Jump to content


Photo
- - - - -

Svchost exe trojan


  • This topic is locked This topic is locked
33 replies to this topic

#21 RedGem

RedGem

    New Member

  • Members
  • Pip
  • 25 posts

Posted 03 March 2012 - 10:57 PM

+ 2009-06-10 21:41 . 2009-07-14 01:15 2134016 c:\windows\SysWOW64\msmpeg2vdec.dll
+ 2009-07-13 21:03 . 2009-07-14 01:15 1589248 c:\windows\SysWOW64\msjet40.dll
+ 2011-05-06 01:09 . 2010-11-20 12:19 2341376 c:\windows\SysWOW64\msi.dll
+ 2009-07-14 00:04 . 2009-07-14 01:06 9053696 c:\windows\SysWOW64\mmres.dll
+ 2011-05-06 01:10 . 2010-11-20 12:19 2151936 c:\windows\SysWOW64\mmcndmgr.dll
+ 2009-07-13 23:32 . 2009-07-14 01:14 1401344 c:\windows\SysWOW64\mmc.exe
+ 2011-05-06 01:09 . 2010-11-20 12:19 8826880 c:\windows\SysWOW64\migwiz\wet.dll
+ 2009-07-13 23:17 . 2009-06-10 21:44 1445052 c:\windows\SysWOW64\migwiz\SFLISTXP.dat
+ 2009-06-10 21:44 . 2009-06-10 21:44 2119152 c:\windows\SysWOW64\migwiz\SFLISTW7.dat
+ 2009-07-13 23:17 . 2009-06-10 21:44 3225610 c:\windows\SysWOW64\migwiz\SFLISTLH.dat
+ 2011-05-06 01:10 . 2010-11-20 12:19 5766144 c:\windows\SysWOW64\migwiz\migcore.dll
+ 2011-04-14 10:29 . 2011-03-11 05:33 1164288 c:\windows\SysWOW64\mfc42u.dll
+ 2011-04-14 10:29 . 2011-03-11 05:33 1137664 c:\windows\SysWOW64\mfc42.dll
+ 2011-01-07 19:39 . 2011-01-07 19:39 4368720 c:\windows\SysWOW64\mfc100u.dll
+ 2011-01-07 19:39 . 2011-01-07 19:39 4342600 c:\windows\SysWOW64\mfc100.dll
+ 2011-05-06 01:10 . 2010-11-20 12:19 3207680 c:\windows\SysWOW64\mf.dll
+ 2010-01-27 01:07 . 2010-08-28 13:30 5612496 c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
+ 2011-08-09 18:43 . 2011-07-16 04:24 1114112 c:\windows\SysWOW64\kernel32.dll
+ 2012-02-16 08:01 . 2011-12-14 03:04 1798656 c:\windows\SysWOW64\jscript9.dll
+ 2009-07-13 23:47 . 2009-07-14 01:07 7392768 c:\windows\SysWOW64\IME\IMETC10\applets\MSHWCHTRIME.dll
+ 2009-07-13 23:47 . 2009-07-14 01:07 7390208 c:\windows\SysWOW64\IME\imekr8\applets\mshwkorrIME.dll
+ 2011-05-06 01:09 . 2010-11-20 12:19 1013760 c:\windows\SysWOW64\IME\IMEJP10\IMJPTIP.DLL
+ 2009-07-13 23:26 . 2009-07-14 01:15 1300480 c:\windows\SysWOW64\IME\IMEJP10\imjpcus.dll
+ 2009-07-13 23:47 . 2009-07-14 01:07 7378432 c:\windows\SysWOW64\IME\IMEJP10\APPLETS\mshwjpnrIME.dll
+ 2009-07-13 21:59 . 2009-07-14 01:41 3805184 c:\windows\SysWOW64\igdumd32.dll
+ 2009-07-13 21:59 . 2009-07-14 01:41 2531328 c:\windows\SysWOW64\igd10umd32.dll
+ 2012-02-16 08:01 . 2011-12-14 02:52 1792000 c:\windows\SysWOW64\iertutil.dll
+ 2012-02-16 08:01 . 2011-12-14 03:10 9705472 c:\windows\SysWOW64\ieframe.dll
+ 2011-05-10 16:05 . 2011-05-10 16:05 3695416 c:\windows\SysWOW64\ieapfltr.dat
+ 2009-07-13 23:42 . 2009-07-14 01:05 4240384 c:\windows\SysWOW64\GameUXLegacyGDFs.dll
+ 2011-05-06 01:09 . 2010-11-20 12:19 2576384 c:\windows\SysWOW64\gameux.dll
+ 2010-10-20 16:44 . 2010-10-20 16:44 1207656 c:\windows\SysWOW64\FM20.DLL
+ 2011-05-06 01:10 . 2010-11-20 12:19 1493504 c:\windows\SysWOW64\ExplorerFrame.dll
+ 2011-04-28 02:02 . 2011-02-25 05:30 2616320 c:\windows\SysWOW64\explorer.exe
+ 2011-04-28 02:01 . 2011-03-11 05:33 1699328 c:\windows\SysWOW64\esent.dll
+ 2009-07-14 05:35 . 2009-07-14 02:12 1617920 c:\windows\SysWOW64\en\AuthFWSnapIn.Resources.dll
+ 2011-05-06 01:09 . 2010-11-20 12:18 1400320 c:\windows\SysWOW64\DxpTaskSync.dll
+ 2011-03-09 04:54 . 2011-02-19 06:30 1076736 c:\windows\SysWOW64\DWrite.dll
+ 2011-05-06 01:10 . 2010-11-20 12:18 1371136 c:\windows\SysWOW64\dwmcore.dll
+ 2011-05-06 01:09 . 2010-11-20 12:18 1040384 c:\windows\SysWOW64\Display.dll
+ 2009-07-13 23:39 . 2009-07-14 01:15 1502720 c:\windows\SysWOW64\diskcopy.dll
+ 2011-05-06 01:11 . 2010-11-05 01:58 1130824 c:\windows\SysWOW64\dfshim.dll
+ 2009-07-13 23:23 . 2009-07-14 01:15 6278656 c:\windows\SysWOW64\DDORes.dll
+ 2011-05-06 01:10 . 2010-11-20 12:18 2522624 c:\windows\SysWOW64\dbgeng.dll
+ 2011-04-07 13:23 . 2010-05-26 15:41 1998168 c:\windows\SysWOW64\D3DX9_43.dll
+ 2011-04-07 13:22 . 2009-09-04 21:29 1892184 c:\windows\SysWOW64\D3DX9_42.dll
+ 2011-04-07 13:22 . 2009-03-09 19:27 4178264 c:\windows\SysWOW64\D3DX9_41.dll
+ 2011-04-07 13:22 . 2008-10-15 10:22 4379984 c:\windows\SysWOW64\D3DX9_40.dll
+ 2011-04-14 18:25 . 2008-07-12 12:18 3851784 c:\windows\SysWOW64\D3DX9_39.dll
+ 2011-04-07 13:22 . 2008-05-30 18:11 3850760 c:\windows\SysWOW64\D3DX9_38.dll
+ 2011-04-07 13:22 . 2008-03-05 19:56 3786760 c:\windows\SysWOW64\D3DX9_37.dll
+ 2010-09-22 03:34 . 2007-10-12 19:14 3734536 c:\windows\SysWOW64\d3dx9_36.dll
+ 2010-09-22 03:34 . 2007-07-19 22:14 3727720 c:\windows\SysWOW64\d3dx9_35.dll
+ 2010-09-22 03:34 . 2007-05-16 20:45 3497832 c:\windows\SysWOW64\d3dx9_34.dll
+ 2010-09-22 03:34 . 2007-03-12 20:42 3495784 c:\windows\SysWOW64\d3dx9_33.dll
+ 2010-08-28 13:00 . 2006-11-29 18:06 3426072 c:\windows\SysWOW64\d3dx9_32.dll
+ 2010-09-22 03:34 . 2006-09-28 20:05 2414360 c:\windows\SysWOW64\d3dx9_31.dll
+ 2010-09-22 03:33 . 2006-03-31 16:40 2388176 c:\windows\SysWOW64\d3dx9_30.dll
+ 2010-09-22 03:33 . 2006-02-03 12:43 2332368 c:\windows\SysWOW64\d3dx9_29.dll
+ 2010-09-22 03:33 . 2005-12-05 22:09 2323664 c:\windows\SysWOW64\d3dx9_28.dll
+ 2010-09-22 03:33 . 2005-07-22 23:59 2319568 c:\windows\SysWOW64\d3dx9_27.dll
+ 2010-09-22 03:33 . 2005-05-26 19:34 2297552 c:\windows\SysWOW64\d3dx9_26.dll
+ 2011-03-02 02:36 . 2005-03-18 22:19 2337488 c:\windows\SysWOW64\d3dx9_25.dll
+ 2010-09-22 03:33 . 2005-02-05 23:45 2222800 c:\windows\SysWOW64\d3dx9_24.dll
+ 2011-04-07 13:23 . 2010-05-26 15:41 1868128 c:\windows\SysWOW64\d3dcsx_43.dll
+ 2011-04-07 13:23 . 2009-09-04 21:29 5501792 c:\windows\SysWOW64\d3dcsx_42.dll
+ 2011-04-07 13:23 . 2010-05-26 15:41 2106216 c:\windows\SysWOW64\D3DCompiler_43.dll
+ 2011-04-07 13:23 . 2009-09-04 21:29 1974616 c:\windows\SysWOW64\D3DCompiler_42.dll
+ 2010-07-11 19:47 . 2010-07-11 19:47 1846632 c:\windows\SysWOW64\D3DCompiler_41.dll
+ 2011-04-07 13:22 . 2008-10-15 10:22 2036576 c:\windows\SysWOW64\D3DCompiler_40.dll
+ 2011-04-14 18:25 . 2008-07-12 12:18 1493528 c:\windows\SysWOW64\D3DCompiler_39.dll
+ 2011-04-07 13:22 . 2008-05-30 18:11 1491992 c:\windows\SysWOW64\D3DCompiler_38.dll
+ 2011-04-07 13:22 . 2008-03-05 19:56 1420824 c:\windows\SysWOW64\D3DCompiler_37.dll
+ 2010-09-22 03:34 . 2007-10-12 19:14 1374232 c:\windows\SysWOW64\D3DCompiler_36.dll
+ 2010-09-22 03:34 . 2007-07-19 22:14 1358192 c:\windows\SysWOW64\D3DCompiler_35.dll
+ 2010-09-22 03:34 . 2007-05-16 20:45 1124720 c:\windows\SysWOW64\D3DCompiler_34.dll
+ 2010-09-22 03:34 . 2007-03-12 20:42 1123696 c:\windows\SysWOW64\D3DCompiler_33.dll
+ 2011-05-06 01:10 . 2010-11-20 12:18 1828352 c:\windows\SysWOW64\d3d9.dll
+ 2009-07-13 23:28 . 2009-07-14 01:15 1036800 c:\windows\SysWOW64\d3d8.dll
+ 2011-05-06 01:10 . 2010-11-20 12:18 1171456 c:\windows\SysWOW64\d3d10warp.dll
+ 2009-07-13 23:28 . 2009-07-14 01:15 1030144 c:\windows\SysWOW64\d3d10.dll
+ 2011-05-06 01:09 . 2010-11-20 12:18 1003520 c:\windows\SysWOW64\cryptui.dll
+ 2011-05-06 01:10 . 2010-11-20 12:18 1154048 c:\windows\SysWOW64\crypt32.dll
+ 2009-07-13 23:52 . 2009-07-14 01:15 1344512 c:\windows\SysWOW64\connect.dll
+ 2009-07-14 04:54 . 2012-03-04 01:22 4489216 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-04 01:22 6701056 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-13 23:45 . 2009-07-14 01:15 1242112 c:\windows\SysWOW64\comsvcs.dll
+ 2009-07-13 23:44 . 2009-07-14 01:04 1297408 c:\windows\SysWOW64\comres.dll
+ 2009-07-14 00:11 . 2009-07-14 01:15 6103040 c:\windows\SysWOW64\chtbrkr.dll
+ 2009-07-14 00:11 . 2009-07-14 01:15 1672192 c:\windows\SysWOW64\chsbrkr.dll
+ 2011-05-06 01:10 . 2010-11-20 12:18 1555456 c:\windows\SysWOW64\certmgr.dll
+ 2011-05-06 01:10 . 2010-11-20 12:18 1334272 c:\windows\SysWOW64\CertEnroll.dll
+ 2011-05-06 01:10 . 2010-11-20 12:18 1792000 c:\windows\SysWOW64\authui.dll
+ 2011-05-06 01:10 . 2010-11-20 12:32 5066752 c:\windows\SysWOW64\AuthFWSnapin.dll
+ 2010-08-28 15:35 . 2010-06-02 05:19 3025408 c:\windows\SysWOW64\atiumdva.dll
+ 2010-08-28 15:35 . 2010-06-02 05:59 3809792 c:\windows\SysWOW64\atiumdag.dll
+ 2010-08-28 15:35 . 2010-06-02 06:24 3668480 c:\windows\SysWOW64\atidxx32.dll
+ 2010-08-28 15:35 . 2010-06-02 05:40 4096000 c:\windows\SysWOW64\aticaldd.dll
+ 2009-07-14 00:12 . 2009-07-14 01:14 1739776 c:\windows\SysWOW64\apds.dll
+ 2011-05-06 01:08 . 2010-11-20 12:18 2041344 c:\windows\SysWOW64\AdvancedInstallers\cmiv2.dll
+ 2011-05-06 01:09 . 2010-11-20 12:18 3727872 c:\windows\SysWOW64\accessibilitycpl.dll
+ 2009-07-14 00:42 . 2009-07-14 01:41 1576448 c:\windows\system32\xpssvcs.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 3008000 c:\windows\system32\xpsservices.dll
+ 2009-07-14 00:47 . 2009-07-14 01:39 4835840 c:\windows\system32\xpsrchvw.exe
+ 2011-04-28 02:01 . 2011-03-12 12:08 1465344 c:\windows\system32\XpsPrint.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 2621952 c:\windows\system32\wucltux.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 2420736 c:\windows\system32\wuaueng.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 2018304 c:\windows\system32\WsmSvc.dll
+ 2009-07-13 23:46 . 2009-07-14 01:41 1495552 c:\windows\system32\wsecedit.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 2543616 c:\windows\system32\wpdshext.dll
+ 2009-07-14 00:23 . 2009-07-14 01:41 1955328 c:\windows\system32\WMVENCOD.DLL
+ 2011-05-06 01:10 . 2010-11-20 13:27 1888256 c:\windows\system32\WMVDECOD.DLL
+ 2011-05-06 01:10 . 2010-11-20 13:27 3027968 c:\windows\system32\WMVCORE.DLL
+ 2009-07-14 00:22 . 2009-07-14 01:41 1575424 c:\windows\system32\WMSPDMOE.DLL
+ 2011-05-06 01:09 . 2010-11-20 13:27 1024512 c:\windows\system32\wmpmde.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 2072576 c:\windows\system32\WMPEncEn.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1243136 c:\windows\system32\WMNetMgr.dll
+ 2009-07-14 00:22 . 2009-07-14 01:41 1393152 c:\windows\system32\WMALFXGFXDSP.dll
+ 2009-07-14 00:22 . 2009-07-14 01:41 1153024 c:\windows\system32\WMADMOE.DLL
+ 2011-05-06 01:09 . 2010-11-20 13:27 1232896 c:\windows\system32\WMADMOD.DLL
+ 2011-05-06 01:10 . 2010-11-20 13:27 1441280 c:\windows\system32\wlanpref.dll
+ 2011-05-06 01:10 . 2010-11-20 13:25 3957760 c:\windows\system32\WinSAT.exe
