Jump to content

Recommended Posts

I have observed google links being redirected through VIPSearchs, although at this moment, things seem to be working just fine, but I have not done anything which I believe fixed the problem, other than running Malwarebytes full scan which claims to have found nothing, so I suspect the problem is not gone, but is dormant at this moment?

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.08.06

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Bob :: HOLMES [administrator]

4/9/2012 12:46:34 AM

mbam-log-2012-04-09 (00-46-34).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 328933

Time elapsed: 1 hour(s), 27 minute(s), 55 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Here is DDS.txt

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Bob at 4:24:02 on 2012-04-09

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2045.1320 [GMT -5:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\system32\agrsmsvc.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Program Files\AVG\AVG2012\avgemcx.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Nero\Update\NASvc.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Ask.com\Updater\Updater.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\WINDOWS\notepad.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

mURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet

mRun: [VMM Mode Selection] c:\program files\htc\modeselection\VMMModeSelection.exe

mRun: [ToolboxFX] "c:\program files\hp\toolboxfx\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [nwiz] nwiz.exe /install

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"

mRun: [Alcmtr] ALCMTR.EXE

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

dRun: [dplaysvr] %APPDATA%\dplaysvr.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

Trusted Zone: garmin.com

Trusted Zone: intuit.com\ttlc

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 97.64.183.164 97.64.209.37

TCP: Interfaces\{F25A5C49-D49B-42B7-B755-E65C1D2D3122} : DhcpNameServer = 97.64.183.164 97.64.209.37

TCP: Interfaces\{FB3E525E-4506-41A6-B498-A8458E23DAD8} : DhcpNameServer = 97.64.183.164 97.64.209.37

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 230608]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 295248]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]

R2 HP LaserJet Service;HP LaserJet Service;c:\program files\hp\hplaserjetservice\HPLaserJetService.exe [2010-10-25 145920]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672]

R2 NAUpdate;@c:\program files\nero\update\nasvc.exe,-200;c:\program files\nero\update\NASvc.exe [2010-5-4 503080]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-3 134608]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-3 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-3 16720]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-4-9 40776]

R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2010-11-23 288000]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 MLPTDR_B;MLPTDR_B;c:\windows\system32\MLPTDR_B.SYS [2003-4-22 19904]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\flashplayerupdateservice.exe --> c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-04-09 05:45:33 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-04-09 03:47:29 -------- d-----w- c:\documents and settings\bob\local settings\application data\Threat Expert

2012-04-09 02:17:03 -------- d-----w- c:\program files\PC Tools

2012-04-09 02:10:24 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2012-04-09 02:10:24 -------- d-----w- c:\program files\common files\PC Tools

2012-04-09 02:09:34 -------- d-----w- c:\documents and settings\bob\application data\TestApp

2012-04-09 02:09:34 -------- d-----w- c:\documents and settings\all users\application data\PC Tools

2012-04-09 01:04:34 -------- d-----w- c:\windows\pss

2012-04-09 00:11:03 -------- d-----w- C:\TRK-INFECTED

2012-04-08 22:05:07 -------- d-----w- c:\documents and settings\bob\application data\Malwarebytes

2012-04-08 22:04:59 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-04-08 22:04:57 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-08 22:04:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-04-08 21:49:15 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-05 15:01:25 -------- d--h--w- C:\$AVG

2012-04-03 06:51:09 -------- d-----w- c:\documents and settings\bob\local settings\application data\Easy CD-DA Extractor

2012-04-03 06:50:50 -------- d-----w- c:\documents and settings\all users\application data\Easy CD-DA Extractor

2012-04-03 06:50:43 -------- d-----w- c:\program files\Easy CD-DA Extractor 16

2012-04-03 06:38:16 -------- d-----w- c:\documents and settings\all users\application data\AVS4YOU

2012-04-03 06:38:13 -------- d-----w- c:\documents and settings\bob\application data\AVS4YOU

2012-04-03 06:37:03 11139944 ----a-w- c:\windows\system32\libmfxsw32.dll

2012-04-03 06:36:56 1700352 ----a-w- c:\windows\system32\GdiPlus.dll

2012-04-03 06:36:55 24576 ----a-w- c:\windows\system32\msxml3a.dll

2012-04-03 06:36:54 -------- d-----w- c:\program files\AVS4YOU

2012-04-03 06:36:37 -------- d-----w- c:\program files\common files\AVSMedia

.

==================== Find3M ====================

.

2012-02-23 02:23:30 414368 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll

.

============= FINISH: 4:24:41.60 ===============

Here is attach.txt:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 11/17/2010 2:33:36 AM

System Uptime: 4/9/2012 12:22:09 AM (4 hours ago)

.

Motherboard: clevo | | M7X0SUN

Processor: Intel Pentium III Xeon processor | uPGA 479M | 1999/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 233 GiB total, 191.126 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: Base System Device

Device ID: PCI\VEN_197B&DEV_2382&SUBSYS_08021558&REV_20\4&2E819789&0&0038

Manufacturer:

Name: Base System Device

PNP Device ID: PCI\VEN_197B&DEV_2382&SUBSYS_08021558&REV_20\4&2E819789&0&0038

Service:

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: Base System Device

Device ID: PCI\VEN_197B&DEV_2383&SUBSYS_08021558&REV_20\4&2E819789&0&0338

Manufacturer:

Name: Base System Device

PNP Device ID: PCI\VEN_197B&DEV_2383&SUBSYS_08021558&REV_20\4&2E819789&0&0338

Service:

.

==== System Restore Points ===================

.

RP1: 4/8/2012 8:24:31 PM - System Checkpoint

.

==== Installed Programs ======================

.

.

32 Bit HP CIO Components Installer

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.2)

Agere Systems HDA Modem

Amazon MP3 Downloader 1.0.12

Android SDK Tools

AnswerWorks 5.0 English Runtime

Apple Application Support

Apple Software Update

Ask Toolbar

AVG 2012

Borland C++Builder 6

Crown Print Monitor+

Easy CD-DA Extractor 16

Garmin City Navigator North America NT 2011.40 Update

Garmin USB Drivers

Garmin WebUpdater

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB981793)

HP LaserJet Professional CP1520 Series

HP Update

HPLaserJetHelp_LearnCenter

HPLJUT

hppCP1520LaserJetService

hppLaserJetService

hppTLBXFXCP1520

hpzTLBXFX

IsoBuster 2.8.5

Java Auto Updater

Java 6 Update 27

Java 7 Update 1

Java SE Development Kit 7

magicolor 2300 DL

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office Standard Edition 2003

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server Management Studio Express

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MINOLTA-QMS magicolor 2300 DL Printer Driver Software

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser

Nero BurnLite 10

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero Update

NVIDIA Drivers

Quicken 2009

QuickTime

Realtek High Definition Audio Driver

REALTEK RTL8187B Wireless LAN Driver

Rhapsody

Sansa Updater

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

TurboTax 2010

TurboTax 2010 wiaiper

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wmoiper

TurboTax 2010 wrapper

TurboTax 2011

TurboTax 2011 wiaiper

TurboTax 2011 WinPerFedFormset

TurboTax 2011 WinPerReleaseEngine

TurboTax 2011 WinPerTaxSupport

TurboTax 2011 wrapper

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Widevine Media Transformer Plugin 4.5.0

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

WinZip Self-Extractor

WModem Driver Installer

Yahoo! Detect

Yahoo! Messenger

.

==== Event Viewer Messages From Past Week ========

.

4/8/2012 9:22:37 PM, error: PCTCore [280] -

4/8/2012 9:17:05 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

4/8/2012 8:05:19 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

4/8/2012 7:46:53 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 Fips intelppm

4/8/2012 7:45:53 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

4/8/2012 4:16:48 PM, error: Service Control Manager [7034] - The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).

4/8/2012 4:16:43 PM, error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).

4/8/2012 4:16:32 PM, error: Service Control Manager [7034] - The HP LaserJet Service service terminated unexpectedly. It has done this 1 time(s).

4/8/2012 2:12:10 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer DOYLE that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F25A5C49-D49B-42B7-B75. The master browser is stopping or an election is being forced.

4/8/2012 10:15:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: General access denied error

4/7/2012 9:33:00 PM, error: Schedule [7901] - The At3.job command failed to start due to the following error: General access denied error

4/7/2012 8:45:00 PM, error: Schedule [7901] - The At2.job command failed to start due to the following error: General access denied error

4/7/2012 2:30:02 PM, error: Schedule [7901] - The At4.job command failed to start due to the following error: General access denied error

4/6/2012 1:37:12 AM, error: BROWSER [8007] - The browser was unable to update the service status bits. The data is the error.

4/5/2012 2:31:33 AM, error: Service Control Manager [7002] - The MLPTDR_B service depends on the Parallel arbitrator group and no member of this group started.

4/3/2012 7:42:12 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0025D38DB2AA. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

4/3/2012 2:09:39 AM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.

.

==== End Of File ===========================

Link to post
Share on other sites

Hello rhwillia and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Please uninstall Ask Toolbar, because is bundled with many third party applications - also see this note.

Step 2

I saw that you have already run TDSSKiller, but now manually delete your TDSSKiller copy, then download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • TDSSKiller log
  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log file

Link to post
Share on other sites

Here are the attached log files. I have not seen any evidence of the problem since my first post. The only thing that I remember doing around that time was to uninstall pctools SpyDoctor, which I did not expect to fix anything, since I had only installed it to attempt to deal with the redirection problem, but perhaps that did fix something?

