# Can not connect to internet after virus/malware removal



## MrWmnHtr (Feb 18, 2010)

Hello and Thank you in advance,

I am working on a friends computer. A custom build:  
*Elitegroup Motherboard 945GZT-M * 
*Windows XP Home Version 2002 SP3 32bit. * 
*Network Adapter RealTek RTL8139/810x Family Fast Ethernet NIC*

The complaint was running too slow. Last year I had installed anti-virus and anti-malware programs as it had none. During the past year he had not updated or ran any of these tools. I didn't want to go through the hassle of connecting him to my network so I downloaded tools and transferred them via flash drive. *Avast* found about 319 infections, *Malwarebytes* found about 7 infections, *SuperAntiSpyware* found about a couple of hundred infections, mostly tracking cookies. System restore had been disabled. (I have scan logs.) I was able to run these in safe mode. 

I sent it home with him and instructed him to update all the software and definitions and run them again. 

He couldn't get it to connect to the internet. I got it back and I couldn't get it to connect either. Now I can not get to the selective start up screen. F8 does not get me there. Shutting down with the power button will not bring up on start up.

The Network Connections Status\Support Tab\Details: Show no information.  
IPCONFIG /All showed no information.  
IPS (Qwest) could see the computer but couldn't ping.  
Device manager said everything was working properly except under hidden devices.  
The *keyboard, Zune Bus Enumerator Driver, and Parport. *Either not present or not working. *Code 24 on all.*

I read somewhere that some network files may have been infected by malware and may have been deleted with all the other infected malware files. 

At one point I manually went through the Services and set each one to start automatically. That didn't work so I used system restore and set it back the way I found it. (It also set the system restore to off again.)

I had numerous errors. (In no particular order.)

*Error loading C:\Program Files\Common Files\Paretologic\UUS2\UUS.dll*
Module could not be found.

*Repair Local Area Connection*
Windows could not finish repairing because the following action could not be completed. Failed to query TCP/IP settings of the connection. Can not proceed.

*Windows Firewall Settings* could not be displayed because the associated service is not running. Do you want to start the Windows Firewall/Internet Connection Sharing (ICS) service? YES Windows can not start the Windows Firewall/Internet Connection Sharing (ICS) service. (This lead me to starting all the services.)

*Windows Firewall/Internet Connection Service (WF/ICS) Error 10050*
A socket operation encountered a dead network.
*(IPSEC Service, Net Logon Service* also had this error code.)

*TCP/IP NetBios Error 1075*
The Dependency service does not exist or is marked for deletion.  
(*DHCP Client service, Network Location Awareness Service, QoS RSVP Service* also had this error code.)

*Application Management service Error 126*
Module could not be found.

*Uninterruptible Power Supply Error 2481*
The UPS service is not configured properly

My Modem/Router: Actiontec PK5000

*New Broadband connection. Connecting through WAN (PPPOE) Error 678 * 
Remote computer did not respond.

*Qwest Broadband Software Error QC4010*
Attempts to Ping IP address (192.168.0.1) have failed. 

*I have done or attempted these things:*
Network cable checked.
The modem is not disabled.
The modem drivers are updated.
Spyware has been removed.
Winsock could not be repaired or reset.
IP could not be reset.
No Third-party firewall software installed.
Removed temp files in Windows, IE and Firefox
Attempted to renew IP address.
Could not connect to internet in safe mode.
Ran Disk Clean.
Ran Disk Check.
Defragged.

He had no recovery disks so I used the Windows install disk to attempt repairs but it wanted the admin password. He said he didn't have one. I ran a well known password cracker (OPH....) and it found no passwords. So repair was incomplete. 

What do I do now?

Randy

If necessary, please repost this in the appropriate section.


----------



## etaf (Oct 2, 2003)

i think this should be in the virus malware section - so i have moved 

it may take 48 hours to get a reply from that very busy forum , if you do not get a reply in that time - post another reply yourself with the word "bump" that will bring the thread to the top of the forum again


----------



## MrWmnHtr (Feb 18, 2010)

bump (following instructions from etaf)


----------



## Cookiegal (Aug 27, 2003)

You can transfer the following using a USB flash drive.

Please download DDS by sUBs to your desktop from one of the following locations:

http://download.bleepingcomputer.com/sUBs/dds.scr
http://www.forospyware.com/sUBs/dds

Double-click the DDS.scr to run the tool.

When DDS has finished scanning, it will open two logs named as follows:

DDS.txt
Attach.txt

Save them both to your desktop. Copy and paste the contents of the DDS.txt and Attach.txt files in your reply please.

Also, please do this:

Please download *Farbar Service Scanner* and transfer it to the desktop of the computer with the issue.
Make sure only the following option is checked:
*Internet Services*

Press "*Scan*".
It will create a log (FSS.txt) in the same directory the tool is run (which should be on the desktop.)
Please copy and paste the log to your reply.


----------



## MrWmnHtr (Feb 18, 2010)

.
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Run by Jeff Miller at 11:52:49 on 2012-05-23
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.myqwest.com/
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10x_ActiveX.exe -update activex
uPolicies-explorer: NoInstrumentation = 1 (0x1)
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\jeff miller\start menu\programs\imvu\Run IMVU.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{B25A628B-D575-4684-9CB1-022D558DA08E} : NameServer = 205.171.3.65
TCP: Interfaces\{B25A628B-D575-4684-9CB1-022D558DA08E} : DhcpNameServer = 192.168.0.1 205.171.3.25
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jeff miller\application data\mozilla\firefox\profiles\mnjbclzh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&searchfor=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 51677
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\program files\pc tools security\bdt\firefox\platform\winnt_x86-msvc\components\libheuristic.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Tamil Spell Checker for Firefox: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Toolbar Buttons: {03B08592-E5B4-45ff-A0BE-C1D975458688} - %profile%\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Browser Defender Toolbar: {cb84136f-9c44-433a-9048-c5cd9df1dc16} - c:\program files\pc tools security\bdt\Firefox
FF - Ext: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\firefox\Ext
FF - Ext: avast! WebRep: [email protected] - c:\program files\avast software\avast\webrep\FF
.
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-05-18 14:00:54 -------- d-----w- c:\windows\XSxS
2012-05-18 14:00:54 -------- d-----w- c:\program files\Xenocode
2012-05-18 10:11:46 46976 ----a-w- c:\windows\system32\drivers\R8139n51.sys
2012-05-18 08:05:42 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-05-18 08:05:42 -------- d-----w- c:\windows\system32\wbem\Repository
2012-05-17 00:25:33 -------- d-----w- c:\windows\system32\NtmsData
2012-05-16 18:31:32 -------- d-----w- c:\windows\OPTIONS
2012-05-16 18:24:57 21736 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2012-05-16 02:56:25 -------- d-----w- c:\documents and settings\jeff miller\local settings\application data\Xenocode
2012-05-11 07:31:24 -------- d-----w- c:\documents and settings\all users.windows\application data\WEBREG
2012-05-09 23:02:02 21336 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-05-08 20:04:25 -------- d-----w- c:\documents and settings\all users.windows\application data\IObit
2012-05-08 19:58:29 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-05-08 19:57:40 41184 ----a-w- c:\windows\avastSS.scr
2012-05-08 19:57:16 -------- d-----w- c:\program files\AVAST Software
2012-05-08 19:57:16 -------- d-----w- c:\documents and settings\all users.windows\application data\AVAST Software
.
==================== Find3M ====================
.
2012-05-08 18:12:41 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-04-04 22:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-06 18:49:04 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 11:53:41.57 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
.
==== Disk Partitions =========================
.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.4
Advanced SystemCare 5
AiO_Scan
avast! Free Antivirus
Browser Defender 3.0
BufferChm
CameraDrivers
CameraReadme
Canon S750
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
DeviceDiscovery
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 8.0
HP Imaging Device Functions 9.0
HP Photosmart 8.0 Software
HP Photosmart Cameras 9.0
HP Photosmart Essential
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Product Assistant
HP Product Detection
HP PSC & OfficeJet 5.3.B
HP Solution Center 9.0
HP Update
hpicamDrvQFolder
HPProductAssistant
HPSSupply
InstantShareDevicesMFC
J2SE Runtime Environment 5.0 Update 1
Java Auto Updater
Java(TM) 6 Update 24
Lucent Technologies Soft Modem AMR
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Professional
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft WinUsb 1.0
Mozilla Firefox (3.6.27)
MSN
OpenOffice.org 3.1
PanoStandAlone
ps_app_ProductContext
ps_app_software
ps_app_software_req
PSSWCORE
Qwest Installer
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
RealUpgrade 1.1
SanctionedMedia
Scan
Secunia PSI (2.0.0.3003)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Smart Defrag 2
SolutionCenter
Status
SUPERAntiSpyware
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoToolkit01
W Photo Studio
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
.
==== End Of File ===========================

Farbar Service Scanner Version: 17-05-2012
Ran by Jeff Miller (administrator) on 23-05-2012 at 19:46:13
Running from "F:\"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is set to Disabled. The default start type is Auto.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is set to Disabled. The default start type is Auto.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open afd registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open afd registry key. The service key does not exist.

NetBt Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open NetBt registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open NetBt registry key. The service key does not exist.

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Yahoo IP returned error: Yahoo IP is unreachable

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2004-08-04 05:00] - [2008-10-16 07:43] - 0138496 ____A (Microsoft Corporation) 7618D5218F2A614672EC61A80D854A37

ATTENTION!=====> C:\WINDOWS\system32\Drivers\netbt.sys FILE IS MISSING AND SHOULD BE RESTORED.

C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(8) Gpc(3) IPSec(5) PSched(7) Tcpip(4) 
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****


----------



## Cookiegal (Aug 27, 2003)

Download the tools needed to a flash drive or other removable media, and transfer them to the infected computer.

***************************************************

Download ComboFix from one of these locations:

*Link 1*
*Link 2*

--------------------------------------------------------------------

With malware infections being as they are today, it's strongly recommended to have the Windows Recovery Console pre-installed on your machine before doing any malware removal.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Go to Microsoft's website => http://support.microsoft.com/kb/310994

Scroll down to *Step 1*, and select the download that's appropriate for your Operating System. Download the file & save it as it's originally named.

* Note: If you have SP3, use the SP2 package.*

---------------------------------------------------------------------

Transfer all files you just downloaded, to the desktop of the infected computer.

--------------------------------------------------------------------

*Disable your anti-Virus and anti-spyware applications*, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.











Drag the setup package onto ComboFix.exe and drop it.

Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.










At the next prompt, click 'Yes' to run the full ComboFix scan.

When the tool is finished, it will produce a report for you.
Please post the *C:\ComboFix.txt* in your next reply.


----------



## MrWmnHtr (Feb 18, 2010)

Thank you CookieGal,

I downloaded the two files and placed them on a flash drive to transfer to the infected machine. The computer would not recognize the flash drive. I checked the Device Manager and it was empty. I went to Services and reset the Plug and Play service to automatic and started the service. Device Manager was populated again. And the computer recognized the flash drive.

Avast had no way to shut it down. I went to Services to disable it but it would not allow me to. I attempted to shut it down through the Task Manager without success. I disabled the service and it's start-up in the Configuration Utility. Restarted the machine and on start-up Avast was still running. I uninstalled Avast. (Anything that limits my control is malware as far as I'm concerned.)

The Recovery Console install was successful.

Combo Fix found a Rootkit infection. Zero (Point?) Access. I should have written it down but I was expecting a log file. It also said I should be able to connect to the internet and if I can't to run Combo Fix again. Combo fix wanted to restart. I let it restart. And it started to auto scan. When the scan was complete Combo Fix restarted the computer again. Prepared log file.

I HAVE NOT attempted to connect to the internet. I am waiting for your instructions. Combo Fix log file follows.

ComboFix 12-05-24.03 - Jeff Miller 05/24/2012 22:14:35.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1760 [GMT -7:00]
Running from: c:\documents and settings\Jeff Miller\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Jeff Miller\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
c:\documents and settings\All Users.WINDOWS\Application Data\TEMP\DFC5A2B2.TMP
c:\documents and settings\Jeff Miller\Application Data\PriceGong
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Jeff Miller\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Jeff\WINDOWS
c:\program files\LP
c:\program files\LP\A795\1.tmp
c:\program files\LP\A795\10.tmp
c:\program files\LP\A795\11.tmp
c:\program files\LP\A795\12.tmp
c:\program files\LP\A795\126.tmp
c:\program files\LP\A795\13.tmp
c:\program files\LP\A795\13F.tmp
c:\program files\LP\A795\14.tmp
c:\program files\LP\A795\15.tmp
c:\program files\LP\A795\151.tmp
c:\program files\LP\A795\152.tmp
c:\program files\LP\A795\155.tmp
c:\program files\LP\A795\16.tmp
c:\program files\LP\A795\17.tmp
c:\program files\LP\A795\18.tmp
c:\program files\LP\A795\19.tmp
c:\program files\LP\A795\1A.tmp
c:\program files\LP\A795\1B.tmp
c:\program files\LP\A795\1BE.tmp
c:\program files\LP\A795\1C.tmp
c:\program files\LP\A795\1C9.tmp
c:\program files\LP\A795\1D.tmp
c:\program files\LP\A795\1E.tmp
c:\program files\LP\A795\1F.tmp
c:\program files\LP\A795\2.tmp
c:\program files\LP\A795\20.tmp
c:\program files\LP\A795\21.tmp
c:\program files\LP\A795\22.tmp
c:\program files\LP\A795\23.tmp
c:\program files\LP\A795\24.tmp
c:\program files\LP\A795\25.tmp
c:\program files\LP\A795\25B.tmp
c:\program files\LP\A795\26.tmp
c:\program files\LP\A795\27.tmp
c:\program files\LP\A795\272.tmp
c:\program files\LP\A795\27B.tmp
c:\program files\LP\A795\28.tmp
c:\program files\LP\A795\282.tmp
c:\program files\LP\A795\284.tmp
c:\program files\LP\A795\28E.tmp
c:\program files\LP\A795\29.tmp
c:\program files\LP\A795\2A.tmp
c:\program files\LP\A795\2B.tmp
c:\program files\LP\A795\2B9.tmp
c:\program files\LP\A795\2BF.tmp
c:\program files\LP\A795\2C.tmp
c:\program files\LP\A795\2C3.tmp
c:\program files\LP\A795\2D.tmp
c:\program files\LP\A795\2E.tmp
c:\program files\LP\A795\2F.tmp
c:\program files\LP\A795\2F0.tmp
c:\program files\LP\A795\2F3.tmp
c:\program files\LP\A795\2F4.tmp
c:\program files\LP\A795\3.tmp
c:\program files\LP\A795\30.tmp
c:\program files\LP\A795\304.tmp
c:\program files\LP\A795\30D.tmp
c:\program files\LP\A795\30E.tmp
c:\program files\LP\A795\30F.tmp
c:\program files\LP\A795\31.tmp
c:\program files\LP\A795\32.tmp
c:\program files\LP\A795\32A.tmp
c:\program files\LP\A795\33.tmp
c:\program files\LP\A795\331.tmp
c:\program files\LP\A795\332.tmp
c:\program files\LP\A795\333.tmp
c:\program files\LP\A795\334.tmp
c:\program files\LP\A795\34.tmp
c:\program files\LP\A795\35.tmp
c:\program files\LP\A795\359.tmp
c:\program files\LP\A795\35A.tmp
c:\program files\LP\A795\35C.tmp
c:\program files\LP\A795\35D.tmp
c:\program files\LP\A795\35E.tmp
c:\program files\LP\A795\35F.tmp
c:\program files\LP\A795\36.tmp
c:\program files\LP\A795\37.tmp
c:\program files\LP\A795\38.tmp
c:\program files\LP\A795\38F.tmp
c:\program files\LP\A795\39.tmp
c:\program files\LP\A795\392.tmp
c:\program files\LP\A795\3A.tmp
c:\program files\LP\A795\3A2.tmp
c:\program files\LP\A795\3B.tmp
c:\program files\LP\A795\3C.tmp
c:\program files\LP\A795\3D.tmp
c:\program files\LP\A795\3E.tmp
c:\program files\LP\A795\3F.tmp
c:\program files\LP\A795\4.tmp
c:\program files\LP\A795\40.tmp
c:\program files\LP\A795\41.tmp
c:\program files\LP\A795\42.tmp
c:\program files\LP\A795\43.tmp
c:\program files\LP\A795\44.tmp
c:\program files\LP\A795\45.tmp
c:\program files\LP\A795\46.tmp
c:\program files\LP\A795\464.tmp
c:\program files\LP\A795\47.tmp
c:\program files\LP\A795\48.tmp
c:\program files\LP\A795\49.tmp
c:\program files\LP\A795\4A.tmp
c:\program files\LP\A795\4B.tmp
c:\program files\LP\A795\4C.tmp
c:\program files\LP\A795\4D.tmp
c:\program files\LP\A795\4E.tmp
c:\program files\LP\A795\4F.tmp
c:\program files\LP\A795\5.tmp
c:\program files\LP\A795\50.tmp
c:\program files\LP\A795\500.tmp
c:\program files\LP\A795\51.tmp
c:\program files\LP\A795\52.tmp
c:\program files\LP\A795\53.tmp
c:\program files\LP\A795\54.tmp
c:\program files\LP\A795\55.tmp
c:\program files\LP\A795\56.tmp
c:\program files\LP\A795\57.tmp
c:\program files\LP\A795\573.tmp
c:\program files\LP\A795\58.tmp
c:\program files\LP\A795\59.tmp
c:\program files\LP\A795\5A.tmp
c:\program files\LP\A795\5A3.tmp
c:\program files\LP\A795\5E1.tmp
c:\program files\LP\A795\5E2.tmp
c:\program files\LP\A795\5E3.tmp
c:\program files\LP\A795\5E4.tmp
c:\program files\LP\A795\5E5.tmp
c:\program files\LP\A795\6.tmp
c:\program files\LP\A795\615.tmp
c:\program files\LP\A795\62.tmp
c:\program files\LP\A795\671.tmp
c:\program files\LP\A795\67A.tmp
c:\program files\LP\A795\69.tmp
c:\program files\LP\A795\6FB.tmp
c:\program files\LP\A795\7.tmp
c:\program files\LP\A795\7A3.tmp
c:\program files\LP\A795\8.tmp
c:\program files\LP\A795\808.tmp
c:\program files\LP\A795\88B.tmp
c:\program files\LP\A795\8A.tmp
c:\program files\LP\A795\8B.tmp
c:\program files\LP\A795\8D.tmp
c:\program files\LP\A795\8E.tmp
c:\program files\LP\A795\8F.tmp
c:\program files\LP\A795\9.tmp
c:\program files\LP\A795\90.tmp
c:\program files\LP\A795\91.tmp
c:\program files\LP\A795\92.tmp
c:\program files\LP\A795\93.tmp
c:\program files\LP\A795\94.tmp
c:\program files\LP\A795\9C1.tmp
c:\program files\LP\A795\A.tmp
c:\program files\LP\A795\B.tmp
c:\program files\LP\A795\B1.tmp
c:\program files\LP\A795\B2.tmp
c:\program files\LP\A795\B3.tmp
c:\program files\LP\A795\B4.tmp
c:\program files\LP\A795\C.tmp
c:\program files\LP\A795\C2.tmp
c:\program files\LP\A795\D.tmp
c:\program files\LP\A795\D8.tmp
c:\program files\LP\A795\D9.tmp
c:\program files\LP\A795\E.tmp
c:\program files\LP\A795\F.tmp
c:\program files\TelevisionFanatic
c:\program files\TelevisionFanatic\bar\Message\COMMON\8_step1.gif
c:\program files\TelevisionFanatic\bar\Message\COMMON\index.htm
c:\program files\TelevisionFanatic\bar\Message\COMMON\rebut4b.htm
c:\program files\TelevisionFanatic\bar\Message\COMMON\shield.png
c:\program files\TelevisionFanaticEI
c:\windows\$NtUninstallKB833$
c:\windows\$NtUninstallKB833$\2803979166
c:\windows\$NtUninstallKB833$\4195678549\@
c:\windows\$NtUninstallKB833$\4195678549\cfg.ini
c:\windows\$NtUninstallKB833$\4195678549\Desktop.ini
c:\windows\$NtUninstallKB833$\4195678549\L\yeurmamn
c:\windows\desktop
c:\windows\system32\dds_trash_log.cmd
c:\windows\XSxS
.
c:\windows\system32\drivers\netbt.sys was missing 
Restored copy from - c:\windows\ServicePackFiles\i386\netbt.sys
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_6TO4
-------\Service_6to4
.
.
((((((((((((((((((((((((( Files Created from 2012-04-25 to 2012-05-25 )))))))))))))))))))))))))))))))
.
.
2012-05-25 05:26 . 2008-04-13 19:21 162816 -c--a-w- c:\windows\system32\dllcache\netbt.sys
2012-05-25 05:26 . 2008-04-13 19:21 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-05-19 08:38 . 2012-05-19 08:39 -------- d-----w- c:\documents and settings\servicetech
2012-05-18 14:00 . 2012-05-18 14:00 -------- d-----w- c:\program files\Xenocode
2012-05-18 10:11 . 2003-06-23 02:57 46976 ----a-w- c:\windows\system32\drivers\R8139n51.sys
2012-05-18 08:05 . 2012-05-18 08:05 -------- d-----w- c:\windows\system32\wbem\Repository
2012-05-18 08:03 . 2012-05-18 08:03 -------- d-----w- c:\documents and settings\Jeff Miller\Application Data\InstallShield
2012-05-17 00:25 . 2012-05-17 01:14 -------- d-----w- c:\windows\system32\NtmsData
2012-05-16 18:31 . 2012-05-16 18:31 -------- d-----w- c:\windows\OPTIONS
2012-05-16 18:24 . 2011-11-24 18:37 21736 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2012-05-16 02:56 . 2012-05-16 02:56 -------- d-----w- c:\documents and settings\Jeff Miller\Local Settings\Application Data\Xenocode
2012-05-11 07:31 . 2012-05-11 07:31 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\WEBREG
2012-05-09 23:02 . 2012-02-23 21:25 21336 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-05-09 02:43 . 2012-05-18 08:05 -------- d-----w- c:\documents and settings\Administrator.JEFF-2E0A22FF48
2012-05-08 20:04 . 2012-05-08 20:04 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\IObit
2012-05-08 19:57 . 2012-05-25 04:28 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\AVAST Software
2012-05-08 19:57 . 2012-05-08 19:57 -------- d-----w- c:\program files\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 22:56 . 2011-05-29 13:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-08 19:52 . 2012-03-08 19:52 664 -c--a-w- c:\documents and settings\NetworkService.NT AUTHORITY.000\Local Settings\Application Data\d3d9caps.tmp
2012-03-06 18:49 . 2011-05-20 23:07 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe" [2011-09-27 243360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-26 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office Fast Start.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Fast Start.lnk
backup=c:\windows\pss\Microsoft Office Fast Start.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office Find Fast Indexer.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Find Fast Indexer.lnk
backup=c:\windows\pss\Microsoft Office Find Fast Indexer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office Shortcut Bar.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Shortcut Bar.lnk
backup=c:\windows\pss\Microsoft Office Shortcut Bar.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
backup=c:\windows\pss\Secunia PSI Tray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jeff Miller^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\documents and settings\Jeff Miller\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jeff Miller^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
path=c:\documents and settings\Jeff Miller\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
2012-03-07 01:39 574296 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-04 01:43 69632 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-12 04:34 49152 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTools FGuard]
2011-01-07 21:54 108496 ----a-w- c:\program files\PC Tools Security\BDT\FGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QwestTouchPointAgent]
2010-08-27 04:59 45992 ----a-w- c:\program files\Qwest\Desktop\QwestTouchPointAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2005-09-22 20:36 14854144 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 21:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-02-05 05:51 4617600 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-10-29 20:01 273528 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"ZuneNetworkSvc"=3 (0x3)
"TelevisionFanaticService"=2 (0x2)
"AdvancedSystemCareService"=2 (0x2)
"xmlprov"=3 (0x3)
"WZCSVC"=2 (0x2)
"WudfSvc"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"WmiApSrv"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"winmgmt"=2 (0x2)
"WebClient"=3 (0x3)
"W32Time"=2 (0x2)
"VSS"=3 (0x3)
"UPS"=3 (0x3)
"upnphost"=3 (0x3)
"TrkWks"=3 (0x3)
"Themes"=2 (0x2)
"TermService"=3 (0x3)
"TapiSrv"=3 (0x3)
"SysmonLog"=3 (0x3)
"SwPrv"=3 (0x3)
"stisvc"=2 (0x2)
"SSDPSRV"=3 (0x3)
"srservice"=2 (0x2)
"Spooler"=2 (0x2)
"ShellHWDetection"=2 (0x2)
"SharedAccess"=2 (0x2)
"SENS"=2 (0x2)
"Secunia Update Agent"=2 (0x2)
"Secunia PSI Agent"=2 (0x2)
"seclogon"=2 (0x2)
"Schedule"=2 (0x2)
"SCardSvr"=3 (0x3)
"SamSs"=2 (0x2)
"RSVP"=3 (0x3)
"RemoteAccess"=3 (0x3)
"RDSessMgr"=3 (0x3)
"RasMan"=3 (0x3)
"RasAuto"=3 (0x3)
"ProtectedStorage"=2 (0x2)
"PolicyAgent"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"PlugPlay"=2 (0x2)
"NtmsSvc"=3 (0x3)
"NtLmSsp"=3 (0x3)
"Nla"=3 (0x3)
"NetTcpPortSharing"=3 (0x3)
"Netman"=2 (0x2)
"Netlogon"=3 (0x3)
"NetDDEdsdm"=3 (0x3)
"NetDDE"=3 (0x3)
"Net Driver HPZ12"=2 (0x2)
"napagent"=3 (0x3)
"MSIServer"=3 (0x3)
"MSDTC"=3 (0x3)
"mnmsrvc"=3 (0x3)
"Messenger"=3 (0x3)
"LmHosts"=2 (0x2)
"lanmanworkstation"=2 (0x2)
"lanmanserver"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"ImapiService"=3 (0x3)
"idsvc"=3 (0x3)
"HTTPFilter"=3 (0x3)
"hpqddsvc"=2 (0x2)
"hpqcxs08"=3 (0x3)
"hkmsvc"=3 (0x3)
"HidServ"=2 (0x2)
"helpsvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"Freedom"=2 (0x2)
"FontCache3.0.0.0"=3 (0x3)
"FastUserSwitchingCompatibility"=3 (0x3)
"EventSystem"=3 (0x3)
"Eventlog"=2 (0x2)
"ERSvc"=2 (0x2)
"EapHost"=3 (0x3)
"Dot3svc"=3 (0x3)
"Dnscache"=2 (0x2)
"dmserver"=3 (0x3)
"dmadmin"=3 (0x3)
"Dhcp"=2 (0x2)
"CryptSvc"=3 (0x3)
"COMSysApp"=3 (0x3)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"ClipSrv"=3 (0x3)
"CiSvc"=3 (0x3)
"Browser Defender Update Service"=2 (0x2)
"Browser"=2 (0x2)
"BITS"=2 (0x2)
"avast! Antivirus"=2 (0x2)
"AudioSrv"=2 (0x2)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"ALG"=3 (0x3)
"Alerter"=3 (0x3)
"AdvancedSystemCareService5"=2 (0x2)
"6to4"=2 (0x2)
"!SASCORE"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [3/28/2011 12:41 AM 13496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/17/2010 11:25 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67664]
R3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [10/1/2009 7:04 AM 802683]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 1:30 AM 15544]
S4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [6/29/2010 10:48 AM 116608]
S4 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [5/8/2012 1:04 PM 913752]
S4 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [3/27/2011 9:35 PM 337872]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/2/2010 9:19 AM 135664]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/2/2010 9:19 AM 135664]
S4 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [4/18/2011 11:44 PM 993848]
S4 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [4/18/2011 11:44 PM 399416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
NecUsbSevice REG_MULTI_SZ NecUsb
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Freedom
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 16:19]
.
2012-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 16:19]
.
2012-05-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 20:40]
.
2012-05-16 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 20:40]
.
2012-05-18 c:\windows\Tasks\WebReg Photosmart A440 series.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2007-03-12 04:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.myqwest.com/
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Jeff Miller\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{B25A628B-D575-4684-9CB1-022D558DA08E}: NameServer = 205.171.3.65
FF - ProfilePath - c:\documents and settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&searchfor=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 51677
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Tamil Spell Checker for Firefox: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Toolbar Buttons: {03B08592-E5B4-45ff-A0BE-C1D975458688} - %profile%\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Browser Defender Toolbar: {cb84136f-9c44-433a-9048-c5cd9df1dc16} - c:\program files\PC Tools Security\BDT\Firefox
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
MSConfigStartUp-Advanced SystemCare 4 - c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe
MSConfigStartUp-ISTray - c:\program files\Spyware Doctor\pctsTray.exe
MSConfigStartUp-SelectRebates - c:\program files\SelectRebates\SelectRebates.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSConfigStartUp-Zune Launcher - c:\program files\Zune\ZuneLauncher.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-24 22:29
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,35,b4,b2,63,08,b7,45,bc,60,ad,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,35,b4,b2,63,08,b7,45,bc,60,ad,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(456)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(1804)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-05-24 22:33:42 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-25 05:33
.
Pre-Run: 118,767,267,840 bytes free
Post-Run: 119,515,181,056 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 6F46F9C641F80EDF718CEE1541D71DB1


----------



## Cookiegal (Aug 27, 2003)

Open Notepad and copy and paste the text in the code box below into it:


```
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
"NecUsbSevice"=-

Firefox::
FF - ProfilePath - c:\documents and settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\
F - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&s earchfor=
FF - prefs.js: network.proxy.http_port - 51677
```
Save the file to your desktop and name it CFScript.txt

Referring to the picture below, drag CFScript.txt into ComboFix.exe










This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.

*Note: These instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system.*

After doing the above, let me know if you can connect to the Internet please.


----------



## MrWmnHtr (Feb 18, 2010)

Hi CookieGal,

I dropped the text file onto ComboFix and I got this message: Combo Fix has found the following real time scanners to be active: Avast Anti-virus. *I uninstalled that program yesterday.* I checked the Services, Task Manager, and the Configuration Utitily and found no Avast services. It was not in Add and Remove Programs. So I went to Program Files and deleted the Avast Folder. Then ran Combo Fix.

I had no Network Connections. I checked Device Manager and it showed the Network Adapter was working properly. I started the Qwest Install Disk. I got Qwest Broadband Software Error QC4010
Attempts to Ping IP address (192.168.0.1) have failed.

I attempted to use the Network Setup Wizard but it wouldn't open. I attempted to set up a connection manually and it said the connection should be setup but it didn't do anything.

I opened the Configuration Utility\Services Tab and all the services were unchecked. I enabled all, hid all Microsoft Services and unchecked the remaining services. I left all Startups unchecked. I restarted the computer. I tried the Network Startup Wizard again and it wouldn't open.

I opened the Configuration Utility\Services Tab and all the services were unchecked. EXCEPT; *DCOM Server Process Launcher, Net. Tcp Port Sharing, Remote Procedure Call (RPC) Locator, Remote Procedure Call (RPC), wscsvc, Automatic Updates.* Just these 6 services were checked. (These may have been checked the last first time. I did not scroll down the first time.) I went to the General Tab and selected the Normal Startup and restarted the computer.

Now I have 2 entries in the Network Connections. I have Connection Manager; MSN Disconnected, Firewalled Samsung LT56ADW Modem. And LAN or High Speed Internet; Local Area Connection 2 Connected, Firewalled Realtek RTL8139/810x Family. In Local Area Connection 2 Status\Support Tab there is no information. I clicked Repair and got the same message as before: Failed to query TCP/IP settings of the connection. Can not proceed.

I started the Qwest Installation Software again and this time it said "It appears you computer is not connected to the internet. Please check your modem connections. If the Internet light is green, click the retry button." The Power, DSL and Internet lights are all green and my computers internet connection is working fine. That's how I am doing this.

I shut down my computer, the infected computer, and the modem. I unplugged the ethernet cables from both computers and switched them, again. (Just to be positive that I didn't have a bad cable.) I attempted to run the Qwest software again. Got the same message as above, "It appears you computer is not connected to the internet. Please check your modem connections. If the Internet light is green, click the retry button."

That was the long story. The short story is that I can not connect to the internet.

ComboFix 12-05-24.03 - Jeff Miller 05/25/2012 16:34:16.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1751 [GMT -7:00]
Running from: c:\documents and settings\Jeff Miller\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Jeff Miller\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2012-04-25 to 2012-05-25 )))))))))))))))))))))))))))))))
.
.
2012-05-25 05:26 . 2008-04-13 19:21 162816 -c--a-w- c:\windows\system32\dllcache\netbt.sys
2012-05-25 05:26 . 2008-04-13 19:21 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-05-19 08:38 . 2012-05-19 08:39 -------- d-----w- c:\documents and settings\servicetech
2012-05-18 14:00 . 2012-05-18 14:00 -------- d-----w- c:\program files\Xenocode
2012-05-18 10:11 . 2003-06-23 02:57 46976 ----a-w- c:\windows\system32\drivers\R8139n51.sys
2012-05-18 08:05 . 2012-05-18 08:05 -------- d-----w- c:\windows\system32\wbem\Repository
2012-05-18 08:03 . 2012-05-18 08:03 -------- d-----w- c:\documents and settings\Jeff Miller\Application Data\InstallShield
2012-05-17 00:25 . 2012-05-17 01:14 -------- d-----w- c:\windows\system32\NtmsData
2012-05-16 18:31 . 2012-05-16 18:31 -------- d-----w- c:\windows\OPTIONS
2012-05-16 18:24 . 2011-11-24 18:37 21736 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2012-05-16 02:56 . 2012-05-16 02:56 -------- d-----w- c:\documents and settings\Jeff Miller\Local Settings\Application Data\Xenocode
2012-05-11 07:31 . 2012-05-11 07:31 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\WEBREG
2012-05-09 23:02 . 2012-02-23 21:25 21336 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-05-09 02:43 . 2012-05-18 08:05 -------- d-----w- c:\documents and settings\Administrator.JEFF-2E0A22FF48
2012-05-08 20:04 . 2012-05-08 20:04 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\IObit
2012-05-08 19:57 . 2012-05-25 04:28 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 22:56 . 2011-05-29 13:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-08 19:52 . 2012-03-08 19:52 664 -c--a-w- c:\documents and settings\NetworkService.NT AUTHORITY.000\Local Settings\Application Data\d3d9caps.tmp
2012-03-06 18:49 . 2011-05-20 23:07 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe" [2011-09-27 243360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-26 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office Fast Start.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Fast Start.lnk
backup=c:\windows\pss\Microsoft Office Fast Start.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office Find Fast Indexer.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Find Fast Indexer.lnk
backup=c:\windows\pss\Microsoft Office Find Fast Indexer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office Shortcut Bar.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Shortcut Bar.lnk
backup=c:\windows\pss\Microsoft Office Shortcut Bar.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
backup=c:\windows\pss\Secunia PSI Tray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jeff Miller^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\documents and settings\Jeff Miller\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jeff Miller^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
path=c:\documents and settings\Jeff Miller\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
2012-03-07 01:39 574296 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-04 01:43 69632 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-12 04:34 49152 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTools FGuard]
2011-01-07 21:54 108496 ----a-w- c:\program files\PC Tools Security\BDT\FGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QwestTouchPointAgent]
2010-08-27 04:59 45992 ----a-w- c:\program files\Qwest\Desktop\QwestTouchPointAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2005-09-22 20:36 14854144 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 21:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-02-05 05:51 4617600 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-10-29 20:01 273528 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"ZuneNetworkSvc"=3 (0x3)
"TelevisionFanaticService"=2 (0x2)
"AdvancedSystemCareService"=2 (0x2)
"xmlprov"=3 (0x3)
"WZCSVC"=2 (0x2)
"WudfSvc"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"WmiApSrv"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"winmgmt"=2 (0x2)
"WebClient"=3 (0x3)
"W32Time"=2 (0x2)
"VSS"=3 (0x3)
"UPS"=3 (0x3)
"upnphost"=3 (0x3)
"TrkWks"=3 (0x3)
"Themes"=2 (0x2)
"TermService"=3 (0x3)
"TapiSrv"=3 (0x3)
"SysmonLog"=3 (0x3)
"SwPrv"=3 (0x3)
"stisvc"=2 (0x2)
"SSDPSRV"=3 (0x3)
"srservice"=2 (0x2)
"Spooler"=2 (0x2)
"ShellHWDetection"=2 (0x2)
"SharedAccess"=2 (0x2)
"SENS"=2 (0x2)
"Secunia Update Agent"=2 (0x2)
"Secunia PSI Agent"=2 (0x2)
"seclogon"=2 (0x2)
"Schedule"=2 (0x2)
"SCardSvr"=3 (0x3)
"SamSs"=2 (0x2)
"RSVP"=3 (0x3)
"RemoteAccess"=3 (0x3)
"RDSessMgr"=3 (0x3)
"RasMan"=3 (0x3)
"RasAuto"=3 (0x3)
"ProtectedStorage"=2 (0x2)
"PolicyAgent"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"PlugPlay"=2 (0x2)
"NtmsSvc"=3 (0x3)
"NtLmSsp"=3 (0x3)
"Nla"=3 (0x3)
"NetTcpPortSharing"=3 (0x3)
"Netman"=2 (0x2)
"Netlogon"=3 (0x3)
"NetDDEdsdm"=3 (0x3)
"NetDDE"=3 (0x3)
"Net Driver HPZ12"=2 (0x2)
"napagent"=3 (0x3)
"MSIServer"=3 (0x3)
"MSDTC"=3 (0x3)
"mnmsrvc"=3 (0x3)
"Messenger"=3 (0x3)
"LmHosts"=2 (0x2)
"lanmanworkstation"=2 (0x2)
"lanmanserver"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"ImapiService"=3 (0x3)
"idsvc"=3 (0x3)
"HTTPFilter"=3 (0x3)
"hpqddsvc"=2 (0x2)
"hpqcxs08"=3 (0x3)
"hkmsvc"=3 (0x3)
"HidServ"=2 (0x2)
"helpsvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"Freedom"=2 (0x2)
"FontCache3.0.0.0"=3 (0x3)
"FastUserSwitchingCompatibility"=3 (0x3)
"EventSystem"=3 (0x3)
"Eventlog"=2 (0x2)
"ERSvc"=2 (0x2)
"EapHost"=3 (0x3)
"Dot3svc"=3 (0x3)
"Dnscache"=2 (0x2)
"dmserver"=3 (0x3)
"dmadmin"=3 (0x3)
"Dhcp"=2 (0x2)
"CryptSvc"=3 (0x3)
"COMSysApp"=3 (0x3)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"ClipSrv"=3 (0x3)
"CiSvc"=3 (0x3)
"Browser Defender Update Service"=2 (0x2)
"Browser"=2 (0x2)
"BITS"=2 (0x2)
"avast! Antivirus"=2 (0x2)
"AudioSrv"=2 (0x2)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"ALG"=3 (0x3)
"Alerter"=3 (0x3)
"AdvancedSystemCareService5"=2 (0x2)
"6to4"=2 (0x2)
"!SASCORE"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [3/28/2011 12:41 AM 13496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/17/2010 11:25 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67664]
R3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [10/1/2009 7:04 AM 802683]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 1:30 AM 15544]
S4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [6/29/2010 10:48 AM 116608]
S4 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [5/8/2012 1:04 PM 913752]
S4 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [3/27/2011 9:35 PM 337872]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/2/2010 9:19 AM 135664]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/2/2010 9:19 AM 135664]
S4 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [4/18/2011 11:44 PM 993848]
S4 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [4/18/2011 11:44 PM 399416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Freedom
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 16:19]
.
2012-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 16:19]
.
2012-05-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 20:40]
.
2012-05-16 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 20:40]
.
2012-05-18 c:\windows\Tasks\WebReg Photosmart A440 series.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2007-03-12 04:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.myqwest.com/
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Jeff Miller\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{B25A628B-D575-4684-9CB1-022D558DA08E}: NameServer = 205.171.3.65
FF - ProfilePath - c:\documents and settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&searchfor=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Tamil Spell Checker for Firefox: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Toolbar Buttons: {03B08592-E5B4-45ff-A0BE-C1D975458688} - %profile%\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Browser Defender Toolbar: {cb84136f-9c44-433a-9048-c5cd9df1dc16} - c:\program files\PC Tools Security\BDT\Firefox
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-25 16:44
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,35,b4,b2,63,08,b7,45,bc,60,ad,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,35,b4,b2,63,08,b7,45,bc,60,ad,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(452)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\COMRes.dll
.
- - - - - - - > 'explorer.exe'(1704)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-05-25 16:46:27
ComboFix-quarantined-files.txt 2012-05-25 23:46
ComboFix2.txt 2012-05-25 05:33
.
Pre-Run: 119,524,470,784 bytes free
Post-Run: 119,505,743,872 bytes free
.
- - End Of File - - AB220FF6FBCEF42AFB1147C0F3364718


----------



## Cookiegal (Aug 27, 2003)

First, a couple of things I need to mention.

Please do not post in such a big font, there is no need for that. I've changed it back to the default size.

Also, please do not do things on your own. I just asked if you can connect to the Internet and didn't want you to go trying other things. I have no idea how what you have done will affect the outcome but I suppose we'll see. From now on, please just follow the instructions posted.

You will need to transfer this small program to the infected computer via USB flash drive.

Please download *Farbar Service Scanner* and transfer it to the desktop of the computer with the issue.
Make sure only the following option is checked:
*Internet Services*

Press "*Scan*".
It will create a log (FSS.txt) in the same directory the tool is run (which should be on the desktop.)
Please copy and paste the log to your reply.


----------



## MrWmnHtr (Feb 18, 2010)

Understood. (The only change I made to the computer was changing the Configuration Utitily from Selective Startup to Normal Startup.)

Farbar Service Scanner Version: 17-05-2012
Ran by Jeff Miller (administrator) on 26-05-2012 at 10:43:39
Running from "C:\Documents and Settings\Jeff Miller\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Yahoo IP returned error: Yahoo IP is unreachable

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2004-08-04 05:00] - [2008-10-16 07:43] - 0138496 ____A (Microsoft Corporation) 7618D5218F2A614672EC61A80D854A37

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(8) PSched(7) Tcpip(4) 
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.

**** End of log ****


----------



## Cookiegal (Aug 27, 2003)

Download *OTS.exe * to your Desktop. 

Close any open browsers.
If your Real protection or Antivirus interferes with OTS, allow it to run.
Double-click on *OTS.exe* to start the program.
Under the *Additional Scans *section put a check in the box next to Disabled MS Config Items, Drivers32, NetSvcs, SafeBoot Minimal and EventViewer logs (Last 10 errors)
Now click the *Run Scan *button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Save that notepad file.
Use the *Reply* button, scroll down to the attachments section and attach the notepad file here.


----------



## MrWmnHtr (Feb 18, 2010)

OTS.txt attached.


----------



## Cookiegal (Aug 27, 2003)

Start *OTS*. Copy/Paste the information in the code box below into the pane where it says *"Paste fix here"* and then click the "Run Fix" button.

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the OK button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new HijackThis log please.


```
[Kill All Processes]
[Unregister Dlls]
[Registry - Safe List]
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\FireFox\Profiles\mnjbclzh.default\prefs.js
YN -> keyword.URL -> "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&searchfor="
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "KernelFaultCheck" -> [%systemroot%\system32\dumprep 0 -k]
[Files/Folders - Created Within 30 Days]
NY ->  5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
NY ->  2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
[Files/Folders - Modified Within 30 Days]
NY ->  5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
NY ->  2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
[Files - No Company Name]
NY ->  onB86g2c.exe.d -> C:\Documents and Settings\All Users.WINDOWS\Application Data\onB86g2c.exe.d
NY ->  onB86g2c.exe_.b -> C:\Documents and Settings\All Users.WINDOWS\Application Data\onB86g2c.exe_.b
NY ->  onB86g2c.exe.b -> C:\Documents and Settings\All Users.WINDOWS\Application Data\onB86g2c.exe.b
NY ->  1R60gq.dat -> C:\Documents and Settings\All Users.WINDOWS\Application Data\1R60gq.dat
NY ->  pnpj1s003l1xv117t1640r0gbrbcx5j006406y1llq56wc -> C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\pnpj1s003l1xv117t1640r0gbrbcx5j006406y1llq56wc
NY ->  pnpj1s003l1xv117t1640r0gbrbcx5j006406y1llq56wc -> C:\Documents and Settings\All Users.WINDOWS\Application Data\pnpj1s003l1xv117t1640r0gbrbcx5j006406y1llq56wc
[Alternate Data Streams]
NY -> @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2
NY -> @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:430C6D84
[Empty Temp Folders]
[EmptyFlash]
[EmptyJava]
[Start Explorer]
[Reboot]
```


----------



## MrWmnHtr (Feb 18, 2010)

Good Morning CookieGal,

All Processes Killed
[Registry - Safe List]
Prefs.js: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&searchfor=" removed from keyword.URL
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
[Files/Folders - Created Within 30 Days]
C:\WINDOWS\002535_.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\ConduitEngine.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
[Files/Folders - Modified Within 30 Days]
[Files - No Company Name]
C:\Documents and Settings\All Users.WINDOWS\Application Data\onB86g2c.exe.d moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\onB86g2c.exe_.b moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\onB86g2c.exe.b moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\1R60gq.dat moved successfully.
C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\pnpj1s003l1xv117t1640r0gbrbcx5j006406y1llq56wc moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\pnpj1s003l1xv117t1640r0gbrbcx5j006406y1llq56wc moved successfully.
[Alternate Data Streams]
ADS C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMPFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:430C6D84 deleted successfully.
[Empty Temp Folders]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Administrator.JEFF-2E0A22FF48
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56468 bytes

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56468 bytes

User: Jeff
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78991 bytes
->Java cache emptied: 11452 bytes
->Flash cache emptied: 12035 bytes

User: Jeff Miller
->Temp folder emptied: 860724 bytes
->Temporary Internet Files folder emptied: 1006361 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 46892899 bytes
->Flash cache emptied: 761 bytes

User: Jeff1

User: jeffry
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78991 bytes
->Flash cache emptied: 535 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService.NT AUTHORITY.000
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 324060 bytes
->Flash cache emptied: 343 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 82566 bytes
->Flash cache emptied: 137782 bytes

User: servicetech
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56468 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 88128 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 11891785 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 59.00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.JEFF-2E0A22FF48
->Flash cache emptied: 0 bytes

User: All Users

User: All Users.WINDOWS

User: Default User

User: Default User.WINDOWS
->Flash cache emptied: 0 bytes

User: Jeff
->Flash cache emptied: 0 bytes

User: Jeff Miller
->Flash cache emptied: 0 bytes

User: Jeff1

User: jeffry
->Flash cache emptied: 0 bytes

User: LocalService

User: LocalService.NT AUTHORITY

User: LocalService.NT AUTHORITY.000
->Flash cache emptied: 0 bytes

User: NetworkService

User: NetworkService.NT AUTHORITY

User: NetworkService.NT AUTHORITY.000
->Flash cache emptied: 0 bytes

User: servicetech
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: Administrator

User: Administrator.JEFF-2E0A22FF48

User: All Users

User: All Users.WINDOWS

User: Default User

User: Default User.WINDOWS

User: Jeff
->Java cache emptied: 0 bytes

User: Jeff Miller
->Java cache emptied: 0 bytes

User: Jeff1

User: jeffry

User: LocalService

User: LocalService.NT AUTHORITY

User: LocalService.NT AUTHORITY.000

User: NetworkService

User: NetworkService.NT AUTHORITY

User: NetworkService.NT AUTHORITY.000
->Java cache emptied: 0 bytes

User: servicetech

Total Java Files Cleaned = 0.00 mb

< End of fix log >
OTS by OldTimer - Version 3.1.47.2 fix logfile created on 05272012_092331

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:30:24 AM, on 5/27/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\MSOffice\Office\MSOFFICE.EXE
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Documents and Settings\Jeff Miller\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myqwest.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QwestTouchPointAgent] "C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe" /autostart
O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe -update activex (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe -update activex (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Documents and Settings\Jeff Miller\Application Data\IMVUClient\IMVUQualityAgent.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office Fast Start.lnk = C:\MSOffice\Office\FASTBOOT.EXE
O4 - Global Startup: Microsoft Office Find Fast Indexer.lnk = C:\MSOffice\Office\FINDFAST.EXE
O4 - Global Startup: Microsoft Office Shortcut Bar.lnk = C:\MSOffice\Office\MSOFFICE.EXE
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jeff Miller\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B25A628B-D575-4684-9CB1-022D558DA08E}: NameServer = 205.171.3.65
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe

--
End of file - 8159 bytes


----------



## Cookiegal (Aug 27, 2003)

I assume you're still unable to connect? If so, please do the following:

Please download MiniToolBox, save it to your desktop and run it.