+ 2012-02-16 08:01 . 2011-12-14 07:04 1390080 c:\windows\system32\wininet.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1190400 c:\windows\system32\WindowsCodecs.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1646080 c:\windows\system32\wevtsvc.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1281024 c:\windows\system32\werconcpl.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1158656 c:\windows\system32\webservices.dll
+ 2010-08-28 15:29 . 2010-03-17 21:44 1721576 c:\windows\system32\WdfCoInstaller01009.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 1363968 c:\windows\system32\wdc.dll
+ 2009-07-14 00:09 . 2009-07-14 01:41 1098240 c:\windows\system32\wcnwiz.dll
+ 2011-05-06 01:10 . 2010-11-20 13:25 1504256 c:\windows\system32\wbengine.exe
+ 2011-05-06 01:06 . 2010-11-20 13:27 1225216 c:\windows\system32\wbem\wbemcore.dll
+ 2011-05-06 01:10 . 2010-11-20 13:25 2058240 c:\windows\system32\wbem\cimwin32.dll
+ 2010-09-07 07:01 . 2010-09-07 07:01 1255736 c:\windows\system32\Wat\WatAdminSvc.exe
+ 2011-05-06 01:10 . 2010-11-20 13:25 1600512 c:\windows\system32\VSSVC.exe
+ 2011-05-06 01:10 . 2010-11-20 13:27 1753088 c:\windows\system32\vssapi.dll
+ 2010-08-28 13:08 . 2010-02-03 06:13 3161088 c:\windows\system32\vcredist_x64.exe
+ 2011-05-06 01:10 . 2010-11-20 13:27 1098240 c:\windows\system32\Vault.dll
+ 2009-07-14 00:33 . 2009-07-14 01:39 1402880 c:\windows\system32\Utilman.exe
+ 2011-05-06 01:10 . 2010-11-20 13:27 1008128 c:\windows\system32\user32.dll
+ 2012-02-16 08:01 . 2011-12-14 07:04 1345536 c:\windows\system32\urlmon.dll
+ 2011-05-06 01:08 . 2010-11-20 13:15 1164800 c:\windows\system32\UIRibbonRes.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 3860992 c:\windows\system32\UIRibbon.dll
+ 2009-07-14 00:01 . 2009-07-14 01:41 3047424 c:\windows\system32\UIHub.dll
+ 2011-06-29 13:34 . 2011-05-04 05:25 2315776 c:\windows\system32\tquery.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 2851840 c:\windows\system32\themeui.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 2193920 c:\windows\system32\themecpl.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1197056 c:\windows\system32\taskschd.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1743360 c:\windows\system32\sysmain.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 2262528 c:\windows\system32\SyncCenter.dll
+ 2010-08-28 13:07 . 2010-06-18 05:10 3467264 c:\windows\system32\stlang64.dll
+ 2010-08-28 15:29 . 2010-06-18 05:10 1465344 c:\windows\system32\stapo64.dll
+ 2009-07-13 23:29 . 2009-07-14 01:33 8338432 c:\windows\system32\spwizimg.dll
+ 2011-05-06 01:09 . 2010-11-20 13:25 3524608 c:\windows\system32\sppsvc.exe
+ 2011-05-06 01:09 . 2010-11-20 13:27 1082880 c:\windows\system32\sppobjs.dll
+ 2009-07-13 23:52 . 2009-07-14 01:41 1203712 c:\windows\system32\sppcext.dll
+ 2010-09-07 00:37 . 2010-11-20 13:27 1576448 c:\windows\system32\spool\drivers\x64\XpsSvcs.dll
+ 2009-07-14 00:42 . 2010-11-20 13:27 1576448 c:\windows\system32\spool\drivers\x64\3\XpsSvcs.dll
+ 2009-07-14 00:03 . 2009-07-14 01:41 1402880 c:\windows\system32\spool\drivers\x64\3\JNWDRV.dll
+ 2008-05-07 23:59 . 2008-05-07 23:59 1692672 c:\windows\system32\spool\drivers\x64\3\HPFIMG50.DLL
+ 2009-07-14 01:19 . 2010-11-20 13:08 6566400 c:\windows\system32\spool\drivers\x64\3\FXSRES.DLL
+ 2009-07-14 00:35 . 2009-07-14 01:39 4942848 c:\windows\system32\Speech\SpeechUX\SpeechUXTutorial.exe
+ 2011-05-06 01:10 . 2010-11-20 13:27 1126912 c:\windows\system32\Speech\SpeechUX\SpeechUX.dll
+ 2009-07-14 05:35 . 2009-07-14 02:33 8289280 c:\windows\system32\Speech\SpeechUX\en-US\SpeechUXRes.dll
+ 2009-07-14 05:35 . 2009-07-14 01:34 8553472 c:\windows\system32\Speech\SpeechUX\en-gb\SpeechUXRes.dll
+ 2009-07-14 00:35 . 2009-07-14 01:41 1065984 c:\windows\system32\Speech\Engines\SR\spsreng.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1435648 c:\windows\system32\Speech\Common\sapi.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1900544 c:\windows\system32\setupapi.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 2250752 c:\windows\system32\SensorsCpl.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 1120768 c:\windows\system32\sdengin2.dll
+ 2011-05-06 01:09 . 2010-11-20 13:25 1264640 c:\windows\system32\sdclt.exe
+ 2011-05-06 01:10 . 2010-11-20 13:27 1110016 c:\windows\system32\schedsvc.dll
+ 2011-03-09 04:54 . 2010-12-23 10:42 1118720 c:\windows\system32\sbe.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1219584 c:\windows\system32\rpcrt4.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 1031680 c:\windows\system32\rdpcore.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1556992 c:\windows\system32\RacEngn.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 2055680 c:\windows\system32\Query.dll
+ 2012-01-11 13:16 . 2011-10-26 05:25 1572864 c:\windows\system32\quartz.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1212416 c:\windows\system32\propsys.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 1050624 c:\windows\system32\printui.dll
+ 2009-07-14 01:01 . 2009-06-10 20:31 1165664 c:\windows\system32\PresentationNative_v0300.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1808384 c:\windows\system32\pnidui.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 1389056 c:\windows\system32\pla.dll
+ 2009-07-14 01:05 . 2009-07-14 01:41 1439232 c:\windows\system32\pidgenx.dll
+ 2009-07-13 23:42 . 2009-07-14 01:41 1039872 c:\windows\system32\opengl32.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 1911808 c:\windows\system32\OpcServices.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 2199040 c:\windows\system32\oobe\winsetup.dll
+ 2009-07-13 23:29 . 2009-07-14 01:33 3051008 c:\windows\system32\oobe\W32UIImg.dll
+ 2009-07-13 23:28 . 2009-07-14 01:41 1002496 c:\windows\system32\oobe\unbcl.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1161728 c:\windows\system32\oobe\msoobeui.dll
+ 2011-05-06 01:08 . 2010-11-20 13:27 1080320 c:\windows\system32\onexui.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 2086912 c:\windows\system32\ole32.dll
+ 2009-07-13 23:42 . 2009-07-14 01:41 1336832 c:\windows\system32\ogldrv.dll
+ 2011-08-09 18:43 . 2011-06-23 05:43 5561216 c:\windows\system32\ntoskrnl.exe
+ 2012-01-11 13:16 . 2011-11-17 06:41 1731920 c:\windows\system32\ntdll.dll
+ 2009-07-14 00:32 . 2009-07-14 01:31 5071872 c:\windows\system32\NlsModels0011.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 6917120 c:\windows\system32\NlsLexicons0c1a.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 7042560 c:\windows\system32\NlsLexicons081a.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 5031936 c:\windows\system32\NlsLexicons0816.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 5090816 c:\windows\system32\NlsLexicons0416.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 4616192 c:\windows\system32\NlsLexicons0414.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 1972736 c:\windows\system32\NlsLexicons004e.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 4093440 c:\windows\system32\NlsLexicons004c.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 1702912 c:\windows\system32\NlsLexicons004b.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 3419136 c:\windows\system32\NlsLexicons004a.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 1558016 c:\windows\system32\NlsLexicons0049.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 1411072 c:\windows\system32\NlsLexicons0047.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 1808896 c:\windows\system32\NlsLexicons0046.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 1793536 c:\windows\system32\NlsLexicons0045.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 4045824 c:\windows\system32\NlsLexicons003e.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 1782272 c:\windows\system32\NlsLexicons0039.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 6224896 c:\windows\system32\NlsLexicons0027.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 5791232 c:\windows\system32\NlsLexicons0026.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 7964672 c:\windows\system32\NlsLexicons0024.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 5499904 c:\windows\system32\NlsLexicons0022.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 2136064 c:\windows\system32\NlsLexicons0021.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 1236992 c:\windows\system32\NlsLexicons0020.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 6346240 c:\windows\system32\NlsLexicons001d.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 6585856 c:\windows\system32\NlsLexicons001b.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 6014976 c:\windows\system32\NlsLexicons001a.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 6781440 c:\windows\system32\NlsLexicons0019.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 3331072 c:\windows\system32\NlsLexicons0018.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 4981248 c:\windows\system32\NlsLexicons0013.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 2466816 c:\windows\system32\NlsLexicons0011.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 4175872 c:\windows\system32\NlsLexicons0010.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 5654528 c:\windows\system32\NlsLexicons000f.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 1722368 c:\windows\system32\NlsLexicons000d.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 6237696 c:\windows\system32\NlsLexicons000c.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 9892864 c:\windows\system32\NlsLexicons000a.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 2628608 c:\windows\system32\NlsLexicons0009.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 1452544 c:\windows\system32\NlsLexicons0003.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 4164096 c:\windows\system32\NlsLexicons0002.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0c1a.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData081a.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 4636160 c:\windows\system32\NlsData0816.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 4636672 c:\windows\system32\NlsData0416.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 4635648 c:\windows\system32\NlsData0414.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData004e.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData004c.dll
+ 2009-07-14 00:34 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData004b.dll
+ 2009-07-14 00:34 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData004a.dll
+ 2009-07-14 00:34 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0049.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0047.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0046.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0045.dll
+ 2009-07-14 00:32 . 2009-07-14 01:41 1921536 c:\windows\system32\NlsData003e.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0039.dll
+ 2009-07-14 00:34 . 2009-07-14 01:41 1921536 c:\windows\system32\NlsData002a.dll
+ 2009-07-14 00:32 . 2009-07-14 01:41 2095104 c:\windows\system32\NlsData0027.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0026.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0024.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 1921536 c:\windows\system32\NlsData0022.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 1921536 c:\windows\system32\NlsData0021.dll
+ 2009-07-14 00:34 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0020.dll
+ 2009-07-14 00:34 . 2009-07-14 01:41 4637184 c:\windows\system32\NlsData001d.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData001b.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData001a.dll
+ 2009-07-14 00:34 . 2009-07-14 01:41 4625920 c:\windows\system32\NlsData0019.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0018.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 3604992 c:\windows\system32\NlsData0013.dll
+ 2009-07-14 00:30 . 2009-07-14 01:41 2777600 c:\windows\system32\NlsData0011.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 4636672 c:\windows\system32\NlsData0010.dll
+ 2009-07-14 00:32 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData000f.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 2491904 c:\windows\system32\NlsData000d.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 2413056 c:\windows\system32\NlsData000c.dll
+ 2009-07-14 00:32 . 2009-07-14 01:41 9772544 c:\windows\system32\NlsData000a.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 6270976 c:\windows\system32\NlsData0009.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 2137600 c:\windows\system32\NlsData0007.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0003.dll
+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0002.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 2725888 c:\windows\system32\NlsData0001.dll
+ 2009-07-14 00:31 . 2009-07-14 01:41 1623552 c:\windows\system32\NlsData0000.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 2146816 c:\windows\system32\networkmap.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 1672704 c:\windows\system32\networkexplorer.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 2652160 c:\windows\system32\netshell.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 1689600 c:\windows\system32\netcenter.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1326080 c:\windows\system32\NaturalLanguage6.dll
+ 2011-05-06 01:09 . 2010-11-20 13:44 1077248 c:\windows\system32\Narrator.exe
+ 2011-05-06 01:10 . 2010-11-20 13:27 2004480 c:\windows\system32\msxml6.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1881088 c:\windows\system32\msxml3.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 3650560 c:\windows\system32\MSVidCtl.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 3715584 c:\windows\system32\mstscax.dll
+ 2011-05-06 01:10 . 2010-11-20 13:25 1116672 c:\windows\system32\mstsc.exe
+ 2011-06-29 13:34 . 2011-05-04 05:22 2223616 c:\windows\system32\mssrch.dll
+ 2009-07-13 23:58 . 2009-07-14 01:39 6676480 c:\windows\system32\mspaint.exe
+ 2009-06-10 21:01 . 2009-07-14 01:41 2643456 c:\windows\system32\msmpeg2vdec.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 1160192 c:\windows\system32\MSMPEG2ENC.DLL
+ 2009-06-10 21:01 . 2009-07-14 01:41 1307136 c:\windows\system32\msmpeg2adec.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 3211776 c:\windows\system32\msi.dll
+ 2011-05-06 01:10 . 2010-11-20 13:27 1509888 c:\windows\system32\msdtctm.dll
+ 2009-07-13 23:32 . 2009-07-14 01:39 1076736 c:\windows\system32\msdt.exe
+ 2009-07-13 23:40 . 2009-07-14 01:41 1067008 c:\windows\system32\msctf.dll
+ 2009-07-14 00:19 . 2009-07-14 01:29 9053696 c:\windows\system32\mmres.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 3205120 c:\windows\system32\mmcndmgr.dll
+ 2009-07-13 23:49 . 2009-07-14 01:39 2144256 c:\windows\system32\mmc.exe
+ 2009-07-13 23:28 . 2009-07-14 01:41 1002496 c:\windows\system32\migwiz\unbcl.dll
+ 2009-07-13 23:28 . 2009-06-10 21:05 1445052 c:\windows\system32\migwiz\SFLISTXP.dat
+ 2009-06-10 21:05 . 2009-06-10 21:05 2119152 c:\windows\system32\migwiz\SFLISTW7.dat
+ 2009-07-13 23:28 . 2009-06-10 21:05 3225610 c:\windows\system32\migwiz\SFLISTLH.dat
+ 2011-05-06 01:10 . 2010-11-20 13:26 1205760 c:\windows\system32\migwiz\migstore.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 8032768 c:\windows\system32\migwiz\migcore.dll
+ 2011-04-14 10:29 . 2011-03-11 06:34 1359872 c:\windows\system32\mfc42u.dll
+ 2011-04-14 10:29 . 2011-03-11 06:34 1395712 c:\windows\system32\mfc42.dll
+ 2011-01-07 19:02 . 2011-01-07 19:02 5523280 c:\windows\system32\mfc100u.dll
+ 2011-01-07 19:02 . 2011-01-07 19:02 5493576 c:\windows\system32\mfc100.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 4120064 c:\windows\system32\mf.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 1009152 c:\windows\system32\mcmde.dll
+ 2012-01-18 05:53 . 2011-11-17 06:35 1447936 c:\windows\system32\lsasrv.dll
+ 2011-08-09 18:43 . 2011-07-16 05:37 1162752 c:\windows\system32\kernel32.dll
+ 2012-02-16 08:01 . 2011-12-14 07:11 2308096 c:\windows\system32\jscript9.dll
+ 2009-07-14 00:02 . 2009-07-14 01:29 7392768 c:\windows\system32\IME\IMETC10\applets\MSHWCHTRIME.dll
+ 2009-07-14 00:02 . 2009-07-14 01:29 7390208 c:\windows\system32\IME\imekr8\applets\mshwkorrIME.dll
+ 2011-05-06 01:09 . 2010-11-20 13:26 1242112 c:\windows\system32\IME\IMEJP10\IMJPTIP.DLL
+ 2009-07-13 23:39 . 2009-07-14 01:41 1334784 c:\windows\system32\IME\IMEJP10\imjpcus.dll
+ 2009-07-14 00:02 . 2009-07-14 01:29 7378432 c:\windows\system32\IME\IMEJP10\APPLETS\mshwjpnrIME.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 1244160 c:\windows\system32\imapi2fs.dll
+ 2009-07-13 21:59 . 2009-07-14 01:41 5437952 c:\windows\system32\igdumd64.dll
+ 2009-07-13 21:59 . 2009-07-14 01:41 3451904 c:\windows\system32\igd10umd64.dll
+ 2012-02-16 08:01 . 2011-12-14 06:59 2144256 c:\windows\system32\iertutil.dll
+ 2011-05-10 16:05 . 2011-05-10 16:05 3695416 c:\windows\system32\ieapfltr.dat
+ 2009-07-14 01:01 . 2009-06-10 20:30 1380672 c:\windows\system32\icardagt.exe
+ 2009-07-13 23:54 . 2009-07-14 01:40 1000960 c:\windows\system32\gpedit.dll
+ 2009-07-13 23:56 . 2009-07-14 01:27 4240384 c:\windows\system32\GameUXLegacyGDFs.dll
+ 2011-05-06 01:09 . 2010-11-20 13:26 2746880 c:\windows\system32\gameux.dll
+ 2011-03-09 04:54 . 2011-02-19 12:05 1139200 c:\windows\system32\FntCache.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 1866240 c:\windows\system32\ExplorerFrame.dll
+ 2011-04-28 02:01 . 2011-03-11 06:33 2565632 c:\windows\system32\esent.dll
+ 2009-07-14 05:35 . 2009-07-14 02:32 1617920 c:\windows\system32\en\AuthFWSnapIn.Resources.dll
+ 2011-05-06 01:09 . 2010-11-20 13:26 1457664 c:\windows\system32\DxpTaskSync.dll
+ 2011-03-09 04:54 . 2011-02-19 12:04 1544192 c:\windows\system32\DWrite.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 1632256 c:\windows\system32\dwmcore.dll
+ 2009-07-14 00:21 . 2009-07-14 01:40 1200640 c:\windows\system32\drmv2clt.dll
+ 2009-07-13 22:53 . 2009-06-10 20:32 5898752 c:\windows\system32\DriverStore\FileRepository\xcbdav.inf_amd64_neutral_cf80e4da1c95e6e2\xchalVx64.sys
+ 2009-07-14 00:22 . 2009-07-14 01:41 1195008 c:\windows\system32\DriverStore\FileRepository\wpdmtp.inf_amd64_neutral_28f06ca2e38e8979\WpdMtpDr.dll
+ 2009-07-14 01:20 . 2009-07-14 01:41 1052160 c:\windows\system32\DriverStore\FileRepository\wialx004.inf_amd64_neutral_0a3a62ae6ed43127\lxa3comc.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:41 1052160 c:\windows\system32\DriverStore\FileRepository\wialx003.inf_amd64_neutral_db618863f9347f9a\lxa2comc.DLL
+ 2009-07-14 00:22 . 2009-07-14 01:41 1393152 c:\windows\system32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_423894ded0ba8fdf\WMALFXGFXDSP.dll
+ 2010-08-28 15:29 . 2010-03-17 21:44 1721576 c:\windows\system32\DriverStore\FileRepository\synpd.inf_amd64_neutral_e96402f779223e6d\WdfCoInstaller01009.dll
+ 2010-08-28 15:29 . 2010-03-17 21:44 8236840 c:\windows\system32\DriverStore\FileRepository\synpd.inf_amd64_neutral_e96402f779223e6d\SynTPRes.dll
+ 2010-08-28 15:29 . 2010-03-17 21:44 1890088 c:\windows\system32\DriverStore\FileRepository\synpd.inf_amd64_neutral_e96402f779223e6d\SynTPEnh.exe
+ 2010-08-28 15:29 . 2010-03-17 21:44 1722152 c:\windows\system32\DriverStore\FileRepository\synpd.inf_amd64_neutral_e96402f779223e6d\SynTPCpl.dll
+ 2010-08-28 15:29 . 2010-06-18 05:10 3467264 c:\windows\system32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_feabbb5373bf0e44\stlang64.dll
+ 2010-08-28 15:29 . 2010-06-18 05:10 1465344 c:\windows\system32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_feabbb5373bf0e44\stapo64.dll
+ 2010-08-28 15:29 . 2010-03-17 21:30 7367200 c:\windows\system32\DriverStore\FileRepository\rtsustor.inf_amd64_neutral_86fd6fd1af0d11d1\RtsUStoricon.dll
+ 2009-06-10 20:37 . 2009-07-14 01:45 1524816 c:\windows\system32\DriverStore\FileRepository\ql2300.inf_amd64_neutral_ca8487daf77ff7cb\ql2300.sys
+ 2009-07-14 01:18 . 2009-07-14 01:41 1275392 c:\windows\system32\DriverStore\FileRepository\prnrc00c.inf_amd64_neutral_53a58f4fd7d88575\Amd64\RIPSUI7.DLL
+ 2009-07-14 01:18 . 2009-07-14 01:41 1259008 c:\windows\system32\DriverStore\FileRepository\prnrc00a.inf_amd64_neutral_565c5d04cc520c48\Amd64\RIAUI27.DLL
+ 2009-07-14 01:18 . 2009-07-14 01:41 1259008 c:\windows\system32\DriverStore\FileRepository\prnrc00a.inf_amd64_neutral_565c5d04cc520c48\Amd64\RIAUI17.DLL
+ 2011-05-06 01:09 . 2010-11-20 13:08 6566400 c:\windows\system32\DriverStore\FileRepository\prnms002.inf_amd64_neutral_d834e48846616289\Amd64\FXSRES.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:41 1115136 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpfvew73.dll
+ 2009-07-14 01:20 . 2009-07-14 01:41 1591808 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpfuiw73.dll
+ 2009-07-14 01:20 . 2009-07-14 01:27 1058816 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpfstw73.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 1667072 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpf4400t.dll
+ 2009-07-14 01:20 . 2009-07-14 01:41 1858048 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpf3rw73.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1667072 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpd2600t.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1674752 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpc4600t.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 1633792 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpc309at.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1674752 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp8500nt.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1674752 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp8500gt.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 1674752 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp8500at.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 1674752 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp8000at.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 1667584 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp6500nt.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1667584 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp6500at.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1667584 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp6000nt.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 1667584 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp6000at.dll
+ 2009-07-14 01:20 . 2009-07-14 01:27 3498496 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpzurw72.dll
+ 2009-07-14 01:20 . 2009-07-14 01:41 1473536 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpzuiw72.dll
+ 2009-07-14 01:20 . 2009-07-14 01:27 1063936 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpzstw72.dll
+ 2009-07-14 01:20 . 2009-07-14 01:41 1832448 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpz3rw72.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1416192 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpd7500t.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1416192 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpD5400t.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 1422336 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpc6300t.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1416704 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpc5500t.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1416192 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpc5300t.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 1412096 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpc4500t.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1423360 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpb8500t.dll
+ 2009-07-14 01:20 . 2009-07-14 01:27 1176064 c:\windows\system32\DriverStore\FileRepository\prnhp003.inf_amd64_neutral_4480210763997eb4\Amd64\hpzurw71.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 3506176 c:\windows\system32\DriverStore\FileRepository\prnhp003.inf_amd64_neutral_4480210763997eb4\Amd64\HPZUIW71.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:27 6061568 c:\windows\system32\DriverStore\FileRepository\prnhp003.inf_amd64_neutral_4480210763997eb4\Amd64\HPZSTW71.DLL
+ 2009-07-14 01:18 . 2009-07-14 01:41 7067136 c:\windows\system32\DriverStore\FileRepository\prnhp003.inf_amd64_neutral_4480210763997eb4\Amd64\hpzlaw71.dll
+ 2009-07-14 01:20 . 2009-07-14 01:41 2074624 c:\windows\system32\DriverStore\FileRepository\prnhp003.inf_amd64_neutral_4480210763997eb4\Amd64\hpz3rw71.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 2484736 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZUIWN7.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:27 3447808 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZSTWN7.DLL
+ 2009-07-14 01:18 . 2009-07-14 01:41 1486848 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZLSWN7.DLL
+ 2009-07-14 01:18 . 2009-07-14 01:41 4998656 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZLAwn7.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:41 1485824 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZ3Rwn7.DLL
+ 2009-07-14 01:18 . 2009-07-14 01:41 1532928 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZ3Awn7.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:41 5274112 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPFIGLHN.DLL
+ 2009-06-23 00:19 . 2009-06-23 00:19 2414080 c:\windows\system32\DriverStore\FileRepository\prnhp001.inf_amd64_neutral_081cf2b90ec9e6d5\Amd64\HPZUILHN.DLL
+ 2008-05-07 23:59 . 2008-05-07 23:59 3447808 c:\windows\system32\DriverStore\FileRepository\prnhp001.inf_amd64_neutral_081cf2b90ec9e6d5\Amd64\HPZSTLHN.DLL
+ 2009-06-23 00:11 . 2009-06-23 00:11 1244160 c:\windows\system32\DriverStore\FileRepository\prnhp001.inf_amd64_neutral_081cf2b90ec9e6d5\Amd64\HPZLSLHN.DLL
+ 2009-06-23 00:11 . 2009-06-23 00:11 4900352 c:\windows\system32\DriverStore\FileRepository\prnhp001.inf_amd64_neutral_081cf2b90ec9e6d5\Amd64\HPZLALHN.DLL
+ 2008-05-07 23:59 . 2008-05-07 23:59 1442304 c:\windows\system32\DriverStore\FileRepository\prnhp001.inf_amd64_neutral_081cf2b90ec9e6d5\Amd64\HPZ3RLHN.DLL
+ 2009-06-23 00:20 . 2009-06-23 00:20 1485312 c:\windows\system32\DriverStore\FileRepository\prnhp001.inf_amd64_neutral_081cf2b90ec9e6d5\Amd64\HPZ3ALHN.DLL
+ 2008-05-07 23:59 . 2008-05-07 23:59 2389504 c:\windows\system32\DriverStore\FileRepository\prnhp001.inf_amd64_neutral_081cf2b90ec9e6d5\Amd64\HPVIMG50.DLL
+ 2008-05-07 23:59 . 2008-05-07 23:59 1692672 c:\windows\system32\DriverStore\FileRepository\prnhp001.inf_amd64_neutral_081cf2b90ec9e6d5\Amd64\HPFIMG50.DLL
+ 2008-05-07 23:59 . 2008-05-07 23:59 5263872 c:\windows\system32\DriverStore\FileRepository\prnhp001.inf_amd64_neutral_081cf2b90ec9e6d5\Amd64\HPFIGLHN.DLL
+ 2009-06-23 00:22 . 2009-06-23 00:22 1177088 c:\windows\system32\DriverStore\FileRepository\prnhp001.inf_amd64_neutral_081cf2b90ec9e6d5\Amd64\HPF940AL.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:27 1711616 c:\windows\system32\DriverStore\FileRepository\prnep00l.inf_amd64_neutral_f1fa021d2221e2c7\Amd64\EP0LGR00.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 1471488 c:\windows\system32\DriverStore\FileRepository\prnep00g.inf_amd64_neutral_2926840e245f88f6\Amd64\EP0NRE8D.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 3291136 c:\windows\system32\DriverStore\FileRepository\prnep00g.inf_amd64_neutral_2926840e245f88f6\Amd64\EP0NOE10.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 1398272 c:\windows\system32\DriverStore\FileRepository\prnep00f.inf_amd64_neutral_a5f6001b957bd7e0\Amd64\EP0NRE8C.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 3121664 c:\windows\system32\DriverStore\FileRepository\prnep00f.inf_amd64_neutral_a5f6001b957bd7e0\Amd64\EP0NOE09.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 1899520 c:\windows\system32\DriverStore\FileRepository\prnep00e.inf_amd64_neutral_edc631ff41a34218\Amd64\EP0NOE20.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 4653056 c:\windows\system32\DriverStore\FileRepository\prnep00d.inf_amd64_neutral_dd61103f3a2743d4\Amd64\EP0NRE8H.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 3223552 c:\windows\system32\DriverStore\FileRepository\prnep00d.inf_amd64_neutral_dd61103f3a2743d4\Amd64\EP0NOE17.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 3214848 c:\windows\system32\DriverStore\FileRepository\prnep00d.inf_amd64_neutral_dd61103f3a2743d4\Amd64\EP0NOE12.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 1332736 c:\windows\system32\DriverStore\FileRepository\prnep00c.inf_amd64_neutral_f0d9ddf52f04765c\Amd64\EP0NRE8T.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 2815488 c:\windows\system32\DriverStore\FileRepository\prnep00c.inf_amd64_neutral_f0d9ddf52f04765c\Amd64\EP0NOE02.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 1007616 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NRE9C.DLL
+ 2009-07-14 01:19 . 2009-07-14 01:40 1158656 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NRE9A.DLL
+ 2009-07-14 01:19 . 2009-07-14 01:40 4642816 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NRE8M.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 1536000 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NRE8L.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 3420160 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NOE18.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 3237376 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NOE14.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 2379776 c:\windows\system32\DriverStore\FileRepository\prnep00a.inf_amd64_neutral_92a4c727cdf4c2f7\Amd64\EP0NUI60.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 1632768 c:\windows\system32\DriverStore\FileRepository\prnep00a.inf_amd64_neutral_92a4c727cdf4c2f7\Amd64\EP0NREUJ.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 2166784 c:\windows\system32\DriverStore\FileRepository\prnep00a.inf_amd64_neutral_92a4c727cdf4c2f7\Amd64\EP0NRA8G.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 3022336 c:\windows\system32\DriverStore\FileRepository\prnep00a.inf_amd64_neutral_92a4c727cdf4c2f7\Amd64\EP0NOE04.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 2799616 c:\windows\system32\DriverStore\FileRepository\prnep00a.inf_amd64_neutral_92a4c727cdf4c2f7\Amd64\EP0NOE03.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 1878528 c:\windows\system32\DriverStore\FileRepository\prnep003.inf_amd64_neutral_92ed2d842e0dd4ea\Amd64\EP0LB03B.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:26 9625088 c:\windows\system32\DriverStore\FileRepository\prnca00z.inf_amd64_neutral_27f402ce616c3ebc\Amd64\CNBUR4.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 2809856 c:\windows\system32\DriverStore\FileRepository\prnca00z.inf_amd64_neutral_27f402ce616c3ebc\Amd64\CNBUI4.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:26 1854464 c:\windows\system32\DriverStore\FileRepository\prnca00z.inf_amd64_neutral_27f402ce616c3ebc\Amd64\CNBSR4.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1599488 c:\windows\system32\DriverStore\FileRepository\prnca00z.inf_amd64_neutral_27f402ce616c3ebc\Amd64\CNBPC4_2.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:26 4047872 c:\windows\system32\DriverStore\FileRepository\prnca00z.inf_amd64_neutral_27f402ce616c3ebc\Amd64\CNBLR4.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:26 6068224 c:\windows\system32\DriverStore\FileRepository\prnca00x.inf_amd64_neutral_eb0842aa932d01ee\Amd64\CNBUR.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 1936384 c:\windows\system32\DriverStore\FileRepository\prnca00x.inf_amd64_neutral_eb0842aa932d01ee\Amd64\CNBUI3.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:26 1598976 c:\windows\system32\DriverStore\FileRepository\prnca00x.inf_amd64_neutral_eb0842aa932d01ee\Amd64\CNBSR.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:25 2135040 c:\windows\system32\DriverStore\FileRepository\prnca00x.inf_amd64_neutral_eb0842aa932d01ee\Amd64\CNBLR.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00h.inf_amd64_neutral_96a8e38189e54d71\Amd64\CNBP_288.DLL
+ 2009-07-14 01:20 . 2009-07-14 01:40 2775040 c:\windows\system32\DriverStore\FileRepository\prnca00g.inf_amd64_neutral_6f76b14b2912fa55\Amd64\CNBXUI4.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1085440 c:\windows\system32\DriverStore\FileRepository\prnca00g.inf_amd64_neutral_6f76b14b2912fa55\Amd64\CNBP_281.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00e.inf_amd64_neutral_651eeed98428be5e\Amd64\CNBP_300.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00e.inf_amd64_neutral_651eeed98428be5e\Amd64\CNBP_298.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00e.inf_amd64_neutral_651eeed98428be5e\Amd64\CNBP_297.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00e.inf_amd64_neutral_651eeed98428be5e\Amd64\CNBP_295.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00e.inf_amd64_neutral_651eeed98428be5e\Amd64\CNBP_294.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1967104 c:\windows\system32\DriverStore\FileRepository\prnca00d.inf_amd64_neutral_0600b2ba575729f4\Amd64\CNBMR310.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 2899968 c:\windows\system32\DriverStore\FileRepository\prnca00d.inf_amd64_neutral_0600b2ba575729f4\Amd64\CNBMR285.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1724416 c:\windows\system32\DriverStore\FileRepository\prnca00d.inf_amd64_neutral_0600b2ba575729f4\Amd64\CNBMR284.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00b.inf_amd64_neutral_4412894f52d39895\Amd64\CNBP_332.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1724416 c:\windows\system32\DriverStore\FileRepository\prnca00b.inf_amd64_neutral_4412894f52d39895\Amd64\CNBMR284.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00a.inf_amd64_neutral_d64d696193e69d7b\Amd64\CNBP_327.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00a.inf_amd64_neutral_d64d696193e69d7b\Amd64\CNBP_326.DLL
+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00a.inf_amd64_neutral_d64d696193e69d7b\Amd64\CNBP_325.DLL
+ 2009-06-10 20:32 . 2009-06-10 20:32 1512832 c:\windows\system32\DriverStore\FileRepository\ph6xib64c1.inf_amd64_neutral_68c99681343e9b68\Ph6xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1512832 c:\windows\system32\DriverStore\FileRepository\ph6xib64c0.inf_amd64_neutral_a43df8f7441e1c61\Ph6xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc9.inf_amd64_neutral_ff3a566e4b6ba035\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc8.inf_amd64_neutral_c93e7023ef90e637\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc7.inf_amd64_neutral_348f512722c79525\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc6.inf_amd64_neutral_2818f7b3b62bdd39\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc5.inf_amd64_neutral_2270382453de2dbb\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc4.inf_amd64_neutral_310871d800afa82a\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc3.inf_amd64_neutral_1da6abc36a79974f\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc2.inf_amd64_neutral_7621f5d62d77f42e\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc12.inf_amd64_neutral_ff7295ba5a46d63f\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc11.inf_amd64_neutral_bb18e5f134c40c68\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc10.inf_amd64_neutral_2c5d0c618dbfaf2a\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc1.inf_amd64_neutral_662220c3016bb4d0\Ph3xIB64.sys
+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc0.inf_amd64_neutral_c24bcc939e6dfc23\Ph3xIB64.sys
+ 2009-07-13 21:59 . 2009-07-14 01:41 4326912 c:\windows\system32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvwgf2umx.dll
+ 2009-07-13 21:59 . 2009-07-14 01:41 3128320 c:\windows\system32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvwgf2um.dll
+ 2009-07-13 21:59 . 2009-07-14 01:41 9443840 c:\windows\system32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvd3dumx.dll
+ 2009-06-10 20:37 . 2009-07-14 01:41 7592960 c:\windows\system32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvd3dum.dll
+ 2011-05-06 01:09 . 2010-11-20 13:27 1576448 c:\windows\system32\DriverStore\FileRepository\ntprint.inf_amd64_neutral_4616c3de1949be6d\Amd64\XPSSVCS.DLL
+ 2011-05-06 01:08 . 2010-11-20 13:09 1058304 c:\windows\system32\DriverStore\FileRepository\ntprint.inf_amd64_neutral_4616c3de1949be6d\Amd64\PCL5URES.DLL
+ 2011-05-06 01:08 . 2010-11-20 13:09 1057792 c:\windows\system32\DriverStore\FileRepository\ntprint.inf_amd64_neutral_4616c3de1949be6d\Amd64\PCL5ERES.DLL
+ 2009-06-10 20:35 . 2009-06-10 20:35 5434368 c:\windows\system32\DriverStore\FileRepository\netw5v64.inf_amd64_neutral_a6b778ba802632cc\netw5v64.sys
+ 2009-06-10 20:34 . 2009-06-10 20:34 3286016 c:\windows\system32\DriverStore\FileRepository\netevbda.inf_amd64_neutral_bab421df9c31cc81\evbda.sys
+ 2009-06-10 20:34 . 2009-06-10 20:34 1311232 c:\windows\system32\DriverStore\FileRepository\netbc664.inf_amd64_neutral_673d3dfb961e9b17\BCMWL664.SYS
+ 2009-06-20 02:09 . 2009-06-20 02:09 1394688 c:\windows\system32\DriverStore\FileRepository\netathrx.inf_amd64_neutral_905772087ff288af\athrx.sys
+ 2009-06-10 21:01 . 2009-06-10 21:01 1227776 c:\windows\system32\DriverStore\FileRepository\mdmmot64.inf_amd64_neutral_1abbad2f29c8fa08\SmSerl64.sys
+ 2009-07-13 22:04 . 2009-06-10 21:01 1485312 c:\windows\system32\DriverStore\FileRepository\mdmcxpv6.inf_amd64_neutral_f62ac4bd04e653d0\VSTDPV6.SYS
+ 2009-07-13 22:04 . 2009-06-10 21:01 1485312 c:\windows\system32\DriverStore\FileRepository\mdmcxhv6.inf_amd64_neutral_81ba64c5b6150dd3\VSTDPV6.SYS
+ 2009-06-10 21:01 . 2009-06-10 21:01 1146880 c:\windows\system32\DriverStore\FileRepository\mdmags64.inf_amd64_neutral_e68956e24e287714\agrsm64.sys
+ 2009-07-13 21:59 . 2009-06-10 20:37 1498564 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igkrng400.bin
+ 2009-07-13 21:59 . 2009-07-14 01:41 5437952 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igdumd64.dll
+ 2009-07-13 21:59 . 2009-07-14 01:41 3805184 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igdumd32.dll
+ 2009-06-10 20:37 . 2009-06-10 20:37 6108416 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igdkmd64.sys
+ 2009-07-13 21:59 . 2009-07-14 01:41 3451904 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igd10umd64.dll
+ 2009-07-13 21:59 . 2009-07-14 01:41 2531328 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igd10umd32.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1303552 c:\windows\system32\DriverStore\FileRepository\hpoa1ss.inf_amd64_neutral_8cae09a2238d64e0\hpowiav1.dll
+ 2009-07-14 01:18 . 2009-07-14 01:41 1303552 c:\windows\system32\DriverStore\FileRepository\hpoa1so.inf_amd64_neutral_4f1a3f1015001339\hpowiav1.dll
+ 2009-07-14 01:17 . 2009-07-14 01:41 1708032 c:\windows\system32\DriverStore\FileRepository\hpoa1so.inf_amd64_neutral_4f1a3f1015001339\hpotiop1.dll
+ 2009-07-14 01:19 . 2009-07-14 01:41 1252864 c:\windows\system32\DriverStore\FileRepository\hpoa1sd.inf_amd64_neutral_caaa16c52c48f8ac\hpowiad1.dll
+ 2009-06-10 20:31 . 2009-06-10 20:31 1192448 c:\windows\system32\DriverStore\FileRepository\hcw85b64.inf_amd64_neutral_22b436d5d06ab017\HCW85BDA.sys
+ 2009-07-13 22:53 . 2009-06-10 20:32 1643520 c:\windows\system32\DriverStore\FileRepository\hcw72b64.inf_amd64_neutral_023772237d3a4ade\hcw72DTV.sys
+ 2009-07-13 22:53 . 2009-06-10 20:32 1649024 c:\windows\system32\DriverStore\FileRepository\hcw72b64.inf_amd64_neutral_023772237d3a4ade\hcw72ATV.sys
+ 2009-07-13 21:53 . 2009-06-10 20:36 1297122 c:\windows\system32\DriverStore\FileRepository\divacx64.inf_amd64_neutral_fa0f82f024789743\dspcli.bin
+ 2009-07-13 21:53 . 2009-06-10 20:36 1544192 c:\windows\system32\DriverStore\FileRepository\divacx64.inf_amd64_neutral_fa0f82f024789743\dicowan.sys
+ 2010-08-28 15:35 . 2010-06-02 05:19 3025408 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\atiumdva.dll
+ 2010-08-28 15:35 . 2010-06-02 05:59 3809792 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\atiumdag.dll
+ 2010-08-28 15:35 . 2010-06-02 05:24 2752512 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\atiumd6a.dll
+ 2010-08-28 15:35 . 2010-06-02 05:51 4929024 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\atiumd64.dll
+ 2010-08-28 15:35 . 2010-06-02 06:50 6857728 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\atikmdag.sys
+ 2010-08-28 15:35 . 2010-06-02 06:12 4294656 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\atidxx64.dll
+ 2010-08-28 15:35 . 2010-06-02 06:24 3668480 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\atidxx32.dll
+ 2010-08-28 15:35 . 2010-06-02 05:41 5264896 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\aticaldd64.dll
+ 2010-08-28 15:35 . 2010-06-02 05:40 4096000 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\aticaldd.dll
+ 2010-08-28 15:30 . 2010-02-03 06:13 3058168 c:\windows\system32\DriverStore\FileRepository\bcmwl6.inf_amd64_neutral_0830c923239d638a\BCMWL664.SYS
+ 2010-08-28 15:30 . 2010-02-03 06:13 3555840 c:\windows\system32\DriverStore\FileRepository\bcmwl6.inf_amd64_neutral_0830c923239d638a\bcmihvui64.dll
+ 2010-08-28 15:30 . 2010-02-03 06:13 3891200 c:\windows\system32\DriverStore\FileRepository\bcmwl6.inf_amd64_neutral_0830c923239d638a\bcmihvsrv64.dll
+ 2009-07-13 21:53 . 2009-06-10 20:36 1210684 c:\windows\system32\DriverStore\FileRepository\avmx64c.inf_amd64_neutral_8ebb15bf548db022\c4.bin
+ 2009-07-13 21:53 . 2009-06-10 20:36 1164816 c:\windows\system32\DriverStore\FileRepository\avmx64c.inf_amd64_neutral_8ebb15bf548db022\c2.bin
+ 2009-07-13 21:59 . 2009-07-14 01:40 4772352 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atiumdva.dll
+ 2009-07-13 21:59 . 2009-07-14 01:40 4030976 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atiumdag.dll
+ 2009-07-13 21:59 . 2009-07-14 01:40 4763136 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atiumd6a.dll
+ 2009-06-10 20:36 . 2009-07-14 01:40 5492736 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atiumd64.dll
+ 2009-07-13 21:59 . 2009-07-13 21:59 5020672 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atikmdag.sys
+ 2009-07-13 21:59 . 2009-07-14 01:40 3115008 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atidxx64.dll
+ 2009-07-13 21:59 . 2009-07-14 01:40 2342400 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atidxx32.dll
+ 2009-07-14 00:22 . 2009-07-14 01:41 1195008 c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
+ 2011-11-09 16:38 . 2011-09-29 16:29 1923952 c:\windows\system32\drivers\tcpip.sys
+ 2009-06-10 20:37 . 2009-07-14 01:45 1524816 c:\windows\system32\drivers\ql2300.sys
+ 2011-04-28 02:01 . 2011-03-11 06:41 1659776 c:\windows\system32\drivers\ntfs.sys
+ 2009-06-10 20:37 . 2009-06-10 20:37 6108416 c:\windows\system32\drivers\igdkmd64.sys
+ 2009-06-10 20:34 . 2009-06-10 20:34 3286016 c:\windows\system32\drivers\evbda.sys
+ 2010-08-28 15:30 . 2010-02-03 06:13 3058168 c:\windows\system32\drivers\BCMWL664.SYS
+ 2010-08-28 15:35 . 2010-06-02 06:50 6857728 c:\windows\system32\drivers\atikmdag.sys
+ 2011-05-06 01:09 . 2010-11-20 13:26 1066496 c:\windows\system32\Display.dll
+ 2009-07-13 23:55 . 2009-07-14 01:40 1502208 c:\windows\system32\diskcopy.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 1340416 c:\windows\system32\diagperf.dll
+ 2011-05-06 01:09 . 2010-11-20 13:26 1202176 c:\windows\system32\DiagCpl.dll
+ 2011-05-06 01:11 . 2010-11-05 01:57 1942856 c:\windows\system32\dfshim.dll
+ 2009-07-13 23:37 . 2009-07-14 01:40 6281216 c:\windows\system32\DDORes.dll
+ 2011-05-06 01:09 . 2010-11-20 13:26 1087488 c:\windows\system32\dbghelp.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 3391488 c:\windows\system32\dbgeng.dll
+ 2011-04-07 13:23 . 2010-05-26 15:41 2401112 c:\windows\system32\D3DX9_43.dll
+ 2011-04-07 13:22 . 2009-09-04 21:29 2475352 c:\windows\system32\D3DX9_42.dll
+ 2011-04-07 13:22 . 2009-03-09 19:27 5425496 c:\windows\system32\D3DX9_41.dll
+ 2011-04-07 13:22 . 2008-10-15 10:22 5631312 c:\windows\system32\D3DX9_40.dll
+ 2011-04-14 18:25 . 2008-07-12 12:18 4992520 c:\windows\system32\D3DX9_39.dll
+ 2011-04-07 13:22 . 2008-05-30 18:11 4991496 c:\windows\system32\D3DX9_38.dll
+ 2011-04-07 13:22 . 2008-03-05 19:56 4910088 c:\windows\system32\D3DX9_37.dll
+ 2010-09-22 03:34 . 2007-10-12 19:14 5081608 c:\windows\system32\d3dx9_36.dll
+ 2010-09-22 03:34 . 2007-07-19 22:14 5073256 c:\windows\system32\d3dx9_35.dll
+ 2010-09-22 03:34 . 2007-05-16 20:45 4496232 c:\windows\system32\d3dx9_34.dll
+ 2010-09-22 03:34 . 2007-03-12 20:42 4494184 c:\windows\system32\d3dx9_33.dll
+ 2010-08-28 13:00 . 2006-11-29 18:06 4398360 c:\windows\system32\d3dx9_32.dll
+ 2010-09-22 03:34 . 2006-09-28 20:05 3977496 c:\windows\system32\d3dx9_31.dll
+ 2010-09-22 03:33 . 2006-03-31 16:41 3927248 c:\windows\system32\d3dx9_30.dll
+ 2010-09-22 03:33 . 2006-02-03 12:43 3830992 c:\windows\system32\d3dx9_29.dll
+ 2010-09-22 03:33 . 2005-12-05 22:09 3815120 c:\windows\system32\d3dx9_28.dll
+ 2010-09-22 03:33 . 2005-07-22 23:59 3807440 c:\windows\system32\d3dx9_27.dll
+ 2010-09-22 03:33 . 2005-05-26 19:34 3767504 c:\windows\system32\d3dx9_26.dll
+ 2011-03-02 02:36 . 2005-03-18 22:19 3823312 c:\windows\system32\d3dx9_25.dll
+ 2010-09-22 03:33 . 2005-02-05 23:45 3544272 c:\windows\system32\d3dx9_24.dll
+ 2011-04-07 13:23 . 2010-05-26 15:41 1907552 c:\windows\system32\d3dcsx_43.dll
+ 2011-04-07 13:23 . 2009-09-04 21:29 5554512 c:\windows\system32\d3dcsx_42.dll
+ 2011-04-07 13:23 . 2010-05-26 15:41 2526056 c:\windows\system32\D3DCompiler_43.dll
+ 2011-04-07 13:23 . 2009-09-04 21:29 2582888 c:\windows\system32\D3DCompiler_42.dll
+ 2011-04-07 13:22 . 2009-03-09 19:27 2430312 c:\windows\system32\D3DCompiler_41.dll
+ 2011-04-07 13:22 . 2008-10-15 10:22 2605920 c:\windows\system32\D3DCompiler_40.dll
+ 2011-04-14 18:25 . 2008-07-12 12:18 1942552 c:\windows\system32\D3DCompiler_39.dll
+ 2011-04-07 13:22 . 2008-05-30 18:11 1941528 c:\windows\system32\D3DCompiler_38.dll
+ 2011-04-07 13:22 . 2008-03-05 19:56 1860120 c:\windows\system32\D3DCompiler_37.dll
+ 2010-09-22 03:34 . 2007-10-12 19:14 2006552 c:\windows\system32\D3DCompiler_36.dll
+ 2010-09-22 03:34 . 2007-07-19 22:14 1985904 c:\windows\system32\D3DCompiler_35.dll
+ 2010-09-22 03:34 . 2007-05-16 20:45 1401200 c:\windows\system32\D3DCompiler_34.dll
+ 2010-09-22 03:34 . 2007-03-12 20:42 1400176 c:\windows\system32\D3DCompiler_33.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 2067456 c:\windows\system32\d3d9.dll
+ 2011-05-06 01:10 . 2010-11-20 13:26 1838080 c:\windows\system32\d3d10warp.dll
+ 2009-07-13 23:46 . 2009-07-14 01:40 1267712 c:\windows\system32\d3d10.dll
+ 2011-05-06 01:09 . 2010-11-20 13:25 1065984 c:\windows\system32\cryptui.dll
+ 2011-05-06 01:10 . 2010-11-20 13:25 1456128 c:\windows\system32\crypt32.dll
+ 2009-07-14 00:07 . 2009-07-14 01:40 1393152 c:\windows\system32\connect.dll
+ 2009-07-14 00:01 . 2009-07-14 01:40 1735680 c:\windows\system32\comsvcs.dll
+ 2009-07-13 23:59 . 2009-07-14 01:26 1297408 c:\windows\system32\comres.dll
+ 2009-07-13 23:58 . 2009-07-14 01:40 1208832 c:\windows\system32\cmncliM.dll
+ 2009-07-14 00:27 . 2009-07-14 01:41 6100480 c:\windows\system32\chtbrkr.dll
+ 2009-07-14 00:28 . 2009-07-14 01:41 1675776 c:\windows\system32\chsbrkr.dll
+ 2009-07-13 23:50 . 2009-07-14 01:38 1175552 c:\windows\system32\certutil.exe
+ 2011-05-06 01:10 . 2010-11-20 13:25 1796096 c:\windows\system32\certmgr.dll
+ 2011-05-06 01:10 . 2010-11-20 13:25 1975296 c:\windows\system32\CertEnroll.dll
+ 2011-05-06 01:09 . 2010-11-20 13:25 1133568 c:\windows\system32\cdosys.dll
+ 2009-07-13 23:56 . 2009-07-14 01:25 6214144 c:\windows\system32\CardGames.dll
+ 2011-05-06 01:09 . 2010-11-20 13:32 2217856 c:\windows\system32\bootres.dll
+ 2010-08-28 13:08 . 2010-02-03 06:13 4750848 c:\windows\system32\bcmttls.dll
+ 2010-08-28 13:08 . 2010-02-03 06:13 1089024 c:\windows\system32\BCMLogon.dll
+ 2010-08-28 15:30 . 2010-02-03 06:13 3555840 c:\windows\system32\bcmihvui64.dll
+ 2010-08-28 15:30 . 2010-02-03 06:13 3891200 c:\windows\system32\bcmihvsrv64.dll
+ 2011-05-06 01:10 . 2010-11-20 13:25 1927680 c:\windows\system32\authui.dll
+ 2011-05-06 01:10 . 2010-11-20 13:39 5066752 c:\windows\system32\AuthFWSnapin.dll
+ 2010-08-28 15:35 . 2010-06-02 05:24 2752512 c:\windows\system32\atiumd6a.dll
+ 2010-08-28 15:35 . 2010-06-02 05:51 4929024 c:\windows\system32\atiumd64.dll
+ 2010-08-28 15:35 . 2010-06-02 06:12 4294656 c:\windows\system32\atidxx64.dll
+ 2010-08-28 15:35 . 2010-06-02 05:41 5264896 c:\windows\system32\aticaldd64.dll
+ 2009-07-14 00:30 . 2009-07-14 01:40 2134528 c:\windows\system32\apds.dll
+ 2009-07-13 23:31 . 2009-07-14 01:40 3739136 c:\windows\system32\AdvancedInstallers\cmiv2.dll
+ 2011-05-06 01:09 . 2010-11-20 13:25 3745792 c:\windows\system32\accessibilitycpl.dll
+ 2009-07-14 04:45 . 2012-02-16 08:31 7174117 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-05-17 12:44 . 2012-03-04 01:50 7675500 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2932831676-3308562004-1232316635-1001-12288.dat
- 2011-05-17 12:44 . 2012-03-01 05:31 7675500 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2932831676-3308562004-1232316635-1001-12288.dat
+ 2011-05-06 01:08 . 2010-11-20 12:08 12625408 c:\windows\SysWOW64\wmploc.DLL
+ 2011-05-06 01:10 . 2010-11-20 12:21 11410432 c:\windows\SysWOW64\wmp.dll
+ 2012-02-15 08:53 . 2012-01-04 08:59 12872704 c:\windows\SysWOW64\shell32.dll
+ 2009-07-14 00:13 . 2009-07-14 01:08 12038656 c:\windows\SysWOW64\NlsLexicons0007.dll
+ 2009-07-14 00:13 . 2009-07-14 01:08 11722752 c:\windows\SysWOW64\NlsLexicons0001.dll
+ 2009-07-14 00:13 . 2009-07-14 01:16 10240512 c:\windows\SysWOW64\NlsData000a.dll
+ 2012-02-16 08:01 . 2011-12-14 03:30 12282368 c:\windows\SysWOW64\mshtml.dll
+ 2009-07-13 23:42 . 2009-07-14 01:06 20268032 c:\windows\SysWOW64\imageres.dll
+ 2010-08-28 15:35 . 2010-06-02 06:15 15180800 c:\windows\SysWOW64\atioglxx.dll
+ 2011-05-06 01:08 . 2010-11-20 13:16 12625920 c:\windows\system32\wmploc.DLL
+ 2011-05-06 01:10 . 2010-11-20 13:27 14633472 c:\windows\system32\wmp.dll
+ 2009-07-14 02:34 . 2012-02-16 08:27 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-02-15 08:53 . 2012-01-04 10:44 14172672 c:\windows\system32\shell32.dll
+ 2009-07-14 00:33 . 2009-07-14 01:31 12038656 c:\windows\system32\NlsLexicons0007.dll
+ 2009-07-14 00:32 . 2009-07-14 01:31 11722752 c:\windows\system32\NlsLexicons0001.dll
+ 2012-02-16 08:01 . 2011-12-14 07:43 17790464 c:\windows\system32\mshtml.dll
+ 2010-09-07 00:47 . 2012-02-16 08:01 54585368 c:\windows\system32\MRT.exe
+ 2011-05-06 01:09 . 2010-11-20 13:26 10085888 c:\windows\system32\migwiz\wet.dll
+ 2009-07-13 23:57 . 2009-07-14 01:28 20268032 c:\windows\system32\imageres.dll
+ 2012-02-16 08:01 . 2011-12-14 07:16 10887168 c:\windows\system32\ieframe.dll
+ 2009-07-13 21:59 . 2009-06-10 20:37 11572512 c:\windows\system32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvlddmkm.sys
+ 2010-08-28 15:35 . 2010-06-02 06:15 15180800 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\atioglxx.dll
+ 2010-08-28 15:35 . 2010-06-02 06:44 19901952 c:\windows\system32\DriverStore\FileRepository\c7101311.inf_amd64_neutral_432eadb2504b33df\B100832\atio6axx.dll
+ 2010-08-28 15:35 . 2010-06-02 06:44 19901952 c:\windows\system32\atio6axx.dll
+ 2011-04-01 20:36 . 2012-03-04 01:50 10677360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2932831676-3308562004-1232316635-1001-8192.dat
- 2011-04-01 20:36 . 2012-03-02 14:24 10677360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2932831676-3308562004-1232316635-1001-8192.dat
.
-- Snapshot reset to current date --

#22 RedGem

RedGem

    New Member

  • Members
  • Pip
  • 25 posts

Posted 03 March 2012 - 10:58 PM

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-02 98304]
"dellsupportcenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 0241571330824515mcinstcleanup;McAfee Application Installer Cleanup (0241571330824515);c:\users\Ruby\AppData\Local\Temp\024157~1.EXE [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-27 136176]
R3 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-10-23 401920]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-27 136176]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 SAlphamHid;SteelHIDSvc;c:\windows\system32\DRIVERS\SAlpham64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-12-06 208536]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-17 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-27 17:30]
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-27 17:30]
.
2012-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2932831676-3308562004-1232316635-1001Core.job
- c:\users\Ruby\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-08 16:45]
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2932831676-3308562004-1232316635-1001UA.job
- c:\users\Ruby\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-08 16:45]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-03 5712896]
"McPvTray_exe"="c:\program files\McAfee\MAT\McPvTray.exe" [2011-04-08 436384]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.mindspring.com/~braininajar/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 207.69.188.186 207.69.188.187
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{25515A79-C1C7-4B97-97F8-31A711694487} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Completion time: 2012-03-03 21:05:36 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-04 02:05
ComboFix2.txt 2012-03-02 15:14
.
Pre-Run: 171,667,345,408 bytes free
Post-Run: 172,226,850,816 bytes free
.
- - End Of File - - FAE9F1BDE9DFEEA373E63B3CE9E48B02

#23 RedGem

RedGem

    New Member

  • Members
  • Pip
  • 25 posts

Posted 03 March 2012 - 10:59 PM

Okay that was alot of posts to get the whole log on to the thread. I have to admit I am unsure if I got the whole thing in properly because of the "this post is to long" issues I was having with the forum. Let me know if if you need the file attached to a post or not.

#24 Larusso

Larusso

    Selecta Jahrusso

  • Experts
  • PipPipPipPipPip
  • 905 posts
  • Gender:Male
  • Location:Austria
  • Interests:Dancehall DJing, Fighting against Babilon, Bodybuilding

Posted 04 March 2012 - 08:18 AM

No worries, appears complete.


How is your System behaving now ?

regards, Daniel

There will never be peace in a war so I don't understand what they are fighting for

I'll always help for free but if you want to support me in my fight against malware, please btn_donate_SM.gif
 


#25 RedGem

RedGem

    New Member

  • Members
  • Pip
  • 25 posts

Posted 04 March 2012 - 12:43 PM

I have not done anything other then run combofix, and post on the forums last night and this afternoon. I will leave the system up and do a little bit of light web surfing to see what happens and let you know.

#26 RedGem

RedGem

    New Member

  • Members
  • Pip
  • 25 posts

Posted 04 March 2012 - 07:45 PM

Had the computer on all day and no bluescreens, chrome has not crashed at all and it seems that no extra Svchost applications have been running. CPU usage has stayed low (1-5%) and low memory usage (highest was 30%)

#27 Larusso

Larusso

    Selecta Jahrusso

  • Experts
  • PipPipPipPipPip
  • 905 posts
  • Gender:Male
  • Location:Austria
  • Interests:Dancehall DJing, Fighting against Babilon, Bodybuilding

Posted 05 March 2012 - 07:36 AM

Sounds great :)

I notice you have Malwarebytes' Anti-Malware installed on your machine. Please launch the program and select the update tab, then click on the check for updates button.

  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Save it to your desktop.

Note: Malwarebytes' Anti-Malware may require a reboot to complete removals. After a reboot, if required, post that saved log in your next reply.




Go here to run an online scanner from ESET.
  • Note: You will need to use Internet explorer for this scan
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked, and the option Scan unwanted applications is checked
  • Click Start
  • Wait for the scan to finish
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name.
  • Push the Back button.
  • Push Finish

Please post this logfile in your next reply




Please launch DDS
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop and post both in your next reply



Please post in your next reply
MBAM Log
ESET.txt
dds.txt
attach.txt

regards, Daniel

There will never be peace in a war so I don't understand what they are fighting for

I'll always help for free but if you want to support me in my fight against malware, please btn_donate_SM.gif
 


#28 RedGem

RedGem

    New Member

  • Members
  • Pip
  • 25 posts

Posted 05 March 2012 - 03:57 PM

Okay. Ran all 3 items didnt seem to have a problem, other then me forgetting to actually save the log files and having to rerun them:)

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.03.05.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ruby :: REDGEM [administrator]
Protection: Enabled
3/5/2012 1:14:22 PM
mbam-log-2012-03-05 (13-14-22).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 194316
Time elapsed: 5 minute(s), 16 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 5
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\configcsr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\hostct.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mbkgxhwbxarejhz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\qdyzfxlunj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\vqedcgoidwfftfwy.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
(end)

#29 RedGem

RedGem

    New Member

  • Members
  • Pip
  • 25 posts

Posted 05 March 2012 - 03:58 PM

ESET online scanner

C:\TDSSKiller_Quarantine\02.03.2012_09.34.14\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan
C:\TDSSKiller_Quarantine\02.03.2012_09.34.14\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan
C:\TDSSKiller_Quarantine\02.03.2012_09.34.14\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Ruby at 15:33:11 on 2012-03-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3959.2239 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\mcafee\MAT\McPvTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Ruby\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k swprv
c:\PROGRA~1\mcafee\msc\mcupdmgr.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.mindspring.com/~braininajar/
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120303202815.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {25515A79-C1C7-4B97-97F8-31A711694487} - No File
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [googletalk] C:\Users\Ruby\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 207.69.188.186 207.69.188.187
TCP: Interfaces\{E6ABFD4F-1A09-4B31-9E21-7F4A87BABD78} : DhcpNameServer = 207.69.188.186 207.69.188.187
TCP: Interfaces\{E6ABFD4F-1A09-4B31-9E21-7F4A87BABD78}\2375942554035333 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{E6ABFD4F-1A09-4B31-9E21-7F4A87BABD78}\4497E65687 : DhcpNameServer = 192.168.2.1 68.87.77.134 68.87.72.134
TCP: Interfaces\{E6ABFD4F-1A09-4B31-9E21-7F4A87BABD78}\4637D602E6564777F627B6 : DhcpNameServer = 205.152.37.23 205.152.150.23
TCP: Interfaces\{E6ABFD4F-1A09-4B31-9E21-7F4A87BABD78}\8686F6E6F62737 : DhcpNameServer = 12.127.16.67 12.127.17.71
TCP: Interfaces\{E6ABFD4F-1A09-4B31-9E21-7F4A87BABD78}\C4F62746027556C6C696E67647F6E67237022456566602452716D27657563747 : DhcpNameServer = 207.69.188.186 207.69.188.187
TCP: Interfaces\{E6ABFD4F-1A09-4B31-9E21-7F4A87BABD78}\C696E6B6379737 : DhcpNameServer = 97.64.209.36 97.64.168.13
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120303202815.dll
BHO-X64: scriptproxy - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {25515A79-C1C7-4B97-97F8-31A711694487} - No File
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
.
============= SERVICES / DRIVERS ===============
.
R0 McPvDrv;McPvDrv Driver;C:\Windows\system32\drivers\McPvDrv.sys --> C:\Windows\system32\drivers\McPvDrv.sys [?]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-8-28 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-28 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-23 652360]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-3-3 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-3-3 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-3-3 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-3-3 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\SystemCore\mcshield.exe [2012-3-3 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe [2012-3-3 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-28 2320920]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 0301411330976863mcinstcleanup;McAfee Application Installer Cleanup (0301411330976863);C:\Windows\TEMP\030141~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> C:\Windows\TEMP\030141~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-27 136176]
S3 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2011-3-1 401920]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-27 136176]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 SAlphamHid;SteelHIDSvc;C:\Windows\system32\DRIVERS\SAlpham64.sys --> C:\Windows\system32\DRIVERS\SAlpham64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-03-05 18:26:56 -------- d-----w- C:\Program Files (x86)\ESET
2012-03-04 02:12:46 -------- d-sh--w- C:\$RECYCLE.BIN
2012-03-04 01:34:30 71800 ----a-w- C:\Windows\System32\drivers\McPvDrv.sys
2012-03-04 01:28:24 -------- d-----w- C:\Program Files (x86)\McAfee.com
2012-03-04 01:28:14 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-03-04 01:28:14 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2012-03-04 01:28:07 75808 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2012-03-04 01:28:07 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-03-04 01:28:07 481768 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-03-04 01:28:07 284648 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-03-04 01:28:07 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-03-04 01:28:07 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-03-04 01:27:59 -------- d-----w- C:\Program Files\McAfee.com
2012-03-04 01:15:57 161168 ----a-w- C:\Windows\System32\mfevtps.exe
2012-03-04 00:46:30 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BC2D034D-5A6A-49C6-AC46-578C11DB3019}\mpengine.dll
2012-03-02 14:50:31 98816 ----a-w- C:\Windows\sed.exe
2012-03-02 14:50:31 518144 ----a-w- C:\Windows\SWREG.exe
2012-03-02 14:50:31 256000 ----a-w- C:\Windows\PEV.exe
2012-03-02 14:50:31 208896 ----a-w- C:\Windows\MBR.exe
2012-03-02 14:35:39 -------- d-----w- C:\TDSSKiller_Quarantine
2012-02-29 23:39:27 -------- d-sh--w- C:\Windows\SysWow64\%USERPROFILE%
2012-02-29 19:30:27 -------- d-----w- C:\6b8eae85aeac68d7299db7ed
2012-02-29 19:17:14 -------- d-----w- C:\Users\Ruby\AppData\Roaming\ParetoLogic
2012-02-29 19:17:14 -------- d-----w- C:\Users\Ruby\AppData\Roaming\DriverCure
2012-02-29 19:17:03 -------- d-----w- C:\ProgramData\ParetoLogic
2012-02-29 02:54:21 -------- d-----w- C:\Users\Ruby\AppData\Local\McAfee Anti-Theft
2012-02-25 15:26:02 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-02-15 08:53:56 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-15 08:53:55 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-15 08:53:52 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-15 08:53:51 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-15 08:53:48 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-15 08:53:46 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-15 08:53:32 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-15 08:53:31 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
.
==================== Find3M ====================
.
2012-01-29 10:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-15 19:42:12 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-12-12 00:07:03 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-12-10 20:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 15:41:58.42 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 9/6/2010 7:52:09 PM
System Uptime: 3/5/2012 1:21:58 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 03C6YH
Processor: Intel® Core™ i3 CPU M 350 @ 2.27GHz | CPU 1 | 2261/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 156.954 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP220: 2/29/2012 2:29:39 PM - Windows Update
RP221: 2/29/2012 4:27:04 PM - Windows Update
RP222: 3/3/2012 7:45:59 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9.1
Advanced Audio FX Engine
Amazon Games & Software Downloader
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Consumer In-Home Service Agreement
Cozi
Curse Client
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Dock
Dell Driver Download Manager
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Webcam Central
Dragon Age II
Dragon Age: Origins
EA Installer
EA Shared Game Component: Activation
ESET Online Scanner v3
Google Chrome
Google Talk (remove only)
Google Update Helper
GoToAssist 8.0.0.514
Hero Lab 3.9b
Heroes of Might and Magic V
Heroes of Might and Magic® IV
Intel® Control Center
Intel® Management Engine Components
Intel® Rapid Storage Technology
J2SE Runtime Environment 5.0
Java Auto Updater
Java™ 6 Update 26
Live! Cam Avatar Creator
LoJack Factory Installer
Malwarebytes Anti-Malware version 1.60.1.1000
Mass Effect 2
Master Of Magic
McAfee Total Protection
Media Player Utilities 4.27
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Neverwinter Nights 2
NVIDIA PhysX
Origin
PDFCanvas V1.5
Roxio Burn
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
Skype™ 5.6
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client
Windows Live Sync
World of Warcraft
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
3/3/2012 8:58:59 PM, Error: Service Control Manager [7022] - The Intel® Management & Security Application User Notification Service service hung on starting.
3/3/2012 8:50:56 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
3/3/2012 8:49:55 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/3/2012 8:35:05 PM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.
3/3/2012 8:20:37 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
3/3/2012 8:20:17 PM, Error: Service Control Manager [7003] - The Internet Connection Sharing (ICS) service depends the following service: BFE. This service might not be installed.
3/3/2012 8:20:16 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
3/3/2012 8:20:15 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
3/3/2012 8:20:15 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
3/3/2012 8:11:51 PM, Error: Service Control Manager [7000] - The McAfee Validation Trust Protection Service service failed to start due to the following error: The system cannot find the file specified.
3/3/2012 8:10:14 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
3/3/2012 8:09:35 PM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/3/2012 8:09:35 PM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/3/2012 8:09:35 PM, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/3/2012 10:54:31 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.
3/2/2012 9:50:33 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
3/2/2012 9:45:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/2/2012 9:45:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/2/2012 9:45:05 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
3/2/2012 9:45:02 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/2/2012 9:44:54 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/2/2012 9:44:47 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6
3/2/2012 9:44:45 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
3/2/2012 9:33:54 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
3/2/2012 9:31:17 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/2/2012 9:31:14 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
3/2/2012 9:23:57 AM, Error: Service Control Manager [7043] - The McAfee McShield service did not shut down properly after receiving a preshutdown control.
3/2/2012 9:05:59 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
3/2/2012 9:03:13 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dd, 0x0000000000000002, 0x0000000000000001, 0xfffff800028faab5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 030212-19047-01.
3/2/2012 8:58:46 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000096, 0xfffff800034f9b5a, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 030212-18766-01.
3/2/2012 10:15:57 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
3/2/2012 10:02:35 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/1/2012 9:36:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
3/1/2012 9:33:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
3/1/2012 9:23:48 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mcmscsvc service.
3/1/2012 9:21:32 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
3/1/2012 12:39:48 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
3/1/2012 12:33:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Scanner service to connect.
3/1/2012 12:33:31 PM, Error: Service Control Manager [7000] - The McAfee Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/1/2012 12:33:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MCODS with arguments "" in order to run the server: {C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}
3/1/2012 12:20:00 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800034ac3a6, 0x0000000000000000, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 030112-33056-01.
3/1/2012 12:15:26 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {3AD05575-8857-4850-9277-11B85BDB8E09} and APPID {3AD05575-8857-4850-9277-11B85BDB8E09} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
3/1/2012 12:05:24 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Power service, but this action failed with the following error: A system shutdown has already been scheduled.
3/1/2012 12:05:24 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the DCOM Server Process Launcher service, but this action failed with the following error: A system shutdown has already been scheduled.
3/1/2012 12:05:24 PM, Error: Service Control Manager [7031] - The Power service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
3/1/2012 12:05:24 PM, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
3/1/2012 12:05:24 PM, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
3/1/2012 12:05:21 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/1/2012 12:05:21 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/1/2012 12:05:21 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
3/1/2012 12:05:18 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/1/2012 12:05:18 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/1/2012 12:05:18 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/1/2012 11:58:00 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000346af6b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 030112-24694-01.
3/1/2012 11:50:02 AM, Error: Service Control Manager [7031] - The Windows Event Log service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/1/2012 11:50:02 AM, Error: Service Control Manager [7031] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
3/1/2012 11:50:02 AM, Error: Service Control Manager [7031] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/1/2012 11:41:30 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800037cba9a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 030112-20748-01.
3/1/2012 1:09:18 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff800034c1ab5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 030112-16894-01.
2/29/2012 7:58:44 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800034b1f6b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022912-21512-01.
2/29/2012 7:58:34 AM, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 7:16:08 AM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 2 time(s).
2/29/2012 7:12:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaSvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
2/29/2012 4:20:32 AM, Error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 6 time(s).
2/29/2012 4:19:04 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0xfffff8a0400c0024, 0x0000000000000002, 0x0000000000000000, 0xfffff80003481d75). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022912-18844-01.
2/29/2012 4:18:33 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
2/29/2012 4:16:15 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
2/29/2012 4:14:26 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
2/29/2012 4:11:03 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
2/29/2012 2:37:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06}
2/29/2012 2:36:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache mfehidk mfenlfk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
2/29/2012 2:36:44 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
2/29/2012 2:36:44 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 2:36:44 PM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 2:36:44 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 2:33:00 PM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
2/29/2012 2:30:59 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800037cfa9a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022912-32151-01.
2/29/2012 12:28:59 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff800034faab5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022912-31090-01.
2/29/2012 11:44:17 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80003478f6b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022912-19016-01.
2/29/2012 11:41:47 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff8000350cab5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022912-18408-01.
2/29/2012 11:38:17 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 10:35:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2/29/2012 10:32:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
2/29/2012 10:32:27 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
2/29/2012 10:32:22 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800034a9f6b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022912-20482-01.
2/29/2012 10:32:13 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
2/29/2012 10:32:13 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 10:32:13 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 10:32:13 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 10:32:12 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 10:32:12 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2/29/2012 10:32:12 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
2/29/2012 10:32:12 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/29/2012 10:32:12 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2/29/2012 10:25:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/29/2012 10:25:24 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
2/29/2012 10:25:24 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/28/2012 9:37:50 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000002e40, 0x0000000000000002, 0x0000000000000000, 0xfffff8000348cd75). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022812-28267-01.
2/28/2012 7:58:05 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800034baf6b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022812-33072-01.
2/28/2012 5:58:58 PM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The data is invalid.
2/28/2012 4:13:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800034c5f6b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022812-17908-01.
2/28/2012 11:58:55 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000345ef6b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022812-22838-01.
.
==== End Of File ===========================

#30 Larusso

Larusso

    Selecta Jahrusso

  • Experts
  • PipPipPipPipPip
  • 905 posts
  • Gender:Male
  • Location:Austria
  • Interests:Dancehall DJing, Fighting against Babilon, Bodybuilding

Posted 06 March 2012 - 09:33 AM

Hy there

Your Adobe Acrobat Reader is out of date. Older versions have vulnerabilities that malware can use to infect your system.

There is a newer version of Adobe Acrobat Reader available.
  • Please go to this link Adobe Acrobat Reader Download Link
  • Untick Free McAfee® Security Scan Plus if you do not wish to include this in the installation.
  • Click Download
  • On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
  • Click the Continue button
  • Click Run, and click Run again
  • Next click the Install Now button and follow the on screen prompts

When the installation is complete go to Add/Remove Programs and uninstall all previous versions.



Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

  • Download the latest version of Java Runtime Enviroment 6 Update 31 and save it to your desktop.
  • Scroll down to where it says Java SE 6 Update 31
  • Click the red Download JRE button on the right.
  • Read the License Agreement then select Accept License Agreement
  • Click on the link to download Windows x86 Offline and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u31-windows-i586 to install the newest version.

After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
  • On the General tab, under Temporary Internet Files, click the Settings button.
  • Next, click on the Delete Files button
  • There are three options in the window to clear the cache - Make sure all are checked
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.




Please post in your next reply
Note any open issues :)

regards, Daniel

There will never be peace in a war so I don't understand what they are fighting for

I'll always help for free but if you want to support me in my fight against malware, please btn_donate_SM.gif
 


#31 RedGem

RedGem

    New Member

  • Members
  • Pip
  • 25 posts

Posted 06 March 2012 - 12:00 PM

Everything uninstalled and installed fine. Still no blue screens or out of the ordinary CPU or Memory usage

#32 Larusso

Larusso

    Selecta Jahrusso

  • Experts
  • PipPipPipPipPip
  • 905 posts
  • Gender:Male
  • Location:Austria
  • Interests:Dancehall DJing, Fighting against Babilon, Bodybuilding

Posted 07 March 2012 - 01:41 AM

Great :)

Unless you have any open issues, you are good to go. Please follow these last few steps.
Please press the Posted Image + R Key and Copy/Paste the following single-line command into the Run box and click OK

combofix /uninstall


This will uninstall ComboFix and delete ComboFix's quarantine folder. It will also implement some cleanup procedures, remove old System Restore Points which contain previous infections, and create a fresh, clean System Restore Point.

Please re-enable your antivirus program and any other antispyware programs disabled earlier if you haven't already.

You can safely delete any tools downloaded or any logs, files, and any shortcuts on your desktop that were created during this fix.

Empty your Recycle Bin if it does not do so automatically.


Now that you appear to be free from malware lets help you stay that way!

It is vital that you keep your system up to date
  • Please enable Automatic Updates to keep your system up to date.
  • Windows Updates
    • Win XP: Start --> Control Panel and double- click on Automatic Updates.
    • Vista / 7: Start --> Control Panel --> System and Security --> Windows Updates
  • Software Updates
    Your installed Software also can have vulnerabilities that malware can use to infect your system.
    To keep your installed Software up to date I recommend File Hippo.


Anti Virus Software
Make sure to have one Anti Virus programme installed and update it on a regular basis. It is useless with out of date definitions.

Additional Protection
  • Malwarebytes Anti Malware
    The freeware Version is an on demand scanner which will check your system for malware. Update it once a week and run a Quick Scan. You can also buy a licence which offers more features.
  • WinPatrol
    WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.


Safer Browsing


Use an alternate browser
Other browsers tend to be more secure than IE as they do not make use of active x objects. Active x objects can be used by spyware as an infection point on your computer.
Note: If you use Firefox you may want to have a look on this Add Ons.

Computer Maintenance
Clean out your temp files on a regular basis -I recommend TFC ( Temp File Cleaner ).


Thinking while surfing
There is no software which will protect your system from yourself.
I have included some security related articles that I advise you read through in your own time. These articles will give you tips and advice on preventing infection, and how to stay safe whilst browsing the internet.


If you have any questions kindly ask.

Please respond to this thread one more time so we can mark this thread as resolved.

regards, Daniel

There will never be peace in a war so I don't understand what they are fighting for

I'll always help for free but if you want to support me in my fight against malware, please btn_donate_SM.gif
 


#33 RedGem

RedGem

    New Member

  • Members
  • Pip
  • 25 posts

Posted 08 March 2012 - 06:32 PM

All above steps have been taken. Thank you for your time!

#34 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 09 March 2012 - 07:51 AM

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users