Here are the new log files:

13:20:24.0859 2192 TDSS rootkit removing tool 2.7.27.0 Apr 9 2012 09:53:37

13:20:25.0359 2192 ============================================================

13:20:25.0359 2192 Current date / time: 2012/04/09 13:20:25.0359

13:20:25.0359 2192 SystemInfo:

13:20:25.0359 2192

13:20:25.0359 2192 OS Version: 5.1.2600 ServicePack: 3.0

13:20:25.0359 2192 Product type: Workstation

13:20:25.0359 2192 ComputerName: HOLMES

13:20:25.0359 2192 UserName: Bob

13:20:25.0359 2192 Windows directory: C:\WINDOWS

13:20:25.0359 2192 System windows directory: C:\WINDOWS

13:20:25.0359 2192 Processor architecture: Intel x86

13:20:25.0359 2192 Number of processors: 2

13:20:25.0359 2192 Page size: 0x1000

13:20:25.0359 2192 Boot type: Normal boot

13:20:25.0359 2192 ============================================================

13:20:27.0390 2192 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

13:20:27.0390 2192 \Device\Harddisk0\DR0:

13:20:27.0390 2192 MBR used

13:20:27.0390 2192 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681

13:20:27.0421 2192 Initialize success

13:20:27.0421 2192 ============================================================

13:21:09.0187 2792 ============================================================

13:21:09.0187 2792 Scan started

13:21:09.0187 2792 Mode: Manual; SigCheck; TDLFS;

13:21:09.0187 2792 ============================================================

13:21:09.0515 2792 Abiosdsk - ok

13:21:09.0546 2792 abp480n5 - ok

13:21:09.0625 2792 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

13:21:10.0593 2792 ACPI - ok

13:21:10.0750 2792 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

13:21:10.0906 2792 ACPIEC - ok

13:21:10.0953 2792 AdobeFlashPlayerUpdateSvc - ok

13:21:10.0968 2792 adpu160m - ok

13:21:11.0031 2792 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

13:21:11.0171 2792 aec - ok

13:21:11.0234 2792 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

13:21:11.0281 2792 AFD - ok

13:21:11.0312 2792 AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\WINDOWS\system32\agrsmsvc.exe

13:21:11.0359 2792 AgereModemAudio - ok

13:21:11.0421 2792 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\WINDOWS\system32\DRIVERS\AGRSM.sys

13:21:11.0500 2792 AgereSoftModem - ok

13:21:11.0515 2792 Aha154x - ok

13:21:11.0531 2792 aic78u2 - ok

13:21:11.0546 2792 aic78xx - ok

13:21:11.0593 2792 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

13:21:11.0734 2792 Alerter - ok

13:21:11.0765 2792 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

13:21:11.0843 2792 ALG - ok

13:21:11.0859 2792 AliIde - ok

13:21:11.0859 2792 amsint - ok

13:21:11.0906 2792 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

13:21:12.0000 2792 AppMgmt - ok

13:21:12.0015 2792 asc - ok

13:21:12.0015 2792 asc3350p - ok

13:21:12.0031 2792 asc3550 - ok

13:21:12.0171 2792 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

13:21:12.0203 2792 aspnet_state - ok

13:21:12.0296 2792 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

13:21:12.0437 2792 AsyncMac - ok

13:21:12.0453 2792 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

13:21:12.0593 2792 atapi - ok

13:21:12.0593 2792 Atdisk - ok

13:21:12.0625 2792 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

13:21:12.0765 2792 Atmarpc - ok

13:21:12.0812 2792 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

13:21:12.0937 2792 AudioSrv - ok

13:21:13.0000 2792 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

13:21:13.0125 2792 audstub - ok

13:21:13.0328 2792 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

13:21:13.0546 2792 AVGIDSAgent - ok

13:21:13.0609 2792 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

13:21:13.0656 2792 AVGIDSDriver - ok

13:21:13.0703 2792 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

13:21:13.0718 2792 AVGIDSEH - ok

13:21:13.0765 2792 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

13:21:13.0765 2792 AVGIDSFilter - ok

13:21:13.0828 2792 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

13:21:13.0828 2792 AVGIDSShim - ok

13:21:13.0875 2792 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

13:21:13.0906 2792 Avgldx86 - ok

13:21:13.0937 2792 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

13:21:13.0953 2792 Avgmfx86 - ok

13:21:13.0984 2792 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

13:21:14.0000 2792 Avgrkx86 - ok

13:21:14.0062 2792 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

13:21:14.0078 2792 Avgtdix - ok

13:21:14.0187 2792 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe

13:21:14.0203 2792 avgwd - ok

13:21:14.0265 2792 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

13:21:14.0437 2792 Beep - ok

13:21:14.0484 2792 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

13:21:14.0640 2792 BITS - ok

13:21:14.0687 2792 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

13:21:14.0859 2792 Browser - ok

13:21:14.0906 2792 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

13:21:15.0062 2792 cbidf2k - ok

13:21:15.0093 2792 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

13:21:15.0218 2792 CCDECODE - ok

13:21:15.0218 2792 cd20xrnt - ok

13:21:15.0234 2792 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

13:21:15.0406 2792 Cdaudio - ok

13:21:15.0421 2792 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

13:21:15.0546 2792 Cdfs - ok

13:21:15.0562 2792 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

13:21:15.0687 2792 Cdrom - ok

13:21:15.0687 2792 Changer - ok

13:21:15.0718 2792 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

13:21:15.0859 2792 CiSvc - ok

13:21:15.0875 2792 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

13:21:16.0000 2792 ClipSrv - ok

13:21:16.0062 2792 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:21:16.0062 2792 clr_optimization_v2.0.50727_32 - ok

13:21:16.0125 2792 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:21:16.0140 2792 clr_optimization_v4.0.30319_32 - ok

13:21:16.0156 2792 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

13:21:16.0281 2792 CmBatt - ok

13:21:16.0296 2792 CmdIde - ok

13:21:16.0328 2792 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

13:21:16.0453 2792 Compbatt - ok

13:21:16.0468 2792 COMSysApp - ok

13:21:16.0500 2792 Cpqarray - ok

13:21:16.0531 2792 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

13:21:16.0671 2792 CryptSvc - ok

13:21:16.0671 2792 dac2w2k - ok

13:21:16.0687 2792 dac960nt - ok

13:21:16.0750 2792 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

13:21:16.0828 2792 DcomLaunch - ok

13:21:16.0859 2792 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

13:21:17.0000 2792 Dhcp - ok

13:21:17.0015 2792 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

13:21:17.0140 2792 Disk - ok

13:21:17.0156 2792 dmadmin - ok

13:21:17.0203 2792 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

13:21:17.0375 2792 dmboot - ok

13:21:17.0421 2792 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

13:21:17.0546 2792 dmio - ok

13:21:17.0578 2792 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

13:21:17.0734 2792 dmload - ok

13:21:17.0796 2792 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

13:21:17.0921 2792 dmserver - ok

13:21:17.0953 2792 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

13:21:18.0093 2792 DMusic - ok

13:21:18.0140 2792 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

13:21:18.0171 2792 Dnscache - ok

13:21:18.0218 2792 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

13:21:18.0343 2792 Dot3svc - ok

13:21:18.0359 2792 dpti2o - ok

13:21:18.0390 2792 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

13:21:18.0515 2792 drmkaud - ok

13:21:18.0562 2792 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

13:21:18.0687 2792 EapHost - ok

13:21:18.0718 2792 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

13:21:18.0843 2792 ERSvc - ok

13:21:18.0906 2792 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

13:21:19.0000 2792 Eventlog - ok

13:21:19.0046 2792 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

13:21:19.0109 2792 EventSystem - ok

13:21:19.0125 2792 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

13:21:19.0265 2792 Fastfat - ok

13:21:19.0328 2792 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

13:21:19.0437 2792 FastUserSwitchingCompatibility - ok

13:21:19.0453 2792 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

13:21:19.0640 2792 Fdc - ok

13:21:19.0687 2792 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

13:21:19.0812 2792 Fips - ok

13:21:19.0843 2792 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

13:21:19.0968 2792 Flpydisk - ok

13:21:20.0031 2792 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

13:21:20.0156 2792 FltMgr - ok

13:21:20.0296 2792 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

13:21:20.0296 2792 FontCache3.0.0.0 - ok

13:21:20.0343 2792 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

13:21:20.0468 2792 Fs_Rec - ok

13:21:20.0500 2792 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

13:21:20.0671 2792 Ftdisk - ok

13:21:20.0734 2792 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

13:21:20.0859 2792 Gpc - ok

13:21:20.0859 2792 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

13:21:21.0000 2792 HDAudBus - ok

13:21:21.0046 2792 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

13:21:21.0187 2792 helpsvc - ok

13:21:21.0187 2792 HidServ - ok

13:21:21.0234 2792 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

13:21:21.0359 2792 hkmsvc - ok

13:21:21.0468 2792 HP LaserJet Service (d1e9cb573a9edf7be12e9c57f32e97f7) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe

13:21:21.0484 2792 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning

13:21:21.0484 2792 HP LaserJet Service - detected UnsignedFile.Multi.Generic (1)

13:21:21.0484 2792 hpn - ok

13:21:21.0546 2792 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

13:21:21.0578 2792 HTTP - ok

13:21:21.0625 2792 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

13:21:21.0781 2792 HTTPFilter - ok

13:21:21.0781 2792 i2omgmt - ok

13:21:21.0796 2792 i2omp - ok

13:21:21.0843 2792 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

13:21:21.0968 2792 i8042prt - ok

13:21:22.0156 2792 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

13:21:22.0218 2792 idsvc - ok

13:21:22.0250 2792 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

13:21:22.0390 2792 Imapi - ok

13:21:22.0453 2792 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

13:21:22.0578 2792 ImapiService - ok

13:21:22.0593 2792 ini910u - ok

13:21:22.0765 2792 IntcAzAudAddService (4aaa8312732655f93a254d1fa695eb79) C:\WINDOWS\system32\drivers\RtkHDAud.sys

13:21:23.0062 2792 IntcAzAudAddService - ok

13:21:23.0078 2792 IntelIde - ok

13:21:23.0140 2792 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

13:21:23.0281 2792 intelppm - ok

13:21:23.0390 2792 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

13:21:23.0406 2792 IntuitUpdateService - ok

13:21:23.0453 2792 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

13:21:23.0468 2792 IntuitUpdateServiceV4 - ok

13:21:23.0515 2792 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

13:21:23.0671 2792 Ip6Fw - ok

13:21:23.0734 2792 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

13:21:23.0890 2792 IpFilterDriver - ok

13:21:23.0937 2792 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

13:21:24.0125 2792 IpInIp - ok

13:21:24.0156 2792 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

13:21:24.0296 2792 IpNat - ok

13:21:24.0359 2792 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

13:21:24.0468 2792 IPSec - ok

13:21:24.0515 2792 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

13:21:24.0593 2792 IRENUM - ok

13:21:24.0609 2792 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

13:21:24.0750 2792 isapnp - ok

13:21:24.0812 2792 JavaQuickStarterService (92e16f5d034e7864da308ba6309a98b7) C:\Program Files\Java\jre7\bin\jqs.exe

13:21:24.0828 2792 JavaQuickStarterService - ok

13:21:24.0859 2792 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

13:21:24.0968 2792 Kbdclass - ok

13:21:24.0984 2792 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

13:21:25.0125 2792 kmixer - ok

13:21:25.0156 2792 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

13:21:25.0218 2792 KSecDD - ok

13:21:25.0265 2792 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

13:21:25.0296 2792 lanmanserver - ok

13:21:25.0359 2792 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

13:21:25.0375 2792 lanmanworkstation - ok

13:21:25.0390 2792 lbrtfdc - ok

13:21:25.0437 2792 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

13:21:25.0562 2792 LmHosts - ok

13:21:25.0578 2792 MCSTRM - ok

13:21:25.0625 2792 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

13:21:25.0781 2792 Messenger - ok

13:21:25.0812 2792 MLPTDR_B (a514e1cc9f469054abfd99ebaa174c30) C:\WINDOWS\system32\MLPTDR_B.sys

13:21:25.0843 2792 MLPTDR_B - ok

13:21:25.0890 2792 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

13:21:26.0000 2792 mnmdd - ok

13:21:26.0062 2792 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

13:21:26.0203 2792 mnmsrvc - ok

13:21:26.0218 2792 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

13:21:26.0343 2792 Modem - ok

13:21:26.0359 2792 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

13:21:26.0484 2792 Mouclass - ok

13:21:26.0515 2792 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

13:21:26.0640 2792 MountMgr - ok

13:21:26.0656 2792 mraid35x - ok

13:21:26.0703 2792 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

13:21:26.0828 2792 MRxDAV - ok

13:21:26.0890 2792 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

13:21:26.0953 2792 MRxSmb - ok

13:21:26.0968 2792 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

13:21:27.0078 2792 MSDTC - ok

13:21:27.0093 2792 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

13:21:27.0250 2792 Msfs - ok

13:21:27.0265 2792 MSIServer - ok

13:21:27.0296 2792 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

13:21:27.0421 2792 MSKSSRV - ok

13:21:27.0437 2792 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

13:21:27.0562 2792 MSPCLOCK - ok

13:21:27.0593 2792 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

13:21:27.0734 2792 MSPQM - ok

13:21:27.0781 2792 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

13:21:27.0906 2792 mssmbios - ok

13:21:27.0968 2792 MSSQL$SQLEXPRESS - ok

13:21:28.0000 2792 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe

13:21:28.0015 2792 MSSQLServerADHelper - ok

13:21:28.0046 2792 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

13:21:28.0187 2792 MSTEE - ok

13:21:28.0203 2792 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

13:21:28.0234 2792 Mup - ok

13:21:28.0265 2792 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

13:21:28.0406 2792 NABTSFEC - ok

13:21:28.0468 2792 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

13:21:28.0625 2792 napagent - ok

13:21:28.0703 2792 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe

13:21:28.0734 2792 NAUpdate - ok

13:21:28.0765 2792 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

13:21:28.0906 2792 NDIS - ok

13:21:28.0921 2792 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

13:21:29.0031 2792 NdisIP - ok

13:21:29.0078 2792 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

13:21:29.0109 2792 NdisTapi - ok

13:21:29.0125 2792 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

13:21:29.0265 2792 Ndisuio - ok

13:21:29.0281 2792 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

13:21:29.0406 2792 NdisWan - ok

13:21:29.0453 2792 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

13:21:29.0484 2792 NDProxy - ok

13:21:29.0546 2792 Net Driver HPZ12 (80b7a96f908da13617e7e6832c5c6a64) C:\WINDOWS\system32\HPZinw12.dll

13:21:29.0546 2792 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

13:21:29.0546 2792 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

13:21:29.0562 2792 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

13:21:29.0687 2792 NetBIOS - ok

13:21:29.0734 2792 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

13:21:29.0859 2792 NetBT - ok

13:21:29.0906 2792 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

13:21:30.0062 2792 NetDDE - ok

13:21:30.0078 2792 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

13:21:30.0203 2792 NetDDEdsdm - ok

13:21:30.0250 2792 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:21:30.0390 2792 Netlogon - ok

13:21:30.0453 2792 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

13:21:30.0578 2792 Netman - ok

13:21:30.0750 2792 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:21:30.0765 2792 NetTcpPortSharing - ok

13:21:30.0921 2792 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

13:21:31.0000 2792 Nla - ok

13:21:31.0062 2792 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

13:21:31.0234 2792 Npfs - ok

13:21:31.0265 2792 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

13:21:31.0406 2792 Ntfs - ok

13:21:31.0453 2792 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:21:31.0578 2792 NtLmSsp - ok

13:21:31.0640 2792 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

13:21:31.0781 2792 NtmsSvc - ok

13:21:31.0843 2792 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

13:21:31.0953 2792 Null - ok

13:21:32.0171 2792 nv (83c814ba5911f0ae8e79eeed235bc1fb) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

13:21:32.0468 2792 nv - ok

13:21:32.0515 2792 NVSvc (269f22e521238c8258a720820a997987) C:\WINDOWS\system32\nvsvc32.exe

13:21:32.0531 2792 NVSvc - ok

13:21:32.0578 2792 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

13:21:32.0734 2792 NwlnkFlt - ok

13:21:32.0750 2792 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

13:21:32.0875 2792 NwlnkFwd - ok

13:21:32.0937 2792 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:21:32.0937 2792 ose - ok

13:21:33.0000 2792 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

13:21:33.0125 2792 Parport - ok

13:21:33.0140 2792 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

13:21:33.0265 2792 PartMgr - ok

13:21:33.0296 2792 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

13:21:33.0453 2792 ParVdm - ok

13:21:33.0453 2792 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

13:21:33.0593 2792 PCI - ok

13:21:33.0609 2792 PCIDump - ok

13:21:33.0640 2792 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

13:21:33.0765 2792 PCIIde - ok

13:21:33.0812 2792 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

13:21:33.0937 2792 Pcmcia - ok

13:21:33.0953 2792 PDCOMP - ok

13:21:33.0953 2792 PDFRAME - ok

13:21:33.0968 2792 PDRELI - ok

13:21:33.0984 2792 PDRFRAME - ok

13:21:34.0000 2792 perc2 - ok

13:21:34.0015 2792 perc2hib - ok

13:21:34.0109 2792 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

13:21:34.0171 2792 PlugPlay - ok

13:21:34.0234 2792 Pml Driver HPZ12 (0c155c5d8942b3cbcf9506a9d376b9ad) C:\WINDOWS\system32\HPZipm12.dll

13:21:34.0234 2792 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

13:21:34.0234 2792 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

13:21:34.0296 2792 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:21:34.0406 2792 PolicyAgent - ok

13:21:34.0468 2792 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

13:21:34.0656 2792 PptpMiniport - ok

13:21:34.0703 2792 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:21:34.0812 2792 ProtectedStorage - ok

13:21:34.0828 2792 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

13:21:34.0953 2792 PSched - ok

13:21:34.0984 2792 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

13:21:35.0093 2792 Ptilink - ok

13:21:35.0109 2792 ql1080 - ok

13:21:35.0125 2792 Ql10wnt - ok

13:21:35.0140 2792 ql12160 - ok

13:21:35.0156 2792 ql1240 - ok

13:21:35.0156 2792 ql1280 - ok

13:21:35.0187 2792 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

13:21:35.0312 2792 RasAcd - ok

13:21:35.0359 2792 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

13:21:35.0468 2792 RasAuto - ok

13:21:35.0484 2792 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

13:21:35.0609 2792 Rasl2tp - ok

13:21:35.0656 2792 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

13:21:35.0781 2792 RasMan - ok

13:21:35.0812 2792 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

13:21:35.0953 2792 RasPppoe - ok

13:21:35.0968 2792 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

13:21:36.0078 2792 Raspti - ok

13:21:36.0140 2792 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

13:21:36.0265 2792 Rdbss - ok

13:21:36.0281 2792 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

13:21:36.0406 2792 RDPCDD - ok

13:21:36.0437 2792 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

13:21:36.0546 2792 rdpdr - ok

13:21:36.0609 2792 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

13:21:36.0656 2792 RDPWD - ok

13:21:36.0703 2792 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

13:21:36.0828 2792 RDSessMgr - ok

13:21:36.0859 2792 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

13:21:36.0984 2792 redbook - ok

13:21:37.0046 2792 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

13:21:37.0171 2792 RemoteAccess - ok

13:21:37.0218 2792 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

13:21:37.0343 2792 RemoteRegistry - ok

13:21:37.0375 2792 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

13:21:37.0500 2792 RpcLocator - ok

13:21:37.0546 2792 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

13:21:37.0609 2792 RpcSs - ok

13:21:37.0671 2792 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

13:21:37.0796 2792 RSVP - ok

13:21:37.0875 2792 RTL8187B (b8a68977ab5c05990696fc0237fda96a) C:\WINDOWS\system32\DRIVERS\RTL8187B.sys

