB637B000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0xB7BAB000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0xB7B9B000 \SystemRoot\system32\DRIVERS\raspptp.sys 0xB83B8000 \SystemRoot\system32\DRIVERS\TDI.SYS 0xB636A000 \SystemRoot\system32\DRIVERS\psched.sys 0xB7B8B000 \SystemRoot\system32\DRIVERS\msgpc.sys 0xB83F8000 \SystemRoot\system32\DRIVERS\ptilink.sys 0xB8400000 \SystemRoot\system32\DRIVERS\raspti.sys 0xB7B7B000 \SystemRoot\system32\DRIVERS\tap0901t.sys 0xB633A000 \SystemRoot\system32\DRIVERS\rdpdr.sys 0xB7B6B000 \SystemRoot\system32\DRIVERS\termdd.sys 0xB8408000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0xB8410000 \SystemRoot\system32\DRIVERS\mouclass.sys 0xB85DC000 \SystemRoot\system32\DRIVERS\swenum.sys 0xB62EF000 \SystemRoot\system32\DRIVERS\ks.sys 0xB6291000 \SystemRoot\system32\DRIVERS\update.sys 0xB7BEF000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0xB6252000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys 0xB7BE7000 \SystemRoot\system32\drivers\WmBEnum.sys 0xB7B5B000 \SystemRoot\system32\drivers\WmXlCore.sys 0xB7B3B000 \SystemRoot\System32\Drivers\NDProxy.SYS 0xB7B2B000 \SystemRoot\system32\DRIVERS\cdrom.sys 0xB7B1B000 \SystemRoot\system32\DRIVERS\redbook.sys 0xB81E8000 \SystemRoot\system32\DRIVERS\usbhub.sys 0xB18F4000 \SystemRoot\system32\drivers\RtkHDAud.sys 0xB18D0000 \SystemRoot\system32\drivers\portcls.sys 0xB81F8000 \SystemRoot\system32\drivers\drmk.sys 0xB8208000 \SystemRoot\system32\DRIVERS\nusb3hub.sys 0xB6312000 \SystemRoot\System32\Drivers\i2omgmt.SYS 0xB8218000 \SystemRoot\system32\DRIVERS\avgmfx86.sys 0xB85EE000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0xB86AF000 \SystemRoot\System32\Drivers\Null.SYS 0xB85F0000 \SystemRoot\System32\Drivers\Beep.SYS 0xB8430000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0xB8438000 \SystemRoot\System32\drivers\vga.sys 0xB85F2000 \SystemRoot\System32\Drivers\mnmdd.SYS 0xB85F4000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0xB8440000 \SystemRoot\System32\Drivers\Msfs.SYS 0xB712B000 \SystemRoot\System32\Drivers\Npfs.SYS 0xB200D000 \SystemRoot\system32\DRIVERS\rasacd.sys 0xB1825000 \SystemRoot\system32\DRIVERS\ipsec.sys 0xB17CC000 \SystemRoot\system32\DRIVERS\tcpip.sys 0xB1785000 \SystemRoot\system32\DRIVERS\avgtdix.sys 0xB175F000 \SystemRoot\system32\DRIVERS\ipnat.sys 0xB8238000 \SystemRoot\system32\DRIVERS\wanarp.sys 0xB1737000 \SystemRoot\system32\DRIVERS\netbt.sys 0xB16B8000 \SystemRoot\System32\vsdatant.sys 0xB1696000 \SystemRoot\System32\drivers\afd.sys 0xB8248000 \SystemRoot\system32\DRIVERS\netbios.sys 0xB8268000 \SystemRoot\System32\Drivers\SCDEmu.SYS 0xB161B000 \SystemRoot\system32\DRIVERS\rdbss.sys 0xB1583000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xB8288000 \SystemRoot\System32\Drivers\Fips.SYS 0xB1547000 \SystemRoot\system32\DRIVERS\avgldx86.sys 0xB7123000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0xB8298000 \SystemRoot\system32\DRIVERS\dc3d.sys 0xB82A8000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS 0xB1436000 \SystemRoot\system32\DRIVERS\Wdf01000.sys 0xB1418000 \SystemRoot\System32\Drivers\usbvideo.sys 0xB82B8000 \SystemRoot\system32\drivers\usbaudio.sys 0xB1838000 \SystemRoot\system32\DRIVERS\hidusb.sys 0xB82C8000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0xB1FED000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0xB18CC000 \SystemRoot\system32\DRIVERS\NuidFltr.sys 0xB1692000 \SystemRoot\system32\DRIVERS\mouhid.sys 0xB711B000 \SystemRoot\system32\drivers\WmFilter.sys 0xB1FCD000 \SystemRoot\System32\Drivers\Cdfs.SYS 0xB1360000 \SystemRoot\System32\Drivers\dump_atapi.sys 0xB85D8000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS 0xBF800000 \SystemRoot\System32\win32k.sys 0xB13EC000 \SystemRoot\System32\drivers\Dxapi.sys 0xB70F3000 \SystemRoot\System32\watchdog.sys 0xBD000000 \SystemRoot\System32\drivers\dxg.sys 0xB8728000 \SystemRoot\System32\drivers\dxgthk.sys 0xBD012000 \SystemRoot\System32\nv4_disp.dll 0xBD41A000 \SystemRoot\System32\ATMFD.DLL 0xB06AE000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0xB8428000 \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys 0xB0255000 \SystemRoot\system32\drivers\wdmaud.sys 0xB1517000 \SystemRoot\system32\drivers\sysaudio.sys 0xB0020000 \SystemRoot\system32\DRIVERS\mrxdav.sys 0xB8668000 \SystemRoot\System32\Drivers\ParVdm.SYS 0xB8448000 \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys 0xAFDFF000 \SystemRoot\System32\Drivers\HTTP.sys 0xAFB9F000 \SystemRoot\system32\DRIVERS\srv.sys 0xAFEE8000 \SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys 0xAF7BF000 \SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys 0xAF71B000 \SystemRoot\system32\drivers\WmVirHid.sys 0xAF1E3000 \SystemRoot\System32\Drivers\Udfs.SYS 0xAF1A3000 \SystemRoot\system32\drivers\bdfsfltr.sys 0xAF274000 \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys 0xAF073000 \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys 0xAEFC8000 \SystemRoot\system32\drivers\bdfm.sys 0xAFDAF000 \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys 0xB1652000 \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys 0xAEC23000 \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys 0x8AC63000 \SystemRoot\System32\Drivers\caf248bd.sys 0x8AC52000 \SystemRoot\System32\Drivers\10067b0f.sys 0x8AD5A000 \SystemRoot\system32\drivers\kmixer.sys 0x7C900000 \WINDOWS\system32\ntdll.dllProcesses (total 58): 0 System Idle Process 4 System 1060 C:\WINDOWS\system32\smss.exe 1124 C:\PROGRA~1\AVG\AVG10\avgchsvx.exe 1288 csrss.exe 1320 C:\WINDOWS\system32\winlogon.exe 1364 C:\WINDOWS\system32\services.exe 1376 C:\WINDOWS\system32\lsass.exe 1548 C:\WINDOWS\system32\svchost.exe 1632 svchost.exe 1908 C:\WINDOWS\system32\svchost.exe 2032 svchost.exe 348 svchost.exe 644 C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe 1572 C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe 1748 C:\WINDOWS\system32\spoolsv.exe 620 C:\WINDOWS\explorer.exe 1160 svchost.exe 200 C:\Program Files\CheckPoint\ZAForceField\ForceField.exe 1940 C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe 2008 C:\Program Files\AVG\AVG10\avgwdsvc.exe 2328 C:\WINDOWS\ehome\ehrecvr.exe 2360 C:\WINDOWS\ehome\ehSched.exe 2724 C:\Program Files\Java\jre6\bin\jqs.exe 3076 C:\Program Files\Blaze Media Pro\NMSAccess32.exe 3100 C:\WINDOWS\system32\nvsvc32.exe 3232 daemonu.exe 3328 svchost.exe 3356 C:\Program Files\AVG\AVG10\avgnsx.exe 3364 C:\WINDOWS\system32\svchost.exe 3404 C:\Program Files\AVG\AVG10\avgemcx.exe 3556 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe 3704 mcrdsvc.exe 2424 C:\WINDOWS\ehome\ehtray.exe 2684 C:\WINDOWS\ehome\ehmsas.exe 