Put a checkmark to select the following options:

Flush DNS
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Devices
List Users, Partitions and Memory size.
List Minidump Files
Click *Go* and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


----------



## MrWmnHtr (Feb 18, 2010)

Hi Cookie,

I assume I can not connect to the internet also. You didn't say to try it so I did not attempt it.

MiniToolBox by Farbar Version: 18-01-2012
Ran by Jeff Miller (administrator) on 27-05-2012 at 11:12:07
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "127.0.0.1"
"network.proxy.type", 0
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection 2 (Connected)

# ---------------------------------- 
# Interface IP Configuration 
# ---------------------------------- 
pushd interface ip

popd
# End of interface IP configuration

Windows IP Configuration

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/25/2012 10:02:13 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.

Error: (05/25/2012 10:02:13 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Error: (05/25/2012 04:14:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.

Error: (05/25/2012 04:14:25 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Error: (05/24/2012 10:29:20 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.

Error: (05/24/2012 10:29:19 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Error: (05/18/2012 01:29:44 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (05/18/2012 11:48:05 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (05/18/2012 11:46:30 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: ps_app_ProductContext -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (05/18/2012 11:40:21 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

System errors:
=============
Error: (05/27/2012 11:09:22 AM) (Source: Service Control Manager) (User: )
Description: The Bdfsdrv service terminated with the following error: 
%%126

Error: (05/27/2012 11:09:22 AM) (Source: Service Control Manager) (User: )
Description: The Zune Bus Enumerator Driver service failed to start due to the following error: 
%%2

Error: (05/27/2012 09:27:48 AM) (Source: DCOM) (User: SYSTEM)
Description: The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

Error: (05/27/2012 09:27:17 AM) (Source: Service Control Manager) (User: )
Description: The Bdfsdrv service terminated with the following error: 
%%126

Error: (05/27/2012 09:27:17 AM) (Source: Service Control Manager) (User: )
Description: The Zune Bus Enumerator Driver service failed to start due to the following error: 
%%2

Error: (05/27/2012 09:23:32 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

Error: (05/27/2012 09:23:32 AM) (Source: Service Control Manager) (User: )
Description: The Secunia PSI Agent service terminated unexpectedly. It has done this 1 time(s).

Error: (05/27/2012 09:23:31 AM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service terminated unexpectedly. It has done this 1 time(s).

Error: (05/27/2012 09:23:31 AM) (Source: Service Control Manager) (User: )
Description: The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (05/27/2012 09:23:31 AM) (Source: Service Control Manager) (User: )
Description: The Browser Defender Update Service service terminated unexpectedly. It has done this 1 time(s).

Microsoft Office Sessions:
=========================
Error: (05/25/2012 10:02:13 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040206

Error: (05/25/2012 10:02:13 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp4480070422

Error: (05/25/2012 04:14:25 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040206

Error: (05/25/2012 04:14:25 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp4480070422

Error: (05/24/2012 10:29:20 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040206

Error: (05/24/2012 10:29:19 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp4480070422

Error: (05/18/2012 01:29:44 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (05/18/2012 11:48:05 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (05/18/2012 11:46:30 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: ps_app_ProductContext -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.(NULL)(NULL)(NULL)

Error: (05/18/2012 11:40:21 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 2.1.5)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.10)
Adobe Flash Player 10 Plugin (Version: 10.3.183.16)
Adobe Reader 9.4.4 (Version: 9.4.4)
Advanced SystemCare 5 (Version: 5.2.0)
AiO_Scan (Version: 50.0.227.000)
Browser Defender 3.0 (Version: 3.0.0.313)
BufferChm (Version: 90.0.146.000)
CameraDrivers (Version: 9.0.0.155)
CameraReadme (Version: 9.0.0)
Canon S750
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder (Version: 1.00.0000)
DeviceDiscovery (Version: 90.0.146.000)
Google Update Helper (Version: 1.3.21.111)
HP Customer Participation Program 8.0 (Version: 8.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP Photosmart 8.0 Software (Version: 8.0)
HP Photosmart Cameras 9.0 (Version: 9.0)
HP Photosmart Essential (Version: 1.12.0.46)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Product Assistant (Version: 100.000.001.000)
HP Product Detection (Version: 9.7.2)
HP PSC & OfficeJet 5.3.B
HP Solution Center 9.0 (Version: 9.0)
HP Update (Version: 5.002.006.003)
hpicamDrvQFolder (Version: 1.00.0000)
HPProductAssistant (Version: 90.0.146.000)
HPSSupply (Version: 2.1.3.0000)
InstantShareDevicesMFC (Version: 90.0.146.000)
J2SE Runtime Environment 5.0 Update 1 (Version: 1.5.0.10)
Java Auto Updater (Version: 2.0.3.1)
Java(TM) 6 Update 24 (Version: 6.0.240)
Lucent Technologies Soft Modem AMR
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 82.0.174.000)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Professional
Microsoft Silverlight (Version: 4.0.60310.0)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft WinUsb 1.0
Mozilla Firefox (3.6.27) (Version: 3.6.27 (en-GB))
MSN
OpenOffice.org 3.1 (Version: 3.1.9399)
PanoStandAlone (Version: 90.0.146.000)
ps_app_ProductContext (Version: 82.0.201.000)
ps_app_software (Version: 82.0.201.000)
ps_app_software_req (Version: 82.0.201.000)
PSSWCORE (Version: 2.01.0000)
Qwest Installer (Version: 1.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver
Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
RealUpgrade 1.1 (Version: 1.1.0)
Scan (Version: 5.2.0.0)
Secunia PSI (2.0.0.3003)
Smart Defrag 2 (Version: 2.0)
SolutionCenter (Version: 90.0.146.000)
Status (Version: 90.0.146.000)
SUPERAntiSpyware (Version: 4.50.1002)
Toolbox (Version: 82.0.173.000)
TrayApp (Version: 90.0.146.000)
UnloadSupport (Version: 9.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB969497) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VideoToolkit01 (Version: 90.0.146.000)
W Photo Studio (Version: 1.0.0.143)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 90.0.146.000)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows PowerShell(TM) 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Devices: ================================

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 2039.36 MB
Available physical RAM: 1553.97 MB
Total Pagefile: 3410.53 MB
Available Pagefile: 3032.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.21 MB

========================= Partitions: =====================================

1 Drive c: (MILLER_ONLY) (Fixed) (Total:149.05 GB) (Free:111.35 GB) NTFS
2 Drive d: (QwestInstall) (CDROM) (Total:1.61 GB) (Free:0 GB) CDFS
4 Drive f: (STORE N GO) (Removable) (Total:3.73 GB) (Free:2.17 GB) FAT32

========================= Users: ========================================

User accounts for \\JEFF-2E0A22FF48

Administrator Guest HelpAssistant 
Jeff Miller servicetech SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


----------



## Cookiegal (Aug 27, 2003)

Go to *Start *- *Run *- type in cmd and click OK to open a command prompt:

Type the following command (be sure to include the space between the g and the /:

*Ipconfig /all*

Hit Enter.

Right click in the command window and choose Select All, then hit Enter.
Paste the results in a message here.


----------



## MrWmnHtr (Feb 18, 2010)

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Jeff Miller>ipconfig /all

Windows IP Configuration

C:\Documents and Settings\Jeff Miller>


----------



## Cookiegal (Aug 27, 2003)

Are you sure that's all it says there? There should be more than that.


----------



## MrWmnHtr (Feb 18, 2010)

I'm sure. attached is a screen print.


----------



## MrWmnHtr (Feb 18, 2010)

I have twice attempted to attach a screen print.


----------



## MrWmnHtr (Feb 18, 2010)

Third time is a charm!


----------



## Cookiegal (Aug 27, 2003)

Click on Manage Attachments and then on Browse to locate the file on your computer. Now click on Open and then on Upload and finally Submit the reply.


----------



## MrWmnHtr (Feb 18, 2010)

I will try a forth time.


----------



## Cookiegal (Aug 27, 2003)

Do you have your installation CD?


----------



## MrWmnHtr (Feb 18, 2010)

Windows? Yes Qwest? Yes.


----------



## Cookiegal (Aug 27, 2003)

Windows. 

Try running chkdsk.

Click Start and My Computer. Right-click the hard drive you want to check, and click Properties. Select the Tools tab and click Check Now. Check both boxes. Click Start. You'll get a message that the computer must be rebooted to run a complete check. Click Yes and reboot. Chkdsk will take a while, so run it when you don't need to use the computer for something else.

To view results log:

Go to *Start *- *Run *and type in *eventvwr.msc*, and hit enter.
When Event Viewer opens, click on "Application", then scroll
down to "Winlogon" and double-click on it to open it up. This is the log
created after running chkdsk. Click on the icon that looks like two pieces of paper to copy it and then paste it here please.


----------



## MrWmnHtr (Feb 18, 2010)

Event Type: Information
Event Source: Winlogon
Event Category: None
Event ID: 1001
Date: 5/27/2012
Time: 2:47:47 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Checking file system on C:
The type of the file system is NTFS.
Volume label is MILLER_ONLY.

A disk check has been scheduled.
Windows will now check the disk. 
Cleaning up 185 unused index entries from index $SII of file 0x9.
Cleaning up 185 unused index entries from index $SDH of file 0x9.
Cleaning up 185 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Windows has made corrections to the file system.

156288320 KB total disk space.
38910748 KB in 126798 files.
56384 KB in 8154 indexes.
0 KB in bad sectors.
583084 KB in use by the system.
65536 KB occupied by the log file.
116738104 KB available on disk.

4096 bytes in each allocation unit.
39072080 total allocation units on disk.
29184526 allocation units available on disk.

Internal Info:
a0 28 03 00 33 0f 02 00 d2 8b 03 00 00 00 00 00 .(..3...........
be 1d 00 00 02 00 00 00 55 06 00 00 00 00 00 00 ........U.......
a4 47 9b 05 00 00 00 00 9e f0 04 58 00 00 00 00 .G.........X....
54 0e 28 3e 00 00 00 00 fa 65 16 df 04 00 00 00 T.(>.....e......
02 2c ce da 05 00 00 00 1e 6d 1b 5d 0b 00 00 00 .,.......m.]....
99 9e 36 00 00 00 00 00 88 38 07 00 4e ef 01 00 ..6......8..N...
00 00 00 00 00 70 ec 46 09 00 00 00 da 1f 00 00 .....p.F........

Windows has finished checking your disk.
Please wait while your computer restarts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


----------



## Cookiegal (Aug 27, 2003)

Go to *Start *- *Run *and type in:

*sfc /scannow*

This command will immediately initiate the Windows File Protection service to scan all protected files and verify their integrity, replacing any files with which it finds a problem. You may be prompted to insert the installation CD. Let me know how that goes please.


----------



## MrWmnHtr (Feb 18, 2010)

I ran SFC /SCANNOW and it said it needed .dll files and to insert the Windows disk. I did and it ran 20 minutes. The progress bar went away when it was finished. It had no message about what it did or didn't do.


----------



## Cookiegal (Aug 27, 2003)

Please try the ipconfig /all again and post the results please.


----------



## MrWmnHtr (Feb 18, 2010)

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Jeff Miller>ipconfig /all

Windows IP Configuration

C:\Documents and Settings\Jeff Miller>


----------



## Cookiegal (Aug 27, 2003)

Please go to *Start *- *Run *- type in *eventvwr.msc* to open the event viewer. Look under both "Application" and "System" for recent (the last 48 hours or so) errors (shown in red) and if found, do this for each one.

Double-click the error to open it up and then click on the icon that looks like two pieces of paper. This will copy the full error. Then "paste" the error into Notepad. Do this for each one until you have them all listed in Notepad and then copy and paste the list in a reply here please.


----------



## MrWmnHtr (Feb 18, 2010)

No Application Errors 28th, 27th, 26th. One warning. (48 hrs) 4 errors on the 25th. (72 Hrs)

32 System Errors. No warnings. 28th, 27th, 26th (48 hrs)

*Application Warning and Errors

*Event Type: Warning
Event Source: Userenv
Event Category: None
Event ID: 1524
Date: 5/26/2012
Time: 12:46:15 AM
User: JEFF-2E0A22FF48\Jeff Miller
Computer: JEFF-2E0A22FF48
Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 8193
Date: 5/25/2012
Time: 10:02:13 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 52 54 57 52 54 49 43 WRTWRTIC
0008: 32 31 34 39 00 00 00 00 2149....
0010: 57 52 54 57 52 54 49 43 WRTWRTIC
0018: 32 31 31 31 00 00 00 00 2111....

Event Type: Error
Event Source: EventSystem
Event Category: (50)
Event ID: 4609
Date: 5/25/2012
Time: 10:02:13 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 8193
Date: 5/25/2012
Time: 4:14:25 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 52 54 57 52 54 49 43 WRTWRTIC
0008: 32 31 34 39 00 00 00 00 2149....
0010: 57 52 54 57 52 54 49 43 WRTWRTIC
0018: 32 31 31 31 00 00 00 00 2111....

Event Type: Error
Event Source: EventSystem
Event Category: (50)
Event ID: 4609
Date: 5/25/2012
Time: 4:14:25 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

*System Errors

*Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/28/2012
Time: 1:46:19 PM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 5/28/2012
Time: 1:45:47 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following error: 
The specified module could not be found.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 5/28/2012
Time: 1:45:47 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start due to the following error: 
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/28/2012
Time: 12:05:39 AM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/27/2012
Time: 11:23:38 PM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/27/2012
Time: 2:48:28 PM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 5/27/2012
Time: 2:47:58 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following error: 
The specified module could not be found.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 5/27/2012
Time: 2:47:58 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start due to the following error: 
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/27/2012
Time: 1:24:16 PM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/27/2012
Time: 1:20:27 PM
User: JEFF-2E0A22FF48\Jeff Miller
Computer: JEFF-2E0A22FF48
Description:
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 5/27/2012
Time: 11:09:22 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following error: 
The specified module could not be found.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 5/27/2012
Time: 11:09:22 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start due to the following error: 
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/27/2012
Time: 9:27:48 AM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 5/27/2012
Time: 9:27:17 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following error: 
The specified module could not be found.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 5/27/2012
Time: 9:27:17 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start due to the following error: 
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 5/27/2012
Time: 9:23:32 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 5/27/2012
Time: 9:23:32 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Secunia PSI Agent service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 5/27/2012
Time: 9:23:31 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Secunia Update Agent service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 5/27/2012
Time: 9:23:31 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 5/27/2012
Time: 9:23:31 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Browser Defender Update Service service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 5/27/2012
Time: 9:23:31 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/27/2012
Time: 9:20:45 AM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 5/27/2012
Time: 9:20:12 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following error: 
The specified module could not be found.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 5/27/2012
Time: 9:20:12 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start due to the following error: 
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/26/2012
Time: 9:25:44 PM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/26/2012
Time: 9:23:24 PM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/26/2012
Time: 5:44:00 PM
User: JEFF-2E0A22FF48\Jeff Miller
Computer: JEFF-2E0A22FF48
Description:
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/26/2012
Time: 10:38:19 AM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 5/26/2012
Time: 10:37:48 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following error: 
The specified module could not be found.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 5/26/2012
Time: 10:37:48 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start due to the following error: 
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/26/2012
Time: 12:48:20 AM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 5/26/2012
Time: 12:46:20 AM
User: JEFF-2E0A22FF48\Jeff Miller
Computer: JEFF-2E0A22FF48
Description:
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


----------



## Cookiegal (Aug 27, 2003)

Have you uninstalled Bit Defender?


----------



## MrWmnHtr (Feb 18, 2010)

Sorry, Cookie. I didn't see this post. I thought you had given up on me. Bit Defender? Did you tell me to uninstall it? If you did then I misssed that post too. Not my computer so I haven't really looked at what programs are installed. Not sure what it is. I will Google it in a minute. But no I have not uninstalled anything unless you said to.


----------



## MrWmnHtr (Feb 18, 2010)

I wasn't sure if Bitdefender was real software or malware until I Googled it. I looked in Add and Remove Programs, the Start Menu, C:\Program Files, Config Utility, Services, and did not see anything Bitdefender or Softwin (The makers of Bitdefender). I ran a File Names search of the C:\Drive with the word Bitdefender. I am ran a search IN Files for Bitdefender and Softwin.

The search for Softwin produced the NTPrint.inf file located in C:\Windows\Service Pack Files\i386. It's a huge file so I copied and pasted into something searchable. I found Micro*softWin*dows. Lol. Anyway, I found nothing.

Did you mean Browser Defender? That is on this machine. Not Bitdefender.I never heard of Browser Defender before I saw it on this computer.


----------



## Cookiegal (Aug 27, 2003)

BitDefender is an anti-virus program but there is an error related to it's service failing to start so it appears it may have been installed at one time but the service didn't get removed and is still trying to start. It doesn't look like it belongs to Browser Defender but I'd like to check further so please do the following:

Download *OTL* to your Desktop. 

Double-click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. 
Click the Quick Scan button. Do not change any settings unless otherwise instructed. The scan won't take long. 
When the scan completes, it will open two Notepad windows called *OTL.Txt* and *Extras.Txt*. These are saved in the same location as OTL. 
Please copy and paste the contents of both of these files here in your next reply.


----------



## MrWmnHtr (Feb 18, 2010)

OTL logfile created on: 5/30/2012 10:27:05 AM - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Documents and Settings\Jeff Miller\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.72% Memory free
3.33 Gb Paging File | 2.80 Gb Available in Paging File | 83.98% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 111.16 Gb Free Space | 74.58% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 2.17 Gb Free Space | 58.18% Space Free | Partition Type: FAT32

Computer Name: JEFF-2E0A22FF48 | User Name: Jeff Miller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/30 10:22:18 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
PRC - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012/03/06 18:39:50 | 000,574,296 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2012/02/04 22:51:56 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/10/29 13:01:37 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/09/25 17:02:09 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/07/01 15:36:44 | 000,337,872 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2011/04/18 23:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/04/18 23:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/04/18 23:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/01/07 14:54:12 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
PRC - [2010/08/26 21:59:13 | 000,045,992 | ---- | M] (Qwest Communications) -- C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe
PRC - [2009/04/23 05:15:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/23 05:15:12 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/28 13:46:05 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/09/25 17:04:20 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/09/25 17:04:20 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/09/25 17:04:18 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl
MOD - [2011/04/15 03:13:29 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f5ebeeb0a8aaba9db15ec3df591339ba\System.Web.Services.ni.dll
MOD - [2011/04/15 03:12:49 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll
MOD - [2011/04/15 03:11:13 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll
MOD - [2011/04/15 03:08:57 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll
MOD - [2011/04/15 03:08:48 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll
MOD - [2011/04/15 03:08:30 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll
MOD - [2011/04/15 03:06:43 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll
MOD - [2011/04/15 03:06:15 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll
MOD - [2009/04/27 06:03:44 | 000,139,264 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\nsldap32v50.dll
MOD - [2009/04/16 13:03:22 | 000,166,400 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\libxslt.dll
MOD - [2009/04/16 13:02:16 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/01/18 15:50:02 | 000,417,792 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\AdobeXMP.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\clisvc.dll -- (Freedom)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2011/09/25 17:02:09 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/07/01 15:36:44 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011/04/18 23:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/04/18 23:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\zumbus.sys -- (zumbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JEFFMI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2011/09/25 17:01:58 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/25 17:01:57 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/02/23 17:04:30 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/09/01 01:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2008/04/13 11:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 11:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 11:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 11:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/09/23 18:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/08/04 05:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/04 05:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/04 05:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2003/06/22 19:57:00 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001/08/17 13:28:10 | 000,802,683 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=sb&n=77dd9ec0&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myqwest.com/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
IE - HKCU\..\SearchScopes\{8a87b83c-59b0-4e8c-9c3b-9678eba008fd}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=sb&n=77dd9ec0&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2856416
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.3
FF - prefs.js..extensions.enabledItems: {03B08592-E5B4-45ff-A0BE-C1D975458688}:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&searchfor="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2012/02/28 18:40:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/29 13:02:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/28 18:40:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/28 18:40:33 | 000,000,000 | ---D | M]

[2011/03/27 21:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Extensions
[2011/01/11 16:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Extensions\[email protected]
[2012/05/15 11:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions
[2011/10/16 18:26:23 | 000,000,000 | ---D | M] (Toolbar Buttons) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
[2011/03/30 22:00:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/01 19:09:48 | 000,000,000 | ---D | M] (Tamil Spell Checker for Firefox) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\[email protected]
[2011/03/27 21:04:29 | 000,009,946 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\searchplugins\TelevisionFanatic.xml
[2012/05/15 11:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/30 10:08:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/10/29 13:02:23 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS.WINDOWS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011/05/30 10:07:28 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/02/28 18:40:21 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX
[2011/05/30 10:07:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/16 05:28:12 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/02/16 05:28:12 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/02/16 05:28:12 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/02/16 05:28:12 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2012/05/24 22:29:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [QwestTouchPointAgent] C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe (Qwest Communications)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Fast Start.lnk = C:\MSOffice\Office\FASTBOOT.EXE ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Find Fast Indexer.lnk = C:\MSOffice\Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Shortcut Bar.lnk = C:\MSOffice\Office\MSOFFICE.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Startup\IMVU.lnk = File not found
O4 - Startup: C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jeff Miller\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B25A628B-D575-4684-9CB1-022D558DA08E}: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B25A628B-D575-4684-9CB1-022D558DA08E}: NameServer = 205.171.3.65
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/05 22:26:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/30 10:26:14 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
[2012/05/27 22:06:05 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/05/27 22:06:02 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/05/27 22:05:50 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/05/27 22:05:46 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/05/27 22:05:30 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/05/27 22:05:27 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/05/27 22:05:21 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/05/27 22:05:05 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/05/27 22:04:55 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/05/27 22:04:52 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/05/27 22:04:49 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/05/27 22:04:46 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/05/27 22:04:42 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/05/27 22:04:39 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/05/27 22:04:36 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/05/27 22:04:23 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/05/27 22:04:11 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/05/27 22:04:08 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/05/27 22:04:04 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/05/27 22:04:00 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/05/27 22:03:44 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/05/27 22:03:32 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/05/27 22:03:29 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/05/27 22:03:18 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/05/27 22:03:15 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/05/27 22:03:12 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/05/27 22:03:09 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/05/27 22:03:06 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/05/27 22:03:03 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/05/27 22:02:37 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/05/27 22:02:34 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/05/27 22:02:31 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/05/27 22:02:30 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/05/27 22:02:26 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/05/27 22:02:24 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/05/27 22:02:14 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/05/27 22:02:11 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/05/27 22:01:36 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/05/27 22:01:33 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/05/27 22:01:30 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/05/27 22:01:27 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/05/27 22:01:23 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/05/27 22:01:07 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/05/27 22:00:43 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/05/27 22:00:40 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/05/27 22:00:37 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/05/27 22:00:35 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/05/27 22:00:32 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/05/27 22:00:12 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/05/27 22:00:09 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/05/27 22:00:07 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/05/27 22:00:01 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/05/27 21:59:39 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/05/27 21:59:36 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/05/27 21:59:34 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/05/27 21:59:31 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/05/27 21:59:12 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/05/27 21:59:06 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/05/27 21:59:04 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/05/27 21:58:51 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/05/27 21:58:49 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/05/27 21:58:46 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/05/27 21:58:43 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/05/27 21:58:41 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/05/27 21:58:38 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/05/27 21:58:36 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/05/27 21:58:33 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/05/27 21:58:31 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/05/27 21:58:25 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/05/27 21:58:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/05/27 21:58:21 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/05/27 21:58:20 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/05/27 21:58:11 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/05/27 21:58:07 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/05/27 21:58:04 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/05/27 21:58:01 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/05/27 21:57:52 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/05/27 21:57:49 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/05/27 21:57:25 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/05/27 21:57:22 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/05/27 21:57:19 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/05/27 21:57:09 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/05/27 21:56:28 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/05/27 21:56:18 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/05/27 21:56:17 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/05/27 21:56:14 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/05/27 21:55:43 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/05/27 21:55:41 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/05/27 21:55:38 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/05/27 21:55:35 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/05/27 21:55:22 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/05/27 21:55:12 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/05/27 21:55:10 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/05/27 21:55:06 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/05/27 21:55:00 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/05/27 21:54:57 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/05/27 21:54:50 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/05/27 21:54:48 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/05/27 21:54:46 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/05/27 21:54:43 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/05/27 21:54:41 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/05/27 21:54:38 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/05/27 21:54:31 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/05/27 21:54:29 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/05/27 21:54:26 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/05/27 21:54:24 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/05/27 21:54:21 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/05/27 21:53:48 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/05/27 21:53:24 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/05/27 21:53:08 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/05/27 21:53:08 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/05/27 21:53:05 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/05/27 21:53:05 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/05/27 21:53:03 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/05/27 21:52:57 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/05/27 21:52:55 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/05/27 21:52:53 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/05/27 21:52:50 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/05/27 21:52:47 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/05/27 21:52:45 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/05/27 21:52:22 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/05/27 21:51:58 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/05/27 21:50:35 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/05/27 21:50:27 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/05/27 21:50:07 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/05/27 21:50:05 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/05/27 21:50:04 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/05/27 21:49:53 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/05/27 21:49:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/05/27 21:49:44 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/05/27 21:49:42 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/05/27 21:49:40 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/05/27 21:49:38 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/05/27 21:49:37 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/05/27 21:49:26 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/05/27 21:49:23 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/05/27 21:49:22 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/05/27 21:48:17 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/05/27 21:48:14 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/05/27 21:48:07 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/05/27 21:48:06 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/05/27 21:48:05 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/05/27 21:48:01 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/05/27 21:48:00 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/05/27 21:47:59 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/05/27 21:47:59 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/05/27 21:47:57 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/05/27 21:47:41 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/05/27 21:47:40 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/05/27 21:47:37 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/05/27 21:47:20 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/05/27 21:47:19 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/05/27 21:47:18 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/05/27 21:47:17 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/05/27 21:47:16 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/05/27 21:47:16 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/05/27 21:47:15 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/05/27 21:47:14 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/05/27 21:47:08 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/05/27 21:47:00 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/05/27 21:46:55 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/05/27 21:46:51 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/05/27 21:46:51 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/05/27 21:46:50 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/05/27 21:46:50 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/05/27 21:46:49 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/05/27 21:46:47 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/05/27 21:46:46 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/05/27 21:46:46 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/05/27 21:46:45 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/05/27 21:46:44 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/05/27 21:46:43 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/05/27 21:46:23 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/05/27 21:46:23 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/05/27 21:46:22 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/05/27 21:46:22 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/05/27 21:46:22 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/05/27 21:46:21 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/05/27 21:46:20 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/05/27 21:46:20 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/05/27 21:46:19 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/05/27 21:46:19 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/05/27 21:46:18 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/05/27 21:46:18 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/05/27 21:46:17 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/05/27 21:46:17 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/05/27 21:46:16 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/05/27 21:46:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/05/27 21:46:15 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/05/27 21:46:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/05/27 21:46:12 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/05/27 21:46:10 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/05/27 21:46:10 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/05/27 21:46:09 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/05/27 21:46:09 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/05/27 21:46:08 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/05/27 21:46:08 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/05/27 21:46:08 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/05/27 21:45:55 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/05/27 21:45:52 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/05/27 21:45:10 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/05/27 21:45:09 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/05/27 21:45:09 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/05/27 21:45:09 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/05/27 21:45:08 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/05/27 21:45:07 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/05/27 21:45:05 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/05/27 21:45:05 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012/05/27 21:45:04 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/05/27 21:45:04 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/05/27 21:45:04 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/05/27 09:29:35 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Jeff Miller\Desktop\HijackThis.exe
[2012/05/27 09:25:30 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/05/27 09:23:31 | 000,000,000 | ---D | C] -- C:\_OTS
[2012/05/26 16:54:23 | 000,646,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTS.exe
[2012/05/25 22:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2012/05/25 17:15:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\XSxS
[2012/05/25 16:46:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/05/24 21:57:49 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/05/24 21:31:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/05/24 21:31:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/05/24 21:31:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/05/24 21:31:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/05/24 21:31:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/05/24 21:31:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/24 20:24:27 | 004,525,926 | R--- | C] (Swearware) -- C:\Documents and Settings\Jeff Miller\Desktop\ComboFix.exe
[2012/05/23 11:49:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Administrative Tools
[2012/05/18 07:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2012/05/18 01:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Qwest
[2012/05/18 01:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Application Data\InstallShield
[2012/05/16 23:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Desktop\Various Errors
[2012/05/16 17:25:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/05/16 11:31:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2012/05/16 11:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Desktop\el montes drivers
[2012/05/15 19:56:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Xenocode
[2012/05/11 00:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG
[2012/05/09 16:02:02 | 000,021,336 | ---- | C] (IObit) -- C:\WINDOWS\System32\RegistryDefragBootTime.exe
[2012/05/08 13:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
[2012/05/08 13:04:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Advanced SystemCare 5
[2012/05/08 12:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software

========== Files - Modified Within 30 Days ==========

[2012/05/30 10:22:18 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
[2012/05/30 09:52:10 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/29 21:49:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/29 15:52:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/29 11:23:00 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\WebReg Photosmart A440 series.job
[2012/05/28 13:45:51 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
[2012/05/28 13:45:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/27 12:15:10 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Desktop\print screen ipconfigall.bmp
[2012/05/26 16:52:50 | 000,646,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTS.exe
[2012/05/25 22:20:08 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/05/24 22:29:44 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/05/24 21:29:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/24 21:22:38 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/05/24 21:13:58 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/05/24 20:04:10 | 004,525,926 | R--- | M] (Swearware) -- C:\Documents and Settings\Jeff Miller\Desktop\ComboFix.exe
[2012/05/23 19:33:12 | 000,337,639 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Desktop\FSS.exe
[2012/05/23 11:37:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012/05/23 10:55:26 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Desktop\2y4coydd.exe
[2012/05/23 10:53:34 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Jeff Miller\Desktop\HijackThis.exe
[2012/05/17 19:22:43 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/17 19:22:43 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/16 11:24:01 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
[2012/05/15 09:22:13 | 000,077,824 | ---- | M] () -- C:\__ofidxT.ffl
[2012/05/11 00:31:38 | 000,131,080 | ---- | M] () -- C:\WINDOWS\HPHins14.dat
[2012/05/09 11:20:55 | 000,000,150 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Desktop\rk-proxy.reg
[2012/05/08 22:26:03 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/08 13:04:14 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Uninstaller.lnk
[2012/05/08 13:04:14 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
[2012/05/08 13:04:14 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Advanced SystemCare 5.lnk

========== Files Created - No Company Name ==========

[2012/05/27 22:06:01 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/05/27 22:05:58 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/05/27 21:57:15 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/05/27 21:57:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/05/27 21:53:53 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/05/27 21:50:33 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/05/27 21:50:29 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/05/27 21:50:26 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/05/27 21:50:22 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/05/27 21:50:18 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/05/27 21:48:04 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/05/27 21:48:03 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/05/27 21:48:02 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/05/27 21:46:04 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/05/27 21:46:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/05/27 21:46:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/05/27 21:46:03 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/05/27 21:46:03 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/05/27 21:46:02 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/05/27 21:46:02 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/05/27 21:46:02 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/05/27 21:46:01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/05/27 21:45:58 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/05/27 12:15:10 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\print screen ipconfigall.bmp
[2012/05/26 10:43:06 | 000,337,639 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\FSS.exe
[2012/05/25 22:20:06 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/05/25 22:20:06 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Startup\IMVU.lnk
[2012/05/25 22:20:06 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
[2012/05/25 22:20:06 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/05/25 22:20:06 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Find Fast Indexer.lnk
[2012/05/25 22:20:06 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Shortcut Bar.lnk
[2012/05/25 22:20:06 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Fast Start.lnk
[2012/05/24 21:57:50 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/05/24 21:31:57 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/05/24 21:31:57 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/05/24 21:31:57 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/05/24 21:31:57 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/05/24 21:31:57 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/05/23 11:56:20 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\2y4coydd.exe
[2012/05/16 11:24:57 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012/05/16 11:23:11 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\WebReg Photosmart A440 series.job
[2012/05/14 16:00:24 | 000,077,824 | ---- | C] () -- C:\__ofidxT.ffl
[2012/05/09 11:20:55 | 000,000,150 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\rk-proxy.reg
[2012/05/08 22:26:03 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/08 13:04:14 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Uninstaller.lnk
[2012/05/08 13:04:14 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
[2012/05/08 13:04:14 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Advanced SystemCare 5.lnk
[2012/01/31 09:51:25 | 000,105,324 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
[2012/01/31 09:51:25 | 000,000,198 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
[2011/06/29 20:21:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/28 00:41:44 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/03/28 00:41:44 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/03/27 21:35:24 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0220.old
[2011/03/27 21:35:24 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2011/03/27 21:03:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

========== LOP Check ==========

[2010/02/24 19:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AIM
[2012/05/24 21:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2010/02/18 12:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverCure
[2012/05/08 13:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
[2011/03/27 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2010/01/04 13:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ParetoLogic
[2012/05/25 22:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Qwest
[2012/05/28 13:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2010/12/07 13:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Walgreens
[2009/08/21 03:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012/05/09 03:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\54238
[2010/02/24 19:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\acccore
[2010/01/04 18:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\DriverCure
[2011/12/16 19:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Image Zone Express
[2012/05/08 13:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\IObit
[2009/06/29 17:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\OpenOffice.org
[2010/11/30 15:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Printer Info Cache
[2011/04/19 02:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\W Photo Studio
[2011/07/28 02:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\W Photo Studio Viewer
[2011/08/11 09:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Wal-Mart Digital Photo Viewer
[2011/07/28 02:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Walgreens

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:430C6D84
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMPFC5A2B2

< End of report >

OTL Extras logfile created on: 5/30/2012 10:27:05 AM - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Documents and Settings\Jeff Miller\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.72% Memory free
3.33 Gb Paging File | 2.80 Gb Available in Paging File | 83.98% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 111.16 Gb Free Space | 74.58% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 2.17 Gb Free Space | 58.18% Space Free | Partition Type: FAT32

Computer Name: JEFF-2E0A22FF48 | User Name: Jeff Miller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F4BF9EA-847E-44FB-A728-C456116E6CEF}" = InstantShareDevicesMFC
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{452622B2-CFF1-4373-B773-141FC10A2AB6}" = hpicamDrvQFolder
"{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}" = HP PSC & OfficeJet 5.3.B
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5FD75BAF-A703-4237-A744-A0524210F093}" = HP Photosmart 8.0 Software
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7F1FC83B-0E0B-4e78-BA21-26B63535A0E9}" = ps_app_software
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C3136B0-5409-40c7-90E3-7B389BA04F5C}" = ps_app_software_req
"{A16B3EA2-8798-4960-8D8B-18D3149AD617}" = OpenOffice.org 3.1
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8755B02-057F-4398-8851-DB645EB46E76}" = ps_app_ProductContext
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA057FD9-0CFC-47e4-8AB4-E0F7EC85631D}" = HP Photosmart Cameras 9.0
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C96FF998-45BD-411E-9253-B7F2660FE280}" = Qwest Installer
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CBF3C503-946E-45EA-B347-EACC41781989}" = W Photo Studio
"{CD961214-93C9-44FE-9A38-BBE647E98AE9}" = CameraReadme
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEF9CA03-7317-4a01-8111-06996235128E}" = CameraDrivers
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Browser Defender_is1" = Browser Defender 3.0
"CANONBJ_Deinstall_CNMCP3q.DLL" = Canon S750
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"ie8" = Windows Internet Explorer 8
"Lucent Technologies Soft Modem" = Lucent Technologies Soft Modem AMR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.27)" = Mozilla Firefox (3.6.27)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MSOffice" = Microsoft Office Professional
"RealPlayer 12.0" = RealPlayer
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"Smart Defrag 2_is1" = Smart Defrag 2
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/18/2012 2:40:21 PM | Computer Name = JEFF-2E0A22FF48 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 5/18/2012 2:46:30 PM | Computer Name = JEFF-2E0A22FF48 | Source = MsiInstaller | ID = 11719
Description = Product: ps_app_ProductContext -- Error 1719. The Windows Installer
Service could not be accessed. This can occur if you are running Windows in safe
mode, or if the Windows Installer is not correctly installed. Contact your support
personnel for assistance.

Error - 5/18/2012 2:48:05 PM | Computer Name = JEFF-2E0A22FF48 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 5/18/2012 4:29:44 PM | Computer Name = JEFF-2E0A22FF48 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 5/25/2012 1:29:19 AM | Computer Name = JEFF-2E0A22FF48 | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/25/2012 1:29:20 AM | Computer Name = JEFF-2E0A22FF48 | Source = VSS | ID = 8193
Description = Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x80040206.

Error - 5/25/2012 7:14:25 PM | Computer Name = JEFF-2E0A22FF48 | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/25/2012 7:14:25 PM | Computer Name = JEFF-2E0A22FF48 | Source = VSS | ID = 8193
Description = Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x80040206.

Error - 5/26/2012 1:02:13 AM | Computer Name = JEFF-2E0A22FF48 | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/26/2012 1:02:13 AM | Computer Name = JEFF-2E0A22FF48 | Source = VSS | ID = 8193
Description = Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x80040206.

[ System Events ]
Error - 5/27/2012 4:20:27 PM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.

Error - 5/27/2012 4:24:16 PM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.

Error - 5/27/2012 5:47:58 PM | Computer Name = JEFF-2E0A22FF48 | Source = Service Control Manager | ID = 7000
Description = The Zune Bus Enumerator Driver service failed to start due to the 
following error: %%2

Error - 5/27/2012 5:47:58 PM | Computer Name = JEFF-2E0A22FF48 | Source = Service Control Manager | ID = 7023
Description = The Bdfsdrv service terminated with the following error: %%126

Error - 5/27/2012 5:48:28 PM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
with DCOM within the required timeout.

Error - 5/28/2012 2:23:38 AM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.

Error - 5/28/2012 3:05:39 AM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.

Error - 5/28/2012 4:45:47 PM | Computer Name = JEFF-2E0A22FF48 | Source = Service Control Manager | ID = 7000
Description = The Zune Bus Enumerator Driver service failed to start due to the 
following error: %%2

Error - 5/28/2012 4:45:47 PM | Computer Name = JEFF-2E0A22FF48 | Source = Service Control Manager | ID = 7023
Description = The Bdfsdrv service terminated with the following error: %%126

Error - 5/28/2012 4:46:19 PM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
with DCOM within the required timeout.

< End of report >


----------



## Cookiegal (Aug 27, 2003)

It seemed to be related to BitDefender but upon closer investigation it belongs to something called "Freedom". This could have been security software that came with the Internet Service Provider. Does that ring a bell?


----------



## MrWmnHtr (Feb 18, 2010)

I'm suddenly not getting email notifications of your posts. That's two in a row. I will check my settings in a few.

This is not my computer but we both have the same ISP (Qwest) and no I have never heard of it. I called him. He has not heard of it either. 

I did an IN File search for Freedom. Attaching screenshot of search. (Maybe HP?)


----------



## Cookiegal (Aug 27, 2003)

What is an IN file search? There doesn't seem to be anything related to Freedom in those search results.


----------



## MrWmnHtr (Feb 18, 2010)

In the Files instead of just file names. I was tired. Sorry. Are we running out of options?


----------



## Cookiegal (Aug 27, 2003)

Not out of options yet.

Have you tried replacing the Realtek Network adapter driver?

Are there any yellow alerts in Device Manager? Can you expand the Network Adapter section in the Device Manager and upload a screenshot of it please?


----------



## MrWmnHtr (Feb 18, 2010)

I updated the Network Adaptor Driver when I first started working on this problem. As far as I know it is the most recent driver. (v 5.505.1004.2002) I purchased a new Network Adapter and it didn't change anything so I removed it. I did all this before I posted here the first time. 

The only Yellow Alerts are in the Hidden Devices. (Keyboard, Parport, Zune.)


----------



## Cookiegal (Aug 27, 2003)

Try uninstalling the driver in Device Manager for the Realtek Network Adaptor and then reboot and see if it recognizes it.

What is the make and model of the keyboard?


----------



## Cookiegal (Aug 27, 2003)

Is this the one you downloaded?

http://h10025.www1.hp.com/ewfrf/wc/softwareDownloadIndex?cc=us&lc=en&dlc=en&softwareitem=ob-38853-1

What is the model of the HP PC?


----------



## MrWmnHtr (Feb 18, 2010)

To the best of my knowledge it is not an HP. Doesn't have an HP case. System Info says Manufacturer is ECS. Elitegroup Motherboard 945GZT-M

I went here just now. 
http://www.ecs.com.tw/ECSWebSite/Pr...ailID=725&DetailName=Feature&MenuID=1&LanID=0

I downloaded this. Do you want me to install it?

I don't know why I expected RealTek to have the most updated driver.


----------



## MrWmnHtr (Feb 18, 2010)

I have uninstalled the driver and reinstalled before. I used an updated driver from here. http://download.cnet.com/Realtek-RTL8139-Family-Fast-Ethernet-driver-v-5-505-1004-2002-zip/3000-2112_4-150004.html(That was before I started this post)

I am uninstalling and rebooting as you asked.

The keyboard is a Dell SK-8135.

I'll be dipped in chocolate if that didn't work! Woo! Hoo! I now have a 3rd connection in Network Connections. 
Internet Gateway Local Area Connection on Actiontec PK5000 (My Modem)
Status: Connected
Duration: 5 days 23:22:05 (?)
Speed: 614 Kbs

Local Area Connection 3 
Connected, Firewalled
Realtek RTL8139/810x Family
Status: Connected
Duration: 00:12:15
Support Tab Connection Status has an IP Address, Subnet Mask Address, and Default Gateway Address.

All kinds of software is popping up to be updated.

I opened Firefox and it connected to his home page. 
Wow! This is good news!

I do have one problem that popped up a day or so ago that I only noticed a couple of times before I took note of it. When I have clicked Start\Turn Off Computer it has taken EXACTLY 120 seconds before the dialog box opens that gives me the choice of Turn Off or Restart. (When I usually shut it off I either turn my back or walk out of the room so I don't know when it started doing this. I timed it once last night and again just now when I rebooted. Both times EXACTLY 120 Seconds.) I'm going to reboot and time it again. I only mention this in case someone else has this problem.

No need to reboot. Dialog box opened immediately.

But I will reboot and see if everything stays the way it is. It's working perfectly so far. Windows is asking to update. But I'm not doing anything until you say so.

Thank you so very much for your patience with me this last week. This was the most difficult repair I have ever done. With over 81,000 posts I assume you have done about 4000 of these. (81,966 / 21 = 3,903) In your opinion, on a scale of 1 to 10, how difficult was this one?

Are there any other scans that you want me to perform?
Should I install the driver from the motherboard manufacturer that I linked to in my previous post? 
How can I get the Motherboards startup screen to stay readable longer? It's up like two seconds. Very difficult to read.

I can not thank you enough! Talk to you in the am.


----------



## Cookiegal (Aug 27, 2003)

That's great. :up:

BTW, I changed your dip to something more "tasteful". Please be careful of your language. 

OK. Some of your questions may be out of my realm but we will attempt to get everythign back in order if you're willing to continue with me. I have a lot of patience so we'll tackle the problems one at a time.

First, I'd like you to run a new scan with DDS and post the log please. You should still have it on your desktop so you won't need to download it again.

Once I see that, I'll try to answer some of the questions you raised but hold off installing any other drivers for the time being please.


----------



## Cookiegal (Aug 27, 2003)

Also, please allow Windows to update and other programs as well (anti-virus, etc.).


----------



## MrWmnHtr (Feb 18, 2010)

I updated everything that was asking to be updated. Windows, Java, Adobe, Anti-malware. I have no Anti-Virus because I had to uninstall it to run some scans. Then I ran DDS.

I don't understand why DDS says Avast is Enabled/Updated. It was uninstalled and I had to delete the left over folder in Program Files to run scans.

.
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_32
Run by Jeff Miller at 10:39:57 on 2012-06-01
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1632 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Secunia\PSI\PSIA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Secunia\PSI\sua.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\MSOffice\Office\MSOFFICE.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.myqwest.com/
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [QwestTouchPointAgent] "c:\program files\qwest\desktop\QwestTouchPointAgent.exe" /autostart
mRun: [PCTools FGuard] c:\program files\pc tools security\bdt\FGuard.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10x_ActiveX.exe -update activex
StartupFolder: c:\docume~1\jeffmi~1\startm~1\programs\startup\imvu.lnk - c:\documents and settings\jeff miller\application data\imvuclient\IMVUQualityAgent.exe
StartupFolder: c:\docume~1\jeffmi~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~3.lnk - c:\msoffice\office\FASTBOOT.EXE
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~2.lnk - c:\msoffice\office\FINDFAST.EXE
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~1.lnk - c:\msoffice\office\MSOFFICE.EXE
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-explorer: NoInstrumentation = 1 (0x1)
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\jeff miller\start menu\programs\imvu\Run IMVU.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{DFE920CD-B641-4BEE-B3F8-93836BBCF81C} : DhcpNameServer = 192.168.0.1 205.171.3.25
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jeff miller\application data\mozilla\firefox\profiles\mnjbclzh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&searchfor=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\program files\pc tools security\bdt\firefox\platform\winnt_x86-msvc\components\libheuristic.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Tamil Spell Checker for Firefox: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Toolbar Buttons: {03B08592-E5B4-45ff-A0BE-C1D975458688} - %profile%\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Browser Defender Toolbar: {cb84136f-9c44-433a-9048-c5cd9df1dc16} - c:\program files\pc tools security\bdt\Firefox
FF - Ext: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\firefox\Ext
.
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-3-28 13496]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2012-5-8 913752]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\pc tools security\bdt\BDTUpdateService.exe [2011-3-27 337872]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-4-18 993848]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-4-18 399416]
R3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [2009-10-1 802683]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
.
=============== Created Last 30 ================
.
2012-06-01 15:49:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-01 15:49:38 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-01 06:36:47 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-06-01 06:36:47 3072 ------w- c:\windows\system32\iacenc.dll
2012-05-28 05:06:05 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2012-05-28 05:06:02 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2012-05-28 05:06:01 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2012-05-28 05:04:59 12415 -c--a-w- c:\windows\system32\dllcache\wadv01nt.sys
2012-05-28 05:03:56 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2012-05-28 05:02:57 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2012-05-28 05:01:59 28384 -c--a-w- c:\windows\system32\dllcache\sym_hi.sys
2012-05-28 05:00:59 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2012-05-28 04:59:58 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2012-05-28 04:58:56 75392 -c--a-w- c:\windows\system32\dllcache\s3savmxm.sys
2012-05-28 04:57:56 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2012-05-28 04:56:56 121344 -c--a-w- c:\windows\system32\dllcache\phvfwext.dll
2012-05-28 04:55:58 351616 -c--a-w- c:\windows\system32\dllcache\ovcodek2.sys
2012-05-28 04:54:57 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2012-05-28 04:53:56 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2012-05-28 04:52:57 70730 -c--a-w- c:\windows\system32\dllcache\lne100tx.sys
2012-05-28 04:51:58 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll
2012-05-28 04:50:59 9759 -c--a-w- c:\windows\system32\dllcache\hsf_inst.dll
2012-05-28 04:49:58 1733120 -c--a-w- c:\windows\system32\dllcache\g400d.dll
2012-05-28 04:48:59 40704 -c--a-w- c:\windows\system32\dllcache\es1371mp.sys
2012-05-28 04:47:59 6729 -c--a-w- c:\windows\system32\dllcache\disrvci.dll
2012-05-28 04:46:59 13952 -c--a-w- c:\windows\system32\dllcache\cmbatt.sys
2012-05-28 04:45:59 75136 -c--a-w- c:\windows\system32\dllcache\atimpae.sys
2012-05-28 04:44:47 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2012-05-27 16:23:31 -------- d-----w- C:\_OTS
2012-05-26 00:15:07 -------- d-----w- c:\windows\XSxS
2012-05-25 05:26:02 162816 -c--a-w- c:\windows\system32\dllcache\netbt.sys
2012-05-25 05:26:02 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-05-25 04:57:49 -------- d-sha-r- C:\cmdcons
2012-05-25 04:31:57 98816 ----a-w- c:\windows\sed.exe
2012-05-25 04:31:57 518144 ----a-w- c:\windows\SWREG.exe
2012-05-25 04:31:57 256000 ----a-w- c:\windows\PEV.exe
2012-05-25 04:31:57 208896 ----a-w- c:\windows\MBR.exe
2012-05-18 14:00:54 -------- d-----w- c:\program files\Xenocode
2012-05-18 10:11:46 46976 ----a-w- c:\windows\system32\drivers\R8139n51.sys
2012-05-18 08:05:42 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-05-18 08:05:42 -------- d-----w- c:\windows\system32\wbem\Repository
2012-05-17 00:25:33 -------- d-----w- c:\windows\system32\NtmsData
2012-05-16 18:31:32 -------- d-----w- c:\windows\OPTIONS
2012-05-16 18:24:57 21736 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2012-05-16 02:56:25 -------- d-----w- c:\documents and settings\jeff miller\local settings\application data\Xenocode
2012-05-11 07:31:24 -------- d-----w- c:\documents and settings\all users.windows\application data\WEBREG
2012-05-09 23:02:02 21336 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-05-08 20:04:25 -------- d-----w- c:\documents and settings\all users.windows\application data\IObit
2012-05-08 19:57:16 -------- d-----w- c:\documents and settings\all users.windows\application data\AVAST Software
.
==================== Find3M ====================
.
2012-06-01 15:49:19 472864 -c--a-w- c:\windows\system32\deployJava1.dll
2012-04-11 13:12:06 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:10:58 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 12:35:52 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-04 22:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-06 18:49:04 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 10:40:55.56 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 5/10/2009 10:35:34 AM
System Uptime: 6/1/2012 9:10:42 AM (1 hours ago)
.
Motherboard: ECS | | 945GZ/CT-M
Processor: Intel(R) Celeron(R) D CPU 3.33GHz | CPU 1 | 3325/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 109.479 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 400 GiB total, 64.516 GiB free.
G: is FIXED (NTFS) - 400 GiB total, 68.928 GiB free.
H: is FIXED (NTFS) - 597 GiB total, 174.58 GiB free.
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&2C575ACB&0
Manufacturer: (Standard keyboards)
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&2C575ACB&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP1: 5/24/2012 10:04:31 PM - System Checkpoint
RP2: 5/26/2012 12:34:23 AM - System Checkpoint
RP3: 5/27/2012 11:36:22 AM - System Checkpoint
RP4: 5/28/2012 2:05:29 PM - System Checkpoint
RP5: 5/29/2012 2:49:20 PM - System Checkpoint
RP6: 5/30/2012 2:50:43 PM - System Checkpoint
RP7: 5/31/2012 12:43:11 PM - Installed Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
RP8: 5/31/2012 11:36:42 PM - Software Distribution Service 3.0
RP9: 6/1/2012 8:28:00 AM - Software Distribution Service 3.0
RP10: 6/1/2012 8:48:38 AM - Removed Java(TM) 6 Update 24
RP11: 6/1/2012 8:49:05 AM - Installed Java(TM) 6 Update 32
RP12: 6/1/2012 8:51:09 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.5.1
Advanced SystemCare 5
AiO_Scan
Browser Defender 3.0
BufferChm
CameraDrivers
CameraReadme
Canon S750
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
DeviceDiscovery
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 8.0
HP Imaging Device Functions 9.0
HP Photosmart 8.0 Software
HP Photosmart Cameras 9.0
HP Photosmart Essential
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Product Assistant
HP Product Detection
HP PSC & OfficeJet 5.3.B
HP Solution Center 9.0
HP Update
hpicamDrvQFolder
HPProductAssistant
HPSSupply
InstantShareDevicesMFC
J2SE Runtime Environment 5.0 Update 1
Java Auto Updater
Java(TM) 6 Update 32
Lucent Technologies Soft Modem AMR
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Professional
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft WinUsb 1.0
Mozilla Firefox (3.6.27)
MSN
OpenOffice.org 3.1
PanoStandAlone
ps_app_ProductContext
ps_app_software
ps_app_software_req
PSSWCORE
Qwest Installer
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
RealUpgrade 1.1
Scan
Secunia PSI (2.0.0.3003)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Smart Defrag 2
SolutionCenter
Status
SUPERAntiSpyware
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoToolkit01
W Photo Studio
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
6/1/2012 8:37:53 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).
6/1/2012 8:37:40 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2604092).
6/1/2012 8:36:05 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2657424).
6/1/2012 8:35:46 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2656352).
5/27/2012 9:23:32 AM, error: Service Control Manager [7034] - The Secunia PSI Agent service terminated unexpectedly. It has done this 1 time(s).
5/27/2012 9:23:32 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
5/27/2012 9:23:31 AM, error: Service Control Manager [7034] - The Secunia Update Agent service terminated unexpectedly. It has done this 1 time(s).
5/27/2012 9:23:31 AM, error: Service Control Manager [7034] - The Browser Defender Update Service service terminated unexpectedly. It has done this 1 time(s).
5/27/2012 9:23:31 AM, error: Service Control Manager [7034] - The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).
5/27/2012 9:23:31 AM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
5/26/2012 10:37:48 AM, error: Service Control Manager [7023] - The Bdfsdrv service terminated with the following error: The specified module could not be found.
5/26/2012 10:37:48 AM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed to start due to the following error: The system cannot find the file specified.
5/25/2012 9:56:12 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service netman with arguments "" in order to run the server: {BA126AD8-2166-11D1-B1D0-00805FC1270E}
5/25/2012 9:54:49 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
5/25/2012 10:10:09 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
5/25/2012 10:09:58 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
5/25/2012 10:06:04 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/25/2012 10:02:15 PM, error: Service Control Manager [7001] - The Windows Firewall/Internet Connection Sharing (ICS) service depends on the Network Connections service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.
==== End Of File ===========================


----------



## Cookiegal (Aug 27, 2003)

Avast is still showing because it's still listed in the Wbem. Which anti-virus are you going to use? If it's Avast, I would just reinstall it. Or are you going to go with Microsoft Security Essentials? If s, then I can provide instructions to clear Avast from the Wbem before installing another anti-virus program.

I would take all of these out of the startup folder as they just make the startup take longer (do NOT delete the program files, just the link in the startup folder that triggers the programs to load on startup):

StartupFolder: c:\docume~1\jeffmi~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~3.lnk - c:\msoffice\office\FASTBOOT.EXE
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~2.lnk - c:\msoffice\office\FINDFAST.EXE
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~1.lnk - c:\msoffice\office\MSOFFICE.EXE
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe

Also, regarding the keyboard, it appears the driver is disabled. Please go to Device Manager and double-click on "keyboards" to expand it and then double-click on "Standard 101/102-Key or Microsoft Natural PS/2 Keyboard". On the General Tab, what does it say in the "device Usage" box at the bottom?

You should remove this older version of Java via the Contro Panel - Add or Remove Programs:

J2SE Runtime Environment 5.0 Update 1


----------



## MrWmnHtr (Feb 18, 2010)

I reinstalled Avast. 

I don't know the term Wbem. But I would like to know the procedure for removing Avast from Wbem. (In case I need it later.) 

Keyboard Device Usage is: Use this device (enable) 
Device Status: This device is not present, is not working properly, or does not have all of it's drivers installed (code 24)

Startup Folders emptied.

JJ2SE Runtime Environment 5.0 Update 1 uninstalled.


----------



## Cookiegal (Aug 27, 2003)

WBEM stands for Web-Based Enterprise Management.

To remove Avast from the WBEM:


Go to *Start *- *Run *and type *wbemtest *then click OK.
Click on the *Connect *button on the upper right side (above Exit).
Change *root\default* to *root\SecurityCenter* and click on *Connect *again.
Under *IWbemServices* click on* Query…*
Type in *SELECT * FROM AntiVirusProduct* and then click on *Apply*.

You should see an entry like this:

*{7591DB91-41F0-48A3-B128-1A293FD8233D}*

If there were others installed you would see another series of numbers and you would have to double-click on each of them and scroll down the results window until you see Company name/Display name for Avast and the other(s). Then just highlight and delete the one that you want to remove.

Let's see if we can find the driver for the keyboard:

Please download *SystemLook* from one of the links below and save it to your Desktop.
*Download Mirror #1
Download Mirror #2*
Double-click *SystemLook.exe* to run it.
Copy the content of the following code box into the main text field:

```
:filefind
i8042prt.*
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found on your Desktop entitled *SystemLook.txt*


----------



## MrWmnHtr (Feb 18, 2010)

SystemLook 30.07.11 by jpshortstuff
Log created at 15:35 on 02/06/2012 by Jeff Miller
Administrator - Elevation successful

========== filefind ==========

Searching for "i8042prt.*"
C:\cmdcons\I8042PRT.SY_ --a---- 26025 bytes [06:14 04/08/2004] [06:14 04/08/2004] 819D427AB9DBE6AC2960A585087CB766
C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys -----c- 52736 bytes [19:43 13/05/2009] [12:00 04/08/2004] 5502B58EEF7486EE6F93F3F164DCB808
C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys -----c- 52480 bytes [19:18 13/04/2008] [19:18 13/04/2008] 4A0B06AA8943C1E332520F7440C0AA30
C:\WINDOWS\system32\dllcache\i8042prt.sys --a--c- 52480 bytes [12:00 04/08/2004] [19:18 13/04/2008] 4A0B06AA8943C1E332520F7440C0AA30
C:\WINDOWS\system32\drivers\i8042prt.sys --a---- 52480 bytes [12:00 04/08/2004] [19:18 13/04/2008] 4A0B06AA8943C1E332520F7440C0AA30

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

The driver for the MS keyboard is there. Did you ever download the drivers for the Dell keyboard?


----------



## MrWmnHtr (Feb 18, 2010)

No. Cuz its my keyboard I use when I repair computers. It works fine. He never mentioned a problem with his. I think we are good on the keyboard.


----------



## Cookiegal (Aug 27, 2003)

Oh, OK. I thought there was a problem with the keyboard.

Now, what problems remain?


----------



## MrWmnHtr (Feb 18, 2010)

Nothing with malware. But I just discovered that when I use one of the two front mounted USB ports. It gave me a Delayed Write Failed message. I removed the flash drive and tried the other one it worked fine. The one that failed now says windows does not reconize the device. Its the same flash drive I have been using for these repairs. Bad Socket?


----------



## Cookiegal (Aug 27, 2003)

Can you upload a screen shot of that message please?


----------



## MrWmnHtr (Feb 18, 2010)

I couldn't get it to bring up the two errors again.

(I Googled Delayed Write Failed and looked for the exact message I had seen and this is it: Windows - Delayed Write Failed : Windows was unable to save all the data for the file [name_of_the_file_you_want_to_save]. 
The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to save this file elsewhere.)

(The 2nd error above is the same message as the 4th error below.)

So I restarted the computer, inserted the flash drive and got a 3rd error message that is in this attachment. I hit Print Screen and pasted into Paint. Saved to desk top and tried to drag and drop onto the Flash Drive. A 4th error message said that it couldn't copy the file because the path was unknown. But the file *is on* the flash drive.

I transfered the flash drive to my computer and I got a message that the disk needed to be checked so I let check and it said there were no errors. I tried to open the screenshot and it said it could not open cuz it may be corrupted.

I went back to the computer we are working with inserted the flash drive into the problem port and the Safely Remove Hardware Icon started flashing on the taskbar. I opened My Computer and the Flash Drive was flashing on and off there also. I took a screenshot of this (4th) error. I removed the Flash drive and inserted it into one of the rear ports that I have been using. I transfered the screenshots (3rd & 4th errors) to the flash drive. I'm attaching them here. (USB.jpg is the 3rd error. USb2.jpg is the 2nd and 4th error message/the flashing error.)


----------



## MrWmnHtr (Feb 18, 2010)

Ok i got confused. The 2nd and 4th errors are NOT the same. I stated what the 2nd error message said "couldn't copy the file because the path was unknown." The 4th error is as in the attachment USB2.jpg. Sorry.


----------



## Cookiegal (Aug 27, 2003)

That could be indicative of an infection. Perhaps the flash drive is infected. Are you experiencing any symptoms like no shortcuts in the start menu or if you open C:\Windows\System32 it appears to be empty?

Let's check the Event Viewer to see if there are any genuine errors that were generated.

Please go to *Start *- *Run *- type in *eventvwr.msc* to open the event viewer. Look under both "Application" and "System" for recent (the last 48 hours or so) errors (shown in red) and if found, do this for each one.

Double-click the error to open it up and then click on the icon that looks like two pieces of paper. This will copy the full error. Then "paste" the error into Notepad. Do this for each one until you have them all listed in Notepad and then copy and paste the list in a reply here please.


----------



## MrWmnHtr (Feb 18, 2010)

I got a Unicode Format Error when I tried to save the notebook file. Attached.

APPLICATION ERRORS

Event Type: Error
Event Source: crypt32
Event Category: None
Event ID: 11
Date: 6/2/2012
Time: 1:45:30 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Failed extract of third-party root list from auto

update cab at:

<http://www.download.windowsupdate.com/msdownload/updat

e/v3/static/trustedr/en/authrootstl.cab> with error: A

required certificate is not within its validity period

when verifying against the current system clock or the

timestamp in the signed file.

For more information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: crypt32
Event Category: None
Event ID: 11
Date: 6/2/2012
Time: 1:45:30 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Failed extract of third-party root list from auto

update cab at:

<http://www.download.windowsupdate.com/msdownload/updat

e/v3/static/trustedr/en/authrootstl.cab> with error: A

required certificate is not within its validity period

when verifying against the current system clock or the

timestamp in the signed file.

For more information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: crypt32
Event Category: None
Event ID: 11
Date: 6/2/2012
Time: 1:45:30 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Failed extract of third-party root list from auto

update cab at:

<http://www.download.windowsupdate.com/msdownload/updat

e/v3/static/trustedr/en/authrootstl.cab> with error: A

required certificate is not within its validity period

when verifying against the current system clock or the

timestamp in the signed file.

For more information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: LoadPerf
Event Category: None
Event ID: 3001
Date: 6/1/2012
Time: 8:54:14 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The performance counter name string value in the

registry is incorrectly formatted. The bogus string is

9008, the bogus index value is the first DWORD in Data

section while the last valid index values are the

second and third DWORD in Data section.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 30 23 00 00 2e 23 00 00 0#...#..
0008: 2f 23 00 00 97 02 00 00 /#..&#151;...

Event Type: Error
Event Source: LoadPerf
Event Category: None
Event ID: 3011
Date: 6/1/2012
Time: 8:54:14 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Unloading the performance counter strings for service

aspnet_state (ASP.NET State Service) failed. The Error

code is the first DWORD in Data section.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: f2 03 00 00 3b 07 00 00 ò...;...

Event Type: Error
Event Source: LoadPerf
Event Category: None
Event ID: 3001
Date: 6/1/2012
Time: 8:54:14 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The performance counter name string value in the

registry is incorrectly formatted. The bogus string is

9008, the bogus index value is the first DWORD in Data

section while the last valid index values are the

second and third DWORD in Data section.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 30 23 00 00 2e 23 00 00 0#...#..
0008: 2f 23 00 00 cf 01 00 00 /#..Ï...

Event Type: Error
Event Source: LoadPerf
Event Category: None
Event ID: 3011
Date: 6/1/2012
Time: 8:54:12 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Unloading the performance counter strings for service

ASP.NET_2.0.50727 (ASP.NET_2.0.50727) failed. The Error

code is the first DWORD in Data section.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: f2 03 00 00 3b 07 00 00 ò...;...

Event Type: Error
Event Source: LoadPerf
Event Category: None
Event ID: 3001
Date: 6/1/2012
Time: 8:54:12 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The performance counter name string value in the

registry is incorrectly formatted. The bogus string is

9008, the bogus index value is the first DWORD in Data

section while the last valid index values are the

second and third DWORD in Data section.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 30 23 00 00 2e 23 00 00 0#...#..
0008: 2f 23 00 00 cf 01 00 00 /#..Ï...

Event Type: Error
Event Source: HotFixInstaller
Event Category: None
Event ID: 5000
Date: 6/1/2012
Time: 8:37:34 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
EventType visualstudio8setup, P1 microsoft .net

framework 2.0-kb2604092, P2 1033, P3 1618, P4 msi, P5

f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 0.

For more information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 76 00 69 00 73 00 75 00 v.i.s.u.
0008: 61 00 6c 00 73 00 74 00 a.l.s.t.
0010: 75 00 64 00 69 00 6f 00 u.d.i.o.
0018: 38 00 73 00 65 00 74 00 8.s.e.t.
0020: 75 00 70 00 2c 00 20 00 u.p.,. .
0028: 6d 00 69 00 63 00 72 00 m.i.c.r.
0030: 6f 00 73 00 6f 00 66 00 o.s.o.f.
0038: 74 00 20 00 2e 00 6e 00 t. ...n.
0040: 65 00 74 00 20 00 66 00 e.t. .f.
0048: 72 00 61 00 6d 00 65 00 r.a.m.e.
0050: 77 00 6f 00 72 00 6b 00 w.o.r.k.
0058: 20 00 32 00 2e 00 30 00 .2...0.
0060: 2d 00 6b 00 62 00 32 00 -.k.b.2.
0068: 36 00 30 00 34 00 30 00 6.0.4.0.
0070: 39 00 32 00 2c 00 20 00 9.2.,. .
0078: 31 00 30 00 33 00 33 00 1.0.3.3.
0080: 2c 00 20 00 31 00 36 00 ,. .1.6.
0088: 31 00 38 00 2c 00 20 00 1.8.,. .
0090: 6d 00 73 00 69 00 2c 00 m.s.i.,.
0098: 20 00 66 00 2c 00 20 00 .f.,. .
00a0: 39 00 2e 00 30 00 2e 00 9...0...
00a8: 34 00 30 00 32 00 31 00 4.0.2.1.
00b0: 35 00 2e 00 30 00 2c 00 5...0.,.
00b8: 20 00 69 00 6e 00 73 00 .i.n.s.
00c0: 74 00 61 00 6c 00 6c 00 t.a.l.l.
00c8: 2c 00 20 00 78 00 38 00 ,. .x.8.
00d0: 36 00 2c 00 20 00 78 00 6.,. .x.
00d8: 70 00 20 00 30 00 0d 00 p. .0...
00e0: 0a 00 ..

Event Type: Error
Event Source: HotFixInstaller
Event Category: None
Event ID: 5000
Date: 6/1/2012
Time: 8:35:59 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
EventType visualstudio8setup, P1 microsoft .net

framework 3.5-kb2657424, P2 1033, P3 1618, P4 msi, P5

f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 0.

For more information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 76 00 69 00 73 00 75 00 v.i.s.u.
0008: 61 00 6c 00 73 00 74 00 a.l.s.t.
0010: 75 00 64 00 69 00 6f 00 u.d.i.o.
0018: 38 00 73 00 65 00 74 00 8.s.e.t.
0020: 75 00 70 00 2c 00 20 00 u.p.,. .
0028: 6d 00 69 00 63 00 72 00 m.i.c.r.
0030: 6f 00 73 00 6f 00 66 00 o.s.o.f.
0038: 74 00 20 00 2e 00 6e 00 t. ...n.
0040: 65 00 74 00 20 00 66 00 e.t. .f.
0048: 72 00 61 00 6d 00 65 00 r.a.m.e.
0050: 77 00 6f 00 72 00 6b 00 w.o.r.k.
0058: 20 00 33 00 2e 00 35 00 .3...5.
0060: 2d 00 6b 00 62 00 32 00 -.k.b.2.
0068: 36 00 35 00 37 00 34 00 6.5.7.4.
0070: 32 00 34 00 2c 00 20 00 2.4.,. .
0078: 31 00 30 00 33 00 33 00 1.0.3.3.
0080: 2c 00 20 00 31 00 36 00 ,. .1.6.
0088: 31 00 38 00 2c 00 20 00 1.8.,. .
0090: 6d 00 73 00 69 00 2c 00 m.s.i.,.
0098: 20 00 66 00 2c 00 20 00 .f.,. .
00a0: 39 00 2e 00 30 00 2e 00 9...0...
00a8: 34 00 30 00 32 00 31 00 4.0.2.1.
00b0: 35 00 2e 00 30 00 2c 00 5...0.,.
00b8: 20 00 69 00 6e 00 73 00 .i.n.s.
00c0: 74 00 61 00 6c 00 6c 00 t.a.l.l.
00c8: 2c 00 20 00 78 00 38 00 ,. .x.8.
00d0: 36 00 2c 00 20 00 78 00 6.,. .x.
00d8: 70 00 20 00 30 00 0d 00 p. .0...
00e0: 0a 00 ..

Event Type: Error
Event Source: HotFixInstaller
Event Category: None
Event ID: 5000
Date: 6/1/2012
Time: 8:35:04 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
EventType visualstudio8setup, P1 microsoft .net

framework 2.0-kb2656352, P2 1033, P3 1618, P4 msi, P5

f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 0.

For more information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 76 00 69 00 73 00 75 00 v.i.s.u.
0008: 61 00 6c 00 73 00 74 00 a.l.s.t.
0010: 75 00 64 00 69 00 6f 00 u.d.i.o.
0018: 38 00 73 00 65 00 74 00 8.s.e.t.
0020: 75 00 70 00 2c 00 20 00 u.p.,. .
0028: 6d 00 69 00 63 00 72 00 m.i.c.r.
0030: 6f 00 73 00 6f 00 66 00 o.s.o.f.
0038: 74 00 20 00 2e 00 6e 00 t. ...n.
0040: 65 00 74 00 20 00 66 00 e.t. .f.
0048: 72 00 61 00 6d 00 65 00 r.a.m.e.
0050: 77 00 6f 00 72 00 6b 00 w.o.r.k.
0058: 20 00 32 00 2e 00 30 00 .2...0.
0060: 2d 00 6b 00 62 00 32 00 -.k.b.2.
0068: 36 00 35 00 36 00 33 00 6.5.6.3.
0070: 35 00 32 00 2c 00 20 00 5.2.,. .
0078: 31 00 30 00 33 00 33 00 1.0.3.3.
0080: 2c 00 20 00 31 00 36 00 ,. .1.6.
0088: 31 00 38 00 2c 00 20 00 1.8.,. .
0090: 6d 00 73 00 69 00 2c 00 m.s.i.,.
0098: 20 00 66 00 2c 00 20 00 .f.,. .
00a0: 39 00 2e 00 30 00 2e 00 9...0...
00a8: 34 00 30 00 32 00 31 00 4.0.2.1.
00b0: 35 00 2e 00 30 00 2c 00 5...0.,.
00b8: 20 00 69 00 6e 00 73 00 .i.n.s.
00c0: 74 00 61 00 6c 00 6c 00 t.a.l.l.
00c8: 2c 00 20 00 78 00 38 00 ,. .x.8.
00d0: 36 00 2c 00 20 00 78 00 6.,. .x.
00d8: 70 00 20 00 30 00 0d 00 p. .0...
00e0: 0a 00 ..

SYSTEM ERRORS

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 6/3/2012
Time: 2:52:00 AM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
DCOM got error "The service cannot be started, either

because it is disabled or because it has no enabled

devices associated with it. " attempting to start the

service gupdate with arguments "/comsvc" in order to

run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 6/2/2012
Time: 9:52:00 PM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
DCOM got error "The service cannot be started, either

because it is disabled or because it has no enabled

devices associated with it. " attempting to start the

service gupdate with arguments "/comsvc" in order to

run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 7:34:09 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following

error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 6/2/2012
Time: 7:34:09 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start

due to the following error: 
The system cannot find the file specified.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 6/2/2012
Time: 4:52:00 PM
User: NT AUTHORITY\SYSTEM
Computer: JEFF-2E0A22FF48
Description:
DCOM got error "The service cannot be started, either

because it is disabled or because it has no enabled

devices associated with it. " attempting to start the

service gupdate with arguments "/comsvc" in order to

run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 2:46:13 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following

error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 6/2/2012
Time: 2:46:13 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start

due to the following error: 
The system cannot find the file specified.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:53 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:53 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:52 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:52 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:52 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:52 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:52 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:52 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:52 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:52 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:52 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:52 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:51 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:51 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:51 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:51 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

You can see the pattern here there are 9 or 10 of these

every second for the next 10 seconds. I will post the

first one next. This is probably the flashing Safely

Remove Hardware Icon. (Desending Order)

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 1:44:42 PM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Application Management service terminated with the

following error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/2/2012
Time: 10:52:52 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following

error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 6/2/2012
Time: 10:52:52 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start

due to the following error: 
The system cannot find the file specified.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/1/2012
Time: 9:11:54 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following

error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 6/1/2012
Time: 9:11:54 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start

due to the following error: 
The system cannot find the file specified.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date:  6/1/2012
Time: 9:11:54 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start

due to the following error: 
The system cannot find the file specified.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Windows Update Agent
Event Category: Installation 
Event ID: 20
Date: 6/1/2012
Time: 8:37:40 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Installation Failure: Windows failed to install the

following update with error 0x80070643: Security Update

for Microsoft .NET Framework 2.0 SP2 on Windows Server

2003 and Windows XP x86 (KB2604092).

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 38 sult=0x8
0010: 30 30 37 30 36 34 33 20 0070643 
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 33 45 39 35 32 42 ={3E952B
0028: 43 35 2d 41 41 44 32 2d C5-AAD2-
0030: 34 31 31 37 2d 41 42 36 4117-AB6
0038: 35 2d 41 34 32 46 39 36 5-A42F96
0040: 32 39 38 38 36 38 7d 20 298868} 
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 31 Number=1
0058: 30 35 20 00 05 .

Event Type: Error
Event Source: Windows Update Agent
Event Category: Installation 
Event ID: 20
Date: 6/1/2012
Time: 8:36:05 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Installation Failure: Windows failed to install the

following update with error 0x80070643: Security Update

for Microsoft .NET Framework 3.5 SP1 on Windows XP,

Server 2003, Vista, Server 2008 x86 (KB2657424).

For

more information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 38 sult=0x8
0010: 30 30 37 30 36 34 33 20 0070643 
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 30 36 36 30 42 33 ={0660B3
0028: 39 39 2d 46 37 34 34 2d 99-F744-
0030: 34 42 31 36 2d 41 39 43 4B16-A9C
0038: 46 2d 46 43 38 30 45 31 F-FC80E1
0040: 46 30 34 30 46 33 7d 20 F040F3} 
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 31 Number=1
0058: 30 34 20 00 04 .

Event Type: Error
Event Source: Windows Update Agent
Event Category: Installation 
Event ID: 20
Date: 6/1/2012
Time: 8:35:46 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
Installation Failure: Windows failed to install the

following update with error 0x80070643: Security Update

for Microsoft .NET Framework 2.0 SP2 on Windows Server

2003 and Windows XP x86 (KB2656352).

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 38 sult=0x8
0010: 30 30 37 30 36 34 33 20 0070643 
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 38 39 31 34 44 31 ={8914D1
0028: 38 37 2d 44 30 43 37 2d 87-D0C7-
0030: 34 43 37 45 2d 39 38 32 4C7E-982
0038: 34 2d 43 46 43 46 46 34 4-CFCFF4
0040: 43 38 33 37 37 44 7d 20 C8377D} 
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 31 Number=1
0058: 30 35 20 00 05 .

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 6/1/2012
Time: 8:26:39 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Bdfsdrv service terminated with the following

error: 
The specified module could not be found.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 6/1/2012
Time: 8:26:39 AM
User: N/A
Computer: JEFF-2E0A22FF48
Description:
The Zune Bus Enumerator Driver service failed to start

due to the following error: 
The system cannot find the file specified.

For more

information, see Help and Support Center at

http://go.microsoft.com/fwlink/events.asp.


----------



## Cookiegal (Aug 27, 2003)

The Application Management error is a known issue on XP Home. We just need to disable that service so please do the following:

Go to *Start *- *Run *- type in *services.msc* and click Enter.

Double-click on the *Application Management* service and then change the startup type to "Disabled" then click "Apply".

Do the same for the *Bdfsdrv *service.

Please scan with DDS again and post the new logs.


----------



## MrWmnHtr (Feb 18, 2010)

.
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_32
Run by Jeff Miller at 16:47:40 on 2012-06-03
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1627 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.myqwest.com/
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10x_ActiveX.exe -update activex
uPolicies-explorer: NoInstrumentation = 1 (0x1)
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\jeff miller\start menu\programs\imvu\Run IMVU.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\npjpi160_32.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{DFE920CD-B641-4BEE-B3F8-93836BBCF81C} : DhcpNameServer = 192.168.0.1 205.171.3.25
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jeff miller\application data\mozilla\firefox\profiles\mnjbclzh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&searchfor=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\program files\pc tools security\bdt\firefox\platform\winnt_x86-msvc\components\libheuristic.dll
FF - plugin: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-3-28 13496]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-6-2 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-6-2 337880]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-6-2 20696]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-6-2 44768]
R3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [2009-10-1 802683]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S4 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2012-5-8 913752]
S4 Browser Defender Update Service;Browser Defender Update Service;c:\program files\pc tools security\bdt\BDTUpdateService.exe [2011-3-27 337872]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-2 129976]
S4 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-4-18 993848]
S4 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-4-18 399416]
.
=============== Created Last 30 ================
.
2012-06-02 20:46:46 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-06-02 20:46:08 41184 ----a-w- c:\windows\avastSS.scr
2012-06-02 20:45:46 -------- d-----w- c:\program files\AVAST Software
2012-06-01 15:49:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-01 15:49:38 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-01 06:36:47 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-06-01 06:36:47 3072 ------w- c:\windows\system32\iacenc.dll
2012-05-28 05:06:05 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2012-05-28 05:06:02 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2012-05-28 05:06:01 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2012-05-28 05:04:59 12415 -c--a-w- c:\windows\system32\dllcache\wadv01nt.sys
2012-05-28 05:03:56 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2012-05-28 05:02:57 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2012-05-28 05:01:59 28384 -c--a-w- c:\windows\system32\dllcache\sym_hi.sys
2012-05-28 05:00:59 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2012-05-28 04:59:58 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2012-05-28 04:58:56 75392 -c--a-w- c:\windows\system32\dllcache\s3savmxm.sys
2012-05-28 04:57:56 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2012-05-28 04:56:56 121344 -c--a-w- c:\windows\system32\dllcache\phvfwext.dll
2012-05-28 04:55:58 351616 -c--a-w- c:\windows\system32\dllcache\ovcodek2.sys
2012-05-28 04:54:57 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2012-05-28 04:53:56 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2012-05-28 04:52:57 70730 -c--a-w- c:\windows\system32\dllcache\lne100tx.sys
2012-05-28 04:51:58 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll
2012-05-28 04:50:59 9759 -c--a-w- c:\windows\system32\dllcache\hsf_inst.dll
2012-05-28 04:49:58 1733120 -c--a-w- c:\windows\system32\dllcache\g400d.dll
2012-05-28 04:48:59 40704 -c--a-w- c:\windows\system32\dllcache\es1371mp.sys
2012-05-28 04:47:59 6729 -c--a-w- c:\windows\system32\dllcache\disrvci.dll
2012-05-28 04:46:59 13952 -c--a-w- c:\windows\system32\dllcache\cmbatt.sys
2012-05-28 04:45:59 75136 -c--a-w- c:\windows\system32\dllcache\atimpae.sys
2012-05-28 04:44:47 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2012-05-27 16:23:31 -------- d-----w- C:\_OTS
2012-05-26 00:15:07 -------- d-----w- c:\windows\XSxS
2012-05-25 05:26:02 162816 -c--a-w- c:\windows\system32\dllcache\netbt.sys
2012-05-25 05:26:02 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-05-25 04:57:49 -------- d-sha-r- C:\cmdcons
2012-05-25 04:31:57 98816 ----a-w- c:\windows\sed.exe
2012-05-25 04:31:57 518144 ----a-w- c:\windows\SWREG.exe
2012-05-25 04:31:57 256000 ----a-w- c:\windows\PEV.exe
2012-05-25 04:31:57 208896 ----a-w- c:\windows\MBR.exe
2012-05-18 14:00:54 -------- d-----w- c:\program files\Xenocode
2012-05-18 10:11:46 46976 ----a-w- c:\windows\system32\drivers\R8139n51.sys
2012-05-18 08:05:42 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-05-18 08:05:42 -------- d-----w- c:\windows\system32\wbem\Repository
2012-05-17 00:25:33 -------- d-----w- c:\windows\system32\NtmsData
2012-05-16 18:31:32 -------- d-----w- c:\windows\OPTIONS
2012-05-16 18:24:57 21736 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2012-05-16 02:56:25 -------- d-----w- c:\documents and settings\jeff miller\local settings\application data\Xenocode
2012-05-11 07:31:24 -------- d-----w- c:\documents and settings\all users.windows\application data\WEBREG
2012-05-09 23:02:02 21336 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-05-08 20:04:25 -------- d-----w- c:\documents and settings\all users.windows\application data\IObit
2012-05-08 19:57:16 -------- d-----w- c:\documents and settings\all users.windows\application data\AVAST Software
.
==================== Find3M ====================
.
2012-06-01 15:49:19 472864 -c--a-w- c:\windows\system32\deployJava1.dll
2012-04-11 13:12:06 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:10:58 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 12:35:52 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-04 22:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-06 18:49:04 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 16:50:43.73 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 5/10/2009 10:35:34 AM
System Uptime: 6/2/2012 7:33:12 PM (21 hours ago)
.
Motherboard: ECS | | 945GZ/CT-M
Processor: Intel(R) Celeron(R) D CPU 3.33GHz | CPU 1 | 3325/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 108.662 GiB free.
D: is CDROM ()
E: is CDROM ()
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&2C575ACB&0
Manufacturer: (Standard keyboards)
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&2C575ACB&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP1: 5/24/2012 10:04:31 PM - System Checkpoint
RP2: 5/26/2012 12:34:23 AM - System Checkpoint
RP3: 5/27/2012 11:36:22 AM - System Checkpoint
RP4: 5/28/2012 2:05:29 PM - System Checkpoint
RP5: 5/29/2012 2:49:20 PM - System Checkpoint
RP6: 5/30/2012 2:50:43 PM - System Checkpoint
RP7: 5/31/2012 12:43:11 PM - Installed Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
RP8: 5/31/2012 11:36:42 PM - Software Distribution Service 3.0
RP9: 6/1/2012 8:28:00 AM - Software Distribution Service 3.0
RP10: 6/1/2012 8:48:38 AM - Removed Java(TM) 6 Update 24
RP11: 6/1/2012 8:49:05 AM - Installed Java(TM) 6 Update 32
RP12: 6/1/2012 8:51:09 AM - Software Distribution Service 3.0
RP13: 6/2/2012 11:19:42 AM - System Checkpoint
RP14: 6/2/2012 1:44:29 PM - Removed J2SE Runtime Environment 5.0 Update 1
RP15: 6/2/2012 1:45:46 PM - avast! Free Antivirus Setup
RP16: 6/3/2012 2:37:43 PM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.5.1
Advanced SystemCare 5
AiO_Scan
avast! Free Antivirus
Browser Defender 3.0
BufferChm
CameraDrivers
CameraReadme
Canon S750
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
DeviceDiscovery
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 8.0
HP Imaging Device Functions 9.0
HP Photosmart 8.0 Software
HP Photosmart Cameras 9.0
HP Photosmart Essential
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Product Assistant
HP Product Detection
HP PSC & OfficeJet 5.3.B
HP Solution Center 9.0
HP Update
hpicamDrvQFolder
HPProductAssistant
HPSSupply
InstantShareDevicesMFC
Java Auto Updater
Java(TM) 6 Update 32
Lucent Technologies Soft Modem AMR
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Professional
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft WinUsb 1.0
Mozilla Firefox 12.0 (x86 en-GB)
Mozilla Maintenance Service
MSN
OpenOffice.org 3.1
PanoStandAlone
ps_app_ProductContext
ps_app_software
ps_app_software_req
PSSWCORE
Qwest Installer
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
RealUpgrade 1.1
Scan
Secunia PSI (2.0.0.3003)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Smart Defrag 2
SolutionCenter
Status
SUPERAntiSpyware
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoToolkit01
W Photo Studio
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
6/2/2012 4:52:00 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
6/2/2012 1:44:42 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
6/1/2012 8:37:53 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).
6/1/2012 8:37:40 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2604092).
6/1/2012 8:36:05 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2657424).
6/1/2012 8:35:46 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2656352).
5/28/2012 1:45:47 PM, error: Service Control Manager [7023] - The Bdfsdrv service terminated with the following error: The specified module could not be found.
5/28/2012 1:45:47 PM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed to start due to the following error: The system cannot find the file specified.
5/27/2012 9:23:32 AM, error: Service Control Manager [7034] - The Secunia PSI Agent service terminated unexpectedly. It has done this 1 time(s).
5/27/2012 9:23:32 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
5/27/2012 9:23:31 AM, error: Service Control Manager [7034] - The Secunia Update Agent service terminated unexpectedly. It has done this 1 time(s).
5/27/2012 9:23:31 AM, error: Service Control Manager [7034] - The Browser Defender Update Service service terminated unexpectedly. It has done this 1 time(s).
5/27/2012 9:23:31 AM, error: Service Control Manager [7034] - The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).
5/27/2012 9:23:31 AM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
.
==== End Of File ===========================


----------



## Cookiegal (Aug 27, 2003)

Open Notepad and copy and paste the text in the code box below into it:


```
DirLook::
c:\windows\OPTIONS
c:\documents and settings\jeff miller\local settings\application data\Xenocode

Firefox::
FF - ProfilePath - c:\documents and settings\jeff miller\application data\mozilla\firefox\profiles\mnjbclzh.default\
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&s earchfor=
```
Save the file to your desktop and name it CFScript.txt

Referring to the picture below, drag CFScript.txt into ComboFix.exe










This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.

*Note: These instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system.*


----------



## MrWmnHtr (Feb 18, 2010)

ComboFix 12-06-03.05 - Jeff Miller 06/04/2012 8:57.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1666 [GMT -7:00]
Running from: c:\documents and settings\Jeff Miller\Desktop\Repairs 052012\Repair Tools\ComboFix.exe
Command switches used :: c:\documents and settings\Jeff Miller\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Files Created from 2012-05-04 to 2012-06-04 )))))))))))))))))))))))))))))))
.
.
2012-06-04 15:46 . 2012-06-04 15:46 -------- d-----w- c:\windows\LastGood
2012-06-02 20:46 . 2012-03-07 00:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-06-02 20:46 . 2012-03-07 00:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-06-02 20:46 . 2012-03-07 00:02 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-06-02 20:46 . 2012-03-07 00:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-06-02 20:46 . 2012-03-07 00:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-06-02 20:46 . 2012-03-07 00:01 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-06-02 20:46 . 2012-03-07 00:01 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-06-02 20:46 . 2012-03-06 23:58 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-06-02 20:46 . 2012-03-07 00:15 41184 ----a-w- c:\windows\avastSS.scr
2012-06-02 20:46 . 2012-03-07 00:15 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-02 20:45 . 2012-06-02 20:45 -------- d-----w- c:\program files\AVAST Software
2012-06-01 15:49 . 2012-06-01 15:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-01 15:49 . 2012-06-01 15:49 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-01 06:36 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-06-01 06:36 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-05-28 05:06 . 2008-04-14 00:12 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2012-05-28 05:06 . 2001-08-18 05:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2012-05-28 05:06 . 2008-04-14 00:12 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2012-05-28 05:04 . 2004-08-04 05:29 12415 -c--a-w- c:\windows\system32\dllcache\wadv01nt.sys
2012-05-28 05:03 . 2001-08-18 05:36 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2012-05-28 05:02 . 2001-08-18 05:35 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2012-05-28 05:01 . 2001-08-17 21:07 28384 -c--a-w- c:\windows\system32\dllcache\sym_hi.sys
2012-05-28 05:00 . 2001-08-18 05:36 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2012-05-28 04:59 . 2001-08-18 05:36 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2012-05-28 04:58 . 2001-08-17 19:50 75392 -c--a-w- c:\windows\system32\dllcache\s3savmxm.sys
2012-05-28 04:57 . 2001-08-17 20:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2012-05-28 04:56 . 2001-08-18 05:36 121344 -c--a-w- c:\windows\system32\dllcache\phvfwext.dll
2012-05-28 04:55 . 2001-08-17 21:05 351616 -c--a-w- c:\windows\system32\dllcache\ovcodek2.sys
2012-05-28 04:54 . 2001-08-18 05:36 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2012-05-28 04:53 . 2001-08-17 21:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2012-05-28 04:52 . 2001-08-17 19:12 70730 -c--a-w- c:\windows\system32\dllcache\lne100tx.sys
2012-05-28 04:51 . 2001-08-18 05:36 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll
2012-05-28 04:50 . 2001-08-18 05:36 9759 -c--a-w- c:\windows\system32\dllcache\hsf_inst.dll
2012-05-28 04:49 . 2001-08-17 21:56 1733120 -c--a-w- c:\windows\system32\dllcache\g400d.dll
2012-05-28 04:48 . 2001-08-17 19:19 40704 -c--a-w- c:\windows\system32\dllcache\es1371mp.sys
2012-05-28 04:47 . 2001-08-18 05:36 6729 -c--a-w- c:\windows\system32\dllcache\disrvci.dll
2012-05-28 04:46 . 2008-04-13 18:36 13952 -c--a-w- c:\windows\system32\dllcache\cmbatt.sys
2012-05-28 04:45 . 2001-08-18 05:36 37376 -c--a-w- c:\windows\system32\dllcache\atievxx.exe
2012-05-28 04:44 . 2001-08-17 21:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2012-05-27 16:23 . 2012-05-27 16:23 -------- d-----w- C:\_OTS
2012-05-25 05:26 . 2008-04-13 19:21 162816 -c--a-w- c:\windows\system32\dllcache\netbt.sys
2012-05-25 05:26 . 2008-04-13 19:21 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-05-19 08:38 . 2012-05-19 08:39 -------- d-----w- c:\documents and settings\servicetech
2012-05-18 14:00 . 2012-05-18 14:00 -------- d-----w- c:\program files\Xenocode
2012-05-18 10:11 . 2003-06-23 02:57 46976 ----a-w- c:\windows\system32\drivers\R8139n51.sys
2012-05-18 08:05 . 2012-05-18 08:05 -------- d-----w- c:\windows\system32\wbem\Repository
2012-05-18 08:03 . 2012-05-18 08:03 -------- d-----w- c:\documents and settings\Jeff Miller\Application Data\InstallShield
2012-05-17 00:25 . 2012-05-17 01:14 -------- d-----w- c:\windows\system32\NtmsData
2012-05-16 18:31 . 2012-05-16 18:31 -------- d-----w- c:\windows\OPTIONS
2012-05-16 18:24 . 2011-11-24 18:37 21736 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2012-05-16 02:56 . 2012-05-16 02:56 -------- d-----w- c:\documents and settings\Jeff Miller\Local Settings\Application Data\Xenocode
2012-05-11 07:31 . 2012-05-11 07:31 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\WEBREG
2012-05-09 23:02 . 2012-02-23 21:25 21336 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-05-09 02:43 . 2012-05-18 08:05 -------- d-----w- c:\documents and settings\Administrator.JEFF-2E0A22FF48
2012-05-09 00:27 . 2012-05-09 00:27 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\IObit
2012-05-08 20:04 . 2012-05-08 20:04 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\IObit
2012-05-08 19:57 . 2012-06-02 20:45 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-01 15:49 . 2011-05-30 17:08 472864 -c--a-w- c:\windows\system32\deployJava1.dll
2012-04-11 13:12 . 2004-08-04 12:00 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:10 . 2004-08-04 12:00 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 12:35 . 2004-08-03 22:59 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-04 22:56 . 2011-05-29 13:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-08 19:52 . 2012-03-08 19:52 664 -c--a-w- c:\documents and settings\NetworkService.NT AUTHORITY.000\Local Settings\Application Data\d3d9caps.tmp
2012-03-06 18:49 . 2011-05-20 23:07 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-02 20:26 . 2012-06-02 20:26 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\jeff miller\local settings\application data\Xenocode ----
.
2012-05-18 20:55 . 2012-05-18 20:55 0 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\DELETED\@[email protected]\Microsoft\CLR Security Config\v2.0.50727.42\security.config.cch.new.__deleted__
2012-05-18 20:55 . 2012-05-18 20:55 10598 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft\CLR Security Config\v2.0.50727.42\security.config.cch
2012-05-18 14:55 . 2012-05-18 14:55 17408 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Native\STUBEXE\8.0.1135\@[email protected]\ipconfig.exe
2012-05-18 14:53 . 2012-05-18 14:53 69120 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
2012-05-18 14:52 . 2012-05-18 14:52 17408 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Native\STUBEXE\8.0.1135\@[email protected]\PING.EXE
2012-05-18 14:51 . 2012-05-18 14:51 572936 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
2012-05-18 14:51 . 2012-05-18 14:51 37896  ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
2012-05-18 14:51 . 2012-05-18 14:51 372736 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
2012-05-18 14:51 . 2012-05-18 14:51 17408 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\STUBEXE\8.0.1135\@[email protected]\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
2012-05-18 14:51 . 2012-05-18 14:51 114688 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
2012-05-18 14:51 . 2012-05-18 14:51 99320 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\alink.dll
2012-05-18 14:51 . 2012-05-18 14:51 145408 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
2012-05-18 14:51 . 2012-05-18 14:51 17408 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\STUBEXE\8.0.1135\@[email protected]\Microsoft.NET\Framework\v2.0.50727\csc.exe
2012-05-18 14:51 . 2012-05-18 14:51 340992 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
2012-05-18 14:51 . 2012-05-18 14:51 10752 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
2012-05-18 14:51 . 2012-05-18 14:51 2068480 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
2012-05-18 14:51 . 2012-05-18 14:51 425984 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
2012-05-18 14:51 . 2012-05-18 14:51 630784 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
2012-05-18 14:51 . 2012-05-18 14:51 3076096 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
2012-05-18 14:51 . 2012-05-18 14:51 5013504 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
2012-05-18 14:51 . 2012-05-18 14:51 227 --sha-r- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\Desktop.ini
2012-05-18 14:51 . 2012-05-18 14:51 95232 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
2012-05-18 14:51 . 2012-05-18 14:51 27136 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\Culture.dll
2012-05-18 14:51 . 2012-05-18 14:51 18936 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\fusion.dll
2012-05-18 14:51 . 2012-05-18 14:51 119296 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
2012-05-18 14:51 . 2012-05-18 14:51 348672 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
2012-05-18 14:51 . 2012-05-18 14:51 77312 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
2012-05-18 14:51 . 2012-05-18 14:51 4444160 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
2012-05-18 14:51 . 2012-05-18 14:51 5814784 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
2012-05-18 14:51 . 2012-05-18 14:51 479232 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\msvcm80.dll
2012-05-18 14:51 . 2012-05-18 14:51 558080 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\msvcp80.dll
2012-05-18 14:51 . 2012-05-18 14:51 635904 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\msvcr80.dll
2012-05-18 14:51 . 2012-05-18 14:51 2074 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\Microsoft.VC80.CRT.manifest
2012-05-18 14:51 . 2012-05-18 14:51 2074 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 502 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]t
2012-05-18 14:51 . 2012-05-18 14:51 499 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\webengine.manifest
2012-05-18 14:51 . 2012-05-18 14:51 499 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 502 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\WMINet_Utils.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\shfusres.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 763 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\vbc.manifest
2012-05-18 14:51 . 2012-05-18 14:51 763 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\peverify.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\shfusion.manifest
2012-05-18 14:51 . 2012-05-18 14:51 501 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\perfcounter.manifest
2012-05-18 14:51 . 2012-05-18 14:51 501 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 503 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\normalization.manifest
2012-05-18 14:51 . 2012-05-18 14:51 503 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 764 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscorwks.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 764 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\ngen.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscortim.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscorsvw.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 497 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscorsn.manifest
2012-05-18 14:51 . 2012-05-18 14:51 497 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscorsvc.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscorsec.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 497 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 497 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscorpe.manifest
2012-05-18 14:51 . 2012-05-18 14:51 497 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscorjit.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 497 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscorld.manifest
2012-05-18 14:51 . 2012-05-18 14:51 497 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscorie.manifest
2012-05-18 14:51 . 2012-05-18 14:51 497 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscordbi.manifest
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 427 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\MSBuild.manifest
2012-05-18 14:51 . 2012-05-18 14:51 427 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 498 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\mscordbc.manifest
2012-05-18 14:51 . 2012-05-18 14:51 765 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\ilasm.manifest
2012-05-18 14:51 . 2012-05-18 14:51 765 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 502 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 496 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\fusion.manifest
2012-05-18 14:51 . 2012-05-18 14:51 496 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 495 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\dfdll.manifest
2012-05-18 14:51 . 2012-05-18 14:51 495 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 502 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\diasymreader.manifest
2012-05-18 14:51 . 2012-05-18 14:51 497 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 766 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\cvtres.manifest
2012-05-18 14:51 . 2012-05-18 14:51 766 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 496 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\cscomp.manifest
2012-05-18 14:51 . 2012-05-18 14:51 496 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 497 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\culture.manifest
2012-05-18 14:51 . 2012-05-18 14:51 763 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\csc.manifest
2012-05-18 14:51 . 2012-05-18 14:51 763 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 503 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\CORPerfMonExt.manifest
2012-05-18 14:51 . 2012-05-18 14:51 503 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 769 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 495 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\alink.manifest
2012-05-18 14:51 . 2012-05-18 14:51 495 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 769 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\applaunch.manifest
2012-05-18 14:51 . 2012-05-18 14:51 509 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 509 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\System.Transactions.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\System.EnterpriseServices.Wrapper.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 258048 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\System.EnterpriseServices.dll
2012-05-18 14:51 . 2012-05-18 14:51 113664 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\System.EnterpriseServices.Wrapper.dll
2012-05-18 14:51 . 2012-05-18 14:51 6879 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 514 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 6879 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\System.EnterpriseServices.manifest
2012-05-18 14:51 . 2012-05-18 14:51 514 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\System.Data.OracleClient.manifest
2012-05-18 14:51 . 2012-05-18 14:51 506 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 501 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\System.Data.manifest
2012-05-18 14:51 . 2012-05-18 14:51 501 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\[email protected]
2012-05-18 14:51 . 2012-05-18 14:51 506 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\[email protected]\CustomMarshalers.manifest
2012-05-18 14:51 . 2012-05-18 14:51 362 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\dfshim.dll_0x94d8cf9c6284914e38f66023f1496fbb.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 468 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\XPThemes.manifest_0x46f522c77d1a514703a7fed0015fc623.manifest
2012-05-18 14:51 . 2012-05-18 14:51 524 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\webengine.dll_0x8e418892cfb4bdd8e6324ae8cc3580c7.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 527 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\WMINet_Utils.dll_0x86d78fe4ade59214ffe87919cfec72fc.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\ShFusRes.dll_0xed8c26a7fd0e36c8eea31099342ec510.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 788 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\vbc.exe_0x67f5238229333c061092f5a32e8c2ee1.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\peverify.dll_0x5142fc2dacc2819c6449f17809b8f5c1.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 362 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\RegAsm.exe_0xc08b53d25dab60ba0dba975b46d0b27a.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 362 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\RegSvcs.exe_0xfaa8ea9027ed6b6c875c247e59285270.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\shfusion.dll_0x08ed51f948992888c9fe0c4889c5c962.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscorwks.dll_0x815361747d41db96902ba93568ca087a.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 789 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\ngen.exe_0xf9e14b8e4214fefe5750e84db483a50e.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 528 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\normalization.dll_0xd86b398bd1cad6b6f5f476e5474c9131.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 526 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\PerfCounter.dll_0xbf29787a2d4942f113fc635c8d29a32a.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscortim.dll_0xd1e76d6f20cb835de3f41dd5d4c7b29b.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 522 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscorsn.dll_0x08617924913306d722b1eb415fcc5150.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscorsvc.dll_0x904a4d6965b9efeedd1dfe9f75ac566d.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscorsvw.exe_0x234b1bc2796483e1f5c3f26649fb3388.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscorjit.dll_0x721809036f87cdc998dc059bdc250308.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 522 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscorld.dll_0x0d90d965009a259f7480173718534b62.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 522 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscorpe.dll_0x98a52a67af50e4c3d0705a8d0fd45a26.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscorsec.dll_0xfd5ce6cec1d73a17ee598969a40dc1e2.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscordbc.dll_0x10711b4f073f71a20bfe1d5deaeb0e6d.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 523 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscordbi.dll_0x2de599c4b5a0dd4a57e3508f26a4328c.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 522 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\mscorie.dll_0x735b3c31c87f5f398159328f30ff72fe.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 419 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\MSBuild.exe_0x23c76ea46e425d20c1d08c67f0c4633f.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 521 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\fusion.dll_0x521f33a2b9857e7dfd8bd668926c8163.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 362 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\IEExec.exe_0x4f57cc6f0624be0d491310dd8003a2ba.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 790 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\ilasm.exe_0x5e50d119d8444ca154c7a87173b0bcf0.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 362 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\jsc.exe_0x62b5969df36894719c450c38409be8df.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 791 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\cvtres.exe_0xe0d21bee6dae44a7c6e1896d7a8c7463.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 520 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\dfdll.dll_0x7894268363ac71684c328c6553040164.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 362 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\dfsvc.exe_0x2c6eae9be4207d9b385b11b1bfd7d055.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 527 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\diasymreader.dll_0x25fbf89890485b2419414e74b6311895.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 521 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\cscomp.dll_0xfbe58302a04feacc0d45f97ff8631767.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 522 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\Culture.dll_0xc5ee683c50f6af4e93111f2655aef8e0.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 528 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\CORPerfMonExt.dll_0x401af75b25fcd185e599303ab807cf4e.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 788 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\csc.exe_0xe2f33cd871358aa99e53a62e1c927bb6.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 520 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\alink.dll_0x67833a8f10398cf2c08889f39e7d7636.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 794 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\AppLaunch.exe_0x170d73be3fe846e9070cfae530f5a31c.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 534 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\System.Transactions.dll_0x0773875b70a4a2da028d624382b6d1d2.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 468 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\System.Windows.Forms.dll_0x428414fcd23805381b7339990bc7ff4d.101.manifest
2012-05-18 14:51 . 2012-05-18 14:51 539 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\System.Data.OracleClient.dll_0xe57894c11258343adb0ca58d1e8fb8cf.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 6905 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\System.EnterpriseServices.dll_0xa346822baa7138022571b1084ac06570.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 548 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\System.EnterpriseServices.Wrapper.dll_0x4ab3b3a3e0a842de850d8d45ea88ace0.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 531 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\CustomMarshalers.dll_0xf2055ff9d81b2f595229e680816d8f5a.2.manifest
2012-05-18 14:51 . 2012-05-18 14:51 825 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\QwestActivationCDApp.exe_0xd12e242f914fe1de64b5297ff91e63c2.1.manifest
2012-05-18 14:51 . 2012-05-18 14:51 526 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\SXS\Manifests\System.Data.dll_0x342e631d44e81404c73f204c61545da4.2.manifest
2012-05-18 14:00 . 2012-05-18 14:00 17408 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\STUBEXE\8.0.1135\@[email protected]\QwestActivationCDApp.exe
2012-05-17 22:58 . 2012-05-17 22:58 0 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\DELETED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.3704.244453.__deleted__
2012-05-17 22:58 . 2012-05-17 22:58 0 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\DELETED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.3704.244437.__deleted__
2012-05-16 22:24 . 2012-05-16 22:24 0 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\DELETED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.3180.13235953.__deleted__
2012-05-16 22:24 . 2012-05-16 22:24 0 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\DELETED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.3180.13235953.__deleted__
2012-05-16 22:24 . 2012-05-16 22:24 0 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\DELETED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new.__deleted__
2012-05-16 22:24 . 2012-05-16 22:24 0 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\DELETED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.__deleted__
2012-05-16 22:24 . 2012-05-17 22:58 39791 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
2012-05-16 22:24 . 2012-05-16 22:24 0 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\DELETED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new.__deleted__
2012-05-16 22:24 . 2012-05-16 22:24 0 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\DELETED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.__deleted__
2012-05-16 22:24 . 2012-05-17 22:58 45577 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
1601-01-01 00:00 . 1601-01-01 00:00 0 ----a-w- c:\documents and settings\jeff miller\local settings\application data\Xenocode\Sandbox\Qwest High-Speed Internet\7.1.0.0\2009.12.08T01.59\Virtual\MODIFIED\@[email protected]\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
.
---- Directory of c:\windows\OPTIONS ----
.
2012-05-18 10:11 . 2003-06-23 02:57 46976 ------w- c:\windows\OPTIONS\CABS\R8139N51.SYS
2012-05-18 10:11 . 2003-06-23 02:57 97521 ------w- c:\windows\OPTIONS\CABS\NETRTXPO.CAT
2012-05-18 10:11 . 2003-06-23 02:57 80354 ------w- c:\windows\OPTIONS\CABS\NETRTXPO.INF
2012-05-18 10:11 . 2002-12-12 22:51 38590 ----a-w- c:\windows\OPTIONS\CABS\rtlsetn5.exe
2012-05-18 10:11 . 2002-12-31 00:08 711 ----a-w- c:\windows\OPTIONS\CABS\setup.iss
2012-05-16 18:31 . 2001-10-12 02:59 2454 ----a-w- c:\windows\OPTIONS\CABS\SETUP.TXT
.
.
((((((((((((((((((((((((((((( [email protected]_05.29.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-19 05:51 . 2011-04-19 05:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
- 2008-04-14 00:12 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 00:12 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
+ 2012-05-31 19:43 . 2003-06-23 02:57 46976 c:\windows\system32\ReinstallBackups\0027\DriverFiles\R8139n51.sys
+ 2004-08-04 12:00 . 2012-06-01 16:01 73682 c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2011-11-18 12:35 60416 c:\windows\system32\packager.exe
+ 2004-08-04 12:00 . 2011-09-26 18:41 20480 c:\windows\system32\oleaccrc.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 66560 c:\windows\system32\mshtmled.dll
- 2009-03-08 11:31 . 2011-02-22 23:06 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 11:31 . 2012-03-01 11:01 55296 c:\windows\system32\msfeedsbs.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 23040 c:\windows\system32\mciseq.dll
+ 2004-08-04 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 43520 c:\windows\system32\licmgr10.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 43520 c:\windows\system32\licmgr10.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
+ 2012-05-28 05:05 . 2001-08-18 05:37 27648 c:\windows\system32\dllcache\xrxftplt.exe
- 2009-06-11 22:08 . 2011-02-22 23:06 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-06-11 22:08 . 2012-03-01 11:01 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2012-05-28 05:05 . 2001-08-18 05:37 99865 c:\windows\system32\dllcache\xlog.exe
+ 2012-05-28 05:05 . 2001-08-17 19:11 16970 c:\windows\system32\dllcache\xem336n5.sys
+ 2004-08-04 00:56 . 2008-04-14 00:12 52736 c:\windows\system32\dllcache\wzcsapi.dll
+ 2012-05-28 05:05 . 2004-08-04 05:29 19455 c:\windows\system32\dllcache\wvchntxx.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 18432 c:\windows\system32\dllcache\wtsapi32.dll
+ 2012-05-28 05:05 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 22528 c:\windows\system32\dllcache\wsock32.dll
+ 2012-05-28 05:05 . 2004-08-04 05:29 12063 c:\windows\system32\dllcache\wsiintxx.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 19456 c:\windows\system32\dllcache\wshtcpip.dll
+ 2004-08-04 12:00 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 19968 c:\windows\system32\dllcache\ws2help.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\ws2_32.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 95232 c:\windows\system32\dllcache\wmiutils.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 92672 c:\windows\system32\dllcache\wlnotify.dll
+ 2012-05-28 05:05 . 2001-08-17 19:12 34890 c:\windows\system32\dllcache\wlandrv2.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 53760 c:\windows\system32\dllcache\winsta.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\winshfhc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 99328 c:\windows\system32\dllcache\winscard.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 16896 c:\windows\system32\dllcache\winrnr.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 32256 c:\windows\system32\dllcache\winipsec.dll
+ 2012-05-28 05:05 . 2001-08-18 05:36 53760 c:\windows\system32\dllcache\wiamsmud.dll
+ 2012-05-28 05:05 . 2001-08-18 05:36 87040 c:\windows\system32\dllcache\wiafbdrv.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2004-08-04 12:00 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2012-05-28 05:05 . 2004-08-04 05:29 23615 c:\windows\system32\dllcache\wch7xxnt.sys
+ 2012-05-28 05:05 . 2008-04-13 18:45 31744 c:\windows\system32\dllcache\wceusbsh.sys
+ 2012-05-28 05:05 . 2001-08-17 19:10 35871 c:\windows\system32\dllcache\wbfirdma.sys
+ 2009-05-10 17:29 . 2008-04-14 00:12 43520 c:\windows\system32\dllcache\wbemsvc.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\wbemprox.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 71680 c:\windows\system32\dllcache\wbemcons.dll
+ 2012-05-28 05:05 . 2004-08-04 05:29 33599 c:\windows\system32\dllcache\watv04nt.sys
+ 2012-05-28 05:05 . 2004-08-04 05:29 19551 c:\windows\system32\dllcache\watv02nt.sys
+ 2012-05-28 05:05 . 2004-08-04 05:29 29311 c:\windows\system32\dllcache\watv01nt.sys
+ 2004-08-04 12:00 . 2008-04-13 18:44 17664 c:\windows\system32\dllcache\watchdog.sys
+ 2004-08-04 12:00 . 2008-04-13 18:57 34560 c:\windows\system32\dllcache\wanarp.sys
+ 2012-05-28 05:05 . 2004-08-04 05:29 11775 c:\windows\system32\dllcache\wadv05nt.sys
+ 2012-05-28 05:05 . 2004-08-04 05:29 12127 c:\windows\system32\dllcache\wadv02nt.sys
+ 2012-05-28 05:04 . 2001-08-17 19:13 16925 c:\windows\system32\dllcache\w940nd.sys
+ 2012-05-28 05:04 . 2001-08-17 19:13 19016 c:\windows\system32\dllcache\w926nd.sys
+ 2012-05-28 05:04 . 2001-08-17 19:13 19528 c:\windows\system32\dllcache\w840nd.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 15872 c:\windows\system32\dllcache\w3ssl.dll
+ 2012-05-28 05:04 . 2001-08-17 20:28 64605 c:\windows\system32\dllcache\vvoice.sys
+ 2004-08-04 12:00 . 2008-04-13 18:44 81664 c:\windows\system32\dllcache\videoprt.sys
+ 2012-05-28 05:04 . 2001-08-17 20:49 24576 c:\windows\system32\dllcache\viairda.sys
+ 2004-08-04 12:00 . 2008-04-13 18:44 20992 c:\windows\system32\dllcache\vga.sys
+ 2012-05-28 05:04 . 2008-04-14 00:12 53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\version.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\userinit.exe
+ 2004-08-04 12:00 . 2008-04-13 18:45 20608 c:\windows\system32\dllcache\usbuhci.sys
+ 2012-05-28 05:04 . 2008-04-13 18:45 26112 c:\windows\system32\dllcache\usbser.sys
+ 2009-05-12 19:05 . 2008-04-13 18:47 25856 c:\windows\system32\dllcache\usbprint.sys
+ 2012-05-28 05:04 . 2008-04-13 18:45 17152 c:\windows\system32\dllcache\usbohci.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 16896 c:\windows\system32\dllcache\usbmon.dll
+ 2004-08-04 12:00 . 2008-04-13 18:45 59520 c:\windows\system32\dllcache\usbhub.sys
+ 2004-08-04 12:00 . 2008-04-13 18:45 30208 c:\windows\system32\dllcache\usbehci.sys
+ 2012-05-28 05:04 . 2008-04-13 18:45 60032 c:\windows\system32\dllcache\usbaudio.sys
+ 2012-05-28 05:04 . 2004-08-04 05:31 32384 c:\windows\system32\dllcache\usb101et.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\uniplat.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 74240 c:\windows\system32\dllcache\unimdmat.dll
+ 2012-05-28 05:03 . 2001-08-18 05:36 28160 c:\windows\system32\dllcache\umaxu40.dll
+ 2012-05-28 05:03 . 2001-08-18 05:36 26624 c:\windows\system32\dllcache\umaxu22.dll
+ 2012-05-28 05:03 . 2001-08-18 05:36 69632 c:\windows\system32\dllcache\umaxu12.dll
+ 2012-05-28 05:03 . 2001-08-18 05:36 50688 c:\windows\system32\dllcache\umaxscan.dll
+ 2012-05-28 05:03 . 2001-08-17 20:58 22912 c:\windows\system32\dllcache\umaxpcls.sys
+ 2012-05-28 05:03 . 2001-08-18 05:36 50176 c:\windows\system32\dllcache\umaxp60.dll
+ 2012-05-28 05:03 . 2001-08-18 05:36 47616 c:\windows\system32\dllcache\umaxcam.dll
+ 2012-05-28 05:03 . 2001-08-17 20:52 36736 c:\windows\system32\dllcache\ultra.sys
+ 2004-08-04 12:00 . 2008-04-13 18:32 66048 c:\windows\system32\dllcache\udfs.sys
+ 2012-05-28 05:03 . 2001-08-17 20:48 11520 c:\windows\system32\dllcache\twotrack.sys
+ 2012-05-28 05:03 . 2001-08-17 19:12 34375 c:\windows\system32\dllcache\tpro4.sys
+ 2012-05-28 05:02 . 2008-04-14 00:12 82944 c:\windows\system32\dllcache\tp4mon.exe
+ 2012-05-28 05:02 . 2001-08-18 05:36 31744 c:\windows\system32\dllcache\tp4.dll
+ 2012-05-28 05:02 . 2001-08-17 19:10 28232 c:\windows\system32\dllcache\tos4mo.sys
+ 2012-05-28 05:02 . 2001-08-17 21:56 81408 c:\windows\system32\dllcache\tgiul50.dll
+ 2009-05-10 17:29 . 2008-04-14 00:13 40840 c:\windows\system32\dllcache\termdd.sys
- 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
+ 2004-08-04 12:00 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
+ 2012-05-28 05:02 . 2001-08-17 19:13 17129 c:\windows\system32\dllcache\tdkcd31.sys
+ 2012-05-28 05:02 . 2001-08-17 19:13 37961 c:\windows\system32\dllcache\tdk100b.sys
+ 2004-08-04 12:00 . 2008-04-13 19:00 19072 c:\windows\system32\dllcache\tdi.sys
+ 2007-04-02 16:36 . 2007-04-02 16:36 16384 c:\windows\system32\dllcache\tcptsat.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 32827 c:\windows\system32\dllcache\tcptest.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 45568 c:\windows\system32\dllcache\tcpmon.dll
+ 2012-05-28 05:02 . 2001-08-17 20:49 30464 c:\windows\system32\dllcache\tbatm155.sys
+ 2012-05-28 05:02 . 2001-08-17 19:50 36640 c:\windows\system32\dllcache\t2r4mini.sys
+ 2012-05-28 05:02 . 2001-08-17 21:07 32640 c:\windows\system32\dllcache\symc8xx.sys
+ 2012-05-28 05:02 . 2001-08-17 21:07 16256 c:\windows\system32\dllcache\symc810.sys
+ 2012-05-28 05:02 . 2001-08-17 21:07 30688 c:\windows\system32\dllcache\sym_u3.sys
+ 2012-05-28 05:01 . 2001-08-18 05:36 94293 c:\windows\system32\dllcache\sxports.dll
+ 2012-05-28 05:01 . 2001-08-18 05:36 10240 c:\windows\system32\dllcache\swpidflt.dll
+ 2012-05-28 05:01 . 2001-08-18 05:36 10240 c:\windows\system32\dllcache\swpdflt2.dll
+ 2012-05-28 05:01 . 2001-08-18 05:36 53760 c:\windows\system32\dllcache\sw_wheel.dll
+ 2012-05-28 05:01 . 2001-08-18 05:36 41472 c:\windows\system32\dllcache\sw_effct.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\svchost.exe
+ 2004-08-04 12:00 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
- 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2012-05-28 05:01 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2012-05-28 05:01 . 2001-08-18 05:36 53248 c:\windows\system32\dllcache\stlncoin.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 68096 c:\windows\system32\dllcache\sti.dll
+ 2012-05-28 05:01 . 2001-08-17 20:51 16896 c:\windows\system32\dllcache\stcusb.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 71680 c:\windows\system32\dllcache\ssdpsrv.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 34816 c:\windows\system32\dllcache\ssdpapi.dll
+ 2012-05-28 05:01 . 2001-08-17 19:11 48736 c:\windows\system32\dllcache\srwlnd5.sys
- 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2004-08-04 12:00 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2012-05-28 05:01 . 2001-08-18 05:36 99328 c:\windows\system32\dllcache\srusd.dll
+ 2009-05-10 17:30 . 2008-04-14 00:12 67584 c:\windows\system32\dllcache\srclient.dll
+ 2012-05-28 05:01 . 2001-08-18 05:36 24660 c:\windows\system32\dllcache\spxupchk.dll
+ 2004-08-04 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
- 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 75264 c:\windows\system32\dllcache\spoolss.dll
+ 2012-05-28 05:01 . 2001-08-17 20:51 61824 c:\windows\system32\dllcache\speed.sys
+ 2012-05-28 05:01 . 2001-08-17 21:07 19072 c:\windows\system32\dllcache\sparrow.sys
+ 2012-05-28 05:01 . 2001-08-17 19:51 37040 c:\windows\system32\dllcache\sonypi.sys
+ 2012-05-28 05:00 . 2001-08-17 19:51 20752 c:\windows\system32\dllcache\sonync.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 39936 c:\windows\system32\dllcache\snmpthrd.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\snmpapi.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\snmp.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 50688 c:\windows\system32\dllcache\smss.exe
+ 2012-05-28 05:00 . 2001-08-17 19:51 58368 c:\windows\system32\dllcache\smiminib.sys
+ 2012-05-28 05:00 . 2001-08-17 19:12 25034 c:\windows\system32\dllcache\smcpwr2n.sys
+ 2012-05-28 05:00 . 2001-08-17 19:10 35913 c:\windows\system32\dllcache\smcirda.sys
+ 2012-05-28 05:00 . 2001-08-17 19:12 24576 c:\windows\system32\dllcache\smc8000n.sys
+ 2012-05-28 05:00 . 2008-04-13 18:36 16000 c:\windows\system32\dllcache\smbbatt.sys
+ 2012-05-28 05:00 . 2001-08-18 05:36 45568 c:\windows\system32\dllcache\smb3w.dll
+ 2012-05-28 05:00 . 2001-08-18 05:36 33792 c:\windows\system32\dllcache\smb0w.dll
+ 2012-05-28 05:00 . 2001-08-18 05:36 28672 c:\windows\system32\dllcache\sma0w.dll
+ 2012-05-28 05:00 . 2001-08-18 05:36 28160 c:\windows\system32\dllcache\sm91w.dll
+ 2012-05-28 05:00 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys
+ 2012-05-28 05:00 . 2004-08-04 05:31 63547 c:\windows\system32\dllcache\sla30nd5.sys
+ 2012-05-28 05:00 . 2001-08-17 19:12 91294 c:\windows\system32\dllcache\skfpwin.sys
+ 2012-05-28 05:00 . 2001-08-17 19:12 94698 c:\windows\system32\dllcache\sk98xwin.sys
+ 2012-05-28 05:00 . 2001-08-17 19:50 50432 c:\windows\system32\dllcache\sisv.sys
+ 2012-05-28 05:00 . 2004-08-04 05:31 32768 c:\windows\system32\dllcache\sisnic.sys
+ 2012-05-28 04:59 . 2001-08-17 19:50 68608 c:\windows\system32\dllcache\sis6306p.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 19456 c:\windows\system32\dllcache\shutdown.exe
+ 2008-04-14 00:12 . 2008-04-14 00:12 16437 c:\windows\system32\dllcache\shtml.exe
+ 2008-04-14 00:12 . 2008-04-14 00:12 20536 c:\windows\system32\dllcache\shtml.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 27648 c:\windows\system32\dllcache\shscrap.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 65024 c:\windows\system32\dllcache\shimeng.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 68096 c:\windows\system32\dllcache\shgina.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\shfolder.dll
+ 2012-05-28 04:59 . 2001-07-21 21:29 18400 c:\windows\system32\dllcache\sgsmld.sys
+ 2012-05-28 04:59 . 2001-08-17 19:51 98080 c:\windows\system32\dllcache\sgiulnt5.sys
+ 2012-05-28 04:59 . 2001-08-17 19:19 36480 c:\windows\system32\dllcache\sfmanm.sys
+ 2004-08-04 12:00 . 2008-04-13 18:40 11392 c:\windows\system32\dllcache\sfloppy.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 23040 c:\windows\system32\dllcache\setup.exe
+ 2012-05-28 04:59 . 2001-08-17 20:48 17664 c:\windows\system32\dllcache\sermouse.sys
+ 2004-08-04 12:00 . 2008-04-13 19:15 64512 c:\windows\system32\dllcache\serial.sys
+ 2004-08-04 12:00 . 2008-04-13 18:40 15744 c:\windows\system32\dllcache\serenum.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 39424  c:\windows\system32\dllcache\sens.dll
+ 2004-08-04 12:00 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
- 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\seclogon.dll
+ 2012-05-28 04:59 . 2008-04-13 18:45 11520 c:\windows\system32\dllcache\scsiscan.sys
+ 2012-05-28 04:59 . 2001-08-17 20:52 11648 c:\windows\system32\dllcache\scsiprnt.sys
+ 2012-05-28 04:59 . 2001-08-17 20:51 17280 c:\windows\system32\dllcache\scr111.sys
+ 2012-05-28 04:59 . 2001-08-17 20:51 16640 c:\windows\system32\dllcache\scmstcs.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\sclgntfy.dll
+ 2012-05-28 04:59 . 2001-08-17 20:51 23936 c:\windows\system32\dllcache\sccmusbm.sys
+ 2012-05-28 04:59 . 2001-08-17 20:51 23936 c:\windows\system32\dllcache\sccmn50m.sys
+ 2012-05-28 04:59 . 2008-04-13 18:40 43904 c:\windows\system32\dllcache\sbp2port.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 64000 c:\windows\system32\dllcache\samlib.dll
+ 2012-05-28 04:58 . 2001-08-17 19:50 77824 c:\windows\system32\dllcache\s3sav4m.sys
+ 2012-05-28 04:58 . 2001-08-17 19:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys
+ 2012-05-28 04:58 . 2001-08-18 05:36 62496 c:\windows\system32\dllcache\s3mtrio.dll
+ 2012-05-28 04:58 . 2001-08-17 19:50 41216 c:\windows\system32\dllcache\s3mt3d.sys
+ 2012-05-28 04:58 . 2001-08-17 20:57 65664 c:\windows\system32\dllcache\s3legacy.sys
+ 2012-05-28 04:58 . 2001-08-18 05:36 82432 c:\windows\system32\dllcache\rwia450.dll
+ 2012-05-28 04:58 . 2001-08-18 05:36 79872 c:\windows\system32\dllcache\rwia430.dll
+ 2012-05-28 04:58 . 2008-04-14 00:12 29696 c:\windows\system32\dllcache\rw450ext.dll
+ 2012-05-28 04:58 . 2008-04-14 00:12 27648 c:\windows\system32\dllcache\rw430ext.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\rw330ext.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 27648 c:\windows\system32\dllcache\rw001ext.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\rundll32.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 44032 c:\windows\system32\dllcache\rtutils.dll
+ 2009-05-10 10:22 . 2004-08-03 22:31 20992 c:\windows\system32\dllcache\rtl8139.sys
+ 2012-05-28 04:58 . 2001-08-17 19:12 19017 c:\windows\system32\dllcache\rtl8029.sys
+ 2012-05-28 04:58 . 2001-08-17 19:19 30720 c:\windows\system32\dllcache\rthwcls.sys
+ 2012-05-28 04:58 . 2008-04-13 18:40 79104 c:\windows\system32\dllcache\rocket.sys
+ 2012-05-28 04:58 . 2001-08-17 19:12 37563 c:\windows\system32\dllcache\rlnet5.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 58880 c:\windows\system32\dllcache\resutils.dll
+ 2012-05-28 04:58 . 2001-08-18 05:36 86097 c:\windows\system32\dllcache\reslog32.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 60416 c:\windows\system32\dllcache\remotepg.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 11776 c:\windows\system32\dllcache\regsvr32.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 49664 c:\windows\system32\dllcache\regapi.dll
+ 2009-05-10 10:23 . 2008-04-13 18:40 57600 c:\windows\system32\dllcache\redbook.sys
+ 2009-05-10 17:29 . 2008-04-14 00:12 67072 c:\windows\system32\dllcache\rdshost.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 58368 c:\windows\system32\dllcache\rastapi.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 61952 c:\windows\system32\dllcache\rasqec.dll
+ 2004-08-04 12:00 . 2008-04-13 19:19 48384 c:\windows\system32\dllcache\raspptp.sys
+ 2004-08-04 12:00 . 2008-04-13 18:57 41472 c:\windows\system32\dllcache\raspppoe.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 61440 c:\windows\system32\dllcache\rasman.dll
+ 2004-08-04 12:00 . 2008-04-13 19:19 51328 c:\windows\system32\dllcache\rasl2tp.sys
- 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2004-08-04 12:00 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2008-04-13 18:41 . 2008-04-13 18:41 20736 c:\windows\system32\dllcache\ramdisk.sys
+ 2012-05-28 04:57 . 2001-08-18 05:36 41472 c:\windows\system32\dllcache\qvusd.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 76800 c:\windows\system32\dllcache\qutil.dll
+ 2009-05-10 17:31 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\qmgrprxy.dll
+ 2012-05-28 04:57 . 2001-08-17 20:52 49024 c:\windows\system32\dllcache\ql1280.sys
+ 2012-05-28 04:57 . 2001-08-17 20:52 40448 c:\windows\system32\dllcache\ql1240.sys
+ 2012-05-28 04:57 . 2001-08-17 20:52 45312 c:\windows\system32\dllcache\ql12160.sys
+ 2012-05-28 04:57 . 2001-08-17 20:52 33152 c:\windows\system32\dllcache\ql10wnt.sys
+ 2012-05-28 04:57 . 2001-08-17 20:52 40320 c:\windows\system32\dllcache\ql1080.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 34304 c:\windows\system32\dllcache\pstorsvc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 43520 c:\windows\system32\dllcache\pstorec.dll
+ 2012-05-28 04:57 . 2001-08-18 05:36 35328 c:\windows\system32\dllcache\psisload.dll
+ 2012-05-28 04:57 . 2001-08-17 20:51 16128 c:\windows\system32\dllcache\pscr.sys
+ 2004-08-04 12:00 . 2008-04-13 18:56 69120 c:\windows\system32\dllcache\psched.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 96768 c:\windows\system32\dllcache\psbase.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 23040 c:\windows\system32\dllcache\psapi.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 27648 c:\windows\system32\dllcache\profmap.dll
+ 2012-05-28 04:57 . 2008-04-13 18:41 17664 c:\windows\system32\dllcache\ppa3.sys
+ 2012-05-28 04:57 . 2001-08-17 20:53 17792 c:\windows\system32\dllcache\ppa.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\powrprof.dll
+ 2004-08-04 00:56 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\pjlmon.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 17920 c:\windows\system32\dllcache\ping.exe
+ 2012-05-28 04:56 . 2001-08-17 21:07 19840 c:\windows\system32\dllcache\philtune.sys
+ 2012-05-28 04:56 . 2001-08-17 21:04 92416 c:\windows\system32\dllcache\phildec.sys
+ 2012-05-28 04:56 . 2001-08-17 21:04 75776 c:\windows\system32\dllcache\philcam1.sys
+ 2012-05-28 04:56 . 2001-08-18 05:36 16384 c:\windows\system32\dllcache\philcam1.dll
+ 2012-05-28 04:56 . 2008-04-13 18:44 28032 c:\windows\system32\dllcache\perm3.sys
+ 2012-05-28 04:56 . 2008-04-13 18:44 27904 c:\windows\system32\dllcache\perm2.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\perfos.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 15872 c:\windows\system32\dllcache\perfmon.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 26624 c:\windows\system32\dllcache\perfdisk.dll
+ 2012-05-28 04:56 . 2001-08-17 21:07 27296 c:\windows\system32\dllcache\perc2.sys
+ 2012-05-28 04:56 . 2001-08-18 05:36 86016 c:\windows\system32\dllcache\pctspk.exe
+ 2012-05-28 04:56 . 2001-08-17 19:11 35328 c:\windows\system32\dllcache\pcntpci5.sys
+ 2012-05-28 04:56 . 2001-08-17 19:11 29769 c:\windows\system32\dllcache\pcntn5m.sys
+ 2012-05-28 04:56 . 2001-08-17 19:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys
+ 2012-05-28 04:56 . 2001-08-17 19:12 26153 c:\windows\system32\dllcache\pcmlm56.sys
+ 2009-05-10 17:31 . 2008-04-14 00:12 38400 c:\windows\system32\dllcache\pchsvc.dll
+ 2012-05-28 04:56 . 2004-08-04 05:31 29502 c:\windows\system32\dllcache\pca200e.sys
+ 2012-05-28 04:56 . 2001-08-17 19:12 30495 c:\windows\system32\dllcache\pc100nds.sys
+ 2004-08-03 22:59 . 2008-04-13 18:40 80128 c:\windows\system32\dllcache\parport.sys
+ 2004-08-04 12:00 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
+ 2012-05-28 04:56 . 2001-08-18 05:36 41984 c:\windows\system32\dllcache\ovui2rc.dll
+ 2012-05-28 04:56 . 2001-08-18 05:36 44544 c:\windows\system32\dllcache\ovui2.dll
+ 2012-05-28 04:56 . 2001-08-17 21:05 25216 c:\windows\system32\dllcache\ovsound2.sys
+ 2012-05-28 04:56 . 2001-08-18 05:36 39424 c:\windows\system32\dllcache\ovcoms.exe
+ 2012-05-28 04:56 . 2001-08-18 05:36 20480 c:\windows\system32\dllcache\ovcomc.dll
+ 2012-05-28 04:55 . 2001-08-17 21:05 31872 c:\windows\system32\dllcache\ovce.sys
+ 2012-05-28 04:55 . 2001-08-17 21:05 28032 c:\windows\system32\dllcache\ovcd.sys
+ 2012-05-28 04:55 . 2001-08-17 21:05 48000 c:\windows\system32\dllcache\ovcam2.sys
+ 2012-05-28 04:55 . 2001-08-17 21:05 25088 c:\windows\system32\dllcache\ovca.sys
+ 2012-05-28 04:55 . 2001-08-17 20:28 54186 c:\windows\system32\dllcache\otcsercb.sys
+ 2012-05-28 04:55 . 2001-08-17 19:12 43689 c:\windows\system32\dllcache\otceth5.sys
+ 2012-05-28 04:55 . 2001-08-17 19:12 27209 c:\windows\system32\dllcache\otc06x5.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 67584 c:\windows\system32\dllcache\osuninst.dll
+ 2012-05-28 04:55 . 2001-08-17 19:20 54528 c:\windows\system32\dllcache\opl3sax.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 84992 c:\windows\system32\dllcache\olepro32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 37376 c:\windows\system32\dllcache\olecnv32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 74752 c:\windows\system32\dllcache\olecli32.dll
+ 2004-08-04 12:00 . 2011-09-26 18:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2012-05-28 04:55 . 2008-04-13 18:46 61696 c:\windows\system32\dllcache\ohci1394.sys
+ 2004-08-04 12:00 . 2008-04-13 17:26 94208 c:\windows\system32\dllcache\odbcint.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 44032 c:\windows\system32\dllcache\ntlanman.dll
+ 2012-05-28 04:55 . 2001-08-17 19:49 51552 c:\windows\system32\dllcache\ntgrip.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 67072 c:\windows\system32\dllcache\ntdsapi.dll
+ 2012-05-28 04:55 . 2008-04-13 18:54 28672 c:\windows\system32\dllcache\nscirda.sys
+ 2004-08-04 12:00 . 2008-04-13 18:32 30848 c:\windows\system32\dllcache\npfs.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 69120 c:\windows\system32\dllcache\notepad.exe
- 2009-05-10 10:20 . 2008-04-14 00:12 69120 c:\windows\system32\dllcache\notepad.exe
+ 2012-05-28 04:55 . 2001-08-17 19:20 87040  c:\windows\system32\dllcache\nm6wdm.sys
+ 2012-05-28 04:55 . 2001-08-17 19:12 32840 c:\windows\system32\dllcache\ngrpci.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 80896 c:\windows\system32\dllcache\netui0.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 11776 c:\windows\system32\dllcache\netrap.dll
+ 2012-05-28 04:55 . 2001-08-17 19:11 65278 c:\windows\system32\dllcache\netflx3.sys
+ 2004-08-04 12:00 . 2008-04-13 18:56 34688 c:\windows\system32\dllcache\netbios.sys
+ 2012-05-28 04:55 . 2001-08-17 19:50 39264 c:\windows\system32\dllcache\neo20xx.sys
+ 2012-05-28 04:54 . 2001-08-17 20:49 15872 c:\windows\system32\dllcache\ne2000.sys
+ 2004-08-04 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
- 2010-12-16 00:07 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
+ 2004-08-04 12:00 . 2008-04-13 19:20 91520 c:\windows\system32\dllcache\ndiswan.sys
+ 2004-08-03 23:03 . 2008-04-13 18:55 14592 c:\windows\system32\dllcache\ndisuio.sys
+ 2004-08-04 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
+ 2012-05-28 04:54 . 2008-04-13 18:46 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 17920 c:\windows\system32\dllcache\nddeapi.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 47104 c:\windows\system32\dllcache\ncprov.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 36352 c:\windows\system32\dllcache\ncobjapi.dll
+ 2012-05-28 04:54 . 2008-04-13 18:46 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2012-05-28 04:54 . 2001-08-17 21:56 91488 c:\windows\system32\dllcache\n9i3disp.dll
+ 2012-05-28 04:54 . 2001-08-17 19:50 27936 c:\windows\system32\dllcache\n9i3d.sys
+ 2012-05-28 04:54 . 2001-08-17 19:50 33088 c:\windows\system32\dllcache\n9i128v2.sys
+ 2012-05-28 04:54 . 2001-08-18 05:36 59104 c:\windows\system32\dllcache\n9i128v2.dll
+ 2012-05-28 04:54 . 2001-08-17 19:50 13664 c:\windows\system32\dllcache\n9i128.sys
+ 2012-05-28 04:54 . 2001-08-17 21:56 35392 c:\windows\system32\dllcache\n9i128.dll
+ 2012-05-28 04:54 . 2001-08-17 19:11 52255 c:\windows\system32\dllcache\n1000nt5.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 90624 c:\windows\system32\dllcache\mydocs.dll
+ 2012-05-28 04:54 . 2001-08-17 20:50 75520 c:\windows\system32\dllcache\mxport.sys
+ 2012-05-28 04:54 . 2001-08-17 20:49 19968 c:\windows\system32\dllcache\mxnic.sys
+ 2012-05-28 04:54 . 2001-08-18 05:36 19968 c:\windows\system32\dllcache\mxicfg.dll
+ 2012-05-28 04:54 . 2001-08-17 20:50 21888 c:\windows\system32\dllcache\mxcard.sys
- 2008-06-12 14:23 . 2008-06-12 14:23 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2004-08-04 12:00 . 2008-06-12 14:23 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2004-08-04 00:56 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
- 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2004-08-04 12:00 . 2008-04-13 18:30 61440 c:\windows\system32\dllcache\msvcrt40.dll
+ 2012-05-28 04:54 . 2008-04-13 18:46 49024 c:\windows\system32\dllcache\mstape.sys
+ 2004-08-03 23:07 . 2008-04-13 18:36 15488 c:\windows\system32\dllcache\mssmbios.sys
- 2009-11-27 16:07 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2004-08-04 12:00 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2012-05-28 04:54 . 2001-08-17 20:48 12416 c:\windows\system32\dllcache\msriffwv.sys
+ 2004-08-04 12:00 . 2008-04-13 16:23 48128 c:\windows\system32\dllcache\msprivs.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 29696 c:\windows\system32\dllcache\mspatcha.dll
+ 2009-05-10 17:31 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\msoobe.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 15360 c:\windows\system32\dllcache\msisip.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 40960 c:\windows\system32\dllcache\msiregmv.exe
+ 2012-05-28 04:54 . 2008-04-13 18:54 22016 c:\windows\system32\dllcache\msircomm.sys
+ 2007-09-06 05:24 . 2008-04-14 00:12 60416 c:\windows\system32\dllcache\msimn.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 78848 c:\windows\system32\dllcache\msiexec.exe
- 2004-08-04 12:00 . 2011-02-22 23:06 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 12:00 . 2008-04-13 18:56 35072 c:\windows\system32\dllcache\msgpc.sys
+ 2004-08-04 12:00 . 2008-04-13 18:32 19072 c:\windows\system32\dllcache\msfs.sys
- 2009-07-28 20:34 . 2011-02-22 23:06 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-07-28 20:34 . 2012-03-01 11:01 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2012-05-28 04:53 . 2008-04-13 18:46 51200 c:\windows\system32\dllcache\msdv.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 14336 c:\windows\system32\dllcache\msdmo.dll
+ 2004-08-04 12:00 . 2008-06-24 16:43 74240 c:\windows\system32\dllcache\mscms.dll
- 2008-06-24 16:43 . 2008-06-24 16:43 74240 c:\windows\system32\dllcache\mscms.dll
- 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2004-08-04 12:00 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 86016 c:\windows\system32\dllcache\msapsspc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 71680 c:\windows\system32\dllcache\msacm32.dll
+ 2012-05-28 04:53 . 2001-08-17 20:52 17280 c:\windows\system32\dllcache\mraid35x.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 87040 c:\windows\system32\dllcache\mprapi.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 59904 c:\windows\system32\dllcache\mpr.dll
+ 2012-05-28 04:53 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\mpe.sys
+ 2004-08-03 22:58 . 2008-04-13 18:39 23040 c:\windows\system32\dllcache\mouclass.sys
+ 2012-05-28 04:53 . 2001-08-17 20:57 16128 c:\windows\system32\dllcache\modemcsa.sys
+ 2004-08-03 23:08 . 2008-04-13 19:00 30080 c:\windows\system32\dllcache\modem.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 18944 c:\windows\system32\dllcache\midimap.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 22528 c:\windows\system32\dllcache\mfcsubs.dll
+ 2012-05-28 04:53 . 2008-04-13 18:41 26112 c:\windows\system32\dllcache\memstpci.sys
+ 2012-05-28 04:53 . 2001-08-18 05:36 47616 c:\windows\system32\dllcache\memgrp.dll
+ 2004-08-04 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2012-05-28 04:53 . 2001-08-17 19:19 48768 c:\windows\system32\dllcache\maestro.sys
+ 2012-05-28 04:53 . 2001-08-18 05:36 58880 c:\windows\system32\dllcache\m3092dc.dll
+ 2012-05-28 04:53 . 2001-08-18 05:36 58368 c:\windows\system32\dllcache\m3091dc.dll
+ 2012-05-28 04:53 . 2001-08-17 19:49 22848 c:\windows\system32\dllcache\lwusbhid.sys
+ 2012-05-28 04:53 . 2004-08-04 05:39 20864 c:\windows\system32\dllcache\lwadihid.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\lsass.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 18944 c:\windows\system32\dllcache\lprmon.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 22528 c:\windows\system32\dllcache\lpdsvc.dll
+ 2012-05-28 04:52 . 2001-08-17 19:12 20573 c:\windows\system32\dllcache\lne100.sys
+ 2012-05-28 04:52 . 2001-08-17 19:11 25065 c:\windows\system32\dllcache\lmndis3.sys
+ 2008-04-14 00:11 . 2008-04-14 00:11 33792 c:\windows\system32\dllcache\lmmib2.dll
+ 2012-05-28 04:52 . 2001-08-17 20:51 15744 c:\windows\system32\dllcache\lit220p.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 19968 c:\windows\system32\dllcache\linkinfo.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2012-05-28 04:52 . 2008-04-13 18:40 34688 c:\windows\system32\dllcache\lbrtfdc.sys
+ 2012-05-28 04:52 . 2001-08-17 19:12 26442 c:\windows\system32\dllcache\lanepic5.sys
+ 2012-05-28 04:52 . 2001-08-17 19:12 19016 c:\windows\system32\dllcache\ktc111.sys
+ 2012-05-28 04:52 . 2001-08-18 05:36 37376 c:\windows\system32\dllcache\kousd.dll
+ 2012-05-28 04:52 . 2008-04-14 00:11 48640 c:\windows\system32\dllcache\kdsui.dll
+ 2004-08-04 12:00 . 2008-04-13 18:39 24576 c:\windows\system32\dllcache\kbdclass.sys
+ 2004-08-04 12:00 . 2012-03-01 11:01 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2004-08-04 00:56 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2012-05-28 04:52 . 2001-08-17 20:49 26624 c:\windows\system32\dllcache\irstusb.sys
+ 2012-05-28 04:52 . 2001-08-17 20:51 18688 c:\windows\system32\dllcache\irsir.sys
+ 2012-05-28 04:52 . 2008-04-14 00:11 28160 c:\windows\system32\dllcache\irmon.dll
+ 2012-05-28 04:52 . 2001-08-17 20:49 23552 c:\windows\system32\dllcache\irmk7.sys
+ 2012-05-28 04:52 . 2008-04-13 18:54 88192 c:\windows\system32\dllcache\irda.sys
+ 2004-08-04 12:00 . 2008-04-13 19:19 75264 c:\windows\system32\dllcache\ipsec.sys
+ 2008-04-14 00:11 . 2008-04-14 00:11 35328 c:\windows\system32\dllcache\iprip.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 94720 c:\windows\system32\dllcache\iphlpapi.dll
+ 2012-05-28 04:52 . 2001-08-17 19:12 45632 c:\windows\system32\dllcache\ip5515.sys
+ 2012-05-28 04:52 . 2001-08-18 05:36 90200 c:\windows\system32\dllcache\io8ports.dll
+ 2012-05-28 04:52 . 2001-08-17 20:50 38784 c:\windows\system32\dllcache\io8.sys
+ 2004-08-04 12:00 . 2008-04-13 18:31 36352 c:\windows\system32\dllcache\intelppm.sys
+ 2012-05-28 04:52 . 2001-08-17 20:47 13056 c:\windows\system32\dllcache\inport.sys
+ 2012-05-28 04:52 . 2001-08-17 20:52 16000 c:\windows\system32\dllcache\ini910u.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 75264 c:\windows\system32\dllcache\inetpp.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 32768 c:\windows\system32\dllcache\inetmib1.dll
+ 2004-08-04 12:00 . 2008-04-13 18:40 42112 c:\windows\system32\dllcache\imapi.sys
+ 2012-05-28 04:51 . 2001-08-18 05:36 20480 c:\windows\system32\dllcache\icam5ext.dll
+ 2012-05-28 04:51 . 2001-08-18 05:36 45056 c:\windows\system32\dllcache\icam5com.dll
+ 2012-05-28 04:51 . 2001-08-18 05:36 61952 c:\windows\system32\dllcache\icam4ext.dll
+ 2012-05-28 04:51 . 2001-08-18 05:36 91136 c:\windows\system32\dllcache\icam4com.dll
+ 2012-05-28 04:51 . 2001-08-18 05:36 26624 c:\windows\system32\dllcache\icam3ext.dll
+ 2009-05-10 17:29 . 2008-04-14 00:11 11264 c:\windows\system32\dllcache\icaapi.dll
+ 2012-05-28 04:51 . 2001-08-17 21:06 38528 c:\windows\system32\dllcache\ibmvcap.sys
+ 2012-05-28 04:51 . 2001-08-17 19:11 28700 c:\windows\system32\dllcache\ibmexmp.sys
+ 2004-08-04 12:00 . 2008-04-13 19:18 52480 c:\windows\system32\dllcache\i8042prt.sys
+ 2012-05-28 04:51 . 2001-08-17 19:49 58592 c:\windows\system32\dllcache\i740nt5.sys
+ 2012-05-28 04:51 . 2008-04-13 18:41 18560 c:\windows\system32\dllcache\i2omp.sys
- 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2004-08-04 12:00 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2012-05-28 04:51 . 2001-08-17 20:28 50751 c:\windows\system32\dllcache\hsf_tone.sys
+ 2012-05-28 04:51 . 2001-08-17 20:28 73279 c:\windows\system32\dllcache\hsf_spkp.sys
+ 2012-05-28 04:51 . 2001-08-17 20:28 44863 c:\windows\system32\dllcache\hsf_soar.sys
+ 2012-05-28 04:51 . 2001-08-17 20:28 57471 c:\windows\system32\dllcache\hsf_samp.sys
+ 2012-05-28 04:50 . 2001-08-17 20:28 67167 c:\windows\system32\dllcache\hsf_bsc2.sys
+ 2012-05-28 04:50 . 2001-08-18 05:36 19456 c:\windows\system32\dllcache\hr1w.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 13312 c:\windows\system32\dllcache\hpsjmcro.dll
+ 2012-05-28 04:50 . 2001-08-17 21:07 25952 c:\windows\system32\dllcache\hpn.sys
+ 2012-05-28 04:50 . 2001-08-18 05:36 32768 c:\windows\system32\dllcache\hpgtmcro.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 68608 c:\windows\system32\dllcache\hpgt53tk.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 31232 c:\windows\system32\dllcache\hpgt42tk.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 93696 c:\windows\system32\dllcache\hpgt42.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 48128 c:\windows\system32\dllcache\hpgt33tk.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 89088 c:\windows\system32\dllcache\hpgt33.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 83968 c:\windows\system32\dllcache\hpgt21.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 39936 c:\windows\system32\dllcache\hostmib.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 72704 c:\windows\system32\dllcache\hlink.dll
+ 2004-08-04 12:00 . 2008-04-13 18:45 24960 c:\windows\system32\dllcache\hidparse.sys
+ 2004-08-04 12:00 . 2008-04-13 18:45 36864 c:\windows\system32\dllcache\hidclass.sys
+ 2012-05-28 04:50 . 2008-04-13 18:36 20352 c:\windows\system32\dllcache\hidbatt.sys
+ 2004-08-04 00:56 . 2008-04-14 00:11 20992 c:\windows\system32\dllcache\hid.dll
+ 2012-05-28 04:50 . 2008-04-13 18:40 28288 c:\windows\system32\dllcache\grserial.sys
+ 2012-05-28 04:50 . 2001-08-17 20:51 82304 c:\windows\system32\dllcache\grclass.sys
+ 2012-05-28 04:50 . 2001-08-17 20:51 17408 c:\windows\system32\dllcache\gpr400.sys
+ 2012-05-28 04:50 . 2008-04-13 18:45 59136 c:\windows\system32\dllcache\gckernel.sys
+ 2012-05-28 04:50 . 2008-04-13 18:45 10624 c:\windows\system32\dllcache\gameenum.sys
+ 2008-04-14 00:11 . 2008-04-14 00:11 23552 c:\windows\system32\dllcache\fxsmon.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 23552 c:\windows\system32\dllcache\fxsext32.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 55296 c:\windows\system32\dllcache\fxsevent.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 26624 c:\windows\system32\dllcache\fxsdrv.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 72192 c:\windows\system32\dllcache\fxscom.dll
+ 2012-05-28 04:49 . 2001-08-18 05:36 92160 c:\windows\system32\dllcache\fuusd.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 20538 c:\windows\system32\dllcache\fpremadm.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 20541 c:\windows\system32\dllcache\fpexedll.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 94208 c:\windows\system32\dllcache\fpencode.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 20541 c:\windows\system32\dllcache\fpadmdll.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 24632 c:\windows\system32\dllcache\fpadmcgi.exe
+ 2008-04-14 00:12 . 2008-04-14 00:12 15120 c:\windows\system32\dllcache\fp98sadm.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 49212 c:\windows\system32\dllcache\fp4awebs.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 32826 c:\windows\system32\dllcache\fp4avss.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 41020 c:\windows\system32\dllcache\fp4avnb.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 49210 c:\windows\system32\dllcache\fp4areg.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 82035 c:\windows\system32\dllcache\fp4anscp.dll
+ 2012-05-28 04:49 . 2004-08-04 05:31 34173 c:\windows\system32\dllcache\forehe.sys
+ 2012-05-28 04:49 . 2001-08-18 05:36 71680 c:\windows\system32\dllcache\fnfilter.dll
+ 2009-05-10 17:30 . 2008-04-14 00:11 16896 c:\windows\system32\dllcache\fltlib.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 87552 c:\windows\system32\dllcache\fldrclnr.dll
+ 2004-08-04 12:00 . 2008-04-13 18:33 44544 c:\windows\system32\dllcache\fips.sys
+ 2012-05-28 04:49 . 2001-08-17 19:13 27165 c:\windows\system32\dllcache\fetnd5.sys
+ 2012-05-28 04:49 . 2001-08-17 19:10 22090 c:\windows\system32\dllcache\fem556n5.sys
+ 2004-08-04 12:00 . 2008-04-13 18:40 27392 c:\windows\system32\dllcache\fdc.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 80384 c:\windows\system32\dllcache\faultrep.dll
+ 2012-05-28 04:49 . 2001-08-17 19:12 24618 c:\windows\system32\dllcache\fa410nd5.sys
+ 2012-05-28 04:49 . 2001-08-17 19:12 16074 c:\windows\system32\dllcache\fa312nd5.sys
+ 2012-05-28 04:49 . 2001-08-17 19:11 11850 c:\windows\system32\dllcache\f3ab18xj.sys
+ 2012-05-28 04:49 . 2001-08-17 19:11 12362 c:\windows\system32\dllcache\f3ab18xi.sys
+ 2012-05-28 04:49 . 2001-08-17 19:12 16998 c:\windows\system32\dllcache\ex10.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 92160 c:\windows\system32\dllcache\evntwin.exe
+ 2008-04-14 00:12 . 2008-04-14 00:12 24064 c:\windows\system32\dllcache\evntcmd.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 56320 c:\windows\system32\dllcache\eventlog.dll
+ 2012-05-28 04:49 . 2001-08-18 05:36 45568 c:\windows\system32\dllcache\esunib.dll
+ 2012-05-28 04:49 . 2001-08-18 05:36 45568 c:\windows\system32\dllcache\esuni.dll
+ 2012-05-28 04:49 . 2001-08-18 05:36 34816 c:\windows\system32\dllcache\esuimg.dll
+ 2012-05-28 04:49 . 2001-08-18 05:36 43008 c:\windows\system32\dllcache\esucm.dll
+ 2012-05-28 04:49 . 2001-08-17 19:19 63360 c:\windows\system32\dllcache\ess.sys
+ 2012-05-28 04:49 . 2001-08-17 19:19 72192 c:\windows\system32\dllcache\es1969.sys
+ 2012-05-28 04:48 . 2001-08-17 19:19 37120 c:\windows\system32\dllcache\es1370mp.sys
+ 2012-05-28 04:48 . 2001-08-18 05:36 61952 c:\windows\system32\dllcache\eqnloop.exe
+ 2012-05-28 04:48 . 2001-08-18 05:36 51200 c:\windows\system32\dllcache\eqnlogr.exe
+ 2012-05-28 04:48 . 2001-08-18 05:36 53248 c:\windows\system32\dllcache\eqndiag.exe
+ 2012-05-28 04:48 . 2001-08-17 19:12 18503 c:\windows\system32\dllcache\epro4.sys
+ 2012-05-28 04:48 . 2001-08-17 19:10 19996 c:\windows\system32\dllcache\em556n4.sys
+ 2012-05-28 04:48 . 2001-08-17 19:10 25159 c:\windows\system32\dllcache\elnk3.sys
+ 2012-05-28 04:48 . 2001-08-17 19:11 70174 c:\windows\system32\dllcache\el98xn5.sys
+ 2012-05-28 04:48 . 2001-08-17 19:11 66591 c:\windows\system32\dllcache\el90xbc5.sys
+ 2012-05-28 04:48 . 2001-08-17 19:11 77386 c:\windows\system32\dllcache\el656nd5.sys
+ 2012-05-28 04:48 . 2001-08-17 19:11 69194 c:\windows\system32\dllcache\el656cd5.sys
+ 2012-05-28 04:48 . 2001-08-17 19:10 26141 c:\windows\system32\dllcache\el589nd5.sys
+ 2012-05-28 04:48 . 2001-08-17 19:10 69692 c:\windows\system32\dllcache\el575nd5.sys
+ 2012-05-28 04:48 . 2001-08-17 19:10 24653 c:\windows\system32\dllcache\el574nd4.sys
+ 2012-05-28 04:48 . 2001-08-17 19:10  55999 c:\windows\system32\dllcache\el556nd5.sys
+ 2012-05-28 04:48 . 2001-08-17 19:10 44103 c:\windows\system32\dllcache\el515.sys
+ 2008-04-14 00:11 . 2008-04-14 00:11 40960 c:\windows\system32\dllcache\eappprxy.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 30720 c:\windows\system32\dllcache\eapolqec.dll
+ 2012-05-28 04:48 . 2001-08-17 19:12 19594 c:\windows\system32\dllcache\e100isa4.sys
+ 2012-05-28 04:48 . 2001-08-17 19:12 50719 c:\windows\system32\dllcache\e1000nt5.sys
+ 2004-08-04 12:00 . 2008-04-13 18:38 71168 c:\windows\system32\dllcache\dxg.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 10752 c:\windows\system32\dllcache\dumprep.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 92672 c:\windows\system32\dllcache\dskquota.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 14336 c:\windows\system32\dllcache\drprov.dll
+ 2012-05-28 04:48 . 2001-08-17 21:07 20192 c:\windows\system32\dllcache\dpti2o.sys
+ 2012-05-28 04:48 . 2001-08-17 19:12 28062 c:\windows\system32\dllcache\dp83820.sys
+ 2012-05-28 04:48 . 2001-08-17 20:47 23808 c:\windows\system32\dllcache\dot4usb.sys
+ 2012-05-28 04:48 . 2001-08-17 20:47 12928 c:\windows\system32\dllcache\dot4prt.sys
+ 2008-04-14 00:11 . 2008-04-14 00:11 26112 c:\windows\system32\dllcache\dot3api.dll
- 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2004-08-04 12:00 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2012-05-28 04:48 . 2001-08-17 19:11 29696 c:\windows\system32\dllcache\dm9pci5.sys
+ 2012-05-28 04:48 . 2001-08-17 19:11 26698 c:\windows\system32\dllcache\dlh5xnd5.sys
+ 2012-05-28 04:48 . 2001-08-18 05:36 29768 c:\windows\system32\dllcache\divasu.dll
+ 2012-05-28 04:48 . 2001-08-18 05:36 37962 c:\windows\system32\dllcache\divaprop.dll
+ 2012-05-28 04:48 . 2001-08-18 05:36 38985 c:\windows\system32\dllcache\disrvsu.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 31305 c:\windows\system32\dllcache\disrvpp.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 32768 c:\windows\system32\dllcache\dispex.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 19456 c:\windows\system32\dllcache\dimsntfy.dll
+ 2012-05-28 04:47 . 2001-08-17 19:13 91305 c:\windows\system32\dllcache\dimaint.sys
+ 2012-05-28 04:47 . 2001-08-17 19:17 42432 c:\windows\system32\dllcache\digirlpt.sys
+ 2012-05-28 04:47 . 2001-08-17 19:14 21606 c:\windows\system32\dllcache\digiisdn.sys
+ 2012-05-28 04:47 . 2001-08-18 05:36 41046 c:\windows\system32\dllcache\digiisdn.dll
+ 2012-05-28 04:47 . 2001-08-17 19:17 90525 c:\windows\system32\dllcache\digifep5.sys
+ 2012-05-28 04:47 . 2001-08-17 19:13 37735 c:\windows\system32\dllcache\digiasyn.sys
+ 2012-05-28 04:47 . 2001-08-18 05:36 65622 c:\windows\system32\dllcache\digiasyn.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 68608 c:\windows\system32\dllcache\digest.dll
+ 2012-05-28 04:46 . 2001-08-18 05:36 32256 c:\windows\system32\dllcache\diapi2NT.dll
+ 2012-05-28 04:47 . 2001-08-17 19:17 29531 c:\windows\system32\dllcache\dgapci.sys
+ 2012-05-28 04:47 . 2001-08-17 19:11 24649 c:\windows\system32\dllcache\dfe650d.sys
+ 2012-05-28 04:47 . 2001-08-17 19:11 24648 c:\windows\system32\dllcache\dfe650.sys
+ 2012-05-28 04:47 . 2001-08-18 05:36 24064 c:\windows\system32\dllcache\devldr32.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 59904 c:\windows\system32\dllcache\devenum.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\defrag.exe
+ 2012-05-28 04:47 . 2001-08-17 19:11 20928 c:\windows\system32\dllcache\defpa.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 27136 c:\windows\system32\dllcache\ddrawex.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 86016 c:\windows\system32\dllcache\dc240usd.dll
+ 2012-05-28 04:47 . 2001-08-17 19:12 63208 c:\windows\system32\dllcache\dc21x4.sys
+ 2012-05-28 04:47 . 2001-08-18 05:36 80896 c:\windows\system32\dllcache\dc210usd.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 25600 c:\windows\system32\dllcache\dc210_32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 25088 c:\windows\system32\dllcache\davclnt.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 54272 c:\windows\system32\dllcache\dataclen.dll
+ 2012-05-28 04:47 . 2001-08-17 20:52 14720 c:\windows\system32\dllcache\dac960nt.sys
+ 2012-05-28 04:47 . 2001-08-18 05:36 27648 c:\windows\system32\dllcache\cyzports.dll
+ 2012-05-28 04:47 . 2001-08-17 20:50 49792 c:\windows\system32\dllcache\cyzport.sys
+ 2012-05-28 04:47 . 2001-08-18 05:36 27136 c:\windows\system32\dllcache\cyzcoins.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 27648 c:\windows\system32\dllcache\cyyports.dll
+ 2012-05-28 04:47 . 2001-08-17 20:50 50176 c:\windows\system32\dllcache\cyyport.sys
+ 2012-05-28 04:47 . 2001-08-18 05:36 28672 c:\windows\system32\dllcache\cyycoins.dll
+ 2012-05-28 04:47 . 2001-08-17 20:50 14848 c:\windows\system32\dllcache\cyclom-y.sys
+ 2012-05-28 04:47 . 2001-08-17 20:50 17152 c:\windows\system32\dllcache\cyclad-z.sys
+ 2012-05-28 04:47 . 2004-08-04 05:32 48640 c:\windows\system32\dllcache\cwrwdm.sys
+ 2012-05-28 04:47 . 2001-08-17 19:19 93952 c:\windows\system32\dllcache\cwcwdm.sys
+ 2012-05-28 04:47 . 2001-08-17 19:19 72832 c:\windows\system32\dllcache\cwbwdm.sys
+ 2012-05-28 04:47 . 2001-08-17 19:19 96256 c:\windows\system32\dllcache\ctlsb16.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\ctfmon.exe
+ 2004-08-04 12:00 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2009-12-14 07:08 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 62464 c:\windows\system32\dllcache\cryptsvc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 64512 c:\windows\system32\dllcache\cryptnet.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 53760 c:\windows\system32\dllcache\cryptext.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 33280 c:\windows\system32\dllcache\cryptdll.dll
+ 2012-05-28 04:47 . 2001-08-17 19:19 42112 c:\windows\system32\dllcache\crtaud.sys
+ 2012-05-28 04:47 . 2001-08-17 19:11 60970 c:\windows\system32\dllcache\cpqtrnd5.sys
+ 2012-05-28 04:47 . 2001-08-17 19:13 21533 c:\windows\system32\dllcache\cpqndis5.sys
+ 2012-05-28 04:47 . 2001-08-17 20:52 14976 c:\windows\system32\dllcache\cpqarray.sys
+ 2012-05-28 04:47 . 2008-04-13 18:36 10240 c:\windows\system32\dllcache\compbatt.sys
+ 2009-05-10 17:29 . 2008-04-14 00:11 60416 c:\windows\system32\dllcache\colbact.dll
+ 2012-05-28 04:47 . 2001-08-17 19:11 39936 c:\windows\system32\dllcache\cnxt1803.sys
+ 2012-05-28 04:47 . 2001-08-18 05:36 44032 c:\windows\system32\dllcache\cnusd.dll
+ 2004-08-04 00:56 . 2008-04-14 00:11 47104 c:\windows\system32\dllcache\cnbjmon.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 39424 c:\windows\system32\dllcache\cmutil.dll
+ 2012-05-28 04:47 . 2001-08-17 20:51 20736 c:\windows\system32\dllcache\cmbp0wdm.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 58368 c:\windows\system32\dllcache\clusapi.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 64000 c:\windows\system32\dllcache\cleanmgr.exe
+ 2012-05-28 04:46 . 2001-08-17 20:57 45696 c:\windows\system32\dllcache\cirrus.sys
+ 2012-05-28 04:46 . 2001-08-17 21:56 91264 c:\windows\system32\dllcache\cirrus.dll
+ 2004-08-04 12:00 . 2008-04-14 00:09 16896 c:\windows\system32\dllcache\cfgmgr32.dll
+ 2012-05-28 04:46 . 2001-08-17 19:13 49182 c:\windows\system32\dllcache\cem56n5.sys
+ 2012-05-28 04:46 . 2001-08-17 19:13 22044 c:\windows\system32\dllcache\cem33n5.sys
+ 2012-05-28 04:46 . 2001-08-17 19:13 22044 c:\windows\system32\dllcache\cem28n5.sys
+ 2012-05-28 04:46 . 2001-08-17 19:13 27164 c:\windows\system32\dllcache\ce3n5.sys
+ 2012-05-28 04:46 . 2001-08-17 19:13 21530 c:\windows\system32\dllcache\ce2n5.sys
+ 2004-08-04 12:00 . 2008-04-13 19:14 63744 c:\windows\system32\dllcache\cdfs.sys
+ 2001-08-17 13:52 . 2004-08-04 12:00 18688 c:\windows\system32\dllcache\cdaudio.sys
+ 2012-05-28 04:46 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2012-05-28 04:46 . 2001-08-17 19:13 46108 c:\windows\system32\dllcache\cben5.sys
+ 2012-05-28 04:46 . 2001-08-17 19:12 39680 c:\windows\system32\dllcache\cb325.sys
+ 2012-05-28 04:46 . 2001-08-17 19:12 37916 c:\windows\system32\dllcache\cb102.sys
+ 2012-05-28 04:46 . 2001-08-18 05:36 74240 c:\windows\system32\dllcache\camexo20.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 60416 c:\windows\system32\dllcache\cabinet.dll
+ 2012-05-28 04:46 . 2001-08-17 20:51 13824 c:\windows\system32\dllcache\bulltlp3.sys
+ 2012-05-28 04:46 . 2001-08-17 19:11 31529 c:\windows\system32\dllcache\brzwlan.sys
+ 2012-05-28 04:46 . 2001-08-17 20:12 10368 c:\windows\system32\dllcache\brusbscn.sys
+ 2012-05-28 04:46 . 2001-08-17 20:12 11008 c:\windows\system32\dllcache\brusbmdm.sys
+ 2012-05-28 04:46 . 2001-08-17 20:12 60416 c:\windows\system32\dllcache\brserwdm.sys
+ 2012-05-28 04:46 . 2001-08-17 20:12 39552 c:\windows\system32\dllcache\brparwdm.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 77824 c:\windows\system32\dllcache\browser.dll
+ 2004-08-04 12:00 . 2008-04-13 17:03 63488 c:\windows\system32\dllcache\browselc.dll
+ 2012-05-28 04:46 . 2001-08-18 05:36 41472 c:\windows\system32\dllcache\brmfusb.dll
+ 2012-05-28 04:46 . 2001-08-18 05:36 32256 c:\windows\system32\dllcache\brmfrsmg.exe
+ 2012-05-28 04:46 . 2001-08-18 05:36 29696 c:\windows\system32\dllcache\brmflpt.dll
+ 2012-05-28 04:46 . 2001-08-18 05:36 81408 c:\windows\system32\dllcache\brmfcwia.dll
+ 2012-05-28 04:46 . 2001-08-18 05:36 15360 c:\windows\system32\dllcache\brmfbidi.dll
+ 2012-05-28 04:46 . 2001-08-17 20:12 12160 c:\windows\system32\dllcache\brfiltlo.sys
+ 2012-05-28 04:46 . 2001-08-18 05:36 12800 c:\windows\system32\dllcache\brevif.dll
+ 2012-05-28 04:46 . 2001-08-18 05:36 19456 c:\windows\system32\dllcache\brbidiif.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 71680 c:\windows\system32\dllcache\blastcln.exe
+ 2012-05-28 04:46 . 2008-04-13 18:46 11776 c:\windows\system32\dllcache\bdasup.sys
+ 2012-05-28 04:46 . 2001-08-17 19:11 26568 c:\windows\system32\dllcache\bcm4e5.sys
+ 2012-05-28 04:46 . 2001-08-17 19:11 54271 c:\windows\system32\dllcache\bcm42xx5.sys
+ 2012-05-28 04:46 . 2001-08-17 19:11 66557 c:\windows\system32\dllcache\bcm42u.sys
+ 2012-05-28 04:46 . 2008-04-13 18:36 14208 c:\windows\system32\dllcache\battc.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 29184 c:\windows\system32\dllcache\batmeter.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 52736 c:\windows\system32\dllcache\basesrv.dll
+ 2012-05-28 04:46 . 2001-08-17 19:48 36128 c:\windows\system32\dllcache\banshee.sys
+ 2012-05-28 04:46 . 2001-08-17 19:11 96640 c:\windows\system32\dllcache\b57xp32.sys
+ 2012-05-28 04:46 . 2001-08-17 19:13 89952 c:\windows\system32\dllcache\b1cbase.sys
+ 2012-05-28 04:46 . 2001-08-17 19:19 36992 c:\windows\system32\dllcache\aztw2320.sys
+ 2012-05-28 04:46 . 2001-08-17 19:13 37568 c:\windows\system32\dllcache\avmwan.sys
+ 2012-05-28 04:46 . 2001-08-18 05:36 87552 c:\windows\system32\dllcache\avmcoxp.dll
- 2009-06-10 14:13 . 2009-11-27 16:07 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2004-08-04 12:00 . 2009-11-27 16:07 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2012-05-28 04:46 . 2008-04-13 18:46 13696 c:\windows\system32\dllcache\avcstrm.sys
+ 2012-05-28 04:46 . 2001-08-17 21:01 36096  c:\windows\system32\dllcache\avcaudio.sys
+ 2012-05-28 04:46 . 2008-04-13 18:46 38912 c:\windows\system32\dllcache\avc.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 62464 c:\windows\system32\dllcache\authz.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 16439 c:\windows\system32\dllcache\author.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 20540 c:\windows\system32\dllcache\author.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 42496 c:\windows\system32\dllcache\audiosrv.dll
+ 2004-08-04 12:00 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
- 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
+ 2012-05-28 04:46 . 2001-08-17 19:49 23552 c:\windows\system32\dllcache\atixbar.sys
+ 2012-05-28 04:46 . 2001-08-17 19:49 26624 c:\windows\system32\dllcache\ativxbar.sys
+ 2012-05-28 04:46 . 2001-08-17 19:49 19456 c:\windows\system32\dllcache\ativttxx.sys
+ 2012-05-28 04:46 . 2001-08-17 19:49 17152 c:\windows\system32\dllcache\atitvsnd.sys
+ 2012-05-28 04:46 . 2001-08-17 19:49 17152 c:\windows\system32\dllcache\atitunep.sys
+ 2012-05-28 04:46 . 2001-08-17 19:49 26880 c:\windows\system32\dllcache\atirtsnd.sys
+ 2012-05-28 04:46 . 2001-08-17 19:49 49920 c:\windows\system32\dllcache\atirtcap.sys
+ 2012-05-28 04:46 . 2001-08-17 19:48 70528 c:\windows\system32\dllcache\atiragem.sys
+ 2012-05-28 04:46 . 2001-08-17 19:49 10240 c:\windows\system32\dllcache\atipcxxx.sys
+ 2012-05-28 04:45 . 2001-08-17 19:49 75136 c:\windows\system32\dllcache\atimpae.sys
+ 2012-05-28 04:45 . 2001-08-17 19:49 46464 c:\windows\system32\dllcache\atibt829.sys
+ 2012-05-28 04:45 . 2001-08-17 20:57 77568 c:\windows\system32\dllcache\ati.sys
+ 2012-05-28 04:45 . 2001-08-17 21:55 96128 c:\windows\system32\dllcache\ati.dll
+ 2004-08-04 12:00 . 2008-04-13 18:40 96512 c:\windows\system32\dllcache\atapi.sys
+ 2004-08-04 12:00 . 2008-04-13 18:57 14336 c:\windows\system32\dllcache\asyncmac.sys
+ 2012-05-28 04:45 . 2001-08-17 19:12 97354 c:\windows\system32\dllcache\aspndis3.sys
+ 2012-05-28 04:45 . 2001-08-17 20:51 14848 c:\windows\system32\dllcache\asc3550.sys
+ 2012-05-28 04:45 . 2001-08-17 20:52 22400 c:\windows\system32\dllcache\asc3350p.sys
+ 2012-05-28 04:45 . 2001-08-17 20:52 26496 c:\windows\system32\dllcache\asc.sys
+ 2012-05-28 04:45 . 2004-08-04 05:31 36224 c:\windows\system32\dllcache\an983.sys
+ 2012-05-28 04:45 . 2001-08-17 20:52 12032 c:\windows\system32\dllcache\amsint.sys
+ 2012-05-28 04:45 . 2001-08-17 19:11 16969 c:\windows\system32\dllcache\amb8002.sys
+ 2012-05-28 04:45 . 2001-08-17 20:49 26624 c:\windows\system32\dllcache\alifir.sys
+ 2012-05-28 04:45 . 2001-08-17 19:11 27678 c:\windows\system32\dllcache\ali5261.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 44544 c:\windows\system32\dllcache\alg.exe
+ 2012-05-28 04:45 . 2001-08-17 21:07 56960 c:\windows\system32\dllcache\aic78xx.sys
+ 2012-05-28 04:45 . 2001-08-17 21:07 55168 c:\windows\system32\dllcache\aic78u2.sys
+ 2012-05-28 04:45 . 2001-08-17 20:52 12800 c:\windows\system32\dllcache\aha154x.sys
+ 2007-04-02 18:26 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt040d.dll
+ 2007-04-02 18:25 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0401.dll
+ 2012-05-28 04:45 . 2001-08-17 19:11 46112 c:\windows\system32\dllcache\adptsf50.sys
+ 2012-05-28 04:45 . 2004-08-04 05:32 10880 c:\windows\system32\dllcache\admjoy.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 16439 c:\windows\system32\dllcache\admin.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 20540 c:\windows\system32\dllcache\admin.dll
+ 2012-05-28 04:45 . 2001-08-17 19:11 20160 c:\windows\system32\dllcache\adm8511.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 98304 c:\windows\system32\dllcache\actxprxy.dll
+ 2012-05-28 04:45 . 2001-08-18 05:36 61440 c:\windows\system32\dllcache\acerscad.dll
+ 2012-05-28 04:45 . 2004-08-04 05:32 84480 c:\windows\system32\dllcache\ac97via.sys
+ 2012-05-28 04:45 . 2001-08-17 19:20 96256 c:\windows\system32\dllcache\ac97intc.sys
+ 2012-05-28 04:45 . 2001-08-17 20:52 23552 c:\windows\system32\dllcache\abp480n5.sys
+ 2012-05-28 04:45 . 2001-08-18 05:36 98304 c:\windows\system32\dllcache\a3d.dll
+ 2012-05-28 04:45 . 2001-08-17 21:55 38400 c:\windows\system32\dllcache\8514a.dll
+ 2012-05-28 04:45 . 2008-04-13 18:46 48128 c:\windows\system32\dllcache\61883.sys
+ 2012-05-28 04:45 . 2008-04-13 18:40 12288 c:\windows\system32\dllcache\4mmdat.sys
+ 2012-05-28 04:45 . 2001-08-17 21:06 11264 c:\windows\system32\dllcache\1394vdbg.sys
+ 2012-05-28 04:45 . 2008-04-13 18:46 53376 c:\windows\system32\dllcache\1394bus.sys
- 2004-08-04 12:00 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll
+ 2004-08-04 12:00 . 2011-10-28 05:31 33280 c:\windows\system32\csrsrv.dll
+ 2012-05-27 18:21 . 2012-06-01 15:29 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-10 17:36 . 2012-05-18 18:44 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-05-10 17:36 . 2012-06-01 15:29 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2012-05-27 18:21 . 2012-06-01 15:29 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-12-25 10:49 . 2011-12-25 10:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-08-06 02:28 . 2012-06-01 15:32 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-08-06 02:28 . 2011-04-21 10:01 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-01-03 16:45 . 2012-01-03 16:45 16832 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\ViewerPS.dll
+ 2012-01-04 05:51 . 2012-01-04 05:51 37296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\reader_sl.exe
+ 2012-01-03 16:44 . 2012-01-03 16:44 79280 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\PDFPrevHndlr.dll
+ 2012-01-04 05:15 . 2012-01-04 05:15 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\eula.exe
+ 2012-01-04 04:52 . 2012-01-04 04:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\acrotextextractor.exe
+ 2012-01-03 15:19 . 2012-01-03 15:19 16824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\AcroRd32Info.exe
+ 2012-01-03 15:16 . 2012-01-03 15:16 75200 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\acroiehelpershim.dll
+ 2012-01-03 15:16 . 2012-01-03 15:16 61888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\AcroIEHelper.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 12800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 43520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\7aac1fe67890463655aeeb3b8e4f2884\System.Web.DynamicData.Design.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll
+ 2012-06-01 16:12 . 2012-06-01 16:12 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe
+ 2012-06-01 16:12 . 2012-06-01 16:12 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c8fc74b6f19de1a403f0e557a11aa9ca\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a2bb2449699f12ceb3eaff60a5a0632d\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3056b7bb6c5f44fd998e89d397f6fc79\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0a5d8c3e21d8683958868496373bb435\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe
+ 2012-06-01 16:20 . 2012-06-01 16:20 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
- 2011-04-15 10:04 . 2011-04-15 10:04 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-04-15 10:04 . 2011-04-15 10:04 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-04-15 10:04 . 2011-04-15 10:04 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-04-15 10:04 . 2011-04-15 10:04 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-05-28 05:05 . 2001-08-18 05:37 4608 c:\windows\system32\dllcache\xrxflnch.exe
+ 2012-05-28 05:05 . 2008-04-14 00:12 8192 c:\windows\system32\dllcache\wshirda.dll
+ 2012-05-28 05:05 . 2008-04-13 18:36 8832 c:\windows\system32\dllcache\wmiacpi.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 5632 c:\windows\system32\dllcache\wmi.dll
+ 2012-05-28 05:04 . 2008-04-13 18:40 5376 c:\windows\system32\dllcache\viaide.sys
+ 2012-05-28 05:04 . 2001-08-17 20:28 7556 c:\windows\system32\dllcache\usroslba.sys
+ 2004-08-04 12:00 . 2004-08-04 12:00 4736 c:\windows\system32\dllcache\usbd.sys
- 2009-11-27 16:07 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2012-05-28 05:02 . 2001-08-17 20:51 4992 c:\windows\system32\dllcache\toside.sys
+ 2012-05-28 05:02 . 2001-08-17 20:52 7040 c:\windows\system32\dllcache\tandqic.sys
+ 2012-05-28 05:01 . 2001-08-17 21:02 3968 c:\windows\system32\dllcache\swusbflt.sys
+ 2004-08-03 22:58 . 2008-04-13 18:39 4352 c:\windows\system32\dllcache\swenum.sys
+ 2012-05-28 05:01 . 2001-08-17 20:56 7552 c:\windows\system32\dllcache\sonypvu1.sys
+ 2012-05-28 05:00 . 2001-08-17 20:53 9600 c:\windows\system32\dllcache\sonymc.sys
+ 2012-05-28 05:00 . 2008-04-13 18:40 7552 c:\windows\system32\dllcache\sonyait.sys
+ 2012-05-28 05:00 . 2001-08-17 20:53 7040 c:\windows\system32\dllcache\snyaitmc.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 8704 c:\windows\system32\dllcache\snmptrap.exe
+ 2008-04-14 00:12 . 2008-04-14 00:12 6144 c:\windows\system32\dllcache\snmpmib.dll
+ 2012-05-28 05:00 . 2001-08-17 20:57 6784 c:\windows\system32\dllcache\smbhc.sys
+ 2012-05-28 05:00 . 2008-04-13 18:36 6912 c:\windows\system32\dllcache\smbclass.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 5120 c:\windows\system32\dllcache\sfc.dll
+ 2012-05-28 04:59 . 2001-08-17 20:53 6784 c:\windows\system32\dllcache\serscan.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 7168 c:\windows\system32\dllcache\sensapi.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 5632 c:\windows\system32\dllcache\security.dll
+ 2012-05-28 04:59 . 2001-08-17 20:53 6912 c:\windows\system32\dllcache\seaddsmc.sys
+ 2012-05-28 04:58 . 2001-08-18 05:36 9216 c:\windows\system32\dllcache\rsmgrstr.dll
+ 2012-05-28 04:58 . 2001-08-17 19:19 3840 c:\windows\system32\dllcache\rpfun.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 7680 c:\windows\system32\dllcache\rasadhlp.dll
+ 2012-05-28 04:57 . 2001-08-17 20:53 3328 c:\windows\system32\dllcache\qv2kux.sys
+ 2012-05-28 04:57 . 2008-04-13 18:40 6016 c:\windows\system32\dllcache\qic157.sys
+ 2012-05-28 04:57 . 2001-08-18 05:36 5632 c:\windows\system32\dllcache\ptpusb.dll
+ 2012-05-28 04:57 . 2008-04-13 18:40 8832 c:\windows\system32\dllcache\powerfil.sys
+ 2012-05-28 04:57 . 2001-08-17 20:53 7168 c:\windows\system32\dllcache\pnrmc.sys
+ 2012-05-28 04:56 . 2001-08-17 21:07 5504 c:\windows\system32\dllcache\perc2hib.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 8192 c:\windows\system32\dllcache\ntlsapi.dll
+ 2012-05-28 04:55 . 2001-08-17 20:47 9344 c:\windows\system32\dllcache\ntapm.sys
+ 2012-05-28 04:55 . 2001-08-17 20:53 7552 c:\windows\system32\dllcache\nsmmc.sys
+ 2012-05-28 04:54 . 2001-08-18 05:36 7168 c:\windows\system32\dllcache\mxport.dll
+ 2012-05-28 04:54 . 2008-04-13 18:39 5504 c:\windows\system32\dllcache\mstee.sys
+ 2012-05-28 04:54 . 2001-08-17 21:00 2944 c:\windows\system32\dllcache\msmpu401.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 4608 c:\windows\system32\dllcache\msimg32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 6656 c:\windows\system32\dllcache\msidle.dll
+ 2012-05-28 04:53 . 2001-08-17 20:48 6016 c:\windows\system32\dllcache\msfsio.sys
+ 2012-05-28 04:53 . 2001-08-17 20:52 6528 c:\windows\system32\dllcache\miniqic.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 7680 c:\windows\system32\dllcache\migregdb.exe
+ 2012-05-28 04:53 . 2001-08-17 20:58 8320 c:\windows\system32\dllcache\memcard.sys
+ 2012-05-28 04:53 . 2001-08-17 20:52 7424 c:\windows\system32\dllcache\mammoth.sys
+ 2012-05-28 04:53 . 2008-04-13 18:40 7040 c:\windows\system32\dllcache\ltotape.sys
+ 2012-05-28 04:53 . 2001-08-17 20:53 4992 c:\windows\system32\dllcache\loop.sys
+ 2012-05-28 04:52 . 2008-04-13 18:40 5504 c:\windows\system32\dllcache\intelide.sys
+ 2012-05-28 04:51 . 2001-08-18 05:34 9216 c:\windows\system32\dllcache\ibmsgnet.dll
+ 2012-05-28 04:51 . 2008-04-13 18:41 8576 c:\windows\system32\dllcache\i2omgmt.sys
+ 2012-05-28 04:50 . 2001-08-17 20:52 5760 c:\windows\system32\dllcache\hpt4qic.sys
+ 2012-05-28 04:50 . 2001-08-17 21:02 2688 c:\windows\system32\dllcache\hidswvd.sys
+ 2012-05-28 04:50 . 2001-08-17 21:02 8576 c:\windows\system32\dllcache\hidgame.sys
+ 2008-04-14 00:09 . 2008-04-14 00:09 6656 c:\windows\system32\dllcache\fxsres.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 8704 c:\windows\system32\dllcache\fxsperf.dll
+ 2004-08-04 12:00 . 2008-04-14 00:09 9344 c:\windows\system32\dllcache\framebuf.dll
+ 2012-05-28 04:49 . 2001-08-17 20:52 7040 c:\windows\system32\dllcache\exabyte2.sys
+ 2012-05-28 04:48 . 2001-08-17 20:46 6400 c:\windows\system32\dllcache\enum1394.sys
+ 2012-05-28 04:48 . 2001-08-17 20:53 7296 c:\windows\system32\dllcache\elmsmc.sys
+ 2012-05-28 04:48 . 2001-08-17 20:47 8704 c:\windows\system32\dllcache\dot4scan.sys
+ 2008-04-14 00:11 . 2008-04-14 00:11 9216 c:\windows\system32\dllcache\dot3dlg.dll
+ 2012-05-28 04:48 . 2008-04-13 18:40 8320 c:\windows\system32\dllcache\dlttape.sys
+ 2012-05-28 04:48 . 2001-08-18 05:36 6216 c:\windows\system32\dllcache\divaci.dll
+ 2012-05-28 04:47 . 2001-08-17 20:52 7424 c:\windows\system32\dllcache\ddsmc.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 8704 c:\windows\system32\dllcache\dciman32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 8192 c:\windows\system32\dllcache\d3d8thk.dll
+ 2012-05-28 04:47 . 2001-08-17 19:19 3584 c:\windows\system32\dllcache\cwcosnt5.sys
+ 2012-05-28 04:47 . 2001-08-17 19:19 3072 c:\windows\system32\dllcache\cwbmidi.sys
+ 2012-05-28 04:47 . 2001-08-17 19:19 3072 c:\windows\system32\dllcache\cwbase.sys
+ 2012-05-28 04:47 . 2001-08-18 05:36 4096 c:\windows\system32\dllcache\ctwdm32.dll
+ 2012-05-28 04:47 . 2001-08-17 19:19 3712 c:\windows\system32\dllcache\ctljystk.sys
+ 2012-05-28 04:47 . 2001-08-17 19:19 6912 c:\windows\system32\dllcache\ctlfacem.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 6144 c:\windows\system32\dllcache\csrss.exe
+ 2012-05-28 04:47 . 2001-08-17 20:51 6656 c:\windows\system32\dllcache\cmdide.sys
+ 2012-05-28 04:46 . 2008-04-13 18:40 8192 c:\windows\system32\dllcache\changer.sys
+ 2012-05-28 04:46 . 2001-08-17 20:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys
+ 2012-05-28 04:46 . 2001-08-18 05:36 9728 c:\windows\system32\dllcache\brserif.dll
+ 2012-05-28 04:46 . 2001-08-18 05:36 5120 c:\windows\system32\dllcache\brscnrsm.dll
+ 2012-05-28 04:46 . 2001-08-17 20:12 3168 c:\windows\system32\dllcache\brparimg.sys
+ 2012-05-28 04:46 . 2001-08-17 20:12 3968 c:\windows\system32\dllcache\brfiltup.sys
+ 2012-05-28 04:46 . 2001-08-17 20:12 2944 c:\windows\system32\dllcache\brfilt.sys
+ 2012-05-28 04:46 . 2001-08-18 05:36 9728 c:\windows\system32\dllcache\brcoinst.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 7168 c:\windows\system32\dllcache\bitsprx4.dll
+ 2009-05-10 10:23 . 2001-08-17 13:59 3072 c:\windows\system32\dllcache\audstub.sys
+ 2012-05-28 04:46 . 2001-08-17 19:49 9472 c:\windows\system32\dllcache\ativmdcd.sys
+ 2012-05-28 04:45 . 2001-08-17 20:47 6272 c:\windows\system32\dllcache\apmbatt.sys
+ 2012-05-28 04:45 . 2001-08-17 20:51 5248 c:\windows\system32\dllcache\aliide.sys
+ 2012-05-28 04:45 . 2001-08-17 20:53 7424 c:\windows\system32\dllcache\adicvls.sys
- 2011-04-15 10:05 . 2011-04-15 10:05 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-04-15 10:05 . 2011-04-15 10:05 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
+ 2012-04-06 06:13 . 2012-04-06 06:13 299080 c:\windows\system32\XPSViewer\XPSViewer.exe
- 2004-08-04 12:00 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
+ 2004-08-04 12:00 . 2012-02-29 14:10 177664 c:\windows\system32\wintrust.dll
- 2004-08-04 12:00 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
+ 2004-08-04 12:00 . 2011-11-25 21:57 293376 c:\windows\system32\winsrv.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 176128 c:\windows\system32\winmm.dll
+ 2004-08-04 12:00 . 2011-10-14 14:47 176128 c:\windows\system32\winmm.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 916992 c:\windows\system32\wininet.dll
+ 2004-08-04 12:00 . 2011-11-16 14:21 354816 c:\windows\system32\winhttp.dll
- 2004-08-04 12:00 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 105984 c:\windows\system32\url.dll
- 2004-08-04 12:00 . 2009-03-08 11:34 105984 c:\windows\system32\url.dll
+ 2008-07-30 02:59 . 2011-09-26 18:41 611328 c:\windows\system32\uiautomationcore.dll
+ 2004-08-04 12:00 . 2011-11-16 14:21 152064 c:\windows\system32\schannel.dll
+ 2004-08-04 12:00 . 2011-11-03 15:28 386048 c:\windows\system32\qdvd.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 386048 c:\windows\system32\qdvd.dll
+ 2004-08-04 12:00 . 2012-06-01 16:01 447596 c:\windows\system32\perfh009.dat
+ 2004-08-04 12:00 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll
+ 2004-08-04 12:00 . 2011-09-26 18:41 220160 c:\windows\system32\oleacc.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 206848 c:\windows\system32\occache.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 611840 c:\windows\system32\mstime.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 611840 c:\windows\system32\mstime.dll
- 2009-03-08 11:32 . 2011-02-22 23:06 602112 c:\windows\system32\msfeeds.dll
+ 2009-03-08 11:32 . 2012-03-01 11:01 602112 c:\windows\system32\msfeeds.dll
- 2011-05-30 17:08 . 2011-05-30 17:07 157472 c:\windows\system32\javaws.exe
+ 2012-06-01 15:49 . 2012-06-01 15:49 157472 c:\windows\system32\javaws.exe
+ 2012-06-01 15:49 . 2012-06-01 15:49 149280 c:\windows\system32\javaw.exe
+ 2012-06-01 15:49 . 2012-06-01 15:49 149280 c:\windows\system32\java.exe
- 2009-05-10 17:30 . 2011-03-07 05:33 692736 c:\windows\system32\inetcomm.dll
+ 2009-05-10 17:30 . 2011-10-10 14:22 692736 c:\windows\system32\inetcomm.dll
+ 2004-08-04 12:00 . 2012-02-29 14:10 148480 c:\windows\system32\imagehlp.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2012-02-29 12:17 174080 c:\windows\system32\ie4uinit.exe
- 2009-05-10 10:19 . 2011-04-15 10:22 141240 c:\windows\system32\FNTCACHE.DAT
+ 2009-05-10 10:19 . 2012-06-01 16:11 141240 c:\windows\system32\FNTCACHE.DAT
- 2004-08-04 12:00 . 2011-02-09 13:53 186880 c:\windows\system32\encdec.dll
+ 2004-08-04 12:00 . 2011-10-18 11:13 186880 c:\windows\system32\encdec.dll
+ 2009-05-10 17:29 . 2012-01-09 16:20 139784 c:\windows\system32\drivers\rdpwd.sys
+ 2004-08-04 12:00 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
+ 2004-08-04 12:00 . 2011-07-15 13:29 456320 c:\windows\system32\drivers\mrxsmb.sys
- 2004-08-04 12:00 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-04 12:00 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 338432 c:\windows\system32\dllcache\zipfldr.dll
+ 2008-04-13 17:39 . 2008-04-13 17:39 689152 c:\windows\system32\dllcache\xpsp3res.dll
+ 2004-08-04 12:00 . 2008-04-13 17:39 187392 c:\windows\system32\dllcache\xpsp1res.dll
+ 2004-08-04 12:00 . 2008-04-13 17:39 438784 c:\windows\system32\dllcache\xpob2res.dll
+ 2004-08-04 00:56 . 2008-04-14 00:12 483840 c:\windows\system32\dllcache\wzcsvc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 264192 c:\windows\system32\dllcache\wow32.dll
+ 2007-09-06 05:23 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe
- 2009-05-12 21:33 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe
+ 2009-05-10 17:29 . 2008-04-14 00:12 144896 c:\windows\system32\dllcache\wmisvc.dll
- 2009-05-12 21:34 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2009-05-10 17:29 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2009-05-10 17:29 . 2009-02-09 12:10 453120 c:\windows\system32\dllcache\wmiprvsd.dll
- 2009-05-12 21:34 . 2009-02-09 12:10 453120 c:\windows\system32\dllcache\wmiprvsd.dll
+ 2012-05-28 05:05 . 2004-08-04 05:31 154624 c:\windows\system32\dllcache\wlluc48.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 172032 c:\windows\system32\dllcache\wldap32.dll
+ 2004-08-04 12:00 . 2009-06-10 06:14 132096 c:\windows\system32\dllcache\wkssvc.dll
- 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2004-08-04 12:00 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll
- 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
- 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2004-08-04 12:00 . 2011-11-25 21:57 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 146432 c:\windows\system32\dllcache\winspool.drv
- 2009-05-10 10:20 . 2008-04-14 00:12 146432 c:\windows\system32\dllcache\winspool.drv
+ 2004-08-04 12:00 . 2011-10-14 14:47 176128 c:\windows\system32\dllcache\winmm.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 507904 c:\windows\system32\dllcache\winlogon.exe
+ 2004-08-04 12:00 . 2012-03-01 11:01 916992 c:\windows\system32\dllcache\wininet.dll
- 2008-12-16 12:30 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-04 12:00 . 2011-11-16 14:21 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2012-05-28 05:05 . 2001-08-17 20:28 771581 c:\windows\system32\dllcache\winacisa.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 102400 c:\windows\system32\dllcache\win32spl.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 589312 c:\windows\system32\dllcache\wiashext.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 333824 c:\windows\system32\dllcache\wiaservc.dll
+ 2012-05-28 05:05 . 2001-08-17 20:28 701386 c:\windows\system32\dllcache\wdhaalba.sys
+ 2009-05-10 17:29 . 2008-04-14 00:12 273920 c:\windows\system32\dllcache\wbemess.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 178176 c:\windows\system32\dllcache\wbemdisp.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 531456 c:\windows\system32\dllcache\wbemcore.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 214528 c:\windows\system32\dllcache\wbemcomn.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 175104 c:\windows\system32\dllcache\w32time.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 430592 c:\windows\system32\dllcache\vssapi.dll
+ 2012-05-28 05:04 . 2001-08-17 20:28 397502 c:\windows\system32\dllcache\vpctcom.sys
+ 2012-05-28 05:04 . 2001-08-17 20:28 604253 c:\windows\system32\dllcache\vmodem.sys
+ 2012-05-28 05:04 . 2001-08-17 19:14 249402 c:\windows\system32\dllcache\vinwm.sys
+ 2007-09-06 05:25 . 2011-04-30 03:01 758784 c:\windows\system32\dllcache\vgx.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 218624 c:\windows\system32\dllcache\uxtheme.dll
+ 2012-05-28 05:04 . 2001-08-17 20:28 687999 c:\windows\system32\dllcache\usrwdxjs.sys
+ 2012-05-28 05:04 . 2001-08-17 20:28 765884 c:\windows\system32\dllcache\usrti.sys
+ 2012-05-28 05:04 . 2001-08-17 20:28 113762 c:\windows\system32\dllcache\usrpda.sys
+ 2012-05-28 05:04 . 2001-08-17 20:28 224802 c:\windows\system32\dllcache\usr1807a.sys
+ 2012-05-28 05:04 . 2001-08-17 20:28 794399 c:\windows\system32\dllcache\usr1806v.sys
+ 2012-05-28 05:04 . 2001-08-17 20:28 793598 c:\windows\system32\dllcache\usr1806.sys
+ 2012-05-28 05:04 . 2001-08-17 20:28 794654 c:\windows\system32\dllcache\usr1801.sys
+ 2004-08-04 12:00 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
- 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 727040 c:\windows\system32\dllcache\userenv.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 578560 c:\windows\system32\dllcache\user32.dll
+ 2004-08-04 12:00 . 2008-04-13 18:45 143872 c:\windows\system32\dllcache\usbport.sys
+ 2004-08-04 12:00 . 2012-03-01 11:01 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-04 12:00 . 2009-03-08 11:34 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 185856 c:\windows\system32\dllcache\upnphost.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 133632 c:\windows\system32\dllcache\upnp.dll
+ 2004-08-04 12:00 . 2008-04-13 18:39 384768 c:\windows\system32\dllcache\update.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 123392 c:\windows\system32\dllcache\umpnpmgr.dll
+ 2012-05-28 05:03 . 2001-08-18 05:36 211968 c:\windows\system32\dllcache\um54scan.dll
+ 2012-05-28 05:03 . 2001-08-18 05:36 216064 c:\windows\system32\dllcache\um34scan.dll
- 2009-09-14 19:12 . 2009-06-21 21:44 153088 c:\windows\system32\dllcache\triedit.dll
+ 2007-09-06 05:24 . 2009-06-21 21:44 153088 c:\windows\system32\dllcache\triedit.dll
+ 2012-05-28 05:03 . 2001-08-17 19:51 166784 c:\windows\system32\dllcache\tridxpm.sys
+ 2012-05-28 05:03 . 2001-08-18 05:36 525568 c:\windows\system32\dllcache\tridxp.dll
+ 2012-05-28 05:03 . 2001-08-17 19:51 159232 c:\windows\system32\dllcache\tridkbm.sys
+ 2012-05-28 05:03 . 2001-08-17 21:56 440576 c:\windows\system32\dllcache\tridkb.dll
+ 2012-05-28 05:03 . 2001-08-17 19:51 222336 c:\windows\system32\dllcache\trid3dm.sys
+ 2012-05-28 05:03 . 2001-08-17 21:56 315520 c:\windows\system32\dllcache\trid3d.dll
+ 2012-05-28 05:02 . 2001-08-17 21:02 230912 c:\windows\system32\dllcache\tosdvd03.sys
+ 2012-05-28 05:02 . 2001-08-17 21:01 241664 c:\windows\system32\dllcache\tosdvd02.sys
+ 2012-05-28 05:02 . 2001-08-17 19:14 123995 c:\windows\system32\dllcache\tjisdn.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 385536 c:\windows\system32\dllcache\themeui.dll
+ 2012-05-28 05:02 . 2001-08-17 19:51 138528 c:\windows\system32\dllcache\tgiulnt5.sys
+ 2012-05-28 05:02 . 2008-04-13 18:40 149376 c:\windows\system32\dllcache\tffsport.sys
+ 2009-05-10 17:29 . 2008-04-14 00:12 295424 c:\windows\system32\dllcache\termsrv.dll
- 2008-06-20 11:51 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\tcpip.sys
+ 2004-08-04 12:00 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\tcpip.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 249856 c:\windows\system32\dllcache\tapisrv.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 181760 c:\windows\system32\dllcache\tapi32.dll
+ 2012-05-28 05:02 . 2001-08-17 21:56 172768 c:\windows\system32\dllcache\t2r4disp.dll
- 2009-06-16 14:36 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2004-08-04 12:00 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 713216 c:\windows\system32\dllcache\sxs.dll
+ 2012-05-28 05:01 . 2001-08-17 20:50 103936 c:\windows\system32\dllcache\sx.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 121856 c:\windows\system32\dllcache\stobject.dll
+ 2012-05-28 05:01 . 2001-08-18 05:36 155648 c:\windows\system32\dllcache\stlnprop.dll
+ 2012-05-28 05:01 . 2001-08-17 19:18 285760 c:\windows\system32\dllcache\stlnata.sys
+ 2004-08-04 12:00 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
- 2009-05-12 21:34 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2009-05-10 17:30 . 2008-04-14 00:12 171008 c:\windows\system32\dllcache\srsvc.dll
+ 2009-05-10 17:30 . 2008-04-14 00:12 239104 c:\windows\system32\dllcache\srrstr.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 250368 c:\windows\system32\dllcache\sptip.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 538624 c:\windows\system32\dllcache\spider.exe
+ 2012-05-28 05:01 . 2001-08-18 05:36 106584 c:\windows\system32\dllcache\spdports.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 188416 c:\windows\system32\dllcache\snmpsmir.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 358400 c:\windows\system32\dllcache\snmpincl.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 259072 c:\windows\system32\dllcache\snmpcl.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 456192 c:\windows\system32\dllcache\smtpsvc.dll
+ 2012-05-28 05:00 . 2001-08-17 21:56 147200 c:\windows\system32\dllcache\smidispb.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 236544 c:\windows\system32\dllcache\smi2smir.exe
+ 2012-05-28 05:00 . 2001-08-17 21:56 157696 c:\windows\system32\dllcache\sisv256.dll
+ 2012-05-28 04:59 . 2001-08-17 19:50 104064 c:\windows\system32\dllcache\sisgrp.sys
+ 2012-05-28 04:59 . 2001-08-17 21:56 150144 c:\windows\system32\dllcache\sis6306v.dll
+ 2012-05-28 04:59 . 2001-08-17 21:56 252032 c:\windows\system32\dllcache\sis300iv.dll
+ 2012-05-28 04:59 . 2001-08-17 19:50 101760 c:\windows\system32\dllcache\sis300ip.sys
+ 2004-08-04 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
- 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2004-08-04 12:00 . 2009-12-08 09:23 474112 c:\windows\system32\dllcache\shlwapi.dll
- 2009-12-08 09:23 . 2009-12-08 09:23 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2004-08-04 12:00 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
- 2011-01-21 14:44 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
+ 2004-08-04 12:00 . 2008-04-13 17:03 549376 c:\windows\system32\dllcache\shdoclc.dll
+ 2012-05-28 04:59 . 2001-07-21 21:29 161568 c:\windows\system32\dllcache\sgsmusb.sys
+ 2012-05-28 04:59 . 2001-08-18 05:36 386560 c:\windows\system32\dllcache\sgiul50.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 140288 c:\windows\system32\dllcache\sfc_os.dll
+ 2004-08-04 12:00 . 2008-04-14 12:42 985088 c:\windows\system32\dllcache\setupapi.dll
+ 2004-08-04 12:00 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\services.exe
- 2009-05-12 21:34 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\services.exe
- 2008-05-09 10:53 . 2008-05-09 10:53 180224 c:\windows\system32\dllcache\scrobj.dll
+ 2004-08-04 12:00 . 2008-05-09 10:53 180224 c:\windows\system32\dllcache\scrobj.dll
+ 2009-05-10 17:30 . 2008-04-14 00:12 192512 c:\windows\system32\dllcache\schedsvc.dll
+ 2004-08-04 12:00 . 2011-11-16 14:21 152064 c:\windows\system32\dllcache\schannel.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 314880 c:\windows\system32\dllcache\scesrv.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 181248 c:\windows\system32\dllcache\scecli.dll
+ 2012-05-28 04:59 . 2001-08-18 05:36 495616 c:\windows\system32\dllcache\sblfx.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 415744 c:\windows\system32\dllcache\samsrv.dll
+ 2012-05-28 04:58 . 2001-08-17 21:56 245632 c:\windows\system32\dllcache\s3savmx.dll
+ 2012-05-28 04:58 . 2001-08-17 21:56 198400 c:\windows\system32\dllcache\s3sav4.dll
+ 2012-05-28 04:58 . 2001-08-17 21:56 179264 c:\windows\system32\dllcache\s3sav3d.dll
+ 2012-05-28 04:58 . 2001-08-17 21:56 210496 c:\windows\system32\dllcache\s3mvirge.dll
+ 2012-05-28 04:58 . 2001-08-17 21:56 182272 c:\windows\system32\dllcache\s3mt3d.dll
+ 2012-05-28 04:58 . 2001-08-17 19:50 166720 c:\windows\system32\dllcache\s3m.sys
+ 2004-08-04 12:00 . 2008-04-13 17:37 208384 c:\windows\system32\dllcache\rsaenh.dll
+ 2004-08-04 12:00 . 2009-02-09 12:10 401408 c:\windows\system32\dllcache\rpcss.dll
- 2009-05-12 21:34 . 2009-02-09 12:10 401408 c:\windows\system32\dllcache\rpcss.dll
- 2009-04-15 14:51 . 2010-08-16 08:45 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2004-08-04 12:00 . 2010-08-16 08:45 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 433664  c:\windows\system32\dllcache\riched20.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 178176 c:\windows\system32\dllcache\repdrvfs.dll
+ 2009-05-10 17:29 . 2012-01-09 16:20 139784 c:\windows\system32\dllcache\rdpwd.sys
+ 2004-08-04 12:00 . 2008-04-13 19:28 175744 c:\windows\system32\dllcache\rdbss.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 102400 c:\windows\system32\dllcache\rcbdyctl.dll
+ 2004-08-04 12:00 . 2009-10-12 13:38 149504 c:\windows\system32\dllcache\rastls.dll
- 2009-10-12 13:38 . 2009-10-12 13:38 149504 c:\windows\system32\dllcache\rastls.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 210944 c:\windows\system32\dllcache\rasppp.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 186368 c:\windows\system32\dllcache\rasmans.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 658432 c:\windows\system32\dllcache\rasdlg.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 237056 c:\windows\system32\dllcache\rasapi32.dll
+ 2012-05-28 04:57 . 2001-08-17 20:28 714762 c:\windows\system32\dllcache\r2mdmkxx.sys
+ 2012-05-28 04:57 . 2001-08-17 20:28 899146 c:\windows\system32\dllcache\r2mdkxga.sys
+ 2009-05-10 17:31 . 2008-04-14 00:12 409088 c:\windows\system32\dllcache\qmgr.dll
+ 2004-08-04 12:00 . 2011-11-03 15:28 386048 c:\windows\system32\dllcache\qdvd.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 386048 c:\windows\system32\dllcache\qdvd.dll
+ 2012-05-28 04:57 . 2001-08-17 20:28 130942 c:\windows\system32\dllcache\ptserlv.sys
+ 2012-05-28 04:57 . 2001-08-17 20:28 112574 c:\windows\system32\dllcache\ptserlp.sys
+ 2012-05-28 04:57 . 2001-08-17 20:28 128286 c:\windows\system32\dllcache\ptserli.sys
+ 2012-05-28 04:57 . 2008-04-14 00:12 159232 c:\windows\system32\dllcache\ptpusd.dll
+ 2012-05-28 04:57 . 2008-04-14 00:12 363520 c:\windows\system32\dllcache\psisdecd.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 560640 c:\windows\system32\dllcache\printui.dll
+ 2012-05-28 04:56 . 2001-08-17 21:04 173696 c:\windows\system32\dllcache\philcam2.sys
+ 2012-05-28 04:56 . 2008-04-14 00:10 259328 c:\windows\system32\dllcache\perm3dd.dll
+ 2012-05-28 04:56 . 2008-04-14 00:10 211584 c:\windows\system32\dllcache\perm2dll.dll
- 2009-05-12 21:34 . 2009-03-06 14:22 284160 c:\windows\system32\dllcache\pdh.dll
+ 2004-08-04 12:00 . 2009-03-06 14:22 284160 c:\windows\system32\dllcache\pdh.dll
+ 2012-05-28 04:56 . 2004-08-04 05:06 169984 c:\windows\system32\dllcache\pcx500.sys
+ 2009-05-10 17:31 . 2008-04-14 00:12 102912 c:\windows\system32\dllcache\pchshell.dll
+ 2012-05-28 04:55 . 2001-08-18 05:36 116736 c:\windows\system32\dllcache\ovcodec2.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 144384 c:\windows\system32\dllcache\onex.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 122880 c:\windows\system32\dllcache\oledlg.dll
+ 2004-08-04 12:00 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2004-08-04 12:00 . 2011-09-26 18:41 220160 c:\windows\system32\dllcache\oleacc.dll
- 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2004-08-04 12:00 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 206848 c:\windows\system32\dllcache\occache.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 206848 c:\windows\system32\dllcache\occache.dll
- 2009-10-13 10:30 . 2009-10-13 10:30 270336 c:\windows\system32\dllcache\oakley.dll
+ 2004-08-04 12:00 . 2009-10-13 10:30 270336 c:\windows\system32\dllcache\oakley.dll
+ 2012-05-28 04:55 . 2001-08-17 19:50 198144 c:\windows\system32\dllcache\nv3.sys
+ 2012-05-28 04:55 . 2001-08-18 05:36 123776 c:\windows\system32\dllcache\nv3.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 420864 c:\windows\system32\dllcache\ntvdm.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 143360 c:\windows\system32\dllcache\ntshrui.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 118784 c:\windows\system32\dllcache\ntmarta.dll
- 2009-05-12 21:34 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
+ 2004-08-04 12:00 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
+ 2007-09-06 05:24 . 2008-04-14 00:12 188416 c:\windows\system32\dllcache\nmwb.dll
+ 2007-09-06 05:24 . 2008-04-14 00:12 229376 c:\windows\system32\dllcache\nmas.dll
+ 2012-05-28 04:55 . 2001-08-17 19:20 126080 c:\windows\system32\dllcache\nm5a2wdm.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 247808 c:\windows\system32\dllcache\newdev.dll
+ 2012-05-28 04:55 . 2004-08-04 05:31 132695 c:\windows\system32\dllcache\netwlan5.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 245760 c:\windows\system32\dllcache\netui1.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 198144 c:\windows\system32\dllcache\netman.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 407040 c:\windows\system32\dllcache\netlogon.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 139264 c:\windows\system32\dllcache\netid.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 622592 c:\windows\system32\dllcache\netcfgx.dll
- 2009-05-12 21:33 . 2008-10-15 16:34 337408 c:\windows\system32\dllcache\netapi32.dll
+ 2004-08-04 12:00 . 2008-10-15 16:34 337408 c:\windows\system32\dllcache\netapi32.dll
+ 2012-05-28 04:54 . 2001-08-17 19:11 128000 c:\windows\system32\dllcache\n100325.sys
+ 2004-08-04 12:00 . 2011-04-21 13:37 105472 c:\windows\system32\dllcache\mup.sys
+ 2012-05-28 04:54 . 2001-08-17 19:50 103296 c:\windows\system32\dllcache\mtxvideo.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 119808 c:\windows\system32\dllcache\mtstocom.exe
+ 2004-08-04 12:00 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
- 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 121344 c:\windows\system32\dllcache\msvfw32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 343040 c:\windows\system32\dllcache\msvcrt.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 413696 c:\windows\system32\dllcache\msvcp60.dll
- 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-04 12:00 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 195072 c:\windows\system32\dllcache\msutb.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 116224 c:\windows\system32\dllcache\mstlsapi.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 611840 c:\windows\system32\dllcache\mstime.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-05-10 17:30 . 2008-04-14 00:12 274944 c:\windows\system32\dllcache\mstask.dll
+ 2009-05-10 17:29 . 2009-12-16 18:43 343040 c:\windows\system32\dllcache\mspaint.exe
- 2009-12-16 18:43 . 2009-12-16 18:43 343040 c:\windows\system32\dllcache\mspaint.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 290816 c:\windows\system32\dllcache\msnsspc.dll
+ 2009-05-10 17:30 . 2008-04-14 00:11 376832 c:\windows\system32\dllcache\msinfo.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 159232 c:\windows\system32\dllcache\msimtf.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 997376 c:\windows\system32\dllcache\msgina.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 539136 c:\windows\system32\dllcache\msftedit.dll
+ 2009-07-28 20:34 . 2012-03-01 11:01 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2009-07-28 20:34 . 2011-02-22 23:06 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 297984 c:\windows\system32\dllcache\msctf.dll
+ 2007-09-06 05:24 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
- 2010-11-09 14:52 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
+ 2004-08-04 12:00 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2004-08-04 12:00 . 2008-04-13 16:45 216064 c:\windows\system32\dllcache\moricons.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 153600 c:\windows\system32\dllcache\modemui.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 143360 c:\windows\system32\dllcache\mobsync.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 163328 c:\windows\system32\dllcache\mmcbase.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 586240 c:\windows\system32\dllcache\mlang.dll
+ 2012-05-28 04:53 . 2001-08-17 19:50 320384 c:\windows\system32\dllcache\mgaum.sys
+ 2012-05-28 04:53 . 2001-08-17 21:56 235648 c:\windows\system32\dllcache\mgaud.dll
- 2010-09-18 19:23 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2004-08-04 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2012-05-28 04:53 . 2001-08-17 19:12 164586 c:\windows\system32\dllcache\mdgndis5.sys
+ 2012-05-28 04:53 . 2001-08-17 20:28 797500 c:\windows\system32\dllcache\ltsmt.sys
+ 2012-05-28 04:53 . 2004-08-04 05:41 420992 c:\windows\system32\dllcache\ltmdmntt.sys
+ 2012-05-28 04:53 . 2001-08-17 20:28 576746 c:\windows\system32\dllcache\ltmdmntl.sys
+ 2012-05-28 04:53 . 2004-08-04 05:41 606684 c:\windows\system32\dllcache\ltmdmnt.sys
+ 2012-05-28 04:53 . 2001-08-17 20:28 727786 c:\windows\system32\dllcache\ltck000c.sys
- 2009-05-12 21:34 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-08-04 12:00 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 514560 c:\windows\system32\dllcache\logonui.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 220672 c:\windows\system32\dllcache\logon.scr
+ 2004-08-04 12:00 . 2009-05-07 15:32 345600 c:\windows\system32\dllcache\localspl.dll
- 2009-05-07 15:32 . 2009-05-07 15:32 345600 c:\windows\system32\dllcache\localspl.dll
- 2009-03-21 14:06 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\kernel32.dll
+ 2004-08-04 12:00 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\kernel32.dll
+ 2004-08-04 12:00 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
- 2009-06-25 08:25 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2012-05-28 04:52 . 2008-04-14 00:11 253952 c:\windows\system32\dllcache\kdsusd.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 138240 c:\windows\system32\dllcache\itss.dll
+ 2012-05-28 04:52 . 2008-04-14 00:12 151552 c:\windows\system32\dllcache\irftp.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 183808 c:\windows\system32\dllcache\ipsecsvc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 331264 c:\windows\system32\dllcache\ipnathlp.dll
+ 2004-08-04 12:00 . 2008-04-13 18:57 152832 c:\windows\system32\dllcache\ipnat.sys
- 2009-05-10 17:30 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-05-10 17:30 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 110080 c:\windows\system32\dllcache\imm32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 150528 c:\windows\system32\dllcache\imapi.exe
+ 2004-08-04 12:00 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll
- 2009-06-11 22:08 . 2011-02-22 23:06 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-06-11 22:08 . 2012-03-01 11:01 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-06-10 03:49 . 2011-02-22 23:06 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-10 03:49 . 2012-03-01 11:01 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-04 12:00 . 2011-02-22 23:06 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-04 12:00 . 2012-02-29 12:17 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 254976 c:\windows\system32\dllcache\icm32.dll
+ 2012-05-28 04:51 . 2001-08-17 21:06 100992 c:\windows\system32\dllcache\icam5usb.sys
+ 2012-05-28 04:51 . 2001-08-17 21:06 154496 c:\windows\system32\dllcache\icam4usb.sys
+ 2012-05-28 04:51 . 2001-08-17 21:05 141056 c:\windows\system32\dllcache\icam3.sys
+ 2012-05-28 04:51 . 2001-08-17 19:12 109085 c:\windows\system32\dllcache\ibmtrp.sys
+ 2012-05-28 04:51 . 2001-08-17 19:12 100936 c:\windows\system32\dllcache\ibmtok.sys
+ 2012-05-28 04:51 . 2004-08-04 05:29 161020 c:\windows\system32\dllcache\i81xnt5.sys
+ 2012-05-28 04:51 . 2008-04-14 00:11 702845 c:\windows\system32\dllcache\i81xdnt5.dll
+ 2012-05-28 04:51 . 2001-08-17 21:56 353184 c:\windows\system32\dllcache\i740dnt5.dll
- 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2004-08-04 12:00 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2012-05-28 04:51 . 2001-08-17 20:28 488383 c:\windows\system32\dllcache\hsf_v124.sys
+ 2012-05-28 04:51 . 2001-08-17 20:28 542879 c:\windows\system32\dllcache\hsf_msft.sys
+ 2012-05-28 04:51 . 2001-08-17 20:28 391199 c:\windows\system32\dllcache\hsf_k56k.sys
+ 2012-05-28 04:50 . 2001-08-17 20:28 115807 c:\windows\system32\dllcache\hsf_fsks.sys
+ 2012-05-28 04:50 . 2001-08-17 20:28 199711 c:\windows\system32\dllcache\hsf_faxx.sys
+ 2012-05-28 04:50 . 2001-08-17 20:28 289887 c:\windows\system32\dllcache\hsf_fall.sys
+ 2012-05-28 04:50 . 2001-08-17 20:28 150239 c:\windows\system32\dllcache\hsf_amos.sys
+ 2012-05-28 04:50 . 2001-08-18 05:36 324608 c:\windows\system32\dllcache\hpojwia.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 165888 c:\windows\system32\dllcache\hpgt53.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 126976 c:\windows\system32\dllcache\hpgt34tk.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 101376 c:\windows\system32\dllcache\hpgt34.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 123392 c:\windows\system32\dllcache\hpgt21tk.dll
+ 2012-05-28 04:50 . 2001-08-18 05:36 119296 c:\windows\system32\dllcache\hpdigwia.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 344064 c:\windows\system32\dllcache\hnetcfg.dll
- 2010-07-14 19:04 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2009-05-10 17:30 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2009-05-10 17:30 . 2008-04-14 00:12 769024 c:\windows\system32\dllcache\helpctr.exe
+ 2012-05-28 04:50 . 2001-08-17 20:28 907456 c:\windows\system32\dllcache\hcf_msft.sys
- 2008-10-23 12:36 . 2008-10-23 12:36 286720 c:\windows\system32\dllcache\gdi32.dll
+ 2004-08-04 12:00 . 2008-10-23 12:36 286720 c:\windows\system32\dllcache\gdi32.dll
+ 2012-05-28 04:50 . 2001-08-17 19:49 322432 c:\windows\system32\dllcache\g400m.sys
+ 2012-05-28 04:49 . 2001-08-17 19:49 320384 c:\windows\system32\dllcache\g200m.sys
+ 2012-05-28 04:49 . 2001-08-17 21:56 470144 c:\windows\system32\dllcache\g200d.dll
+ 2012-05-28 04:49 . 2001-08-17 19:15 454912 c:\windows\system32\dllcache\fxusbase.sys
+ 2008-04-14 00:11 . 2008-04-14 00:11 400384 c:\windows\system32\dllcache\fxsxp32.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 192512 c:\windows\system32\dllcache\fxswzrd.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 154112 c:\windows\system32\dllcache\fxsui.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 397312 c:\windows\system32\dllcache\fxstiff.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 246272 c:\windows\system32\dllcache\fxst30.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 267776 c:\windows\system32\dllcache\fxssvc.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 562176 c:\windows\system32\dllcache\fxsst.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 229376 c:\windows\system32\dllcache\fxscover.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 285184 c:\windows\system32\dllcache\fxscomex.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 142848 c:\windows\system32\dllcache\fxsclnt.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 451584 c:\windows\system32\dllcache\fxsapi.dll
+ 2012-05-28 04:49 . 2001-08-17 19:15 455296 c:\windows\system32\dllcache\fusbbase.sys
+ 2012-05-28 04:49 . 2001-08-17 19:15 455680 c:\windows\system32\dllcache\fus2base.sys
+ 2009-05-10 17:29 . 2008-04-14 00:11 185344 c:\windows\system32\dllcache\framedyn.dll
+ 2012-05-28 04:49 . 2001-08-17 19:15 442240 c:\windows\system32\dllcache\fpnpbase.sys
+ 2007-04-02 16:36 . 2007-04-02 16:36 208896 c:\windows\system32\dllcache\fpmmcsat.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 598071 c:\windows\system32\dllcache\fpmmc.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 188494 c:\windows\system32\dllcache\fpcount.exe
+ 2012-05-28 04:49 . 2001-08-17 19:14 441728 c:\windows\system32\dllcache\fpcmbase.sys
+ 2012-05-28 04:49 . 2001-08-17 19:14 444416 c:\windows\system32\dllcache\fpcibase.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 109840 c:\windows\system32\dllcache\fp98swin.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 876653 c:\windows\system32\dllcache\fp4awel.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 102509 c:\windows\system32\dllcache\fp4atxt.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 147513 c:\windows\system32\dllcache\fp4apws.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 184435 c:\windows\system32\dllcache\fp4amsft.dll
- 2009-05-12 21:34 . 2009-02-09 12:10 473600 c:\windows\system32\dllcache\fastprox.dll
+ 2009-05-10 17:29 . 2009-02-09 12:10 473600 c:\windows\system32\dllcache\fastprox.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 125952 c:\windows\system32\dllcache\exts.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 101888 c:\windows\system32\dllcache\evntagnt.dll
+ 2012-05-28 04:49 . 2004-08-04 05:32 137088 c:\windows\system32\dllcache\essm2e.sys
+ 2009-05-10 17:29 . 2008-04-14 00:11 247808 c:\windows\system32\dllcache\esscli.dll
+ 2012-05-28 04:49 . 2001-08-17 20:28 347550 c:\windows\system32\dllcache\es56tpi.sys
+ 2012-05-28 04:49 . 2001-08-17 20:28 594238 c:\windows\system32\dllcache\es56hpi.sys
+ 2012-05-28 04:49 . 2001-08-17 20:28 595647 c:\windows\system32\dllcache\es56cvmp.sys
+ 2012-05-28 04:49 . 2001-08-17 19:19 174464 c:\windows\system32\dllcache\es198x.sys
- 2008-07-07 20:26 . 2008-07-07 20:26 253952 c:\windows\system32\dllcache\es.dll
+ 2004-08-04 12:00 . 2008-07-07 20:26 253952 c:\windows\system32\dllcache\es.dll
+ 2012-05-28 04:48 . 2001-08-17 19:17 629952 c:\windows\system32\dllcache\eqn.sys
+ 2012-05-28 04:48 . 2001-08-17 20:50 114944 c:\windows\system32\dllcache\epstw2k.sys
+ 2012-05-28 04:48 . 2001-08-17 20:50 144896 c:\windows\system32\dllcache\epcfw2k.sys
- 2004-08-04 12:00 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2004-08-04 12:00 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
+ 2012-05-28 04:48 . 2001-08-17 19:19 283904 c:\windows\system32\dllcache\emu10k1m.sys
+ 2012-05-28 04:48 . 2001-08-17 19:11 171520 c:\windows\system32\dllcache\el99xn51.sys
+ 2012-05-28 04:48 . 2001-08-17 19:11 455199 c:\windows\system32\dllcache\el985n51.sys
+ 2012-05-28 04:48 . 2001-08-17 19:11 153631 c:\windows\system32\dllcache\el90xnd5.sys
+ 2012-05-28 04:48 . 2001-08-17 20:28 241206 c:\windows\system32\dllcache\el656se5.sys
+ 2012-05-28 04:48 . 2001-08-17 20:28 634134 c:\windows\system32\dllcache\el656ct5.sys
+ 2008-04-14 00:11 . 2008-04-14 00:11 126976 c:\windows\system32\dllcache\eappcfg.dll
+ 2012-05-28 04:48 . 2001-08-17 19:12 117760 c:\windows\system32\dllcache\e100b325.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 304128 c:\windows\system32\dllcache\duser.dll
+ 2004-08-04 12:00 . 2008-04-13 17:37 138752 c:\windows\system32\dllcache\dssenh.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 367616 c:\windows\system32\dllcache\dsound.dll
+ 2012-05-28 04:48 . 2001-08-17 19:20 334208 c:\windows\system32\dllcache\ds1wdm.sys
+ 2004-08-04 12:00 . 2008-04-13 21:00 103424 c:\windows\system32\dllcache\dpcdll.dll
+ 2012-05-28 04:48 . 2008-04-13 18:39 206976 c:\windows\system32\dllcache\dot4.sys
+ 2004-08-04 12:00 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
- 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2012-05-28 04:48 . 2001-08-17 19:14 952007 c:\windows\system32\dllcache\diwan.sys
+ 2012-05-28 04:48 . 2001-08-18 05:36 236060 c:\windows\system32\dllcache\ditrace.exe
+ 2012-05-28 04:47 . 2001-08-18 05:36 614429 c:\windows\system32\dllcache\digiview.exe
+ 2012-05-28 04:47 . 2001-08-18 05:36 110621 c:\windows\system32\dllcache\digirlpt.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 102484 c:\windows\system32\dllcache\digiinf.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 159828 c:\windows\system32\dllcache\digihlc.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 229462 c:\windows\system32\dllcache\digifwrk.dll
+ 2012-05-28 04:47 . 2001-08-17 19:13 103044 c:\windows\system32\dllcache\digidxb.sys
+ 2012-05-28 04:47 . 2001-08-18 05:36 131156 c:\windows\system32\dllcache\digidbp.dll
+ 2012-05-28 04:46 . 2001-08-17 19:13 164923 c:\windows\system32\dllcache\diapi2.sys
+ 2007-09-06 05:23 . 2008-04-14 00:12 539136 c:\windows\system32\dllcache\dialer.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 126976 c:\windows\system32\dllcache\dhcpcsvc.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 419357 c:\windows\system32\dllcache\dgconfig.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 105472 c:\windows\system32\dllcache\dfrgntfs.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 282624 c:\windows\system32\dllcache\devmgr.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 256512 c:\windows\system32\dllcache\devcon32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 279552 c:\windows\system32\dllcache\ddraw.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 110592 c:\windows\system32\dllcache\dc260usd.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 640000 c:\windows\system32\dllcache\dbghelp.dll
+ 2012-05-28 04:47 . 2001-08-17 20:52 179584 c:\windows\system32\dllcache\dac2w2k.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 824320 c:\windows\system32\dllcache\d3dim700.dll
+ 2012-05-28 04:47 . 2001-08-17 19:12 117760 c:\windows\system32\dllcache\d100ib5.sys
+ 2012-05-28 04:47 . 2001-08-17 19:19 111872 c:\windows\system32\dllcache\cwcspud.sys
+ 2012-05-28 04:47 . 2008-04-14 00:11 249856 c:\windows\system32\dllcache\ctmasetp.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 326656 c:\windows\system32\dllcache\cscui.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 101888 c:\windows\system32\dllcache\cscdll.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 175104 c:\windows\system32\dllcache\csamsp.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 512512 c:\windows\system32\dllcache\cryptui.dll
+ 2004-08-04 12:00 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 163840 c:\windows\system32\dllcache\credui.dll
+ 2012-05-28 04:47 . 2001-08-18 05:36 216064 c:\windows\system32\dllcache\cpscan.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 792064 c:\windows\system32\dllcache\comres.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 229376 c:\windows\system32\dllcache\compstui.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 252928 c:\windows\system32\dllcache\compatui.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 276992 c:\windows\system32\dllcache\comdlg32.dll
+ 2004-08-04 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll
- 2010-10-13 21:10 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 389120 c:\windows\system32\dllcache\cmd.exe
+ 2009-05-10 17:29 . 2008-04-14 00:11 498688 c:\windows\system32\dllcache\clbcatq.dll
+ 2012-05-28 04:46 . 2001-08-17 20:57 248064 c:\windows\system32\dllcache\cl546xm.sys
+ 2012-05-28 04:46 . 2001-08-17 21:56 170880 c:\windows\system32\dllcache\cl546x.dll
+ 2012-05-28 04:46 . 2001-08-17 21:56 111232 c:\windows\system32\dllcache\cl5465.dll
+ 2012-05-28 04:46 . 2001-08-17 21:02 272640 c:\windows\system32\dllcache\cinemclc.sys
+ 2012-05-28 04:46 . 2001-08-17 19:13 980034 c:\windows\system32\dllcache\cicap.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 188480 c:\windows\system32\dllcache\cfgwiz.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 194560 c:\windows\system32\dllcache\certcli.dll
+ 2012-05-28 04:46 . 2001-08-17 20:28 714698 c:\windows\system32\dllcache\cbmdmkxx.sys
+ 2009-05-10 17:29 . 2008-04-14 00:11 625664 c:\windows\system32\dllcache\catsrvut.dll
+ 2009-05-10 17:29 . 2008-04-14 00:11 226304 c:\windows\system32\dllcache\catsrv.dll
+ 2012-05-28 04:46 . 2008-04-14 00:11 121856 c:\windows\system32\dllcache\camext30.dll
+ 2012-05-28 04:46 . 2001-08-18 05:36 236032 c:\windows\system32\dllcache\camext20.dll
+ 2012-05-28 04:46 . 2001-08-17 21:04 171264 c:\windows\system32\dllcache\camdrv30.sys
+ 2012-05-28 04:46 . 2001-08-17 21:04 223232 c:\windows\system32\dllcache\camdrv21.sys
+ 2012-05-28 04:46 . 2001-08-17 21:05 314752 c:\windows\system32\dllcache\camdro21.sys
+ 2012-05-28 04:46 . 2001-08-18 05:36 102400 c:\windows\system32\dllcache\binlsvc.dll
+ 2012-05-28 04:46 . 2001-08-17 20:28 871388 c:\windows\system32\dllcache\bcmdm.sys
+ 2012-05-28 04:46 . 2001-08-17 21:56 342336 c:\windows\system32\dllcache\banshee.dll
+ 2012-05-28 04:46 . 2001-08-18 05:36 144384 c:\windows\system32\dllcache\avmenum.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 588800 c:\windows\system32\dllcache\autochk.exe
+ 2004-08-04 12:00 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
- 2010-04-20 05:30 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2012-05-28 04:46 . 2001-08-17 21:56 104832 c:\windows\system32\dllcache\atiraged.dll
+ 2012-05-28 04:46 . 2001-08-17 19:48 281600 c:\windows\system32\dllcache\atimtai.sys
+ 2012-05-28 04:45 . 2001-08-17 19:48 289664 c:\windows\system32\dllcache\atimpab.sys
+ 2012-05-28 04:45 . 2001-08-17 21:56 268160 c:\windows\system32\dllcache\atidvai.dll
+ 2012-05-28 04:45 . 2001-08-17 21:56 137216 c:\windows\system32\dllcache\atidrae.dll
+ 2012-05-28 04:45 . 2001-08-17 21:55 382592 c:\windows\system32\dllcache\atidrab.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 331264 c:\windows\system32\dllcache\aqueue.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 125952 c:\windows\system32\dllcache\apphelp.dll
- 2004-08-04 12:00 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys
+ 2004-08-04 12:00 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
+ 2004-08-04 12:00 . 2009-02-09 12:10 617472 c:\windows\system32\dllcache\advapi32.dll
- 2009-05-12 21:34 . 2009-02-09 12:10 617472 c:\windows\system32\dllcache\advapi32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 143360 c:\windows\system32\dllcache\adsldpc.dll
+ 2012-05-28 04:45 . 2001-08-17 21:07 101888 c:\windows\system32\dllcache\adpu160m.sys
+ 2012-05-28 04:45 . 2001-08-17 19:19 747392 c:\windows\system32\dllcache\adm8830.sys
+ 2012-05-28 04:45 . 2001-08-17 19:19 553984 c:\windows\system32\dllcache\adm8820.sys
+ 2012-05-28 04:45 . 2001-08-17 19:19 584448 c:\windows\system32\dllcache\adm8810.sys
+ 2004-08-04 12:00 . 2008-04-14 00:11 193536 c:\windows\system32\dllcache\activeds.dll
- 2010-01-12 21:17 . 2009-11-21 15:51 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2004-08-04 12:00 . 2009-11-21 15:51 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2009-05-10 17:29 . 2008-04-14 00:12 184320 c:\windows\system32\dllcache\accwiz.exe
+ 2012-05-28 04:45 . 2001-08-17 19:20 297728 c:\windows\system32\dllcache\ac97sis.sys
+ 2012-05-28 04:45 . 2004-08-04 05:32 231552 c:\windows\system32\dllcache\ac97ali.sys
+ 2012-05-28 04:45 . 2001-08-18 05:36 462848 c:\windows\system32\dllcache\a3dapi.dll
+ 2012-05-28 04:45 . 2001-08-17 19:48 148352 c:\windows\system32\dllcache\3dfxvsm.sys
+ 2012-05-28 04:45 . 2001-08-17 21:55 689216 c:\windows\system32\dllcache\3dfxvs.dll
+ 2012-05-28 04:45 . 2001-08-17 20:28 762780 c:\windows\system32\dllcache\3cwmcru.sys
- 2004-08-04 12:00 . 2008-04-14 00:11 599040 c:\windows\system32\crypt32.dll
+ 2004-08-04 12:00 . 2011-09-28 07:06 599040 c:\windows\system32\crypt32.dll
+ 2012-04-06 06:52 . 2012-04-06 06:52 131168 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2011-12-25 10:49 . 2011-12-25 10:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2012-01-31 10:38 . 2012-01-31 10:38 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 989968 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2012-06-01 15:50 . 2012-06-01 15:50 203776 c:\windows\Installer\4d623.msi
+ 2012-06-01 15:49 . 2012-06-01 15:49 900096 c:\windows\Installer\4d60f.msi
+ 2011-12-22 23:50 . 2011-12-22 23:50 256000 c:\windows\Installer\4d382.msp
+ 2012-06-01 16:01 . 2012-06-01 16:01 223744 c:\windows\Installer\176df6.msi
+ 2012-02-03 06:56 . 2012-02-03 06:56 963584 c:\windows\Installer\176ddc.msp
+ 2011-12-25 12:40 . 2011-12-25 12:40 819200 c:\windows\Installer\176dd2.msp
+ 2012-01-03 15:23 . 2012-01-03 15:23 378264 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\pdfshell.dll
+ 2012-01-03 16:44 . 2012-01-03 16:44 116168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\PDFPrevHndlrShim.exe
+ 2012-01-03 15:22 . 2012-01-03 15:22 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\nppdf32.dll
+ 2012-01-03 16:43 . 2012-01-03 16:43 550360 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\AdobeCollabSync.exe
+ 2012-01-03 15:40 . 2012-01-03 15:40 120240 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\AcroRdIF.dll
+ 2012-01-04 05:50 . 2012-01-04 05:50 357808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\AcroRd32.exe
+ 2012-01-03 15:16 . 2012-01-03 15:16 665008 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\AcroPDF.dll
+ 2012-01-03 16:38 . 2012-01-03 16:38 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\acrobroker.exe
+ 2012-01-03 16:08 . 2012-01-03 16:08 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\a3dutility.exe
+ 2012-06-01 15:42 . 2011-02-22 23:06 916480 c:\windows\ie8updates\KB2675157-IE8\wininet.dll
+ 2012-06-01 15:42 . 2009-03-08 11:34 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll
+ 2012-06-01 15:42 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll
+ 2012-06-01 15:42 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe
+ 2012-06-01 15:42 . 2011-02-22 23:06 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll
+ 2012-06-01 15:42 . 2011-02-18 11:49 173568 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe
+ 2012-06-01 15:30 . 2009-03-08 11:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
+ 2012-06-01 15:30 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2012-06-01 15:30 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2009-05-12 21:34 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2012-06-01 16:21 . 2012-06-01 16:21 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe
+ 2012-06-01 16:14 . 2012-06-01 16:14 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6198de2c5b8f7d89404c2ba39d69ae56\WindowsFormsIntegration.ni.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll
+ 2012-06-01 16:24 . 2012-06-01 16:24 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\8bffbaa5d5abe40674d0bc124dfe8622\System.Web.Routing.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\a7908debe80c209b599529685a159fa0\System.Web.Extensions.Design.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\44ecb9f7be54a2ba46e6102d343e2e7e\System.Web.Entity.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\fee8237aa2daa36e48aec379ee642422\System.Web.Entity.Design.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\40d90d2c1484164b786067320ce778f4\System.Web.DynamicData.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6b4ce8cf2c3307b75ea7ebe77258bb26\System.Web.Abstractions.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8dc4a28c456f81ee7399da21bd9d55aa\System.ServiceProcess.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 160256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\565bc89beb2fb404b1612721a9d56d3a\System.Management.Automation.resources.ni.dll
+ 2012-06-01 16:20 . 2012-06-01 16:20 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll
+ 2012-06-01 16:20 . 2012-06-01 16:20 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cd9c60a35d4958e94d2e3dd2f778e2e9\System.IdentityModel.Selectors.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.Wrapper.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\88aa4f80c7e5ac25f06f8950e42a1678\System.Drawing.Design.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ca484772955bc4db03b5dcb611c09423\System.DirectoryServices.Protocols.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ba5e68dddfd3279a8469d39eded48f3\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a0109fce606a3110a5e7f9a4773f517e\System.Data.Services.Design.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3a68d0441f509ffa6f8f0fb9cfcc5780\System.Data.Services.Client.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04440b3dd5d822da4973a525ee04b05d\System.Data.Entity.Design.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\7bbb5d9e3b161b4d4b968e590442d3ae\System.Data.DataSetExtensions.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\bf7d6af03e1230ccad546a8659245ae9\System.Configuration.Install.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\931a2bece4668863db4f852401c828cf\System.AddIn.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6762f1ee780fa9c0b4ef66b285c64844\SMSvcHost.ni.exe
+ 2012-06-01 16:21 . 2012-06-01 16:21 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\660c4d6dd69ef22bc05587e1998cd135\SMDiagnostics.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\47ed5bc9f42ea0054ce9acfde5e640b8\ServiceModelReg.ni.exe
+ 2012-06-01 16:13 . 2012-06-01 16:13 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a4706b850df9a3483f2fc439b6abe616\PresentationFramework.Royale.ni.dll
+ 2012-06-01 16:13 . 2012-06-01 16:13 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll
+ 2012-06-01 16:13 . 2012-06-01 16:13 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7416fe825e6e49a87fa8ff60c8971813\PresentationFramework.Classic.ni.dll
+ 2012-06-01 16:13 . 2012-06-01 16:13 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\186c27fbd7b38b5551889274f6fa2ccd\PresentationFramework.Aero.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5a121969a115d11b6256eb960c145686\MSBuild.ni.exe
+ 2012-06-01 16:21 . 2012-06-01 16:21 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\97c613d3899b320a6765793bdf490272\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d4375675fc5879a48c22dc8d7c80e841\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b0ec75b69d7a18a98de94e7b635d5b44\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\937d2550dddbd2e5995ec8f93083f357\Microsoft.PowerShell.Security.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\15b7846d6acc551a7afdf5cc3de7547b\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\dec22fb7d6b8929a41380e5359741a07\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\1009b31c86a1b798fffa9e0127cec29c\Microsoft.Build.Utilities.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\21d88631ef629715d3eecdd08e62e0b8\Microsoft.Build.Engine.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a0f38c6478cca8297fb160291346c1c9\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bb26dd100d656605c576881a1a823667\CustomMarshalers.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\9869c02d18825fdd32e64135a3e7246b\ComSvcConfig.ni.exe
+ 2012-06-01 16:20 . 2012-06-01 16:20 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e414683ec4cff1cac0c77aaefd67144e\AspNetMMCExt.ni.dll
- 2011-04-15 10:04 . 2011-04-15 10:04 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-04-15 10:04 . 2011-04-15 10:04 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-04-15 10:04 . 2011-04-15 10:04 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-16 10:07 . 2009-08-16 10:07 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-01 15:40 . 2012-06-01 15:40 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-06-01 15:33 . 2012-06-01 15:33 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-04-15 10:04 . 2011-04-15 10:04 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-08-16 10:05 . 2009-08-16 10:05 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-01 15:33 . 2012-06-01 15:33 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-06-01 06:40 . 2012-02-09 15:43 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
+ 2011-04-19 05:51 . 2011-04-19 05:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2011-11-03 15:28 1292288 c:\windows\system32\quartz.dll
+ 2004-08-04 12:00 . 2011-11-01 16:07 1288704 c:\windows\system32\ole32.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 5978624 c:\windows\system32\mshtml.dll
+ 2009-03-08 11:32 . 2012-03-01 11:01 2000384 c:\windows\system32\iertutil.dll
+ 2004-08-04 12:00 . 2008-04-13 17:39 2897920  c:\windows\system32\dllcache\xpsp2res.dll
+ 2007-09-06 05:25 . 2008-04-14 00:12 4256768 c:\windows\system32\dllcache\wmm2res.dll
+ 2004-08-04 12:00 . 2012-04-11 13:12 1862272 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-04 12:00 . 2012-03-01 11:01 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2004-08-04 12:00 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 1499136 c:\windows\system32\dllcache\shdocvw.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 1614848 c:\windows\system32\dllcache\sfcfiles.dll
+ 2004-08-04 12:00 . 2011-11-03 15:28 1292288 c:\windows\system32\dllcache\quartz.dll
+ 2004-08-04 12:00 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
+ 2004-08-04 12:00 . 2012-04-11 13:10 2192640 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-05-12 21:34 . 2012-04-11 12:35 2026496 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2004-08-03 22:59 . 2012-04-11 12:35 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-05-12 21:34 . 2012-04-11 13:14 2148352 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 1703936 c:\windows\system32\dllcache\netshell.dll
+ 2004-08-04 12:00 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2009-05-12 21:33 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 2843136 c:\windows\system32\dllcache\msi.dll
+ 2004-08-04 12:00 . 2012-03-01 11:01 5978624 c:\windows\system32\dllcache\mshtml.dll
+ 2007-09-06 05:25 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2010-03-10 09:30 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2009-05-10 17:29 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
- 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2009-06-11 22:08 . 2012-03-01 11:01 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 1033728 c:\windows\system32\dllcache\explorer.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 1082368 c:\windows\system32\dllcache\esent.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 1689088 c:\windows\system32\dllcache\d3d9.dll
+ 2007-09-06 05:24 . 2008-04-14 00:12 1032192 c:\windows\system32\dllcache\conf.exe
+ 2009-05-10 17:29 . 2008-04-14 00:11 1267200 c:\windows\system32\dllcache\comsvcs.dll
+ 2009-05-10 17:29 . 2008-04-14 00:11 1358848 c:\windows\system32\dllcache\cimwin32.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 1852928 c:\windows\system32\dllcache\acgenral.dll
- 2008-07-25 18:17 . 2008-07-25 18:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5913360 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-01-18 11:39 . 2011-01-18 11:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-03-27 15:47 . 2012-03-27 15:47 4959232 c:\windows\Installer\4d379.msp
+ 2012-06-01 15:37 . 2012-06-01 15:37 3947520 c:\windows\Installer\4d2f2.msi
+ 2011-12-26 16:59 . 2011-12-26 16:59 4368896 c:\windows\Installer\176dc8.msp
+ 2012-01-03 15:18 . 2012-01-03 15:18 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\rt3d.dll
+ 2011-11-17 23:50 . 2011-11-17 23:50 6543872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\authplay.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 1210880 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 5962240 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 1991680 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll
+ 2009-05-12 21:34 . 2012-04-11 13:10 2192640 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-05-12 21:34 . 2012-04-11 12:35 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-08 02:02 . 2012-04-11 12:35 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-05-12 21:34 . 2012-04-11 13:14 2148352 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2012-06-01 16:12 . 2012-06-01 16:12 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\41a81b97625c113b591ed082c95276e2\UIAutomationClientsideProviders.ni.dll
+ 2012-06-01 16:12 . 2012-06-01 16:12 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
+ 2012-06-01 16:24 . 2012-06-01 16:24 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\33fa6a2055bf857bff2e31020279b5e9\System.WorkflowServices.ni.dll
+ 2012-06-01 16:24 . 2012-06-01 16:24 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5eccf6fef6bee8a2f93bc65ff33699bb\System.Workflow.Runtime.ni.dll
+ 2012-06-01 16:24 . 2012-06-01 16:24 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\62bd2e1bf98b04ceca2102c8f54aab9d\System.Workflow.ComponentModel.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\8215548b3d4aabbaa0557ab747700778\System.Workflow.Activities.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3e11aea7d742b5eddbd0b6bd1012f7df\System.Web.Services.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\ff995dde9cd34ff1e8ac7ab55fc92d32\System.Web.Mobile.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8899d1091e64a4d0b6ae69060197091a\System.Web.Extensions.ni.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5efb50c91f3c5e49be2079f625d933b7\System.Speech.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\97d635f5c656ae43d94b55e67fc4ab50\System.ServiceModel.Web.ni.dll
+ 2012-06-01 16:20 . 2012-06-01 16:20 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\1d6707a5a9da16c1d1b88529837884d6\System.Printing.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 4950016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\c1b3a38c1e1528e22b8f5531d7b3700c\System.Management.Automation.ni.dll
+ 2012-06-01 16:20 . 2012-06-01 16:20 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e09496ddb2bf6f3b69707924f2e6b5ff\System.IdentityModel.ni.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8ca00132a08c69697adf1cda32ebd835\System.Drawing.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b55887436d2cfbe1fb32dd18d554185b\System.DirectoryServices.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\832196527f0497078f085eaf9189265f\System.Deployment.ni.dll
+ 2012-06-01 16:13 . 2012-06-01 16:13 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\982b508698278c6ffb3d143bbe1e8bb8\System.Data.SqlXml.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de7666b1cd0a1bc363726c9553dc39c\System.Data.Services.ni.dll
+ 2012-06-01 16:13 . 2012-06-01 16:13 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\44a5fc9e7c71b1fe1e2c79b03ecc3bc7\System.Data.Linq.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\772c94f595cd87b7fa187d592ef46fcf\System.Data.Entity.ni.dll
+ 2012-06-01 16:13 . 2012-06-01 16:13 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll
+ 2012-06-01 16:13 . 2012-06-01 16:13 2146304 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\2ecefd16184a78f19aaf0f02cc0a7e1f\ReachFramework.ni.dll
+ 2012-06-01 16:13 . 2012-06-01 16:13 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\51204805c71113e0db2103faa064b313\PresentationUI.ni.dll
+ 2012-06-01 16:12 . 2012-06-01 16:12 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\8c509044eea2ab22689ea43926b30108\PresentationBuildTasks.ni.dll
+ 2012-06-01 16:22 . 2012-06-01 16:22 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\b49dd780ba8e3501b0adcf108b431e7b\Microsoft.VisualBasic.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\42145ebf75f77cabad442f0801a81c64\Microsoft.Transactions.Bridge.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\cfe15312373b4668398404b5822bab7d\Microsoft.JScript.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f3fcd65eca42d13b746cf3f5bd993ee0\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2091903cd9b359e96f05ac2d6d25ef4e\Microsoft.Build.Tasks.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5aa63a1cb41e3a5e1e8ed17072e60ec3\Microsoft.Build.Engine.ni.dll
+ 2012-06-01 15:33 . 2012-06-01 15:33 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2010-06-24 10:03 . 2010-06-24 10:03 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-04-15 10:04 . 2011-04-15 10:04 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-01 15:54 . 2012-06-01 15:54 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-10-06 10:03 . 2010-10-06 10:03 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2011-04-15 10:04 . 2011-04-15 10:04 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-01 15:33 . 2012-06-01 15:33 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-01 15:33 . 2012-06-01 15:33 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-04-15 10:05 . 2011-04-15 10:05 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-01 16:00 . 2012-06-01 16:00 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-05-12 18:33 . 2012-04-27 03:08 55656824 c:\windows\system32\MRT.exe
+ 2009-03-08 11:39 . 2012-03-02 13:01 11082752 c:\windows\system32\ieframe.dll
+ 2009-06-11 22:08 . 2012-03-02 13:01 11082752 c:\windows\system32\dllcache\ieframe.dll
+ 2012-04-06 09:12 . 2012-04-06 09:12 15709696 c:\windows\Installer\4d38c.msp
+ 2012-04-06 10:13 . 2012-04-06 10:13 16527872 c:\windows\Installer\4d1be.msp
+ 2012-06-01 15:30 . 2012-06-01 15:30 20343808 c:\windows\Installer\4d1b0.msp
+ 2012-01-04 09:25 . 2012-01-04 09:25 17751552 c:\windows\Installer\176dec.msp
+ 2012-01-04 05:15 . 2012-01-04 05:15 20559288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0500000010\9.5.0\AcroRd32.dll
+ 2012-06-01 15:42 . 2011-02-22 23:06 11080704 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\995fcf39ead2c2a53e084505c2c67d49\System.Windows.Forms.ni.dll
+ 2012-06-01 16:23 . 2012-06-01 16:23 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\7861cd979ea5db3fb7d30ed94fb0edd2\System.Web.ni.dll
+ 2012-06-01 16:21 . 2012-06-01 16:21 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll
+ 2012-06-01 16:14 . 2012-06-01 16:14 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\a9256d2ad7e4be2bbb4e9b18c3997b84\System.Design.ni.dll
+ 2012-06-01 16:13 . 2012-06-01 16:13 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5b8ff47c1db373a2a4c638ca31988bd2\PresentationFramework.ni.dll
+ 2012-06-01 16:12 . 2012-06-01 16:12 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\4eb3cd1f1d5a83617524a9dfb96a657d\PresentationCore.ni.dll
+ 2012-06-01 16:12 . 2012-06-01 16:12 11492352 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-01 3905920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe" [2011-09-27 243360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-26 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 17:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
2012-03-07 01:39 574296 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-04 01:43 69632 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-12 04:34 49152 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTools FGuard]
2011-01-07 21:54 108496 ----a-w- c:\program files\PC Tools Security\BDT\FGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QwestTouchPointAgent]
2010-08-27 04:59 45992 ----a-w- c:\program files\Qwest\Desktop\QwestTouchPointAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2005-09-22 20:36 14854144 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-10-29 20:01 273528 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"ZuneNetworkSvc"=3 (0x3)
"TelevisionFanaticService"=2 (0x2)
"AdvancedSystemCareService"=2 (0x2)
"6to4"=2 (0x2)
"MozillaMaintenance"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"Secunia Update Agent"=2 (0x2)
"Secunia PSI Agent"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"Browser Defender Update Service"=2 (0x2)
"AdvancedSystemCareService5"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [3/28/2011 12:41 AM 13496]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [6/2/2012 1:46 PM 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6/2/2012 1:46 PM 337880]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/17/2010 11:25 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [6/29/2010 10:48 AM 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/2/2012 1:46 PM 20696]
R3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [10/1/2009 7:04 AM 802683]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 1:30 AM 15544]
S4 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [5/8/2012 1:04 PM 913752]
S4 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [3/27/2011 9:35 PM 337872]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/2/2010 9:19 AM 135664]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/2/2010 9:19 AM 135664]
S4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6/2/2012 1:26 PM 129976]
S4 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [4/18/2011 11:44 PM 993848]
S4 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [4/18/2011 11:44 PM 399416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Freedom
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 16:19]
.
2012-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 16:19]
.
2012-06-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 20:40]
.
2012-06-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 20:40]
.
2012-06-03 c:\windows\Tasks\WebReg Photosmart A440 series.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2007-03-12 04:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.myqwest.com/
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Jeff Miller\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
FF - ProfilePath - c:\documents and settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-04 09:08
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,35,b4,b2,63,08,b7,45,bc,60,ad,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,35,b4,b2,63,08,b7,45,bc,60,ad,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(632)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(4040)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-06-04 09:10:39
ComboFix-quarantined-files.txt 2012-06-04 16:10
ComboFix2.txt 2012-05-25 23:46
ComboFix3.txt 2012-05-25 05:33
.
Pre-Run: 116,642,177,024 bytes free
Post-Run: 116,711,616,512 bytes free
.
- - End Of File - - FED74B4B7493AF2BA82834ED52237B0F


----------



## MrWmnHtr (Feb 18, 2010)

Can you see if Avast interferred with the scan? I stopped the Service but it didn't allow me to disable the Service. I can uninstall Avast and try again if needed.


----------



## Cookiegal (Aug 27, 2003)

No, I don't think it interfered.

Are you still having problems with the flash drive?


----------



## MrWmnHtr (Feb 18, 2010)

Yes. I inserted the flash drive into the USb port. The Safely Remove Hardware (SRH) comes on. I open My Computer and open the flash drive. I can see the files inside and My Computer suddenly closes. SRH icon goes away. SRH icon comes back on. I open My Computer and open the flash drive. I can see the files inside and My Computer suddenly closes. SRH icon goes away. SRH icon comes back on. I do nothing and SRH icon stays on while I type this. I'm a slow typer. I open My Computer and open the flash drive. I can see the files inside. I wait and I wait. Maybe a minute but My Computer doesn't close. I try to open a Music file and Media Player opens but encounters and error with the file. SRH icon starts flashing.


----------



## Cookiegal (Aug 27, 2003)

Please insert the flash drive before doing the following.

I'm attaching a MountPoints Diagnostic.zip file to this post. Save it to your desktop. Unzjip it and double click the MountPoints Diagnostic.bat file and let it run. It will create a report in Notepad named Diagnostic.txt. Please upload the Diagnostic.txt file as an attachment.


----------



## MrWmnHtr (Feb 18, 2010)

I'm guessing a hardware problem because if it was software wouldn't it effect the rear ports instead of just the front ports?


----------



## Cookiegal (Aug 27, 2003)

MrWmnHtr said:


> I'm guessing a hardware problem because if it was software wouldn't it effect the rear ports instead of just the front ports?


Not necessarily. I'm a little concerned the flash drive may be infected so we're going to check that possibility. Are you getting any more of those "write delayed" alerts or any others?


----------



## MrWmnHtr (Feb 18, 2010)

Diagnostic Report
Mon 06/04/2012 11:49:48.96

Mountpoints > Drives subkeys: 
------------------------------------

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53a5852b-ae5c-11e1-9dee-00192184da79}]
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,01,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,00,10,00,00,00,00,00,00

~~~~~~~~~~~~~~~~~~~~~~~~~

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53a5852c-ae5c-11e1-9dee-00192184da79}]
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,01,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,00,10,00,00,00,00,00,00

~~~~~~~~~~~~~~~~~~~~~~~~~

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53a5852d-ae5c-11e1-9dee-00192184da79}]
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,01,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,00,10,00,00,00,00,00,00

~~~~~~~~~~~~~~~~~~~~~~~~~

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53a5852e-ae5c-11e1-9dee-00192184da79}]
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,01,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,00,10,00,00,00,00,00,00

~~~~~~~~~~~~~~~~~~~~~~~~~

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{643675e2-a0c0-11e1-9dcb-806d6172696f}]
"BaseClass"="Drive"

~~~~~~~~~~~~~~~~~~~~~~~~~

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5db7029-3d4a-11de-bb61-806d6172696f}]
"BaseClass"="Drive"

~~~~~~~~~~~~~~~~~~~~~~~~~

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5db702b-3d4a-11de-bb61-806d6172696f}]
"BaseClass"="Drive"

~~~~~~~~~~~~~~~~~~~~~~~~~

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d836ebd2-9947-11e1-a6a8-00192184da79}]
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,01,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,00,10,00,00,08,00,00,00

~~~~~~~~~~~~~~~~~~~~~~~~~ 
No Autorun files found in C:\WINDOWS

No Autorun files found in C:\WINDOWS\system32

No Autorun files found in root of C:


----------



## MrWmnHtr (Feb 18, 2010)

no write delays. just message that there is a problem reconizing the usb device


----------



## MrWmnHtr (Feb 18, 2010)

No Auto Run Files? The Auto Run Options window is there.


----------



## Cookiegal (Aug 27, 2003)

It looks clear but let's run this utility to disinfect the drive.

http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe

After running that let me know if you can access the files.


----------



## MrWmnHtr (Feb 18, 2010)

No it's the same.


----------



## Cookiegal (Aug 27, 2003)

Are you stopping the volume on the RHS wizard before removing the flash drive?


----------



## MrWmnHtr (Feb 18, 2010)

I cant stop it when its flashing. But using SRH is my usual habit. Also I keep reinserting into my computer to check that it is not corrupted.


----------



## Cookiegal (Aug 27, 2003)

Does it work properly on your PC?


----------



## MrWmnHtr (Feb 18, 2010)

yes


----------



## Cookiegal (Aug 27, 2003)

OK, that's good to know.

And it works in some ports but not others on the affected machine, correct?

Can you give me a run down of all of the problems you're experiencing please.


----------



## MrWmnHtr (Feb 18, 2010)

Correct. Just the front two ports are not working properly. This was the message I got earlier. 
"USB Device Not Recognized. One of the USB devices attached to this computer has malfunctioned and Windows does not recognize it."

When I follow instructions to fix the problem it says, "Try to reconnect the device. If Windows does not recognize it, replace it."

I can't get it to do that now. It just flashes the SRH icon. I restarted the computer 6to get the error message again. but no luck. Just the flashing icon. I left it flashing while I typed this. when I went back to that computer the icon was not flashing. I can not get the mouse to respond and I could not bring up the Task Manager. (Ctrl+Alt+Del) I waited for it to go to stand by/sleep/hibernate (I can't tell the difference) but it won't. Come to think of it I've never seen a screen saver either. It just goes to the log in screen after 5 minutes non use. I will check to see if ia screen saver is enabled. I will have to do a forced shut down.


----------



## MrWmnHtr (Feb 18, 2010)

I do not think the optical drives auto start either.


----------



## Cookiegal (Aug 27, 2003)

Open the Realtek HD Audio Manager and check the box "Disable front panel jack detection". See if that makes a difference.


----------



## Cookiegal (Aug 27, 2003)

MrWmnHtr said:


> I do not think the optical drives auto start either.


This was expected behaviour caused by running ComboFix. It's more secure not to have CD/DVDs autorun.


----------



## MrWmnHtr (Feb 18, 2010)

Ok I restarted the computer. This wasn't important before but it is now. He had 2 DVD ROMs installed. One wasn't working. I replaced it with a DVD RW that I had. Everytime I restart the computer he has "Files waiting to be written to disk." (He couldn't because he only had ROMs.) So this time I decided to put in a blank DVD and try to write the files to disk. The window was open with the files but the files diaappeared when the disk ran. I waited for the auto run to start. It didn't. I ejected the disk and the CD writing wizard opened and the files reappeared in the window. Grrrrrr.

I put in a homemade DVD in the DVD ROM drive but auto run did not start. I double clicked the drives icon and it said Windows can not read from this disk. The Disk might be corrupted or the format is not compatible with windows. I put the disk into the RW Drive and it reconized the disk name but Auto Run did not start. I double clicked the icon, Media player opened but said I needed a codec.

I repeated this with a store bought DVD and got the same results. 

He had a homemade CD and I was able to open the image files on both drives. Auto Run did not start. 

I inserted a homemade Data Disk into the RW drive and was able to open the folder and open the files. I did the same with The ROM drive but when I opened a file I got the message There is no disk in the drive. I clicked OK to close the message and the file opened. Grrrrr. Auto Run did not start. 

So Auto Run does not work. (I checked the Auto Run Options and they are set to "Ask me what to do.") And I need an MPEG-2 Codec. Shouldn't a DVD ROM play a DVD movie? I will research the ROM drive to see if it's compatible with everything. (I've had some that were not.)


----------



## MrWmnHtr (Feb 18, 2010)

Yes I agree about Auto Run. My computer doesn't Auto Run but It does bring up the options and asks me what to do. His doesn't even do that.


----------



## Cookiegal (Aug 27, 2003)

As I said in my previoust post, autorun has been disabled by ComboFix. You have to click on what it is you're trying to access or start to run it manually. We can fix autorun with a simple regfix when we're done.


----------



## MrWmnHtr (Feb 18, 2010)

No problem. What's next, Cookie?


----------



## MrWmnHtr (Feb 18, 2010)

Also in the power settings I see no place for Stand By, Sleep, or Hibernate. And when I turn off the machine, the dialog box has Stand by, Turn off, and Restart. Stand by is not highlighted. He has the thing set so the HDD never shuts off. If that is set to a time will the stand by button then be available?


----------



## Cookiegal (Aug 27, 2003)

Please go  here and download the *TDSSKiller.exe* to your desktop.

Double-click to TDSSKiller.exe on your desktop to run it.
Click on *Start Scan*
As we don't want to fix anything yet, if any malicious objects are detected, *do NOT select Cure* but select *Skip* instead.
It will produce a log once it finishes in the root drive which should look like this example:

C:\TDSSKiller.<version_date_time>log.txt

Please copy and paste the contents of that log in your next reply.


----------



## MrWmnHtr (Feb 18, 2010)

09:43:51.0046 2904 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
09:43:51.0765 2904 ============================================================
09:43:51.0765 2904 Current date / time: 2012/06/05 09:43:51.0765
09:43:51.0765 2904 SystemInfo:
09:43:51.0765 2904 
09:43:51.0765 2904 OS Version: 5.1.2600 ServicePack: 3.0
09:43:51.0765 2904 Product type: Workstation
09:43:51.0765 2904 ComputerName: JEFF-2E0A22FF48
09:43:51.0765 2904 UserName: Jeff Miller
09:43:51.0765 2904 Windows directory: C:\WINDOWS
09:43:51.0765 2904 System windows directory: C:\WINDOWS
09:43:51.0765 2904 Processor architecture: Intel x86
09:43:51.0765 2904 Number of processors: 1
09:43:51.0765 2904 Page size: 0x1000
09:43:51.0781 2904 Boot type: Normal boot
09:43:51.0781 2904 ============================================================
09:43:53.0000 2904 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:43:53.0000 2904 ============================================================
09:43:53.0000 2904 \Device\Harddisk0\DR0:
09:43:53.0000 2904 MBR partitions:
09:43:53.0000 2904 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
09:43:53.0000 2904 ============================================================
09:43:53.0046 2904 C: <-> \Device\Harddisk0\DR0\Partition0
09:43:53.0046 2904 ============================================================
09:43:53.0046 2904 Initialize success
09:43:53.0046 2904 ============================================================
09:44:13.0328 3532 ============================================================
09:44:13.0328 3532 Scan started
09:44:13.0328 3532 Mode: Manual; 
09:44:13.0328 3532 ============================================================
09:44:13.0578 3532 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
09:44:13.0578 3532 !SASCORE - ok
09:44:13.0781 3532 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
09:44:13.0781 3532 Aavmker4 - ok
09:44:13.0796 3532 Abiosdsk - ok
09:44:13.0828 3532 abp480n5 - ok
09:44:13.0906 3532 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:44:13.0906 3532 ACPI - ok
09:44:13.0953 3532 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:44:13.0953 3532 ACPIEC - ok
09:44:13.0968 3532 adpu160m - ok
09:44:14.0156 3532 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
09:44:14.0187 3532 AdvancedSystemCareService5 - ok
09:44:14.0250 3532 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:44:14.0265 3532 aec - ok
09:44:14.0328 3532 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:44:14.0343 3532 AFD - ok
09:44:14.0375 3532 Aha154x - ok
09:44:14.0406 3532 aic78u2 - ok
09:44:14.0421 3532 aic78xx - ok
09:44:14.0484 3532 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
09:44:14.0484 3532 Alerter - ok
09:44:14.0531 3532 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
09:44:14.0531 3532 ALG - ok
09:44:14.0562 3532 AliIde - ok
09:44:14.0578 3532 amsint - ok
09:44:14.0609 3532 AppMgmt - ok
09:44:14.0640 3532 asc - ok
09:44:14.0671 3532 asc3350p - ok
09:44:14.0703 3532 asc3550 - ok
09:44:14.0843 3532 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:44:14.0875 3532 aspnet_state - ok
09:44:14.0968 3532 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:44:14.0968 3532 aswFsBlk - ok
09:44:15.0015 3532 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
09:44:15.0015 3532 aswMon2 - ok
09:44:15.0062 3532 AswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\AswRdr.sys
09:44:15.0062 3532 AswRdr - ok
09:44:15.0109 3532 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
09:44:15.0109 3532 aswSnx - ok
09:44:15.0171 3532 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
09:44:15.0171 3532 aswSP - ok
09:44:15.0203 3532 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
09:44:15.0203 3532 aswTdi - ok
09:44:15.0250 3532 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:44:15.0250 3532 AsyncMac - ok
09:44:15.0312 3532 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:44:15.0312 3532 atapi - ok
09:44:15.0343 3532 Atdisk - ok
09:44:15.0375 3532 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:44:15.0375 3532 Atmarpc - ok
09:44:15.0453 3532 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
09:44:15.0453 3532 AudioSrv - ok
09:44:15.0515 3532 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:44:15.0515 3532 audstub - ok
09:44:15.0671 3532 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:44:15.0671 3532 avast! Antivirus - ok
09:44:15.0750 3532 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:44:15.0750 3532 Beep - ok
09:44:15.0843 3532 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
09:44:15.0875 3532 BITS - ok
09:44:15.0937 3532 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
09:44:15.0937 3532 Browser - ok
09:44:16.0062 3532 Browser Defender Update Service (e3c4cb3cc0bee58ff323c46debcd0251) C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
09:44:16.0078 3532 Browser Defender Update Service - ok
09:44:16.0281 3532 catchme - ok
09:44:16.0328 3532 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:44:16.0328 3532 cbidf2k - ok
09:44:16.0359 3532 cd20xrnt - ok
09:44:16.0406 3532 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:44:16.0421 3532 Cdaudio - ok
09:44:16.0453 3532 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:44:16.0453 3532 Cdfs - ok
09:44:16.0531 3532 cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:44:16.0546 3532 cdrom - ok
09:44:16.0562 3532 Changer - ok
09:44:16.0640 3532 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
09:44:16.0656 3532 CiSvc - ok
09:44:16.0687 3532 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
09:44:16.0703 3532 ClipSrv - ok
09:44:16.0812 3532 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:16.0875 3532 clr_optimization_v2.0.50727_32 - ok
09:44:16.0906 3532 CmdIde - ok
09:44:16.0921 3532 COMSysApp - ok
09:44:16.0984 3532 Cpqarray - ok
09:44:17.0046 3532 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
09:44:17.0046 3532 CryptSvc - ok
09:44:17.0062 3532 dac2w2k - ok
09:44:17.0093 3532 dac960nt - ok
09:44:17.0171 3532 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
09:44:17.0203 3532 DcomLaunch - ok
09:44:17.0281 3532 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
09:44:17.0281 3532 Dhcp - ok
09:44:17.0343 3532 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:44:17.0359 3532 Disk - ok
09:44:17.0375 3532 dmadmin - ok
09:44:17.0437 3532 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:44:17.0453 3532 dmboot - ok
09:44:17.0500 3532 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:44:17.0500 3532 dmio - ok
09:44:17.0531 3532 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:44:17.0531 3532 dmload - ok
09:44:17.0593 3532 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
09:44:17.0609 3532 dmserver - ok
09:44:17.0671 3532 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:44:17.0671 3532 DMusic - ok
09:44:17.0734 3532 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
09:44:17.0734 3532 Dnscache - ok
09:44:17.0812 3532 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
09:44:17.0843 3532 Dot3svc - ok
09:44:17.0859 3532 dpti2o - ok
09:44:17.0906 3532 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:44:17.0921 3532 drmkaud - ok
09:44:17.0968 3532 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
09:44:18.0015 3532 EapHost - ok
09:44:18.0078 3532 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
09:44:18.0078 3532 ERSvc - ok
09:44:18.0156 3532 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:44:18.0171 3532 Eventlog - ok
09:44:18.0203 3532 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
09:44:18.0218 3532 EventSystem - ok
09:44:18.0312 3532 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:44:18.0312 3532 Fastfat - ok
09:44:18.0359 3532 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:44:18.0375 3532 FastUserSwitchingCompatibility - ok
09:44:18.0437 3532 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:44:18.0437 3532 Fdc - ok
09:44:18.0515 3532 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:44:18.0515 3532 Fips - ok
09:44:18.0578 3532 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:44:18.0578 3532 Flpydisk - ok
09:44:18.0609 3532 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:44:18.0609 3532 FltMgr - ok
09:44:18.0781 3532 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:44:18.0796 3532 FontCache3.0.0.0 - ok
09:44:18.0828 3532 Freedom - ok
09:44:18.0890 3532 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:44:18.0890 3532 Fs_Rec - ok
09:44:18.0921 3532 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:44:18.0937 3532 Ftdisk - ok
09:44:19.0015 3532 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:44:19.0015 3532 Gpc - ok
09:44:19.0171 3532 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
09:44:19.0187 3532 gupdate - ok
09:44:19.0203 3532 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
09:44:19.0203 3532 gupdatem - ok
09:44:19.0250 3532 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:44:19.0250 3532 HDAudBus - ok
09:44:19.0375 3532 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:44:19.0375 3532 helpsvc - ok
09:44:19.0421 3532 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
09:44:19.0421 3532 HidServ - ok
09:44:19.0453 3532 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:44:19.0453 3532 HidUsb - ok
09:44:19.0515 3532 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
09:44:19.0562 3532 hkmsvc - ok
09:44:19.0593 3532 hpn - ok
09:44:19.0796 3532 hpqcxs08 (58d4765ab87347db835d5693adf652c1) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
09:44:19.0796 3532 hpqcxs08 - ok
09:44:19.0859 3532 hpqddsvc (99ed733f614660eb32199bf889dfb7e2) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
09:44:19.0859 3532 hpqddsvc - ok
09:44:19.0937 3532 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
09:44:19.0937 3532 HPZid412 - ok
09:44:19.0953 3532 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
09:44:19.0968 3532 HPZipr12 - ok
09:44:20.0031 3532 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
09:44:20.0031 3532 HPZius12 - ok
09:44:20.0125 3532 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:44:20.0125 3532 HTTP - ok
09:44:20.0203 3532 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
09:44:20.0203 3532 HTTPFilter - ok
09:44:20.0234 3532 i2omgmt - ok
09:44:20.0250 3532 i2omp - ok
09:44:20.0328 3532 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:44:20.0328 3532 i8042prt - ok
09:44:20.0468 3532 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:44:20.0515 3532 idsvc - ok
09:44:20.0546 3532 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:44:20.0562 3532 Imapi - ok
09:44:20.0609 3532 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
09:44:20.0609 3532 ImapiService - ok
09:44:20.0656 3532 ini910u - ok
09:44:20.0890 3532 IntcAzAudAddService (a30685283f90ae02f1cd50972c6065e3) C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:44:20.0906 3532 IntcAzAudAddService - ok
09:44:21.0015 3532 IntelIde - ok
09:44:21.0078 3532 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:44:21.0078 3532 intelppm - ok
09:44:21.0125 3532 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:44:21.0125 3532 Ip6Fw - ok
09:44:21.0171 3532 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:44:21.0171 3532 IpFilterDriver - ok
09:44:21.0218 3532 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:44:21.0218 3532 IpInIp - ok
09:44:21.0250 3532 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:44:21.0265 3532 IpNat - ok
09:44:21.0296 3532 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:44:21.0296 3532 IPSec - ok
09:44:21.0359 3532 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:44:21.0359 3532 IRENUM - ok
09:44:21.0390 3532 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:44:21.0390 3532 isapnp - ok
09:44:21.0609 3532 JavaQuickStarterService (a38441ed570f190cc041a7be49488fa7) C:\Program Files\Java\jre6\bin\jqs.exe
09:44:21.0625 3532 JavaQuickStarterService - ok
09:44:21.0656 3532 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:44:21.0656 3532 Kbdclass - ok
09:44:21.0718 3532 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:44:21.0718 3532 kbdhid - ok
09:44:21.0781 3532 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:44:21.0796 3532 kmixer - ok
09:44:21.0875 3532 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:44:21.0875 3532 KSecDD - ok
09:44:21.0937 3532 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
09:44:21.0953 3532 lanmanserver - ok
09:44:22.0031 3532 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
09:44:22.0046 3532 lanmanworkstation - ok
09:44:22.0078 3532 lbrtfdc - ok
09:44:22.0171 3532 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
09:44:22.0171 3532 LmHosts - ok
09:44:22.0265 3532 LucentSoftModem (dd226891303d5118648ad4b911f37822) C:\WINDOWS\system32\DRIVERS\LTSM.sys
09:44:22.0296 3532 LucentSoftModem - ok
09:44:22.0343 3532 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
09:44:22.0343 3532 Messenger - ok
09:44:22.0421 3532 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:44:22.0421 3532 mnmdd - ok
09:44:22.0500 3532 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
09:44:22.0500 3532 mnmsrvc - ok
09:44:22.0546 3532 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:44:22.0562 3532 Modem - ok
09:44:22.0593 3532 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:44:22.0593 3532 Mouclass - ok
09:44:22.0671 3532 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:44:22.0671 3532 mouhid - ok
09:44:22.0750 3532 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:44:22.0750 3532 MountMgr - ok
09:44:22.0828 3532 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:44:22.0843 3532 MozillaMaintenance - ok
09:44:22.0859 3532 mraid35x - ok
09:44:22.0921 3532 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:44:22.0937 3532 MRxDAV - ok
09:44:23.0000 3532 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:44:23.0015 3532 MRxSmb - ok
09:44:23.0078 3532 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
09:44:23.0093 3532 MSDTC - ok
09:44:23.0140 3532 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:44:23.0156 3532 Msfs - ok
09:44:23.0171 3532 MSIServer - ok
09:44:23.0250 3532 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:44:23.0250 3532 MSKSSRV - ok
09:44:23.0296 3532 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:44:23.0296 3532 MSPCLOCK - ok
09:44:23.0343 3532 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:44:23.0343 3532 MSPQM - ok
09:44:23.0375 3532 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:44:23.0375 3532 mssmbios - ok
09:44:23.0468 3532 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:44:23.0468 3532 Mup - ok
09:44:23.0546 3532 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
09:44:23.0562 3532 napagent - ok
09:44:23.0609 3532 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:44:23.0625 3532 NDIS - ok
09:44:23.0703 3532 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:44:23.0718 3532 NdisTapi - ok
09:44:23.0781 3532 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:44:23.0781 3532 Ndisuio - ok
09:44:23.0812 3532 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:44:23.0812 3532 NdisWan - ok
09:44:23.0859 3532 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:44:23.0859 3532 NDProxy - ok
09:44:23.0937 3532 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\WINDOWS\system32\HPZinw12.dll
09:44:23.0937 3532 Net Driver HPZ12 - ok
09:44:23.0968 3532 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:44:23.0968 3532 NetBIOS - ok
09:44:24.0062 3532 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\drivers\netbt.sys
09:44:24.0062 3532 NetBT - ok
09:44:24.0156 3532 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:44:24.0156 3532 NetDDE - ok
09:44:24.0171 3532 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:44:24.0187 3532 NetDDEdsdm - ok
09:44:24.0234 3532 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:44:24.0250 3532 Netlogon - ok
09:44:24.0328 3532 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
09:44:24.0343 3532 Netman - ok
09:44:24.0515 3532 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:44:24.0515 3532 NetTcpPortSharing - ok
09:44:24.0593 3532 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
09:44:24.0609 3532 Nla - ok
09:44:24.0671 3532 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:44:24.0671 3532 Npfs - ok
09:44:24.0718 3532 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:44:24.0750 3532 Ntfs - ok
09:44:24.0765 3532 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:44:24.0781 3532 NtLmSsp - ok
09:44:24.0843 3532 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
09:44:24.0890 3532 NtmsSvc - ok
09:44:24.0953 3532 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:44:24.0953 3532 Null - ok
09:44:25.0015 3532 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:44:25.0015 3532 NwlnkFlt - ok
09:44:25.0062 3532 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:44:25.0062 3532 NwlnkFwd - ok
09:44:25.0125 3532 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
09:44:25.0140 3532 Parport - ok
09:44:25.0156 3532 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:44:25.0171 3532 PartMgr - ok
09:44:25.0234 3532 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:44:25.0234 3532 ParVdm - ok
09:44:25.0250 3532 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:44:25.0265 3532 PCI - ok
09:44:25.0296 3532 PCIDump - ok
09:44:25.0343 3532 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:44:25.0343 3532 PCIIde - ok
09:44:25.0437 3532 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:44:25.0437 3532 Pcmcia - ok
09:44:25.0468 3532 PDCOMP - ok
09:44:25.0500 3532 PDFRAME - ok
09:44:25.0515 3532 PDRELI - ok
09:44:25.0546 3532 PDRFRAME - ok
09:44:25.0578 3532 perc2 - ok
09:44:25.0609 3532 perc2hib - ok
09:44:25.0734 3532 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:44:25.0734 3532 PlugPlay - ok
09:44:25.0812 3532 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\WINDOWS\system32\HPZipm12.dll
09:44:25.0812 3532 Pml Driver HPZ12 - ok
09:44:25.0828 3532 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:44:25.0828 3532 PolicyAgent - ok
09:44:25.0906 3532 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:44:25.0906 3532 PptpMiniport - ok
09:44:25.0937 3532 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:44:25.0937 3532 ProtectedStorage - ok
09:44:25.0953 3532 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:44:25.0968 3532 PSched - ok
09:44:26.0031 3532 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
09:44:26.0031 3532 PSI - ok
09:44:26.0078 3532 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:44:26.0078 3532 Ptilink - ok
09:44:26.0109 3532 ql1080 - ok
09:44:26.0125 3532 Ql10wnt - ok
09:44:26.0156 3532 ql12160 - ok
09:44:26.0187 3532 ql1240 - ok
09:44:26.0203 3532 ql1280 - ok
09:44:26.0265 3532 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:44:26.0265 3532 RasAcd - ok
09:44:26.0328 3532 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
09:44:26.0343 3532 RasAuto - ok
09:44:26.0406 3532 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:44:26.0406 3532 Rasl2tp - ok
09:44:26.0468 3532 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
09:44:26.0484 3532 RasMan - ok
09:44:26.0515 3532 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:44:26.0515 3532 RasPppoe - ok
09:44:26.0546 3532 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:44:26.0546 3532 Raspti - ok
09:44:26.0609 3532 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:44:26.0609 3532 Rdbss - ok
09:44:26.0640 3532 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:44:26.0640 3532 RDPCDD - ok
09:44:26.0750 3532 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
09:44:26.0750 3532 RDPWD - ok
09:44:26.0781 3532 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
09:44:26.0796 3532 RDSessMgr - ok
09:44:26.0828 3532 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:44:26.0843 3532 redbook - ok
09:44:26.0906 3532 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
09:44:26.0906 3532 RemoteAccess - ok
09:44:26.0953 3532 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
09:44:26.0953 3532 ROOTMODEM - ok
09:44:27.0015 3532 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
09:44:27.0015 3532 RpcLocator - ok
09:44:27.0109 3532 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
09:44:27.0125 3532 RpcSs - ok
09:44:27.0156 3532 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
09:44:27.0171 3532 RSVP - ok
09:44:27.0250 3532 rtl8139 (2ef9c0dc26b30b2318b1fc3faa1f0ae7) C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
09:44:27.0250 3532 rtl8139 - ok
09:44:27.0312 3532 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:44:27.0312 3532 SamSs - ok
09:44:27.0453 3532 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
09:44:27.0453 3532 SASDIFSV - ok
09:44:27.0515 3532 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
09:44:27.0515 3532 SASKUTIL - ok
09:44:27.0593 3532 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
09:44:27.0609 3532 SCardSvr - ok
09:44:27.0640 3532 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
09:44:27.0656 3532 Schedule - ok
09:44:27.0734 3532 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:44:27.0734 3532 Secdrv - ok
09:44:27.0765 3532 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
09:44:27.0781 3532 seclogon - ok
09:44:27.0937 3532 Secunia PSI Agent (2d0599dd0124764fc939c59985c860de) C:\Program Files\Secunia\PSI\PSIA.exe
09:44:27.0968 3532 Secunia PSI Agent - ok
09:44:28.0046 3532 Secunia Update Agent (20b9e1adbc58958b480933e4da005dfb) C:\Program Files\Secunia\PSI\sua.exe
09:44:28.0062 3532 Secunia Update Agent - ok
09:44:28.0171 3532 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
09:44:28.0187 3532 SENS - ok
09:44:28.0265 3532 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:44:28.0265 3532 serenum - ok
09:44:28.0296 3532 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:44:28.0296 3532 Serial - ok
09:44:28.0406 3532 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:44:28.0406 3532 Sfloppy - ok
09:44:28.0500 3532 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
09:44:28.0515 3532 SharedAccess - ok
09:44:28.0578 3532 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:44:28.0578 3532 ShellHWDetection - ok
09:44:28.0609 3532 Simbad - ok
09:44:28.0687 3532 SmartDefragDriver (972dea0d8149d73c5b7a2c97b2e749e3) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
09:44:28.0687 3532 SmartDefragDriver - ok
09:44:28.0718 3532 Sparrow - ok
09:44:28.0796 3532 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:44:28.0796 3532 splitter - ok
09:44:28.0843 3532 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:44:28.0859 3532 Spooler - ok
09:44:28.0937 3532 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:44:28.0937 3532 sr - ok
09:44:28.0968 3532 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
09:44:28.0984 3532 srservice - ok
09:44:29.0046 3532 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:44:29.0062 3532 Srv - ok
09:44:29.0125 3532 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
09:44:29.0125 3532 SSDPSRV - ok
09:44:29.0218 3532 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
09:44:29.0234 3532 stisvc - ok
09:44:29.0312 3532 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:44:29.0312 3532 swenum - ok
09:44:29.0390 3532 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:44:29.0390 3532 swmidi - ok
09:44:29.0406 3532 SwPrv - ok
09:44:29.0437 3532 symc810 - ok
09:44:29.0468 3532 symc8xx - ok
09:44:29.0484 3532 sym_hi - ok
09:44:29.0500 3532 sym_u3 - ok
09:44:29.0562 3532 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:44:29.0562 3532 sysaudio - ok
09:44:29.0640 3532 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
09:44:29.0640 3532 SysmonLog - ok
09:44:29.0703 3532 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
09:44:29.0718 3532 TapiSrv - ok
09:44:29.0796 3532 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:44:29.0812 3532 Tcpip - ok
09:44:29.0843 3532 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:44:29.0843 3532 TDPIPE - ok
09:44:29.0875 3532 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:44:29.0875 3532 TDTCP - ok
09:44:29.0906 3532 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:44:29.0906 3532 TermDD - ok
09:44:29.0984 3532 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
09:44:30.0015 3532 TermService - ok
09:44:30.0062 3532 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:44:30.0062 3532 Themes - ok
09:44:30.0093 3532 TosIde - ok
09:44:30.0156 3532 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
09:44:30.0171 3532 TrkWks - ok
09:44:30.0234 3532 Udfs  (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:44:30.0234 3532 Udfs - ok
09:44:30.0265 3532 ultra - ok
09:44:30.0359 3532 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:44:30.0359 3532 Update - ok
09:44:30.0421 3532 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
09:44:30.0437 3532 upnphost - ok
09:44:30.0468 3532 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
09:44:30.0468 3532 UPS - ok
09:44:30.0531 3532 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:44:30.0531 3532 usbccgp - ok
09:44:30.0562 3532 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:44:30.0562 3532 usbehci - ok
09:44:30.0640 3532 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:44:30.0640 3532 usbhub - ok
09:44:30.0703 3532 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:44:30.0703 3532 usbprint - ok
09:44:30.0765 3532 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:44:30.0765 3532 usbscan - ok
09:44:30.0812 3532 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:44:30.0828 3532 USBSTOR - ok
09:44:30.0875 3532 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:44:30.0875 3532 usbuhci - ok
09:44:30.0921 3532 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:44:30.0921 3532 VgaSave - ok
09:44:30.0937 3532 ViaIde - ok
09:44:31.0015 3532 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:44:31.0015 3532 VolSnap - ok
09:44:31.0093 3532 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
09:44:31.0109 3532 VSS - ok
09:44:31.0156 3532 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
09:44:31.0171 3532 W32Time - ok
09:44:31.0250 3532 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:44:31.0250 3532 Wanarp - ok
09:44:31.0343 3532 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
09:44:31.0375 3532 Wdf01000 - ok
09:44:31.0390 3532 WDICA - ok
09:44:31.0453 3532 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:44:31.0468 3532 wdmaud - ok
09:44:31.0531 3532 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
09:44:31.0562 3532 WebClient - ok
09:44:31.0703 3532 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:44:31.0703 3532 winmgmt - ok
09:44:31.0812 3532 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
09:44:31.0812 3532 WinUSB - ok
09:44:31.0859 3532 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
09:44:31.0875 3532 WmdmPmSN - ok
09:44:31.0953 3532 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:44:31.0968 3532 WmiApSrv - ok
09:44:32.0140 3532 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
09:44:32.0171 3532 WMPNetworkSvc - ok
09:44:32.0203 3532 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:44:32.0203 3532 WS2IFSL - ok
09:44:32.0281 3532 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
09:44:32.0312 3532 wscsvc - ok
09:44:32.0375 3532 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
09:44:32.0390 3532 wuauserv - ok
09:44:32.0453 3532 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:44:32.0453 3532 WudfPf - ok
09:44:32.0531 3532 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:44:32.0531 3532 WudfRd - ok
09:44:32.0578 3532 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll
09:44:32.0593 3532 WudfSvc - ok
09:44:32.0671 3532 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
09:44:32.0703 3532 WZCSVC - ok
09:44:32.0765 3532 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
09:44:32.0781 3532 xmlprov - ok
09:44:32.0796 3532 zumbus - ok
09:44:32.0843 3532 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
09:44:33.0234 3532 \Device\Harddisk0\DR0 - ok
09:44:33.0250 3532 Boot (0x1200) (a73ecaef9e60171a5eb6bb2d9239f84b) \Device\Harddisk0\DR0\Partition0
09:44:33.0250 3532 \Device\Harddisk0\DR0\Partition0 - ok
09:44:33.0265 3532 ============================================================
09:44:33.0265 3532 Scan finished
09:44:33.0265 3532 ============================================================
09:44:33.0312 3800 Detected object count: 0
09:44:33.0312 3800 Actual detected object count: 0
09:44:55.0828 3660 Deinitialize success


----------



## Cookiegal (Aug 27, 2003)

Are there any alerts in yellow in Device Manager and specifically next to Universal Serial Bus controllers?


----------



## MrWmnHtr (Feb 18, 2010)

Nothing except the same 3 hidden devices. Keyboard, Parport, Zune.


----------



## Cookiegal (Aug 27, 2003)

And you said that's because it's connected to your machine, correct?


----------



## MrWmnHtr (Feb 18, 2010)

Connected to my machine? I don't understand. What is connected to my machine?


----------



## Cookiegal (Aug 27, 2003)

Sorry, meant connected to your keyboard.


----------



## MrWmnHtr (Feb 18, 2010)

Yes. I assume he has no alerts from his keyboard. But I don't know. I can udate the driver if you like.


----------



## Cookiegal (Aug 27, 2003)

I've asked for assistance with the ports issue from other moderators so hopefully someone will have suggestions on what's going on there.


----------



## Triple6 (Dec 26, 2002)

Since the back ports work, my thought is that the front ports are broken. Examine them closely to see if they are loose or if the center plastic guide/tab is broken. Only one of them them could be broken but causing that entire controller to malfunction. If you want to open the computer we can also try moving the USB to a different USB header or plugging in only one port at a time to see if one will work.


----------



## MrWmnHtr (Feb 18, 2010)

Hello Mark,

Thanks for the help. I couldn't get a clear photo of the parts so I made a drawing. (see attachment) I can not see anything wrong. 

I can switch the jacks around. (see options on my drawing) Just tell me where.

If that doesn't work I can remove the card and examine it. I have magnifiers and a microscope. 

I can test the headphones jack. I think my g/f has headphones for her mp3 player that will work. I do not have a mic. 

What are the chances I can easily find a card to match this one and fit the case? I have no idea who made the case. I dont see a name on it. Where would it be stamped? If it's not a common part then I say not to worry about it. He can get a USB hub.


----------



## Triple6 (Dec 26, 2002)

They're not common, you'd have to get one for the matching case; some cases don't have any identifying marks.

So, is each set of 4 wires already plugged into a separate USB header? If so then one broken port shouldn't knock out the second one. I guess you can still try disconnecting one of the sets of wires and try the other in the other three possible spots. Just guessing at the other header on the back of device, but it might be for the audio if there isn't another cable coming off it that connects to the audio header on the motherboard.


----------



## MrWmnHtr (Feb 18, 2010)

The other 3 possible spots? I'm only guessing where they are at in my drawing. Am I correct in that guess? I can move a set of 4 wires straight down to the pins below?


----------



## MrWmnHtr (Feb 18, 2010)

I've got 8 wires for four devices. The Port + and Port - are USB? Can I plug them anywhere on the yellow blocks as long as they are side by side? (Im assuming on the same yellow block would be a short)


----------



## Triple6 (Dec 26, 2002)

Each USB port requires 4 wires; Power, Data - , Data +, Ground
In your diagram that corresponds to; +, Port -, Port +, -

Each yellow block(USB header) supports two USB ports, in most cases people would have 2 USB ports connected to 1 header rather then split over 2 separate headers. So each block supports 2 USB ports for a total of 4 USB ports in your diagram.

As a test I would disconnect one USB port(set of 4 wires) and test the remaining port on the other headers.

Your audio ports would use a completely separate set of wires and would connect to a special Audio header not a USB header. Connecting audio to a USB header would fry something, so would the opposite.


----------



## MrWmnHtr (Feb 18, 2010)

While I do this let me ask you a couple more questions. I have 10 yellow blocks in 2 pair of 5. One row has 4 pins and one row has 5. What is the 5th pin for? 

On the USB/Audio card it has 2 matching male connectors. One for usb and one for audio? Without wires coming from the second male connector then there is no Audio input or output from the front of the machine? 

I will be back shortly with info on my tests.


----------



## Triple6 (Dec 26, 2002)

The 5th pin is an additional ground or over-current; its not needed and some devices don't have it but all headers have it and its useful as a key to how to plug the cable in - many front USB ports are actually a single block of 10 to simply connecting the ports. If you have additional USB headers then move the one USB port to a completely new USB header.

Audio ports always have their own cable and it must plug into the correct Audio header.


----------



## MrWmnHtr (Feb 18, 2010)

I unplugged the power cord. disconnected the 4 wire on the left. Power cord in. Started the machine. I put in a Flash drive into the left port. Nothing. I inserted the flash drive into the right port. The Flash drive lit up and flashed and I opened my computer and the flash drive. I unzipped a folder. Then played an MP3 file. (no speakers so I can only assume it worked. The MP3 played to the end. No errors.

Powered off machine unplugged cord. reconnected the 4 wires onto the same pins they were on and unplugged the wires on the right side and repeated the tests above. No errors.

I plugged in the wires on the right to the lower set. Turned on machine. Put flash drive left port. And it worked fine. Used the safely remove hardware icon and removed the flash drive and put it into the right side port. It worked fine. I dragged and dropped a file onto the desktop and no problems. I used the SRH icon and removed the flash drive.

I decided to check the Auto Run settings. I put the flash drive into the left port and got the message that the USB device was not recognized. I removed the drive, placed it in the right side port and it worked fine. I set the Auto Run to automatically play music files. Turned off the computer. removed the flash drive. 

Restarted the computer. Put in flash drive into left port. Worked fine. I used SRH icon and removed flash drive and put it into the right side port and it worked fine. I changed the Auto Run settings to mixed content and set it to open the folder. Used SRH. Removed drive. Put drive back in same port. Auto Run did not work. I did not expect it too.

All seems well but I'm not confident. Can NOT using the Safely Remove Hardware icon corrupt the USB ports drivers or just the flash drive? 

I betting that since this guy never updated or ran any anti-virus or anti-malware software I installed a year ago. Nor did he update Windows. Nor did he update Firefox. (he still had 3.1) I'm betting that he NEVER used the Safely Remove Hardware icon.

What's next, Mark?


----------



## Triple6 (Dec 26, 2002)

Not using the Safely Remove Hardware should only potentially cause data corruption on the drive, it shouldn't cause any problems with the drivers or ports themselves.

Autoplay is kinda annoying and for security reasons its best to just keep it off.


----------



## MrWmnHtr (Feb 18, 2010)

I'm still not confident in the USB working all the time. Since it worked just fine with either side unplugged I have a "feeling" that the USB/Audio card may have a small crack in it some other connection problem. They get a bit stressed being used all the time. Since it may be diifficult to find a replacement I don't think I will worry about it. The customer is use to NOT having it anyway. But if he wants I can take it out and see if my local electronics store has one. Or he can buy a USB hub. 

So what's my status with this repair? Are you and I done? Is Cookiegal done with me?


----------



## Cookiegal (Aug 27, 2003)

Are there any other problems remaining?


----------



## MrWmnHtr (Feb 18, 2010)

Other than Auto Run, no. I understand about the security issue. I have miy Auto Run disabled. But what concerns me is that if those files that control Auto Run are missing, what happened to them? And what other files might be missing? Were they infected by a virus or malware and removed when we cleaned the system?


----------



## Cookiegal (Aug 27, 2003)

Autorun.inf files are generally contained in the media (CD) not on the drive itself. There are some exceptions where an autorun.inf file would be there and be legitimate but often they are installed by malware to run their payload on insertion. When you play your media (if the registry were set to allow autoplay) the autorun.inf file would be read and executed from the media itself.


----------



## MrWmnHtr (Feb 18, 2010)

CookieGal,

I want to Thank You So Very Much for your patience, your knowledge and skills, your prompt replies, and your valuable time for helping me these last 20 days. (I can't believe it's been that long.) This was by far the most difficult repair I have had. I copied and pasted the entire post into a document to give to my customer. It's an amazing 298 pages. And that was after removing all formatting, icons, avatars, and redundant links.

It's great to work with people like you and Triple 6. I want to Thank All The Wonderful People at Tech Support Guy that make this kind of service possible for the rest of us. :up:

I am truly astounded  by the generosity of volunteers like yourselves. 
Again Thank You Very Much. 

Randy

PS, Cookie please see your inbox.


----------



## Cookiegal (Aug 27, 2003)

It was my pleasure. 

There are a couple of things I'd like to do just to finish up here and make sure there are no loose ends.

Would you please post a new HijackThis default scan log.

And also using HijackThis, please do the following:

Open HijackThis and click on the *Open Misc Tools section* button. Click on the *Open Uninstall Manager* button. Click the *Save List* button. Save the list then copy and paste it here.


----------



## MrWmnHtr (Feb 18, 2010)

32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.5.1
Advanced SystemCare 5
avast! Free Antivirus
Browser Defender 3.0
Canon S750
Critical Update for Windows Media Player 11 (KB959772)
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 8.0
HP Imaging Device Functions 9.0
HP Photosmart 8.0 Software
HP Photosmart Cameras 9.0
HP Photosmart Essential
HP Photosmart Essential 2.01
HP Product Assistant
HP Product Detection
HP PSC & OfficeJet 5.3.B
HP Solution Center 9.0
HP Update
HPSSupply
Java(TM) 6 Update 32
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Professional
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft WinUsb 1.0
Mozilla Firefox 12.0 (x86 en-GB)
Mozilla Maintenance Service
MSN
OpenOffice.org 3.1
Qwest Installer
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
RealUpgrade 1.1
Secunia PSI (2.0.0.3003)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Smart Defrag 2
SUPERAntiSpyware
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
W Photo Studio
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3


----------



## Cookiegal (Aug 27, 2003)

You should update Adobe Flash and Adobe Reader to the latest versions, which are:

Adobe Flash 11.3.300.257 
Adobe Reader 10.1.3

Please also run a regular scan with HijackThis and post the log (as I requested in my previous instructions).


----------



## Cookiegal (Aug 27, 2003)

Before we close this out, I would like to run another scan. Please remove the version of OTL that you have and download the latest version.

Download *OTL* to your Desktop. 

Double-click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. 
At the top, put a check mark beside the box that says "Scan All Users"
Click the Quick Scan button. Do not change any other settings unless otherwise instructed. The scan won't take long. 
When the scan completes, it will open two Notepad windows called *OTL.Txt* and *Extras.Txt*. These are saved in the same location as OTL. 
Please copy and paste the contents of both of these files here in your next reply.


----------



## MrWmnHtr (Feb 18, 2010)

I did not undestand that you wanted TWO hijackthis scans. Here is the one without the settings changed.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:44:45 PM, on 6/9/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Documents and Settings\Jeff Miller\Desktop\Repairs 052012\Repair Tools\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myqwest.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe -update activex (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe -update activex (User 'Default user')
O4 - Global Startup: Secunia PSI Tray.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_32.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_32.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jeff Miller\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

--
End of file - 5870 bytes


----------



## MrWmnHtr (Feb 18, 2010)

I am trying to follow your instructions to the letter but I must be doing something wrong. I downloaded OTL from the link you provided. Saved to the desktop.

I Double Clicked the OTL Icon it DID NOT run uninterrupted. It did not run. It only opened the user interface. I checked Scan All Users. I clicked Quick Scan. When it was finished I got TWO Notepad text files. They were BOTH OTL.txt. I DID NOT get an Extras File.

I deleted both files and started over. OTL DID NOT run when I doubled clicked the the Icon. It opened user interface. I checked Scan All Users. I clicked Quick Scan. When it was finished I got ONLY ONE text file. OTL.txt follows:

OTL logfile created on: 6/9/2012 1:39:20 PM - Run 3
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Documents and Settings\Jeff Miller\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 78.97% Memory free
3.33 Gb Paging File | 3.03 Gb Available in Paging File | 91.01% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 107.39 Gb Free Space | 72.05% Space Free | Partition Type: NTFS
Drive D: | 4.21 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 3.73 Gb Total Space | 1.59 Gb Free Space | 42.67% Space Free | Partition Type: FAT32

Computer Name: JEFF-2E0A22FF48 | User Name: Jeff Miller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/09 12:46:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
PRC - [2012/06/01 08:27:53 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/03/06 17:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/06 17:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/10/29 13:01:37 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/09/25 17:02:09 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/04/18 23:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012/06/09 10:14:02 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/06/09 00:02:26 | 001,768,960 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12060900\algo.dll
MOD - [2011/11/10 22:43:26 | 000,138,072 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll
MOD - [2011/09/25 17:04:20 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/09/25 17:04:20 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/09/25 17:04:18 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %systemroot%\system32\clisvc.dll -- (Freedom)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/09 10:57:14 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/09 00:49:16 | 000,113,120 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/03/06 17:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/09/25 17:02:09 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/07/01 15:36:44 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Disabled | Stopped] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011/04/18 23:44:40 | 000,993,848 | ---- | M] (Secunia) [Disabled | Stopped] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/04/18 23:44:40 | 000,399,416 | ---- | M] (Secunia) [Disabled | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\zumbus.sys -- (zumbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JEFFMI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/03/06 17:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 17:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 17:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/03/06 17:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 17:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 17:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 16:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/09/25 17:01:58 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/25 17:01:57 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/02/23 17:04:30 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/09/01 01:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/09/23 18:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2003/06/22 19:57:00 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001/08/17 13:28:10 | 000,802,683 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=sb&n=77dd9ec0&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myqwest.com/
IE - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
IE - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\..\SearchScopes\{8a87b83c-59b0-4e8c-9c3b-9678eba008fd}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
IE - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=sb&n=77dd9ec0&searchfor={searchTerms}
IE - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2856416
IE - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.3
FF - prefs.js..extensions.enabledItems: {03B08592-E5B4-45ff-A0BE-C1D975458688}:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2012/02/28 18:40:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/29 13:02:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/06/02 13:46:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/09 00:49:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/02 13:26:45 | 000,000,000 | ---D | M]

[2011/03/27 21:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Extensions
[2011/01/11 16:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Extensions\[email protected]
[2012/06/02 13:33:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions
[2011/10/16 18:26:23 | 000,000,000 | ---D | M] (Toolbar Buttons) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
[2011/03/30 22:00:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/06/02 13:27:06 | 000,000,000 | ---D | M] (Tamil Spell Checker for Firefox) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\[email protected]
[2011/03/27 21:04:29 | 000,009,946 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\searchplugins\TelevisionFanatic.xml
[2012/06/02 13:26:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/02 13:46:31 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/06/09 00:49:17 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/02 13:26:38 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/06/02 13:26:38 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/02 13:26:38 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/06/02 13:26:38 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/06/02 13:26:38 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/06/02 13:26:38 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012/05/24 22:29:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1614895754-1336601894-725345543-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe -update activex File not found
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe -update activex File not found
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-1614895754-1336601894-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_32.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jeff Miller\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFE920CD-B641-4BEE-B3F8-93836BBCF81C}: DhcpNameServer = 192.168.0.1 205.171.3.25
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/05 22:26:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/06/04 12:05:08 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/09 12:46:45 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
[2012/06/09 11:09:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\OpenOffice.org 3.4
[2012/06/09 10:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/06/05 09:42:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/06/04 12:05:08 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2012/06/04 09:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/06/03 07:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Desktop\Repairs 052012
[2012/06/02 13:46:49 | 000,337,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/06/02 13:46:49 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/06/02 13:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\avast! Free Antivirus
[2012/06/02 13:46:47 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/06/02 13:46:47 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/06/02 13:46:46 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/06/02 13:46:46 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/06/02 13:46:46 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/06/02 13:46:46 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/06/02 13:46:08 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/06/02 13:46:07 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/06/02 13:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/06/02 13:26:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
[2012/06/02 13:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/05/27 22:06:05 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/05/27 22:06:02 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/05/27 22:05:50 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/05/27 22:05:46 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/05/27 22:05:30 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/05/27 22:05:27 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/05/27 22:05:21 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/05/27 22:05:05 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/05/27 22:04:55 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/05/27 22:04:52 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/05/27 22:04:49 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/05/27 22:04:46 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/05/27 22:04:42 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/05/27 22:04:39 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/05/27 22:04:36 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/05/27 22:04:23 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/05/27 22:04:11 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/05/27 22:04:08 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/05/27 22:04:04 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/05/27 22:04:00 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/05/27 22:03:44 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/05/27 22:03:32 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/05/27 22:03:29 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/05/27 22:03:18 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/05/27 22:03:15 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/05/27 22:03:12 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/05/27 22:03:09 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/05/27 22:03:06 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/05/27 22:03:03 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/05/27 22:02:37 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/05/27 22:02:34 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/05/27 22:02:31 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/05/27 22:02:30 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/05/27 22:02:26 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/05/27 22:02:24 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/05/27 22:02:14 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/05/27 22:02:11 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/05/27 22:01:36 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/05/27 22:01:33 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/05/27 22:01:30 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/05/27 22:01:27 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/05/27 22:01:23 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/05/27 22:01:07 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/05/27 22:00:43 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/05/27 22:00:40 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/05/27 22:00:37 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/05/27 22:00:35 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/05/27 22:00:32 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/05/27 22:00:12 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/05/27 22:00:09 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/05/27 22:00:07 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/05/27 22:00:01 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/05/27 21:59:39 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/05/27 21:59:36 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/05/27 21:59:34 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/05/27 21:59:31 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/05/27 21:59:12 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/05/27 21:59:06 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/05/27 21:59:04 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/05/27 21:58:51 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/05/27 21:58:49 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/05/27 21:58:46 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/05/27 21:58:43 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/05/27 21:58:41 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/05/27 21:58:38 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/05/27 21:58:36 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/05/27 21:58:33 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/05/27 21:58:31 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/05/27 21:58:25 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/05/27 21:58:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/05/27 21:58:21 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/05/27 21:58:20 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/05/27 21:58:11 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/05/27 21:58:07 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/05/27 21:58:04 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/05/27 21:58:01 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/05/27 21:57:52 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/05/27 21:57:49 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/05/27 21:57:25 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/05/27 21:57:22 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/05/27 21:57:19 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/05/27 21:57:09 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/05/27 21:56:28 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/05/27 21:56:18 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/05/27 21:56:17 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/05/27 21:56:14 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/05/27 21:55:43 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/05/27 21:55:41 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/05/27 21:55:38 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/05/27 21:55:35 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/05/27 21:55:22 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/05/27 21:55:12 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/05/27 21:55:10 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/05/27 21:55:06 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/05/27 21:55:00 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/05/27 21:54:57 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/05/27 21:54:50 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/05/27 21:54:48 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/05/27 21:54:46 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/05/27 21:54:43 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/05/27 21:54:41 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/05/27 21:54:38 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/05/27 21:54:31 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/05/27 21:54:29 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/05/27 21:54:26 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/05/27 21:54:24 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/05/27 21:54:21 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/05/27 21:53:48 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/05/27 21:53:24 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/05/27 21:53:08 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/05/27 21:53:08 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/05/27 21:53:05 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/05/27 21:53:05 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/05/27 21:53:03 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/05/27 21:52:57 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/05/27 21:52:55 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/05/27 21:52:53 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/05/27 21:52:50 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/05/27 21:52:47 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/05/27 21:52:45 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/05/27 21:52:22 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/05/27 21:51:58 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/05/27 21:50:35 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/05/27 21:50:27 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/05/27 21:50:07 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/05/27 21:50:05 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/05/27 21:50:04 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/05/27 21:49:53 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/05/27 21:49:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/05/27 21:49:44 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/05/27 21:49:42 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/05/27 21:49:40 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/05/27 21:49:38 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/05/27 21:49:37 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/05/27 21:49:26 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/05/27 21:49:23 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/05/27 21:49:22 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/05/27 21:48:17 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/05/27 21:48:14 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/05/27 21:48:07 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/05/27 21:48:06 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/05/27 21:48:05 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/05/27 21:48:01 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/05/27 21:48:00 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/05/27 21:47:59 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/05/27 21:47:59 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/05/27 21:47:57 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/05/27 21:47:41 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/05/27 21:47:40 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/05/27 21:47:37 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/05/27 21:47:20 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/05/27 21:47:19 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/05/27 21:47:18 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/05/27 21:47:17 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/05/27 21:47:16 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/05/27 21:47:16 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/05/27 21:47:15 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/05/27 21:47:14 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/05/27 21:47:08 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/05/27 21:47:00 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/05/27 21:46:55 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/05/27 21:46:51 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/05/27 21:46:51 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/05/27 21:46:50 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/05/27 21:46:50 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/05/27 21:46:49 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/05/27 21:46:47 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/05/27 21:46:46 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/05/27 21:46:46 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/05/27 21:46:45 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/05/27 21:46:44 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/05/27 21:46:43 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/05/27 21:46:23 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/05/27 21:46:23 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/05/27 21:46:22 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/05/27 21:46:22 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/05/27 21:46:22 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/05/27 21:46:21 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/05/27 21:46:20 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/05/27 21:46:20 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/05/27 21:46:19 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/05/27 21:46:19 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/05/27 21:46:18 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/05/27 21:46:18 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/05/27 21:46:17 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/05/27 21:46:17 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/05/27 21:46:16 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/05/27 21:46:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/05/27 21:46:15 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/05/27 21:46:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/05/27 21:46:12 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/05/27 21:46:10 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/05/27 21:46:10 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/05/27 21:46:09 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/05/27 21:46:09 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/05/27 21:46:08 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/05/27 21:46:08 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/05/27 21:46:08 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/05/27 21:45:55 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/05/27 21:45:52 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/05/27 21:45:10 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/05/27 21:45:09 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/05/27 21:45:09 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/05/27 21:45:09 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/05/27 21:45:08 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/05/27 21:45:07 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/05/27 21:45:05 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/05/27 21:45:05 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012/05/27 21:45:04 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/05/27 21:45:04 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/05/27 21:45:04 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/05/27 09:23:31 | 000,000,000 | ---D | C] -- C:\_OTS
[2012/05/24 21:57:49 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/05/24 21:31:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/05/24 21:31:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/05/24 21:31:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/05/24 21:31:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/05/24 21:31:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/05/24 21:31:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/23 11:49:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Administrative Tools
[2012/05/18 07:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2012/05/18 01:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Qwest
[2012/05/18 01:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Application Data\InstallShield
[2012/05/16 17:25:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/05/16 11:31:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2012/05/15 19:56:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Xenocode
[2012/05/11 00:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG

========== Files - Modified Within 30 Days ==========

[2012/06/09 13:37:16 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/09 12:57:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/09 12:46:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
[2012/06/09 11:23:00 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\WebReg Photosmart A440 series.job
[2012/06/09 11:09:39 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\OpenOffice.org 3.4.lnk
[2012/06/09 10:52:08 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
[2012/06/09 10:52:06 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
[2012/06/09 10:22:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/09 10:19:46 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/06/09 10:13:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/04 17:54:25 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/06/02 14:43:42 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/06/02 13:46:46 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/06/01 09:11:29 | 000,141,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/01 09:01:14 | 000,447,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/01 09:01:14 | 000,073,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/01 08:42:25 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/05/24 22:29:44 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/05/24 21:13:58 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/05/23 11:37:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012/05/15 09:22:13 | 000,077,824 | ---- | M] () -- C:\__ofidxT.ffl
[2012/05/11 00:31:38 | 000,131,080 | ---- | M] () -- C:\WINDOWS\HPHins14.dat

========== Files Created - No Company Name ==========

[2012/06/09 11:09:39 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\OpenOffice.org 3.4.lnk
[2012/06/09 10:19:46 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/06/09 10:17:48 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Acrobat_com.lnk
[2012/06/09 10:15:10 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/06 20:26:29 | 005,861,376 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\05-Electric Funeral-mw.mp3
[2012/06/06 20:25:29 | 007,632,896 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\01-BlackSabbath-mw.mp3
[2012/06/06 20:13:36 | 004,343,808 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\03-Behind The Wall Of Sleep-mw.mp3
[2012/06/06 20:11:38 | 008,556,544 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\06-Hand Of Doom-mw.mp3
[2012/06/04 17:54:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/06/02 13:26:47 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/01 08:37:12 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Adobe Reader 9.lnk
[2012/05/31 23:37:37 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/05/31 23:36:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/05/31 23:36:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/05/27 22:06:01 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/05/27 22:05:58 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/05/27 21:57:15 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/05/27 21:57:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/05/27 21:53:53 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/05/27 21:50:33 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/05/27 21:50:29 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/05/27 21:50:26 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/05/27 21:50:22 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/05/27 21:50:18 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/05/27 21:48:04 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/05/27 21:48:03 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/05/27 21:48:02 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/05/27 21:46:04 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/05/27 21:46:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/05/27 21:46:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/05/27 21:46:03 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/05/27 21:46:03 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/05/27 21:46:02 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/05/27 21:46:02 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/05/27 21:46:02 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/05/27 21:46:01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/05/27 21:45:58 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/05/24 21:57:50 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/05/24 21:31:57 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/05/24 21:31:57 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/05/24 21:31:57 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/05/24 21:31:57 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/05/24 21:31:57 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/05/16 11:24:57 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012/05/16 11:23:11 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\WebReg Photosmart A440 series.job
[2012/05/14 16:00:24 | 000,077,824 | ---- | C] () -- C:\__ofidxT.ffl
[2012/01/31 09:51:25 | 000,105,324 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
[2012/01/31 09:51:25 | 000,000,198 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
[2011/06/29 20:21:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/28 00:41:44 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/03/28 00:41:44 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/03/27 21:35:24 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0220.old
[2011/03/27 21:35:24 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2011/03/27 21:03:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

========== LOP Check ==========

[2008/04/20 12:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN Messenger 5.0.0544
[2010/02/24 19:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AIM
[2012/06/02 13:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2010/02/18 12:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverCure
[2012/05/08 13:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
[2011/03/27 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2010/01/04 13:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ParetoLogic
[2012/05/25 22:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Qwest
[2010/12/07 13:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Walgreens
[2009/08/21 03:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2008/04/20 17:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff\Application Data\Image Zone Express
[2008/05/26 13:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff\Application Data\LimeWire
[2008/03/05 09:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff\Application Data\MSNInstaller
[2008/04/20 17:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff\Application Data\Printer Info Cache
[2008/05/13 23:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff\Application Data\Simple Star
[2008/05/26 22:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff\Application Data\TmpRecentIcons
[2008/05/18 22:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff\Application Data\Walgreens
[2012/05/09 03:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\54238
[2010/02/24 19:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\acccore
[2012/06/09 10:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/01/04 18:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\DriverCure
[2011/12/16 19:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Image Zone Express
[2012/05/08 13:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\IObit
[2009/06/29 17:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\OpenOffice.org
[2010/11/30 15:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Printer Info Cache
[2011/04/19 02:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\W Photo Studio
[2011/07/28 02:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\W Photo Studio Viewer
[2011/08/11 09:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Wal-Mart Digital Photo Viewer
[2011/07/28 02:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Walgreens
[2011/03/27 20:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jeffry\Application Data\TmpRecentIcons

========== Purity Check ==========

< End of report >


----------



## MrWmnHtr (Feb 18, 2010)

I did the updates you requested.


----------



## Cookiegal (Aug 27, 2003)

You couldn't change the file age to 60 days?

There is still some MyWebSearch stuff so please update MalwareBytes and then run a Quick scan (have it fix whatever it finds) and post the log.


----------



## MrWmnHtr (Feb 18, 2010)

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.10.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jeff Miller :: JEFF-2E0A22FF48 [administrator]

6/9/2012 7:09:08 PM
mbam-log-2012-06-09 (19-09-08).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 535003
Time elapsed: 1 hour(s), 47 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


----------



## Cookiegal (Aug 27, 2003)

Please do a full scan now rather than a quick scan. Sorry, but MBAM generally gets MyWebSearch and it may require the more in-depth scan.


----------



## MrWmnHtr (Feb 18, 2010)

That was a full scan. (I clicked the wrong button and just let it run.) I also scanned with SuperantiSpyware and Advanced System Care. Nothing found. I searched all files and folders on the c drive. Attached is a screenshot.


----------



## Cookiegal (Aug 27, 2003)

It's in the IE search scopes key so please do the following:

Please run OTL again. Under the *Custom Scans/Fixes* box at the bottom paste in the following:


```
:OTL
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&
```

Then click the *Run Fix* button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


----------



## MrWmnHtr (Feb 18, 2010)

I clicked Run Fix and it was done. Less than a second. Normal I hope,
.

OTL logfile created on: 6/10/2012 4:36:22 PM - Run 4
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Documents and Settings\Jeff Miller\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 77.13% Memory free
3.33 Gb Paging File | 3.05 Gb Available in Paging File | 91.67% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 107.22 Gb Free Space | 71.93% Space Free | Partition Type: NTFS
Drive D: | 4.21 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 3.73 Gb Total Space | 1.59 Gb Free Space | 42.67% Space Free | Partition Type: FAT32

Computer Name: JEFF-2E0A22FF48 | User Name: Jeff Miller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/09 12:46:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
PRC - [2012/06/01 08:27:53 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/03/06 18:39:50 | 000,574,296 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2012/03/06 17:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/06 17:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/10/29 13:01:37 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/09/25 17:02:09 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/04/18 23:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012/06/10 16:35:23 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/06/10 12:09:38 | 001,768,960 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12061001\algo.dll
MOD - [2011/09/25 17:04:20 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/09/25 17:04:20 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/09/25 17:04:18 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %systemroot%\system32\clisvc.dll -- (Freedom)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/09 10:57:14 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/09 00:49:16 | 000,113,120 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/03/06 17:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/09/25 17:02:09 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/07/01 15:36:44 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Disabled | Stopped] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011/04/18 23:44:40 | 000,993,848 | ---- | M] (Secunia) [Disabled | Stopped] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/04/18 23:44:40 | 000,399,416 | ---- | M] (Secunia) [Disabled | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\zumbus.sys -- (zumbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JEFFMI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/03/06 17:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 17:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 17:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/03/06 17:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 17:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 17:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 16:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/09/25 17:01:58 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/25 17:01:57 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/02/23 17:04:30 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/09/01 01:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/09/23 18:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2003/06/22 19:57:00 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001/08/17 13:28:10 | 000,802,683 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myqwest.com/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
IE - HKCU\..\SearchScopes\{8a87b83c-59b0-4e8c-9c3b-9678eba008fd}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=sb&n=77dd9ec0&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2856416
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.3
FF - prefs.js..extensions.enabledItems: {03B08592-E5B4-45ff-A0BE-C1D975458688}:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2012/02/28 18:40:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/29 13:02:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/06/02 13:46:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/09 00:49:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/02 13:26:45 | 000,000,000 | ---D | M]

[2011/03/27 21:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Extensions
[2011/01/11 16:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Extensions\[email protected]
[2012/06/02 13:33:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions
[2011/10/16 18:26:23 | 000,000,000 | ---D | M] (Toolbar Buttons) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
[2011/03/30 22:00:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/06/02 13:27:06 | 000,000,000 | ---D | M] (Tamil Spell Checker for Firefox) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\[email protected]
[2011/03/27 21:04:29 | 000,009,946 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\searchplugins\TelevisionFanatic.xml
[2012/06/02 13:26:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/02 13:46:31 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/06/09 00:49:17 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/02 13:26:38 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/06/02 13:26:38 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/02 13:26:38 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/06/02 13:26:38 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/06/02 13:26:38 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/06/02 13:26:38 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012/05/24 22:29:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_32.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jeff Miller\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFE920CD-B641-4BEE-B3F8-93836BBCF81C}: DhcpNameServer = 192.168.0.1 205.171.3.25
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/05 22:26:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/06/04 12:05:08 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/10 16:25:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/09 12:46:45 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
[2012/06/09 11:09:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\OpenOffice.org 3.4
[2012/06/09 10:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/06/05 09:42:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/06/04 12:05:08 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2012/06/04 09:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/06/03 07:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Desktop\Repairs 052012
[2012/06/02 13:46:49 | 000,337,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/06/02 13:46:49 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/06/02 13:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\avast! Free Antivirus
[2012/06/02 13:46:47 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/06/02 13:46:47 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/06/02 13:46:46 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/06/02 13:46:46 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/06/02 13:46:46 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/06/02 13:46:46 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/06/02 13:46:08 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/06/02 13:46:07 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/06/02 13:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/06/02 13:26:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
[2012/06/02 13:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/05/27 22:06:05 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/05/27 22:06:02 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/05/27 22:05:50 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/05/27 22:05:46 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/05/27 22:05:30 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/05/27 22:05:27 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/05/27 22:05:21 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/05/27 22:05:05 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/05/27 22:04:55 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/05/27 22:04:52 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/05/27 22:04:49 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/05/27 22:04:46 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/05/27 22:04:42 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/05/27 22:04:39 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/05/27 22:04:36 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/05/27 22:04:23 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/05/27 22:04:11 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/05/27 22:04:08 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/05/27 22:04:04 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/05/27 22:04:00 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/05/27 22:03:44 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/05/27 22:03:32 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/05/27 22:03:29 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/05/27 22:03:18 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/05/27 22:03:15 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/05/27 22:03:12 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/05/27 22:03:09 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/05/27 22:03:06 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/05/27 22:03:03 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/05/27 22:02:37 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/05/27 22:02:34 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/05/27 22:02:31 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/05/27 22:02:30 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/05/27 22:02:26 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/05/27 22:02:24 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/05/27 22:02:14 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/05/27 22:02:11 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/05/27 22:01:36 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/05/27 22:01:33 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/05/27 22:01:30 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/05/27 22:01:27 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/05/27 22:01:23 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/05/27 22:01:07 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/05/27 22:00:43 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/05/27 22:00:40 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/05/27 22:00:37 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/05/27 22:00:35 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/05/27 22:00:32 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/05/27 22:00:12 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/05/27 22:00:09 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/05/27 22:00:07 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/05/27 22:00:01 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/05/27 21:59:39 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/05/27 21:59:36 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/05/27 21:59:34 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/05/27 21:59:31 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/05/27 21:59:12 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/05/27 21:59:06 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/05/27 21:59:04 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/05/27 21:58:51 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/05/27 21:58:49 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/05/27 21:58:46 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/05/27 21:58:43 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/05/27 21:58:41 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/05/27 21:58:38 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/05/27 21:58:36 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/05/27 21:58:33 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/05/27 21:58:31 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/05/27 21:58:25 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/05/27 21:58:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/05/27 21:58:21 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/05/27 21:58:20 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/05/27 21:58:11 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/05/27 21:58:07 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/05/27 21:58:04 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/05/27 21:58:01 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/05/27 21:57:52 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/05/27 21:57:49 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/05/27 21:57:25 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/05/27 21:57:22 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/05/27 21:57:19 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/05/27 21:57:09 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/05/27 21:56:28 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/05/27 21:56:18 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/05/27 21:56:17 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/05/27 21:56:14 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/05/27 21:55:43 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/05/27 21:55:41 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/05/27 21:55:38 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/05/27 21:55:35 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/05/27 21:55:22 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/05/27 21:55:12 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/05/27 21:55:10 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/05/27 21:55:06 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/05/27 21:55:00 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/05/27 21:54:57 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/05/27 21:54:50 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/05/27 21:54:48 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/05/27 21:54:46 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/05/27 21:54:43 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/05/27 21:54:41 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/05/27 21:54:38 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/05/27 21:54:31 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/05/27 21:54:29 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/05/27 21:54:26 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/05/27 21:54:24 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/05/27 21:54:21 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/05/27 21:53:48 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/05/27 21:53:24 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/05/27 21:53:08 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/05/27 21:53:08 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/05/27 21:53:05 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/05/27 21:53:05 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/05/27 21:53:03 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/05/27 21:52:57 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/05/27 21:52:55 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/05/27 21:52:53 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/05/27 21:52:50 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/05/27 21:52:47 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/05/27 21:52:45 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/05/27 21:52:22 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/05/27 21:51:58 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/05/27 21:50:35 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/05/27 21:50:27 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/05/27 21:50:07 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/05/27 21:50:05 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/05/27 21:50:04 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/05/27 21:49:53 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/05/27 21:49:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/05/27 21:49:44 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/05/27 21:49:42 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/05/27 21:49:40 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/05/27 21:49:38 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/05/27 21:49:37 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/05/27 21:49:26 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/05/27 21:49:23 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/05/27 21:49:22 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/05/27 21:48:17 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/05/27 21:48:14 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/05/27 21:48:07 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/05/27 21:48:06 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/05/27 21:48:05 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/05/27 21:48:01 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/05/27 21:48:00 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/05/27 21:47:59 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/05/27 21:47:59 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/05/27 21:47:57 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/05/27 21:47:41 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/05/27 21:47:40 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/05/27 21:47:37 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/05/27 21:47:20 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/05/27 21:47:19 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/05/27 21:47:18 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/05/27 21:47:17 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/05/27 21:47:16 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/05/27 21:47:16 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/05/27 21:47:15 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/05/27 21:47:14 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/05/27 21:47:08 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/05/27 21:47:00 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/05/27 21:46:55 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/05/27 21:46:51 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/05/27 21:46:51 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/05/27 21:46:50 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/05/27 21:46:50 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/05/27 21:46:49 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/05/27 21:46:47 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/05/27 21:46:46 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/05/27 21:46:46 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/05/27 21:46:45 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/05/27 21:46:44 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/05/27 21:46:43 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/05/27 21:46:23 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/05/27 21:46:23 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/05/27 21:46:22 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/05/27 21:46:22 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/05/27 21:46:22 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/05/27 21:46:21 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/05/27 21:46:20 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/05/27 21:46:20 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/05/27 21:46:19 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/05/27 21:46:19 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/05/27 21:46:18 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/05/27 21:46:18 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/05/27 21:46:17 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/05/27 21:46:17 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/05/27 21:46:16 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/05/27 21:46:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/05/27 21:46:15 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/05/27 21:46:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/05/27 21:46:12 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/05/27 21:46:10 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/05/27 21:46:10 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/05/27 21:46:09 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/05/27 21:46:09 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/05/27 21:46:08 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/05/27 21:46:08 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/05/27 21:46:08 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/05/27 21:45:55 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/05/27 21:45:52 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/05/27 21:45:10 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/05/27 21:45:09 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/05/27 21:45:09 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/05/27 21:45:09 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/05/27 21:45:08 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/05/27 21:45:07 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/05/27 21:45:05 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/05/27 21:45:05 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012/05/27 21:45:04 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/05/27 21:45:04 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/05/27 21:45:04 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/05/27 09:23:31 | 000,000,000 | ---D | C] -- C:\_OTS
[2012/05/24 21:57:49 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/05/24 21:31:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/05/24 21:31:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/05/24 21:31:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/05/24 21:31:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/05/24 21:31:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/05/24 21:31:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/23 11:49:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Administrative Tools
[2012/05/18 07:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2012/05/18 01:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Qwest
[2012/05/18 01:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Application Data\InstallShield
[2012/05/16 17:25:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/05/16 11:31:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2012/05/15 19:56:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Xenocode

========== Files - Modified Within 30 Days ==========

[2012/06/10 16:35:11 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
[2012/06/10 16:35:09 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
[2012/06/10 16:27:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/10 16:25:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/10 15:57:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/10 14:28:44 | 000,158,179 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Desktop\search sreenshot.JPG
[2012/06/10 13:24:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/10 13:24:10 | 000,150,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/09 12:46:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
[2012/06/09 11:23:00 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\WebReg Photosmart A440 series.job
[2012/06/09 11:09:39 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\OpenOffice.org 3.4.lnk
[2012/06/09 10:19:46 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/06/04 17:54:25 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/06/02 14:43:42 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/06/02 13:46:46 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/06/01 09:01:14 | 000,447,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/01 09:01:14 | 000,073,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/01 08:42:25 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/05/24 22:29:44 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/05/24 21:13:58 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/05/23 11:37:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012/05/15 09:22:13 | 000,077,824 | ---- | M] () -- C:\__ofidxT.ffl

========== Files Created - No Company Name ==========

[2012/06/10 14:28:43 | 000,158,179 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\search sreenshot.JPG
[2012/06/09 11:09:39 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\OpenOffice.org 3.4.lnk
[2012/06/09 10:19:46 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/06/09 10:17:48 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Acrobat_com.lnk
[2012/06/09 10:15:10 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/06 20:26:29 | 005,861,376 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\05-Electric Funeral-mw.mp3
[2012/06/06 20:25:29 | 007,632,896 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\01-BlackSabbath-mw.mp3
[2012/06/06 20:13:36 | 004,343,808 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\03-Behind The Wall Of Sleep-mw.mp3
[2012/06/06 20:11:38 | 008,556,544 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\06-Hand Of Doom-mw.mp3
[2012/06/04 17:54:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/06/02 13:26:47 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/01 08:37:12 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Adobe Reader 9.lnk
[2012/05/31 23:37:37 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/05/31 23:36:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/05/31 23:36:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/05/27 22:06:01 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/05/27 22:05:58 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/05/27 21:57:15 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/05/27 21:57:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/05/27 21:53:53 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/05/27 21:50:33 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/05/27 21:50:29 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/05/27 21:50:26 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/05/27 21:50:22 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/05/27 21:50:18 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/05/27 21:48:04 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/05/27 21:48:03 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/05/27 21:48:02 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/05/27 21:46:04 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/05/27 21:46:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/05/27 21:46:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/05/27 21:46:03 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/05/27 21:46:03 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/05/27 21:46:02 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/05/27 21:46:02 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/05/27 21:46:02 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/05/27 21:46:01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/05/27 21:45:58 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/05/24 21:57:50 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/05/24 21:31:57 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/05/24 21:31:57 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/05/24 21:31:57 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/05/24 21:31:57 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/05/24 21:31:57 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/05/16 11:24:57 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012/05/16 11:23:11 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\WebReg Photosmart A440 series.job
[2012/05/14 16:00:24 | 000,077,824 | ---- | C] () -- C:\__ofidxT.ffl
[2012/01/31 09:51:25 | 000,105,324 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
[2012/01/31 09:51:25 | 000,000,198 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
[2011/06/29 20:21:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/28 00:41:44 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/03/28 00:41:44 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/03/27 21:35:24 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0220.old
[2011/03/27 21:35:24 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2011/03/27 21:03:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

========== LOP Check ==========

[2010/02/24 19:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AIM
[2012/06/02 13:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2010/02/18 12:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverCure
[2012/05/08 13:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
[2011/03/27 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2010/01/04 13:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ParetoLogic
[2012/05/25 22:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Qwest
[2010/12/07 13:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Walgreens
[2009/08/21 03:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012/05/09 03:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\54238
[2010/02/24 19:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\acccore
[2012/06/09 10:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/01/04 18:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\DriverCure
[2011/12/16 19:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Image Zone Express
[2012/05/08 13:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\IObit
[2009/06/29 17:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\OpenOffice.org
[2010/11/30 15:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Printer Info Cache
[2011/04/19 02:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\W Photo Studio
[2011/07/28 02:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\W Photo Studio Viewer
[2011/08/11 09:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Wal-Mart Digital Photo Viewer
[2011/07/28 02:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Walgreens

========== Purity Check ==========

< End of report >


----------



## Cookiegal (Aug 27, 2003)

Looks like I missed one so please run it again with this fix:


```
:OTL
IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&
```
Then you should be good to go.


----------



## MrWmnHtr (Feb 18, 2010)

I ran the fix. Rebooted. Ran Quick Scan.

OTL logfile created on: 6/10/2012 7:44:32 PM - Run 5
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Documents and Settings\Jeff Miller\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 82.28% Memory free
3.33 Gb Paging File | 3.07 Gb Available in Paging File | 92.05% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 107.22 Gb Free Space | 71.93% Space Free | Partition Type: NTFS
Drive D: | 4.21 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 3.73 Gb Total Space | 1.59 Gb Free Space | 42.67% Space Free | Partition Type: FAT32

Computer Name: JEFF-2E0A22FF48 | User Name: Jeff Miller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/09 12:46:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
PRC - [2012/06/01 08:27:53 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/03/06 18:39:50 | 000,574,296 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2012/03/06 17:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/06 17:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/10/29 13:01:37 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/09/25 17:02:09 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/04/18 23:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012/06/10 19:39:17 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/06/10 12:09:38 | 001,768,960 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12061001\algo.dll
MOD - [2011/09/25 17:04:20 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/09/25 17:04:20 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/09/25 17:04:18 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %systemroot%\system32\clisvc.dll -- (Freedom)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/09 10:57:14 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/09 00:49:16 | 000,113,120 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/03/06 17:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/09/25 17:02:09 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/07/01 15:36:44 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Disabled | Stopped] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011/04/18 23:44:40 | 000,993,848 | ---- | M] (Secunia) [Disabled | Stopped] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/04/18 23:44:40 | 000,399,416 | ---- | M] (Secunia) [Disabled | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\zumbus.sys -- (zumbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JEFFMI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/03/06 17:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 17:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 17:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/03/06 17:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 17:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 17:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 16:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/09/25 17:01:58 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/25 17:01:57 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/02/23 17:04:30 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/09/01 01:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/09/23 18:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2003/06/22 19:57:00 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001/08/17 13:28:10 | 000,802,683 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myqwest.com/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
IE - HKCU\..\SearchScopes\{8a87b83c-59b0-4e8c-9c3b-9678eba008fd}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2856416
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.3
FF - prefs.js..extensions.enabledItems: {03B08592-E5B4-45ff-A0BE-C1D975458688}:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2012/02/28 18:40:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/29 13:02:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/06/02 13:46:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/09 00:49:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/02 13:26:45 | 000,000,000 | ---D | M]

[2011/03/27 21:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Extensions
[2011/01/11 16:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Extensions\[email protected]
[2012/06/02 13:33:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions
[2011/10/16 18:26:23 | 000,000,000 | ---D | M] (Toolbar Buttons) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
[2011/03/30 22:00:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/06/02 13:27:06 | 000,000,000 | ---D | M] (Tamil Spell Checker for Firefox) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\[email protected]
[2011/03/27 21:04:29 | 000,009,946 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\searchplugins\TelevisionFanatic.xml
[2012/06/02 13:26:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/02 13:46:31 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/06/09 00:49:17 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/02 13:26:38 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/06/02 13:26:38 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/02 13:26:38 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/06/02 13:26:38 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/06/02 13:26:38 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/06/02 13:26:38 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012/05/24 22:29:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_32.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jeff Miller\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFE920CD-B641-4BEE-B3F8-93836BBCF81C}: DhcpNameServer = 192.168.0.1 205.171.3.25
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/05 22:26:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/06/04 12:05:08 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/10 16:25:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/09 12:46:45 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
[2012/06/09 11:09:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\OpenOffice.org 3.4
[2012/06/09 10:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/06/05 09:42:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/06/04 12:05:08 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2012/06/04 09:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/06/03 07:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Desktop\Repairs 052012
[2012/06/02 13:46:49 | 000,337,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/06/02 13:46:49 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/06/02 13:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\avast! Free Antivirus
[2012/06/02 13:46:47 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/06/02 13:46:47 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/06/02 13:46:46 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/06/02 13:46:46 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/06/02 13:46:46 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/06/02 13:46:46 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/06/02 13:46:08 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/06/02 13:46:07 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/06/02 13:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/06/02 13:26:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
[2012/06/02 13:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/05/27 22:06:05 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/05/27 22:06:02 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/05/27 22:05:50 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/05/27 22:05:46 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/05/27 22:05:30 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/05/27 22:05:27 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/05/27 22:05:21 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/05/27 22:05:05 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/05/27 22:04:55 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/05/27 22:04:52 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/05/27 22:04:49 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/05/27 22:04:46 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/05/27 22:04:42 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/05/27 22:04:39 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/05/27 22:04:36 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/05/27 22:04:23 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/05/27 22:04:11 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/05/27 22:04:08 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/05/27 22:04:04 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/05/27 22:04:00 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/05/27 22:03:44 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/05/27 22:03:32 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/05/27 22:03:29 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/05/27 22:03:18 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/05/27 22:03:15 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/05/27 22:03:12 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/05/27 22:03:09 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/05/27 22:03:06 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/05/27 22:03:03 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/05/27 22:02:37 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/05/27 22:02:34 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/05/27 22:02:31 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/05/27 22:02:30 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/05/27 22:02:26 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/05/27 22:02:24 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/05/27 22:02:14 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/05/27 22:02:11 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/05/27 22:01:36 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/05/27 22:01:33 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/05/27 22:01:30 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/05/27 22:01:27 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/05/27 22:01:23 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/05/27 22:01:07 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/05/27 22:00:43 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/05/27 22:00:40 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/05/27 22:00:37 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/05/27 22:00:35 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/05/27 22:00:32 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/05/27 22:00:12 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/05/27 22:00:09 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/05/27 22:00:07 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/05/27 22:00:01 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/05/27 21:59:39 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/05/27 21:59:36 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/05/27 21:59:34 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/05/27 21:59:31 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/05/27 21:59:12 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/05/27 21:59:06 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/05/27 21:59:04 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/05/27 21:58:51 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/05/27 21:58:49 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/05/27 21:58:46 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/05/27 21:58:43 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/05/27 21:58:41 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/05/27 21:58:38 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/05/27 21:58:36 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/05/27 21:58:33 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/05/27 21:58:31 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/05/27 21:58:25 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/05/27 21:58:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/05/27 21:58:21 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/05/27 21:58:20 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/05/27 21:58:11 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/05/27 21:58:07 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/05/27 21:58:04 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/05/27 21:58:01 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/05/27 21:57:52 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/05/27 21:57:49 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/05/27 21:57:25 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/05/27 21:57:22 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/05/27 21:57:19 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/05/27 21:57:09 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/05/27 21:56:28 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/05/27 21:56:18 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/05/27 21:56:17 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/05/27 21:56:14 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/05/27 21:55:43 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/05/27 21:55:41 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/05/27 21:55:38 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/05/27 21:55:35 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/05/27 21:55:22 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/05/27 21:55:12 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/05/27 21:55:10 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/05/27 21:55:06 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/05/27 21:55:00 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/05/27 21:54:57 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/05/27 21:54:50 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/05/27 21:54:48 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/05/27 21:54:46 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/05/27 21:54:43 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/05/27 21:54:41 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/05/27 21:54:38 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/05/27 21:54:31 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/05/27 21:54:29 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/05/27 21:54:26 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/05/27 21:54:24 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/05/27 21:54:21 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/05/27 21:53:48 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/05/27 21:53:24 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/05/27 21:53:08 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/05/27 21:53:08 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/05/27 21:53:05 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/05/27 21:53:05 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/05/27 21:53:03 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/05/27 21:52:57 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/05/27 21:52:55 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/05/27 21:52:53 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/05/27 21:52:50 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/05/27 21:52:47 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/05/27 21:52:45 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/05/27 21:52:22 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/05/27 21:51:58 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/05/27 21:50:35 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/05/27 21:50:27 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/05/27 21:50:07 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/05/27 21:50:05 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/05/27 21:50:04 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/05/27 21:49:53 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/05/27 21:49:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/05/27 21:49:44 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/05/27 21:49:42 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/05/27 21:49:40 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/05/27 21:49:38 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/05/27 21:49:37 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/05/27 21:49:26 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/05/27 21:49:23 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/05/27 21:49:22 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/05/27 21:48:17 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/05/27 21:48:14 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/05/27 21:48:07 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/05/27 21:48:06 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/05/27 21:48:05 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/05/27 21:48:01 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/05/27 21:48:00 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/05/27 21:47:59 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/05/27 21:47:59 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/05/27 21:47:57 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/05/27 21:47:41 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/05/27 21:47:40 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/05/27 21:47:37 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/05/27 21:47:20 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/05/27 21:47:19 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/05/27 21:47:18 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/05/27 21:47:17 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/05/27 21:47:16 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/05/27 21:47:16 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/05/27 21:47:15 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/05/27 21:47:14 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/05/27 21:47:08 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/05/27 21:47:00 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/05/27 21:46:55 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/05/27 21:46:51 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/05/27 21:46:51 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/05/27 21:46:50 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/05/27 21:46:50 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/05/27 21:46:49 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/05/27 21:46:47 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/05/27 21:46:46 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/05/27 21:46:46 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/05/27 21:46:45 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/05/27 21:46:44 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/05/27 21:46:43 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/05/27 21:46:23 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/05/27 21:46:23 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/05/27 21:46:22 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/05/27 21:46:22 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/05/27 21:46:22 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/05/27 21:46:21 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/05/27 21:46:20 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/05/27 21:46:20 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/05/27 21:46:19 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/05/27 21:46:19 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/05/27 21:46:18 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/05/27 21:46:18 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/05/27 21:46:17 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/05/27 21:46:17 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/05/27 21:46:16 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/05/27 21:46:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/05/27 21:46:15 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/05/27 21:46:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/05/27 21:46:12 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/05/27 21:46:10 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/05/27 21:46:10 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/05/27 21:46:09 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/05/27 21:46:09 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/05/27 21:46:08 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/05/27 21:46:08 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/05/27 21:46:08 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/05/27 21:45:55 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/05/27 21:45:52 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/05/27 21:45:10 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/05/27 21:45:09 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/05/27 21:45:09 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/05/27 21:45:09 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/05/27 21:45:08 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/05/27 21:45:07 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/05/27 21:45:05 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/05/27 21:45:05 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012/05/27 21:45:04 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/05/27 21:45:04 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/05/27 21:45:04 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/05/27 09:23:31 | 000,000,000 | ---D | C] -- C:\_OTS
[2012/05/24 21:57:49 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/05/24 21:31:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/05/24 21:31:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/05/24 21:31:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/05/24 21:31:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/05/24 21:31:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/05/24 21:31:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/23 11:49:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Administrative Tools
[2012/05/18 07:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2012/05/18 01:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Qwest
[2012/05/18 01:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Application Data\InstallShield
[2012/05/16 17:25:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/05/16 11:31:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2012/05/15 19:56:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Xenocode

========== Files - Modified Within 30 Days ==========

[2012/06/10 19:39:09 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
[2012/06/10 19:39:08 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
[2012/06/10 19:38:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/10 19:36:16 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/10 18:57:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/10 14:28:44 | 000,158,179 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Desktop\search sreenshot.JPG
[2012/06/10 13:24:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/10 13:24:10 | 000,150,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/09 12:46:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
[2012/06/09 11:23:00 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\WebReg Photosmart A440 series.job
[2012/06/09 11:09:39 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\OpenOffice.org 3.4.lnk
[2012/06/09 10:19:46 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/06/04 17:54:25 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/06/02 14:43:42 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/06/02 13:46:46 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/06/01 09:01:14 | 000,447,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/01 09:01:14 | 000,073,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/01 08:42:25 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/05/24 22:29:44 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/05/24 21:13:58 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/05/23 11:37:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012/05/15 09:22:13 | 000,077,824 | ---- | M] () -- C:\__ofidxT.ffl

========== Files Created - No Company Name ==========

[2012/06/10 14:28:43 | 000,158,179 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\search sreenshot.JPG
[2012/06/09 11:09:39 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\OpenOffice.org 3.4.lnk
[2012/06/09 10:19:46 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/06/09 10:17:48 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Acrobat_com.lnk
[2012/06/09 10:15:10 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/06 20:26:29 | 005,861,376 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\05-Electric Funeral-mw.mp3
[2012/06/06 20:25:29 | 007,632,896 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\01-BlackSabbath-mw.mp3
[2012/06/06 20:13:36 | 004,343,808 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\03-Behind The Wall Of Sleep-mw.mp3
[2012/06/06 20:11:38 | 008,556,544 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\06-Hand Of Doom-mw.mp3
[2012/06/04 17:54:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/06/02 13:26:47 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/01 08:37:12 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Adobe Reader 9.lnk
[2012/05/31 23:37:37 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/05/31 23:36:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/05/31 23:36:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/05/27 22:06:01 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/05/27 22:05:58 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/05/27 21:57:15 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/05/27 21:57:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/05/27 21:53:53 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/05/27 21:50:33 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/05/27 21:50:29 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/05/27 21:50:26 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/05/27 21:50:22 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/05/27 21:50:18 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/05/27 21:48:04 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/05/27 21:48:03 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/05/27 21:48:02 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/05/27 21:46:04 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/05/27 21:46:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/05/27 21:46:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/05/27 21:46:03 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/05/27 21:46:03 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/05/27 21:46:02 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/05/27 21:46:02 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/05/27 21:46:02 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/05/27 21:46:01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/05/27 21:45:58 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/05/24 21:57:50 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/05/24 21:31:57 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/05/24 21:31:57 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/05/24 21:31:57 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/05/24 21:31:57 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/05/24 21:31:57 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/05/16 11:24:57 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012/05/16 11:23:11 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\WebReg Photosmart A440 series.job
[2012/05/14 16:00:24 | 000,077,824 | ---- | C] () -- C:\__ofidxT.ffl
[2012/01/31 09:51:25 | 000,105,324 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
[2012/01/31 09:51:25 | 000,000,198 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
[2011/06/29 20:21:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/28 00:41:44 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/03/28 00:41:44 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/03/27 21:35:24 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0220.old
[2011/03/27 21:35:24 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2011/03/27 21:03:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

========== LOP Check ==========

[2010/02/24 19:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AIM
[2012/06/02 13:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2010/02/18 12:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverCure
[2012/05/08 13:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
[2011/03/27 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2010/01/04 13:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ParetoLogic
[2012/05/25 22:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Qwest
[2010/12/07 13:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Walgreens
[2009/08/21 03:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012/05/09 03:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\54238
[2010/02/24 19:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\acccore
[2012/06/09 10:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/01/04 18:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\DriverCure
[2011/12/16 19:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Image Zone Express
[2012/05/08 13:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\IObit
[2009/06/29 17:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\OpenOffice.org
[2010/11/30 15:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Printer Info Cache
[2011/04/19 02:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\W Photo Studio
[2011/07/28 02:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\W Photo Studio Viewer
[2011/08/11 09:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Wal-Mart Digital Photo Viewer
[2011/07/28 02:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Walgreens

========== Purity Check ==========

< End of report >


----------



## Cookiegal (Aug 27, 2003)

Here are some final instructions for you.

Please open OTS again and click on the button that says "CleanUp" at the top. This will remove some of the tools we've used and will also uninstall the OTS program.

*Follow these steps to uninstall Combofix and all of its files and components.*

 Click *START* then *RUN*
 Now type *ComboFix /uninstall* in the runbox and click *OK*. Note the *space* between the *X* and the */uninstall*, it needs to be there (the screenshot is just for illustration purposes but the actual command uses the entire word "uninstall" and not just the "u" as shown in the picture).










Now you should turn system restore off to flush out all previous system restore points, then turn it back on and create a new restore point:

To turn off system restore, on the Desktop, right click on *My Computer* and click on *Properties.*
Click the *System Restore* tab.
Check *Turn off System Restore.*
Click Apply and then click OK.

Restart your computer, turn System Restore back on and create a restore point.

To create a new restore point, click on *Start*  *All Programs*  *Accessories*  *System Tools* and then select *System Restore*.

In the System Restore wizard, select *Create a restore point* and click the Next button.

Type a name for your new restore point then click on Create.


----------



## MrWmnHtr (Feb 18, 2010)

Done! Done?


----------



## Cookiegal (Aug 27, 2003)

Done.


----------



## MrWmnHtr (Feb 18, 2010)

I want to *Thank You So Very Much CookieGal* :up: for your patience, your knowledge and skills, your prompt replies, and your valuable time for helping me these last 22 days. (I can't believe it's been that long.) This was by far the most difficult repair I have had. I copied and pasted the entire post into a document to give to my customer. It's an amazing 401 pages. And that was after removing all formatting, icons, avatars, and redundant links. 


 
It's great to work with people like you. I want to *Thank All The Wonderful People at Tech Support Guy*  that make this kind of service possible for the rest of us.

 
I am truly astounded by the generosity of volunteers like yourselves.
*Again Thank You Very Much. :up:
*

 
Randy


----------



## Cookiegal (Aug 27, 2003)

You're welcome Randy. It was my pleasure.


----------