13:21:37.0921 2792 RTL8187B - ok

13:21:37.0968 2792 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:21:38.0093 2792 SamSs - ok

13:21:38.0109 2792 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

13:21:38.0218 2792 SCardSvr - ok

13:21:38.0281 2792 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

13:21:38.0421 2792 Schedule - ok

13:21:38.0468 2792 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

13:21:38.0609 2792 sdbus - ok

13:21:38.0656 2792 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

13:21:38.0734 2792 Secdrv - ok

13:21:38.0765 2792 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

13:21:38.0890 2792 seclogon - ok

13:21:38.0906 2792 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

13:21:39.0046 2792 SENS - ok

13:21:39.0078 2792 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

13:21:39.0203 2792 Serial - ok

13:21:39.0250 2792 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

13:21:39.0359 2792 Sfloppy - ok

13:21:39.0421 2792 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

13:21:39.0546 2792 SharedAccess - ok

13:21:39.0609 2792 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

13:21:39.0625 2792 ShellHWDetection - ok

13:21:39.0640 2792 Simbad - ok

13:21:39.0703 2792 SiSGbeXP (441b5b4f9f4a3c5d61af9c872d7b65b1) C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys

13:21:39.0750 2792 SiSGbeXP - ok

13:21:39.0781 2792 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

13:21:39.0921 2792 SLIP - ok

13:21:39.0937 2792 Sparrow - ok

13:21:39.0968 2792 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

13:21:40.0109 2792 splitter - ok

13:21:40.0171 2792 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

13:21:40.0203 2792 Spooler - ok

13:21:40.0328 2792 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

13:21:40.0359 2792 SQLBrowser - ok

13:21:40.0359 2792 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

13:21:40.0375 2792 SQLWriter - ok

13:21:40.0406 2792 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

13:21:40.0515 2792 sr - ok

13:21:40.0578 2792 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

13:21:40.0687 2792 srservice - ok

13:21:40.0734 2792 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

13:21:40.0812 2792 Srv - ok

13:21:40.0843 2792 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

13:21:40.0953 2792 SSDPSRV - ok

13:21:40.0968 2792 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

13:21:41.0156 2792 stisvc - ok

13:21:41.0171 2792 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

13:21:41.0312 2792 streamip - ok

13:21:41.0328 2792 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

13:21:41.0453 2792 swenum - ok

13:21:41.0468 2792 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

13:21:41.0578 2792 swmidi - ok

13:21:41.0593 2792 SwPrv - ok

13:21:41.0609 2792 symc810 - ok

13:21:41.0625 2792 symc8xx - ok

13:21:41.0640 2792 sym_hi - ok

13:21:41.0656 2792 sym_u3 - ok

13:21:41.0687 2792 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

13:21:41.0843 2792 sysaudio - ok

13:21:41.0859 2792 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

13:21:41.0984 2792 SysmonLog - ok

13:21:42.0015 2792 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

13:21:42.0140 2792 TapiSrv - ok

13:21:42.0203 2792 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

13:21:42.0265 2792 Tcpip - ok

13:21:42.0296 2792 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

13:21:42.0421 2792 TDPIPE - ok

13:21:42.0453 2792 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

13:21:42.0593 2792 TDTCP - ok

13:21:42.0593 2792 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

13:21:42.0718 2792 TermDD - ok

13:21:42.0765 2792 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

13:21:42.0890 2792 TermService - ok

13:21:42.0937 2792 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

13:21:42.0968 2792 Themes - ok

13:21:43.0015 2792 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

13:21:43.0093 2792 TlntSvr - ok

13:21:43.0109 2792 TosIde - ok

13:21:43.0140 2792 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

13:21:43.0265 2792 TrkWks - ok

13:21:43.0296 2792 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

13:21:43.0421 2792 Udfs - ok

13:21:43.0437 2792 ultra - ok

13:21:43.0500 2792 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

13:21:43.0640 2792 Update - ok

13:21:43.0671 2792 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

13:21:43.0750 2792 upnphost - ok

13:21:43.0765 2792 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

13:21:43.0906 2792 UPS - ok

13:21:43.0921 2792 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

13:21:44.0046 2792 usbccgp - ok

13:21:44.0078 2792 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

13:21:44.0218 2792 usbehci - ok

13:21:44.0250 2792 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

13:21:44.0359 2792 usbhub - ok

13:21:44.0375 2792 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

13:21:44.0484 2792 usbohci - ok

13:21:44.0546 2792 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

13:21:44.0671 2792 USBSTOR - ok

13:21:44.0718 2792 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

13:21:44.0843 2792 usbvideo - ok

13:21:44.0859 2792 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

13:21:44.0968 2792 VgaSave - ok

13:21:44.0984 2792 ViaIde - ok

13:21:45.0000 2792 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

13:21:45.0125 2792 VolSnap - ok

13:21:45.0140 2792 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

13:21:45.0218 2792 VSS - ok

13:21:45.0250 2792 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

13:21:45.0375 2792 W32Time - ok

13:21:45.0406 2792 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

13:21:45.0531 2792 Wanarp - ok

13:21:45.0531 2792 WDICA - ok

13:21:45.0562 2792 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

13:21:45.0671 2792 wdmaud - ok

13:21:45.0703 2792 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

13:21:45.0828 2792 WebClient - ok

13:21:45.0890 2792 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

13:21:46.0015 2792 winmgmt - ok

13:21:46.0062 2792 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

13:21:46.0093 2792 WmdmPmSN - ok

13:21:46.0156 2792 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

13:21:46.0234 2792 Wmi - ok

13:21:46.0250 2792 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

13:21:46.0390 2792 WmiAcpi - ok

13:21:46.0421 2792 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

13:21:46.0546 2792 WmiApSrv - ok

13:21:46.0671 2792 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe

13:21:46.0750 2792 WMPNetworkSvc - ok

13:21:46.0828 2792 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

13:21:46.0843 2792 WpdUsb - ok

13:21:47.0000 2792 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

13:21:47.0046 2792 WPFFontCache_v0400 - ok

13:21:47.0093 2792 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

13:21:47.0281 2792 WS2IFSL - ok

13:21:47.0343 2792 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

13:21:47.0468 2792 wscsvc - ok

13:21:47.0515 2792 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

13:21:47.0625 2792 WSTCODEC - ok

13:21:47.0656 2792 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

13:21:47.0812 2792 wuauserv - ok

13:21:47.0859 2792 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

13:21:47.0906 2792 WudfPf - ok

13:21:47.0937 2792 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

13:21:47.0968 2792 WudfRd - ok

13:21:47.0984 2792 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

13:21:48.0000 2792 WudfSvc - ok

13:21:48.0062 2792 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

13:21:48.0218 2792 WZCSVC - ok

13:21:48.0250 2792 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

13:21:48.0375 2792 xmlprov - ok

13:21:48.0406 2792 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

13:21:48.0703 2792 \Device\Harddisk0\DR0 - ok

13:21:48.0703 2792 Boot (0x1200) (f6c8b74245d171394710c4621d0386a9) \Device\Harddisk0\DR0\Partition0

13:21:48.0703 2792 \Device\Harddisk0\DR0\Partition0 - ok

13:21:48.0703 2792 ============================================================

13:21:48.0703 2792 Scan finished

13:21:48.0703 2792 ============================================================

13:21:48.0812 2724 Detected object count: 3

13:21:48.0812 2724 Actual detected object count: 3

13:23:08.0234 2724 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user

13:23:08.0234 2724 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:23:08.0234 2724 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

13:23:08.0234 2724 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:23:08.0234 2724 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

13:23:08.0234 2724 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:26:38.0593 2172 Deinitialize success

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.04.10.04

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Bob :: HOLMES [administrator]

4/10/2012 8:55:04 AM

mbam-log-2012-04-10 (08-55-04).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 223693

Time elapsed: 19 minute(s), 52 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Bob at 9:35:24 on 2012-04-10

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2045.1156 [GMT -5:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\system32\agrsmsvc.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Program Files\AVG\AVG2012\avgemcx.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Nero\Update\NASvc.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe

C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\NOTEPAD.EXE

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

mURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet

uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11f_ActiveX.exe -update activex

mRun: [VMM Mode Selection] c:\program files\htc\modeselection\VMMModeSelection.exe

mRun: [ToolboxFX] "c:\program files\hp\toolboxfx\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [nwiz] nwiz.exe /install

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [Alcmtr] ALCMTR.EXE

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

dRun: [dplaysvr] %APPDATA%\dplaysvr.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

Trusted Zone: garmin.com

Trusted Zone: intuit.com\ttlc

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 97.64.183.164 97.64.209.37

TCP: Interfaces\{F25A5C49-D49B-42B7-B755-E65C1D2D3122} : DhcpNameServer = 97.64.183.164 97.64.209.37

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 230608]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 295248]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]

R2 HP LaserJet Service;HP LaserJet Service;c:\program files\hp\hplaserjetservice\HPLaserJetService.exe [2010-10-25 145920]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672]

R2 NAUpdate;@c:\program files\nero\update\nasvc.exe,-200;c:\program files\nero\update\NASvc.exe [2010-5-4 503080]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-3 134608]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-3 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-3 16720]

R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2010-11-23 288000]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 MLPTDR_B;MLPTDR_B;c:\windows\system32\MLPTDR_B.SYS [2003-4-22 19904]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\flashplayerupdateservice.exe --> c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-04-09 03:47:29 -------- d-----w- c:\documents and settings\bob\local settings\application data\Threat Expert

2012-04-09 02:17:03 -------- d-----w- c:\program files\PC Tools

2012-04-09 02:10:24 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2012-04-09 02:10:24 -------- d-----w- c:\program files\common files\PC Tools

2012-04-09 02:09:34 -------- d-----w- c:\documents and settings\bob\application data\TestApp

2012-04-09 02:09:34 -------- d-----w- c:\documents and settings\all users\application data\PC Tools

2012-04-09 01:04:34 -------- d-----w- c:\windows\pss

2012-04-09 00:11:03 -------- d---a-w- C:\TRK-INFECTED

2012-04-08 22:05:07 -------- d-----w- c:\documents and settings\bob\application data\Malwarebytes

2012-04-08 22:04:59 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-04-08 22:04:57 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-08 22:04:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-04-08 21:49:15 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-05 15:01:25 -------- d--h--w- C:\$AVG

2012-04-03 06:51:09 -------- d-----w- c:\documents and settings\bob\local settings\application data\Easy CD-DA Extractor

2012-04-03 06:50:50 -------- d-----w- c:\documents and settings\all users\application data\Easy CD-DA Extractor

2012-04-03 06:50:43 -------- d-----w- c:\program files\Easy CD-DA Extractor 16

2012-04-03 06:38:16 -------- d-----w- c:\documents and settings\all users\application data\AVS4YOU

2012-04-03 06:38:13 -------- d-----w- c:\documents and settings\bob\application data\AVS4YOU

2012-04-03 06:37:03 11139944 ----a-w- c:\windows\system32\libmfxsw32.dll

2012-04-03 06:36:56 1700352 ----a-w- c:\windows\system32\GdiPlus.dll

2012-04-03 06:36:55 24576 ----a-w- c:\windows\system32\msxml3a.dll

2012-04-03 06:36:54 -------- d-----w- c:\program files\AVS4YOU

2012-04-03 06:36:37 -------- d-----w- c:\program files\common files\AVSMedia

.

==================== Find3M ====================

.

2012-02-23 02:23:30 414368 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll

.

============= FINISH: 9:36:05.09 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 11/17/2010 2:33:36 AM

System Uptime: 4/10/2012 8:42:22 AM (1 hours ago)

.

Motherboard: clevo | | M7X0SUN

Processor: Intel Pentium III Xeon processor | uPGA 479M | 1999/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 233 GiB total, 191.022 GiB free.

D: is CDROM ()

Z: is NetworkDisk (NTFS) - 112 GiB total, 7.59 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: Base System Device

Device ID: PCI\VEN_197B&DEV_2382&SUBSYS_08021558&REV_20\4&2E819789&0&0038

Manufacturer:

Name: Base System Device

PNP Device ID: PCI\VEN_197B&DEV_2382&SUBSYS_08021558&REV_20\4&2E819789&0&0038

Service:

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: Base System Device

Device ID: PCI\VEN_197B&DEV_2383&SUBSYS_08021558&REV_20\4&2E819789&0&0338

Manufacturer:

Name: Base System Device

PNP Device ID: PCI\VEN_197B&DEV_2383&SUBSYS_08021558&REV_20\4&2E819789&0&0338

Service:

.

==== System Restore Points ===================

.

RP1: 4/8/2012 8:24:31 PM - System Checkpoint

RP2: 4/9/2012 1:14:35 PM - Removed Nero Toolbar.

.

==== Installed Programs ======================

.

.

32 Bit HP CIO Components Installer

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.2)

Agere Systems HDA Modem

Amazon MP3 Downloader 1.0.12

Android SDK Tools

AnswerWorks 5.0 English Runtime

Apple Application Support

Apple Software Update

AVG 2012

Borland C++Builder 6

Crown Print Monitor+

Easy CD-DA Extractor 16

Garmin City Navigator North America NT 2011.40 Update

Garmin USB Drivers

Garmin WebUpdater

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB981793)

HP LaserJet Professional CP1520 Series

HP Update

HPLaserJetHelp_LearnCenter

HPLJUT

hppCP1520LaserJetService

hppLaserJetService

hppTLBXFXCP1520

hpzTLBXFX

IsoBuster 2.8.5

Java Auto Updater

Java 6 Update 27

Java 7 Update 1

Java SE Development Kit 7

magicolor 2300 DL

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office Standard Edition 2003

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server Management Studio Express

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MINOLTA-QMS magicolor 2300 DL Printer Driver Software

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser

Nero BurnLite 10

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero Update

NVIDIA Drivers

Quicken 2009

QuickTime

Realtek High Definition Audio Driver

REALTEK RTL8187B Wireless LAN Driver

Rhapsody

Sansa Updater

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

TurboTax 2010

TurboTax 2010 wiaiper

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wmoiper

TurboTax 2010 wrapper

TurboTax 2011

TurboTax 2011 wiaiper

TurboTax 2011 WinPerFedFormset

TurboTax 2011 WinPerReleaseEngine

TurboTax 2011 WinPerTaxSupport

TurboTax 2011 wrapper

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Widevine Media Transformer Plugin 4.5.0

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

WinZip Self-Extractor

WModem Driver Installer

Yahoo! Detect

Yahoo! Messenger

.

==== Event Viewer Messages From Past Week ========

.

4/8/2012 9:22:37 PM, error: PCTCore [280] -

4/8/2012 9:17:05 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

4/8/2012 8:05:19 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

4/8/2012 7:46:53 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 Fips intelppm

4/8/2012 7:45:53 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

4/8/2012 4:16:48 PM, error: Service Control Manager [7034] - The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).

4/8/2012 4:16:43 PM, error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).

4/8/2012 4:16:32 PM, error: Service Control Manager [7034] - The HP LaserJet Service service terminated unexpectedly. It has done this 1 time(s).

4/8/2012 2:12:10 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer DOYLE that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F25A5C49-D49B-42B7-B75. The master browser is stopping or an election is being forced.

4/8/2012 10:15:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: General access denied error

4/7/2012 9:33:00 PM, error: Schedule [7901] - The At3.job command failed to start due to the following error: General access denied error

4/7/2012 8:45:00 PM, error: Schedule [7901] - The At2.job command failed to start due to the following error: General access denied error

4/7/2012 2:30:02 PM, error: Schedule [7901] - The At4.job command failed to start due to the following error: General access denied error

4/7/2012 2:06:28 PM, error: Service Control Manager [7002] - The MLPTDR_B service depends on the Parallel arbitrator group and no member of this group started.

4/7/2012 2:06:28 PM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.

4/7/2012 11:30:53 AM, error: BROWSER [8007] - The browser was unable to update the service status bits. The data is the error.

4/3/2012 7:42:12 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0025D38DB2AA. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

.

==== End Of File ===========================

Link to post
Share on other sites

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Link to post
Share on other sites

ComboFix 12-04-10.02 - Bob 04/10/2012 20:10:59.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2045.1379 [GMT -5:00]

Running from: c:\documents and settings\Bob\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\All Users\Application Data\TEMP\DFC5A2B2.TMP

c:\documents and settings\All Users\Desktop\Internet Security.lnk

c:\windows\EventSystem.log

c:\windows\system32\dllcache\dlimport.exe

c:\windows\system32\SET45.tmp

c:\windows\system32\SET49.tmp

c:\windows\system32\SET51.tmp

c:\windows\system32\SET9A.tmp

.

.

((((((((((((((((((((((((( Files Created from 2012-03-11 to 2012-04-11 )))))))))))))))))))))))))))))))

.

.

2012-04-09 03:47 . 2012-04-09 03:47 -------- d-----w- c:\documents and settings\Bob\Local Settings\Application Data\Threat Expert

2012-04-09 02:17 . 2012-04-09 02:17 -------- d-----w- c:\program files\PC Tools

2012-04-09 02:10 . 2012-04-09 04:59 -------- d-----w- c:\program files\Common Files\PC Tools

2012-04-09 02:10 . 2012-02-24 15:36 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2012-04-09 02:09 . 2012-04-09 04:57 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools

2012-04-09 02:09 . 2012-04-09 02:09 -------- d-----w- c:\documents and settings\Bob\Application Data\TestApp

2012-04-09 00:11 . 2012-04-09 00:11 -------- d---a-w- C:\TRK-INFECTED

2012-04-08 22:05 . 2012-04-08 22:05 -------- d-----w- c:\documents and settings\Bob\Application Data\Malwarebytes

2012-04-08 22:04 . 2012-04-08 22:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-04-08 22:04 . 2012-04-09 18:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-04-08 22:04 . 2012-04-04 20:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-08 21:49 . 2012-04-08 21:49 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-05 15:01 . 2012-04-05 15:01 -------- d-----w- C:\$AVG

2012-04-05 07:41 . 2012-04-05 07:41 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Sun

2012-04-05 07:37 . 2012-04-05 07:37 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe

2012-04-05 07:37 . 2012-04-05 07:37 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp

2012-04-03 06:51 . 2012-04-03 09:29 -------- d-----w- c:\documents and settings\Bob\Local Settings\Application Data\Easy CD-DA Extractor

2012-04-03 06:50 . 2012-04-03 06:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Easy CD-DA Extractor

2012-04-03 06:50 . 2012-04-03 06:51 -------- d-----w- c:\program files\Easy CD-DA Extractor 16

2012-04-03 06:38 . 2012-04-03 06:38 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU

2012-04-03 06:38 . 2012-04-03 06:38 -------- d-----w- c:\documents and settings\Bob\Application Data\AVS4YOU

2012-04-03 06:37 . 2012-01-11 18:05 11139944 ----a-w- c:\windows\system32\libmfxsw32.dll

2012-04-03 06:36 . 2010-11-13 01:18 1700352 ----a-w- c:\windows\system32\GdiPlus.dll

2012-04-03 06:36 . 2010-11-13 01:18 24576 ----a-w- c:\windows\system32\msxml3a.dll

2012-04-03 06:36 . 2012-04-03 06:50 -------- d-----w- c:\program files\AVS4YOU

2012-04-03 06:36 . 2012-04-03 06:50 -------- d-----w- c:\program files\Common Files\AVSMedia

2012-03-29 05:00 . 2012-03-29 05:00 -------- d-----w- c:\documents and settings\Guest\Application Data\AskToolbar

2012-03-29 04:24 . 2012-03-29 04:24 -------- d-----w- c:\documents and settings\Guest\Application Data\Hewlett-Packard Company

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-23 02:23 . 2012-02-06 04:17 414368 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-03 09:22 . 2006-02-28 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-01-17 20:45 . 2012-01-17 20:45 10 ------w- c:\windows\Fonts\wfonts.key

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VMM Mode Selection"="c:\program files\HTC\ModeSelection\VMMModeSelection.exe" [2011-02-14 43520]

"ToolboxFX"="c:\program files\HP\ToolboxFX\bin\HPTLBXFX.exe" [2010-10-25 58936]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]

"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 16804864]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]

"nwiz"="nwiz.exe" [2009-02-10 1657376]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-10 13594624]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=

"c:\\Program Files\\Rhapsody\\rhapsody.exe"=

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [9/13/2010 4:27 PM 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/7/2010 4:48 AM 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [12/8/2010 5:12 AM 230608]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11/12/2010 2:19 PM 295248]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 6:09 AM 192776]

R2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [10/25/2010 3:53 PM 145920]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [8/25/2011 6:53 PM 13672]

R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [5/4/2010 1:07 PM 503080]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [8/3/2010 4:23 PM 134608]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [8/3/2010 4:23 PM 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [8/3/2010 4:23 PM 16720]

R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [11/23/2010 12:28 AM 288000]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]

S2 MLPTDR_B;MLPTDR_B;c:\windows\system32\MLPTDR_B.SYS [4/22/2003 9:53 AM 19904]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe --> c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [?]

S3 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-10 c:\windows\Tasks\At1.job

- c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22 14:18]

.

2012-04-10 c:\windows\Tasks\At2.job

- c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22 14:18]

.

2012-04-10 c:\windows\Tasks\At3.job

- c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22 14:18]

.

2012-04-10 c:\windows\Tasks\At4.job

- c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22 14:18]

.

2012-03-29 c:\windows\Tasks\FullBackup0.job

- c:\windows\system32\ntbackup.exe [2006-02-28 00:12]

.

2012-04-05 c:\windows\Tasks\FullBackup1.job

- c:\windows\system32\ntbackup.exe [2006-02-28 00:12]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

Trusted Zone: garmin.com

Trusted Zone: intuit.com\ttlc

TCP: DhcpNameServer = 97.64.183.164 97.64.209.37

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

HKU-Default-Run-dplaysvr - c:\documents and settings\Bob\Application Data\dplaysvr.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-04-10 20:19

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

Completion time: 2012-04-10 20:20:40

ComboFix-quarantined-files.txt 2012-04-11 01:20

.

Pre-Run: 209,135,525,888 bytes free

Post-Run: 211,533,971,456 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - EFFE90CBA55DDFA09DA9CFF939DFF73B

Link to post
Share on other sites

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

Folder::
c:\documents and settings\Guest\Application Data\AskToolbar

JavaClearCache::

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Link to post
Share on other sites

ComboFix 12-04-10.02 - Bob 04/12/2012 22:12:05.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2045.1316 [GMT -5:00]

Running from: c:\documents and settings\Bob\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Bob\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Guest\Application Data\AskToolbar

c:\documents and settings\Guest\Application Data\AskToolbar\Nero.config

.

.

((((((((((((((((((((((((( Files Created from 2012-03-13 to 2012-04-13 )))))))))))))))))))))))))))))))

.

.

2012-04-09 03:47 . 2012-04-09 03:47 -------- d-----w- c:\documents and settings\Bob\Local Settings\Application Data\Threat Expert

2012-04-09 02:17 . 2012-04-09 02:17 -------- d-----w- c:\program files\PC Tools

2012-04-09 02:10 . 2012-04-09 04:59 -------- d-----w- c:\program files\Common Files\PC Tools

2012-04-09 02:10 . 2012-02-24 15:36 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2012-04-09 02:09 . 2012-04-09 04:57 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools

2012-04-09 02:09 . 2012-04-09 02:09 -------- d-----w- c:\documents and settings\Bob\Application Data\TestApp

2012-04-09 00:11 . 2012-04-09 00:11 -------- d---a-w- C:\TRK-INFECTED

2012-04-08 22:05 . 2012-04-08 22:05 -------- d-----w- c:\documents and settings\Bob\Application Data\Malwarebytes

2012-04-08 22:04 . 2012-04-08 22:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-04-08 22:04 . 2012-04-09 18:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-04-08 22:04 . 2012-04-04 20:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-08 21:49 . 2012-04-08 21:49 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-05 15:01 . 2012-04-05 15:01 -------- d-----w- C:\$AVG

2012-04-05 07:41 . 2012-04-05 07:41 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Sun

2012-04-05 07:37 . 2012-04-05 07:37 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe

2012-04-05 07:37 . 2012-04-05 07:37 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp

2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll

2012-04-03 06:51 . 2012-04-03 09:29 -------- d-----w- c:\documents and settings\Bob\Local Settings\Application Data\Easy CD-DA Extractor

2012-04-03 06:50 . 2012-04-03 06:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Easy CD-DA Extractor

2012-04-03 06:50 . 2012-04-03 06:51 -------- d-----w- c:\program files\Easy CD-DA Extractor 16

2012-04-03 06:38 . 2012-04-03 06:38 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU

2012-04-03 06:38 . 2012-04-03 06:38 -------- d-----w- c:\documents and settings\Bob\Application Data\AVS4YOU

2012-04-03 06:37 . 2012-01-11 18:05 11139944 ----a-w- c:\windows\system32\libmfxsw32.dll

2012-04-03 06:36 . 2010-11-13 01:18 1700352 ----a-w- c:\windows\system32\GdiPlus.dll

2012-04-03 06:36 . 2010-11-13 01:18 24576 ----a-w- c:\windows\system32\msxml3a.dll

2012-04-03 06:36 . 2012-04-03 06:50 -------- d-----w- c:\program files\AVS4YOU

2012-04-03 06:36 . 2012-04-03 06:50 -------- d-----w- c:\program files\Common Files\AVSMedia

2012-03-29 04:24 . 2012-03-29 04:24 -------- d-----w- c:\documents and settings\Guest\Application Data\Hewlett-Packard Company

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-01 11:01 . 2006-02-28 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-03-01 11:01 . 2006-02-28 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-03-01 11:01 . 2006-02-28 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:10 . 2006-02-28 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10 . 2006-02-28 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17 . 2006-02-28 12:00 385024 ------w- c:\windows\system32\html.iec

2012-02-23 02:23 . 2012-02-06 04:17 414368 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-03 09:22 . 2006-02-28 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-01-17 20:45 . 2012-01-17 20:45 10 ------w- c:\windows\Fonts\wfonts.key

.

.

((((((((((((((((((((((((((((( SnapShot@2012-04-11_01.19.09 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-04-12 09:18 . 2012-04-12 09:18 16384 c:\windows\Temp\Perflib_Perfdata_5c8.dat

- 2006-02-28 12:00 . 2012-04-10 13:48 94052 c:\windows\system32\perfc009.dat

+ 2006-02-28 12:00 . 2012-04-12 09:22 94052 c:\windows\system32\perfc009.dat

+ 2006-02-28 12:00 . 2012-03-01 11:01 66560 c:\windows\system32\mshtmled.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 66560 c:\windows\system32\mshtmled.dll

+ 2009-03-08 10:31 . 2012-03-01 11:01 55296 c:\windows\system32\msfeedsbs.dll

- 2009-03-08 10:31 . 2011-12-17 19:46 55296 c:\windows\system32\msfeedsbs.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 25600 c:\windows\system32\jsproxy.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 25600 c:\windows\system32\jsproxy.dll

+ 2011-01-29 22:05 . 2012-03-01 11:01 12800 c:\windows\system32\dllcache\xpshims.dll

- 2011-01-29 22:05 . 2011-12-17 19:46 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 66560 c:\windows\system32\dllcache\mshtmled.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 66560 c:\windows\system32\dllcache\mshtmled.dll

- 2011-01-29 22:05 . 2011-12-17 19:46 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2011-01-29 22:05 . 2012-03-01 11:01 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 43520 c:\windows\system32\dllcache\licmgr10.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 43520 c:\windows\system32\dllcache\licmgr10.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 25600 c:\windows\system32\dllcache\jsproxy.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

- 2012-02-17 09:02 . 2012-02-17 09:02 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2011-01-30 18:48 . 2012-04-12 08:01 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe

- 2011-01-30 18:48 . 2012-03-15 08:00 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe

- 2011-01-30 18:48 . 2012-03-15 08:00 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe

+ 2011-01-30 18:48 . 2012-04-12 08:01 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe

- 2011-01-30 18:48 . 2012-03-15 08:00 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe

+ 2011-01-30 18:48 . 2012-04-12 08:01 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe

+ 2011-01-30 18:48 . 2012-04-12 08:01 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe

- 2011-01-30 18:48 . 2012-03-15 08:00 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe

+ 2012-04-12 08:10 . 2011-12-17 19:46 12800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 43520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 14848 c:\windows\assembly\NativeImages_v4.0.30319_32\TVM\0700cd2d66b381fb478b0801df0e32bc\TVM.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\36124bfc4baaa1c2063d699e77324080\System.Web.DynamicData.Design.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\c41effeccd62bd2e864d865a7a8089e6\Microsoft.SqlServer.CustomControls.ni.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

- 2011-01-30 18:48 . 2012-03-15 08:00 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe

+ 2011-01-30 18:48 . 2012-04-12 08:01 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe

+ 2012-04-12 08:09 . 2012-04-12 08:09 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2012-02-17 09:02 . 2012-04-12 08:04 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll

+ 2012-02-17 09:02 . 2012-04-12 08:04 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 105984 c:\windows\system32\url.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 105984 c:\windows\system32\url.dll

- 2006-02-28 12:00 . 2012-04-10 13:48 520190 c:\windows\system32\perfh009.dat

+ 2006-02-28 12:00 . 2012-04-12 09:22 520190 c:\windows\system32\perfh009.dat

- 2006-02-28 12:00 . 2011-12-17 19:46 206848 c:\windows\system32\occache.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 206848 c:\windows\system32\occache.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 611840 c:\windows\system32\mstime.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 611840 c:\windows\system32\mstime.dll

+ 2009-03-08 10:32 . 2012-03-01 11:01 602112 c:\windows\system32\msfeeds.dll

- 2009-03-08 10:32 . 2011-12-17 19:46 602112 c:\windows\system32\msfeeds.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 184320 c:\windows\system32\iepeers.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 184320 c:\windows\system32\iepeers.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 387584 c:\windows\system32\iedkcs32.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 387584 c:\windows\system32\iedkcs32.dll

+ 2006-02-28 12:00 . 2012-02-29 12:17 174080 c:\windows\system32\ie4uinit.exe

- 2006-02-28 12:00 . 2011-12-16 12:23 174080 c:\windows\system32\ie4uinit.exe

- 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll

+ 2009-12-24 06:59 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 916992 c:\windows\system32\dllcache\wininet.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 916992 c:\windows\system32\dllcache\wininet.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 105984 c:\windows\system32\dllcache\url.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 105984 c:\windows\system32\dllcache\url.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 206848 c:\windows\system32\dllcache\occache.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 206848 c:\windows\system32\dllcache\occache.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 611840 c:\windows\system32\dllcache\mstime.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 611840 c:\windows\system32\dllcache\mstime.dll

+ 2011-01-29 22:05 . 2012-03-01 11:01 602112 c:\windows\system32\dllcache\msfeeds.dll

- 2011-01-29 22:05 . 2011-12-17 19:46 602112 c:\windows\system32\dllcache\msfeeds.dll

+ 2012-02-29 14:10 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll

- 2011-01-29 22:05 . 2011-12-17 19:46 247808 c:\windows\system32\dllcache\ieproxy.dll

+ 2011-01-29 22:05 . 2012-03-01 11:01 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 184320 c:\windows\system32\dllcache\iepeers.dll

- 2011-01-29 22:05 . 2011-12-17 19:46 743424 c:\windows\system32\dllcache\iedvtool.dll

+ 2011-01-29 22:05 . 2012-03-01 11:01 743424 c:\windows\system32\dllcache\iedvtool.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2006-02-28 12:00 . 2012-02-29 12:17 174080 c:\windows\system32\dllcache\ie4uinit.exe

- 2006-02-28 12:00 . 2011-12-16 12:23 174080 c:\windows\system32\dllcache\ie4uinit.exe

+ 2012-01-21 22:40 . 2012-01-21 22:40 616216 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll

+ 2012-01-31 08:38 . 2012-01-31 08:38 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll

+ 2012-02-17 09:03 . 2012-04-12 08:04 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2012-02-17 09:03 . 2012-04-12 08:05 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll

+ 2012-02-17 09:03 . 2012-04-12 08:04 616216 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2012-02-17 09:02 . 2012-04-12 08:04 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll

+ 2012-02-17 09:03 . 2012-04-12 08:05 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2012-02-17 09:02 . 2012-04-12 08:04 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2012-02-17 09:02 . 2012-04-12 08:04 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

+ 2012-02-03 04:56 . 2012-02-03 04:56 963584 c:\windows\Installer\9139ca9.msp

+ 2011-01-30 18:48 . 2012-04-12 08:01 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe

- 2011-01-30 18:48 . 2012-03-15 08:00 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe

- 2011-01-30 18:48 . 2012-03-15 08:00 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe

+ 2011-01-30 18:48 . 2012-04-12 08:01 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe

+ 2011-01-30 18:48 . 2012-04-12 08:01 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe

- 2011-01-30 18:48 . 2012-03-15 08:00 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe

- 2011-01-30 18:48 . 2012-03-15 08:00 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe

+ 2011-01-30 18:48 . 2012-04-12 08:01 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe

- 2011-01-30 18:48 . 2012-03-15 08:00 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2011-01-30 18:48 . 2012-04-12 08:01 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2012-04-12 08:10 . 2011-12-17 19:46 916992 c:\windows\ie8updates\KB2675157-IE8\wininet.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll

+ 2012-04-12 08:10 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll

+ 2012-04-12 08:10 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe

+ 2012-04-12 08:10 . 2011-12-17 19:46 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll

+ 2012-04-12 08:10 . 2011-12-16 12:23 174080 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe

+ 2012-02-17 09:02 . 2012-02-17 09:02 409448 c:\windows\assembly\temp\W3KA6LR6BC\System.configuration.dll

+ 2012-02-17 09:03 . 2012-02-17 09:03 269672 c:\windows\assembly\temp\W1QGFRT3HV\System.Transactions.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 114688 c:\windows\assembly\temp\ULYBYBO18V\System.ServiceProcess.dll

+ 2012-02-17 09:03 . 2012-02-17 09:03 607064 c:\windows\assembly\temp\RPUQZTSQSO\System.Drawing.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 113664 c:\windows\assembly\temp\GLA9MF470Z\System.EnterpriseServices.Wrapper.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 258048 c:\windows\assembly\temp\GLA9MF470Z\System.EnterpriseServices.dll

+ 2012-02-17 09:03 . 2012-02-17 09:03 291184 c:\windows\assembly\temp\FMBOR49GPL\System.Runtime.Remoting.dll

+ 2012-02-17 09:02 . 2012-02-17 09:02 109568 c:\windows\assembly\temp\EHTU6WUO7D\System.EnterpriseServices.Wrapper.dll

+ 2012-02-17 09:02 . 2012-02-17 09:02 246128 c:\windows\assembly\temp\EHTU6WUO7D\System.EnterpriseServices.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 626688 c:\windows\assembly\temp\EHAJSBKTCL\System.Drawing.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 303104 c:\windows\assembly\temp\E1Y1EHU3GZ\System.Runtime.Remoting.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 425984 c:\windows\assembly\temp\AJ6DGJWZ2Z\System.configuration.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 261632 c:\windows\assembly\temp\4R4HKX69CF\System.Transactions.dll

+ 2012-02-17 09:03 . 2012-02-17 09:03 113512 c:\windows\assembly\temp\3YRPSOWG2M\System.ServiceProcess.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 252416 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\d3f175cefc439ba7d036a7f8f0ebe0c2\WindowsFormsIntegration.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\873202699833a0c3d031c82b556a7296\System.ServiceProcess.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\8bbad53639576996991c10977adab5ca\System.Messaging.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\874aba2d7663bd1efabda06b016098f4\Microsoft.VisualBasic.Compatibility.Data.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 985088 c:\windows\assembly\NativeImages_v4.0.30319_32\Intuit.Ctg.Wte.Serv#\b542287d4b5347566efe278661e19173\Intuit.Ctg.Wte.Service.Interface.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 258560 c:\windows\assembly\NativeImages_v4.0.30319_32\common-utility\06d49417560e278d7c98ce06878a8ff8\common-utility.ni.dll

+ 2012-04-12 08:11 . 2012-04-12 08:11 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\5be064066858620a8aa628fca459a888\WindowsFormsIntegration.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\1107b3a711bab40c83e2561ba2431d62\System.Web.Routing.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d7c8c294920cfe79765215e242308d28\System.Web.Extensions.Design.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\5176923a8264305118a299419e1c7bde\System.Web.Entity.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d746c0f0ed36226efb2e0115de42cdd6\System.Web.Entity.Design.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\df5542604898c9ea3fda32c8619ae0e5\System.Web.DynamicData.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\b9c8715157536097b489132574ad5c17\System.Web.Abstractions.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e433394df8d44e43690a855e403555\System.ServiceProcess.ni.dll

+ 2012-04-12 08:11 . 2012-04-12 08:11 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\cc2cd3bc46c9c2b30e47281e404a3230\System.Drawing.Design.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 530432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\dcf839063ca38232d9f16152e43c99cb\Microsoft.SqlServer.GridControl.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 989184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\52a17c35dd2ed49b8129a533f879a950\Microsoft.SqlServer.WizardFrameworkLite.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 355840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\075bac1ae40360f525821a6ecd0c88fb\Microsoft.SqlServer.Setup.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 231936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.NetEnterp#\e8e5f62018668d3a0735b7e62bb9d3b0\Microsoft.NetEnterpriseServers.ExceptionMessageBox.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 955392 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Wte.Serv#\f2f1bb3db4ef7d9e749466f0339b7e5b\Intuit.Ctg.Wte.Service.Interface.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\8d6cd6a93f679608d52b6c874088b963\AspNetMMCExt.ni.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 1212416 c:\windows\system32\urlmon.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 1212416 c:\windows\system32\urlmon.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 5978624 c:\windows\system32\mshtml.dll

+ 2009-03-08 10:32 . 2012-03-01 11:01 2000384 c:\windows\system32\iertutil.dll

- 2009-03-08 10:32 . 2011-12-17 19:46 2000384 c:\windows\system32\iertutil.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 1212416 c:\windows\system32\dllcache\urlmon.dll

- 2006-02-28 12:00 . 2011-12-17 19:46 1212416 c:\windows\system32\dllcache\urlmon.dll

+ 2006-02-28 12:00 . 2012-03-01 11:01 5978624 c:\windows\system32\dllcache\mshtml.dll

+ 2011-01-29 22:05 . 2012-03-01 11:01 2000384 c:\windows\system32\dllcache\iertutil.dll

- 2011-01-29 22:05 . 2011-12-17 19:46 2000384 c:\windows\system32\dllcache\iertutil.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll

+ 2012-02-17 09:02 . 2012-04-12 08:04 3511880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 3511880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll

+ 2012-02-17 09:03 . 2012-04-12 08:04 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2012-02-17 09:03 . 2012-04-12 08:04 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

+ 2012-02-17 09:02 . 2012-04-12 08:04 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll

- 2012-02-17 09:02 . 2012-02-17 09:02 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2012-04-12 08:04 . 2012-04-12 08:04 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll

- 2012-02-17 09:03 . 2012-02-17 09:03 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

+ 2012-01-22 15:09 . 2012-01-22 15:09 1700352 c:\windows\Installer\9139ca3.msp

+ 2012-03-22 18:09 . 2012-03-22 18:09 5521920 c:\windows\Installer\9139c9c.msp

+ 2011-06-06 17:55 . 2011-06-06 17:55 1189004 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\JSByteCodeWin.bin

+ 2012-04-12 08:10 . 2011-12-17 19:46 1212416 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 5979136 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll

+ 2012-04-12 08:10 . 2011-12-17 19:46 2000384 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 2048000 c:\windows\assembly\temp\W5IL47ADMV\System.XML.dll

+ 2012-02-17 09:02 . 2012-02-17 09:02 3511880 c:\windows\assembly\temp\T3HHEEUDBA\System.dll

+ 2012-02-17 09:02 . 2012-02-17 09:02 2970968 c:\windows\assembly\temp\SJOLN4821U\System.Data.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 3186688 c:\windows\assembly\temp\OXGP8VY7KT\System.dll

+ 2012-02-17 09:03 . 2012-02-17 09:03 5028200 c:\windows\assembly\temp\L7ATLYNNN9\System.Windows.Forms.dll

+ 2012-02-17 09:03 . 2012-02-17 09:03 2207568 c:\windows\assembly\temp\B9VC1KF7SH\System.XML.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 5025792 c:\windows\assembly\temp\2RUDWV4HQZ\System.Windows.Forms.dll

+ 2011-06-15 15:31 . 2012-02-17 09:11 2933248 c:\windows\assembly\temp\21ELE74RE7\System.Data.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 3798016 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\64bc66b117a976cc4972e4376290c95d\WindowsBase.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 3392000 c:\windows\assembly\NativeImages_v4.0.30319_32\ttax\68af4bfcb7f2a159267f3b9b711a4785\ttax.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 4586496 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\e8781973fbd0c7a4703e37052f45b783\System.Windows.Forms.DataVisualization.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 1050112 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\241c6a208037e498657a9e85e398f5a4\System.Printing.ni.dll

+ 2012-04-12 08:05 . 2012-04-12 08:05 1665024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9ac7922025e72297069a82a403cb59fa\System.Drawing.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\2a3e6c74bc3763eefe27c55d9cad3fda\System.Deployment.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 3713024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\8881093f626f25e558129c833b525ff5\System.Activities.Presentation.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 2859008 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\385f2b705df4c3fbc6654005f1a38943\ReachFramework.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 9906688 c:\windows\assembly\NativeImages_v4.0.30319_32\print-engine\8fa1faf03293f2e52ccb59488265ef06\print-engine.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 1631744 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\b895a66fa91475e1958d5a2ad63281ca\PresentationUI.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 1136640 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\676c07961b9a6694004193aec6188790\Microsoft.VisualBasic.Compatibility.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 1836544 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\03bc4ff490bc2c544c5f61842a394883\Microsoft.VisualBasic.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 1650688 c:\windows\assembly\NativeImages_v4.0.30319_32\Intuit.Ctg.Map\4b7e07ff0aa86cee825cc9a534887bf5\Intuit.Ctg.Map.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 3446784 c:\windows\assembly\NativeImages_v2.0.50727_32\ttax\586c5ba320405f9f1df8826b9ff410ee\ttax.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\d31d2eb0a862d3c1d3561be5f1570c3e\System.WorkflowServices.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\53c2336db392bfa5484850780048e37a\System.Workflow.ComponentModel.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\f243723cda77dd647b250dd9c42c35e2\System.Workflow.Activities.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\d1dacd5cb445b242b70bf7d606464293\System.Web.Mobile.ni.dll

+ 2012-04-12 09:05 . 2012-04-12 09:05 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6acbb8bb1a43fab0fdcf55bedd1fbcc3\System.Web.Extensions.ni.dll

+ 2012-04-12 08:11 . 2012-04-12 08:11 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\44d507a702c1623810e094adf751f687\System.Printing.ni.dll

+ 2012-04-12 08:11 . 2012-04-12 08:11 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3d253a2235f7c03630003bc1fbaf34a3\System.Deployment.ni.dll

+ 2012-04-12 08:11 . 2012-04-12 08:11 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\c73e109dbac6b099786cc68fe36e3d0b\ReachFramework.ni.dll

+ 2012-04-12 08:11 . 2012-04-12 08:11 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\20d72aeac1109863b77532d37d3f4fa2\PresentationUI.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ec4a3f74cb80c9b9581d778e8645b2c\Microsoft.VisualBasic.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\876b7280cf4e81fd65b120f60d38a7d9\Microsoft.Build.Tasks.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\64ba53308e90fa3837fe47977e2d37b6\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 1554944 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Map\6a24d087bcf450cb9f121d7687ef11b4\Intuit.Ctg.Map.ni.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2012-04-12 08:09 . 2012-04-12 08:09 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2012-02-17 09:11 . 2012-02-17 09:11 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2012-04-12 08:08 . 2012-04-12 08:08 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2011-06-15 15:31 . 2012-04-12 08:09 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

- 2011-06-15 15:31 . 2012-02-17 09:11 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2011-01-29 21:45 . 2012-04-12 08:01 55154568 c:\windows\system32\MRT.exe

+ 2009-03-08 10:39 . 2012-03-02 11:01 11082752 c:\windows\system32\ieframe.dll

+ 2011-01-29 22:05 . 2012-03-02 11:01 11082752 c:\windows\system32\dllcache\ieframe.dll

+ 2012-03-28 23:10 . 2012-03-28 23:10 12098048 c:\windows\Installer\9139c8b.msp

+ 2012-04-04 13:32 . 2012-04-04 13:32 16613376 c:\windows\Installer\41d4a.msp

+ 2012-04-12 08:10 . 2011-12-18 20:46 11082240 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll

+ 2012-04-12 08:06 . 2012-04-12 08:06 13196800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\67b05b57919dfc3a1521f33198495f5b\System.Windows.Forms.ni.dll

+ 2012-04-12 08:06 . 2012-04-12 08:06 17671168 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d5be46bcb4eba96a282fb0129b00918d\PresentationFramework.ni.dll

+ 2012-04-12 08:06 . 2012-04-12 08:06 11106816 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\503f6775eb81ff6d97a3e93a70ff8d6e\PresentationCore.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 10037248 c:\windows\assembly\NativeImages_v4.0.30319_32\itext\e33ada78afb99e0ee86945845ccf85e5\itext.ni.dll

+ 2012-04-12 09:06 . 2012-04-12 09:06 14787584 c:\windows\assembly\NativeImages_v4.0.30319_32\IKVM.OpenJDK.SwingA#\d320f32378bcc7154eea5034cd5decc6\IKVM.OpenJDK.SwingAWT.ni.dll

+ 2012-04-12 08:11 . 2012-04-12 08:11 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll

+ 2012-04-12 09:04 . 2012-04-12 09:04 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\db1d2470de43ffcb6f562277208d56e5\System.Web.ni.dll

+ 2012-04-12 08:11 . 2012-04-12 08:11 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\561138d8d199861578c197c4d24e3934\System.Design.ni.dll

+ 2012-04-12 08:11 . 2012-04-12 08:11 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\029d1d9e6495065aa4f38bcf2315ee8c\PresentationFramework.ni.dll

+ 2012-04-12 08:10 . 2012-04-12 08:10 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0a059ecfca6e421629a8298b03a7814c\PresentationCore.ni.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VMM Mode Selection"="c:\program files\HTC\ModeSelection\VMMModeSelection.exe" [2011-02-14 43520]

"ToolboxFX"="c:\program files\HP\ToolboxFX\bin\HPTLBXFX.exe" [2010-10-25 58936]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]

"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 16804864]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]

"nwiz"="nwiz.exe" [2009-02-10 1657376]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-10 13594624]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=

"c:\\Program Files\\Rhapsody\\rhapsody.exe"=

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [9/13/2010 4:27 PM 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/7/2010 4:48 AM 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [12/8/2010 5:12 AM 230608]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11/12/2010 2:19 PM 295248]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 6:09 AM 192776]

R2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [10/25/2010 3:53 PM 145920]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [8/25/2011 6:53 PM 13672]

R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [5/4/2010 1:07 PM 503080]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [8/3/2010 4:23 PM 134608]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [8/3/2010 4:23 PM 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [8/3/2010 4:23 PM 16720]

R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [11/23/2010 12:28 AM 288000]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]

S2 MLPTDR_B;MLPTDR_B;c:\windows\system32\MLPTDR_B.SYS [4/22/2003 9:53 AM 19904]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe --> c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [?]

S3 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-11 c:\windows\Tasks\At1.job

- c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22 14:18]

.

2012-04-13 c:\windows\Tasks\At2.job

- c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22 14:18]

.

2012-04-13 c:\windows\Tasks\At3.job

- c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22 14:18]

.

2012-04-11 c:\windows\Tasks\At4.job

- c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22 14:18]

.

2012-04-12 c:\windows\Tasks\FullBackup0.job

- c:\windows\system32\ntbackup.exe [2006-02-28 00:12]

.

2012-04-05 c:\windows\Tasks\FullBackup1.job

- c:\windows\system32\ntbackup.exe [2006-02-28 00:12]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

Trusted Zone: garmin.com

Trusted Zone: intuit.com\ttlc

TCP: DhcpNameServer = 97.64.183.164 97.64.209.37

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-04-12 22:22

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

Completion time: 2012-04-12 22:23:48

ComboFix-quarantined-files.txt 2012-04-13 03:23

ComboFix2.txt 2012-04-11 01:20

.

Pre-Run: 209,090,985,984 bytes free

Post-Run: 210,822,176,768 bytes free

.

- - End Of File - - 302B50DD5D5860F1C2DA7962752319C1

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.