2708 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe 2720 C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe 3008 C:\Program Files\AVG\AVG10\avgtray.exe 3068 C:\Program Files\Microsoft IntelliType Pro\itype.exe 1848 C:\Program Files\Logitech\Gaming Software\LWEMon.exe 3832 C:\Program Files\Common Files\Java\Java Update\jusched.exe 4008 C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe 1988 C:\Program Files\AVG Secure Search\vprot.exe 712 C:\WINDOWS\system32\rundll32.exe 1092 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe 1032 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2120 C:\Program Files\PeerGuardian2\pg2.exe 2872 C:\Program Files\DAEMON Tools Lite\DTLite.exe 3808 C:\WINDOWS\system32\dllhost.exe 4188 C:\WINDOWS\system32\ctfmon.exe 5300 alg.exe 4020 C:\PROGRA~1\AVG\AVG10\avgrsx.exe 3140 C:\Program Files\AVG\AVG10\avgcsrvx.exe 6080 C:\WINDOWS\system32\svchost.exe 2416 C:\Program Files\Java\jre6\bin\javaw.exe 4012 C:\Program Files\mmm\mmm.exe 3944 C:\Program Files\Mozilla Firefox\firefox.exe 5636 D:\MBRCheck.exe\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)\\.\D: --> \\.\PhysicalDrive1 at offset 0x00000000`007e0000 (NTFS)PhysicalDrive0 Model Number: WDCWD2500JD-00HBC0, Rev: 08.02D08PhysicalDrive1 Model Number: ST380815AS, Rev: 4.ADA Size Device Name MBR Status -------------------------------------------- 232 GB \\.\PhysicalDrive0 Unknown MBR code SHA1: 304A9F057B00D1A4CC32B9CE350DCE5B41B70AA7 74 GB \\.\PhysicalDrive1 Unknown MBR code SHA1: 639AC5CDF8A5CF3245975932C6A4215450A7B98FFound non-standard or infected MBR.Enter 'Y' and hit ENTER for more options, or 'N' to exit: Link to post Share on other sites More sharing options...
MarkThaHeat Posted January 3, 2012 Author ID:512770 Share Posted January 3, 2012 This is the new Virustotalscan with up to date material , still no detections :http://www.virustotal.com/file-scan/report.html?id=8e539c0dfc63104393a9cfffe97b736304d7bcd3844af9d137d7308d47ede328-1325562701# Link to post Share on other sites More sharing options...
MrCharlie Posted January 3, 2012 ID:512857 Share Posted January 3, 2012 That doesn't mean it's bad, TDSSKiller or ComboFix would have shown something.MrC Link to post Share on other sites More sharing options...
MarkThaHeat Posted January 3, 2012 Author ID:513001 Share Posted January 3, 2012 So.... Now What Link to post Share on other sites More sharing options...
MrCharlie Posted January 3, 2012 ID:513030 Share Posted January 3, 2012 My job is to make sure your computer is free of malware, LDTate and I agree that you're free of malware.I suggest you take a look at all the programs you're running, system ram etc.There's plenty of tutorials on the web for this.MrC Link to post Share on other sites More sharing options...
MarkThaHeat Posted January 4, 2012 Author ID:513154 Share Posted January 4, 2012 Well you were wrong ... I just ran another scan and an infection appeared ... all seems to be running fine now Link to post Share on other sites More sharing options...
MrCharlie Posted January 4, 2012 ID:513312 Share Posted January 4, 2012 I'm glad you got it fixed, MrC Link to post Share on other sites More sharing options...
LDTate Posted January 6, 2012 ID:514307 Share Posted January 6, 2012 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts