Jump to content

dbfever

Members
  • Content Count

    125
  • Joined

  • Last visited

About dbfever

  • Rank
    Member
  1. Much to my dismay, we don't @nigsy - I tried to reboot from the dvd, but it did the same thing as before. The laptop just kept rebooting itself, even though I chose to reboot from cd/dvd. Please help!
  2. Hi, I need help with my sister's laptop. She has a Toshiba Satellite C660 running on Windows 7. The laptop when booting up suddenly brings out a black screen saying, "Windows failed to start. A recent hardware or software change might be the cause..." With two options to select: - Launch Startup Repair - Start Windows Normally When I chose 'Startup Repair' the laptop goes to a 'Windows Loading Files' screen but then suddenly becomes black with just the cursor. When choosing the 'Start Windows Normally' the laptop will keep rebooting itself. This goes the same for the 'Safe Mode & Last Good Configuration' options as well. Is there anyway I can getting it working again without having to use the windows 7 cd? I don't have one. Thank you in advance
  3. Thank you for that thorough explanation. Once I get home, I will check to see for any of those signs. Thank you!
  4. Oh no! I really need to recover data off it. Freezing my hard drive... I heard that it is an absolute myth and can damage your hard drive even more since after taking it out from the freezer, the moisture that is retained from freezing it is absorbed into every bit of the hard drive. Anyone out there with any more suggestions? Greatly appreciated if there are. How would I also know if it is the circuit board or not? What signs are there to indicate that it is burnt and needs replacement?
  5. Bought a caddy and tried to see if the drive will work on my laptop. Did not work at all, please help.
  6. I've tried a usb cable connected to my hard drive to the laptop and it did not detect it as an external hard drive. Still trying to get hold of a caddy. Are there any other suggestions for how I can recover data from the hard drive?
  7. Excuse my noobiness but what is a caddy? Do you have an example of it? I've been searching everywhere for a usb cable but no luck. Can only find male and female which I already have and so I tried my best to find a usb adapter but still no luck. Is there anyway else I can connect the two? If possible, will I be able to transfer data from my almost dieing hard drive into my laptop or something using ethernet cables? (Also in between the weeks before my hard drive behaved this way, I kept getting blue screens that said it had an error and needed to be rebooted to perform memory dump something a long those lines)
  8. just tried the fixboot command but received an error msg "cannot find the system drive or the driver specified is not valid
  9. thanks for the tip. I will try that after doing this. Cleaned out my hard drive tower and was able to start a recovery console. What do u suggest i should do for the recovery console?
  10. Hi, Just turned on my computer this morning to discover that it wasn't booting up properly. After the Asus splashscreen it went to a black screen and shows 'reboot and select boot device...' Attempted to perform recovery console with my windows xp home edition cd but error msg came up and said 'no hardware driver was detected' checked on Bios setup and in 'main' tab primary ide master, primary ide slave, sata 1 etc was classified as 'not detected' except sata 3: hl-dt-stdvd-ram gh tried to turn off hard drive, unplug everything then plug everything back securely but still same problem. I don't know much about computers so i am not brave enough to open up the hard drive to see if there's anything wrong inside, so if someone is willing to guide me that will be greatly appreciatd! Windows xp home edition Intel pentium ® Dual Core CPU E5200 @ 2.50G ASUS P5KPL-AM/PS thanks in advance
  11. DDS (Ver_09-10-26.01) - NTFSx86 Run by User at 20:13:11.20 on Mon 16/11/2009 Internet Explorer: 6.0.2900.5512 Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.2038.1379 [GMT 11:00] AV: avast! antivirus 4.8.1356 [VPS 091115-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\DNA\btdna.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe svchost.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Alwil Software\Avast4\setup\avast.setup C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\User\Desktop\dds.pif ============== Pseudo HJT Report =============== mStart Page = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [bitTorrent DNA] "c:\program files\dna\btdna.exe" uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe" uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1 mRun: [RTHDCPL] RTHDCPL.EXE mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe" mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam10\QuickCam10.exe" /hide mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles mRun: [Nokia FastStart] "c:\program files\nokia\nokia music\NokiaMusic.exe" /command:faststart mRun: [userFaultCheck] %systemroot%\system32\dumprep 0 -u mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\user\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\user\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL Trusted Zone: clubbox.co.kr DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\zzw44m2o.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: browser.search.selectedEngine - SweetIM Search FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= FF - component: c:\program files\common files\dvdvideosoft\dll\ffcontextmenuy\components\FFContextMenu.dll FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-10-21 114768] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-8-5 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-8-5 74480] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-10-21 20560] R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512] R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-8-5 7408] S2 TwonkyMedia;TwonkyMedia;c:\program files\nokia\nokia home media server\media server\twonkymedia.exe -serviceversion 0 --> c:\program files\nokia\nokia home media server\media server\TwonkyMedia.exe -serviceversion 0 [?] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2009-5-21 16512] S3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [2009-2-21 36864] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-2-21 222976] S4 pcpitstop scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2009-9-16 77312] =============== Created Last 30 ================ 2009-11-16 09:12:57 0 d--h--w- c:\windows\PIF 2009-11-15 12:03:55 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf 2009-11-15 12:03:53 21504 ----a-w- c:\windows\system32\drivers\hidserv.dll 2009-11-15 02:22:41 0 ----a-w- c:\windows\lgfwup.ini 2009-11-15 02:22:39 59904 ----a-w- c:\windows\system32\wbemdisp.tlb 2009-11-15 02:22:39 115016 ----a-w- c:\windows\system32\MSINET.OCX 2009-11-15 02:22:39 102912 ----a-w- c:\windows\system32\Vb6stkit.dll 2009-11-15 02:22:39 102160 ----a-w- c:\windows\system32\VB6KO.DLL 2009-11-08 09:55:05 0 d-sha-r- C:\autorun.inf 2009-11-08 09:42:22 0 d-----w- C:\CombaFix3070C 2009-11-08 04:55:11 0 d-----w- c:\docume~1\user\applic~1\Uniblue 2009-11-05 11:50:08 98816 ----a-w- c:\windows\sed.exe 2009-11-05 11:50:08 77312 ----a-w- c:\windows\MBR.exe 2009-11-05 11:50:08 267264 ----a-w- c:\windows\PEV.exe 2009-11-05 11:50:08 161792 ----a-w- c:\windows\SWREG.exe 2009-11-05 11:50:03 0 d-----w- C:\CombaFix17696C 2009-11-05 11:46:44 0 d-----w- C:\CombaFix17998C 2009-10-30 10:51:47 0 d-----w- C:\CombaFix12294C 2009-10-25 04:32:59 0 d-----w- C:\CombaFix1202C 2009-10-25 03:42:17 0 d-----w- C:\CombaFix24855C 2009-10-25 03:35:18 7680 --sha-w- c:\windows\Thumbs.db 2009-10-25 03:05:11 0 d-sha-r- C:\cmdcons 2009-10-25 02:57:06 0 d-----w- C:\CombaFix 2009-10-21 10:05:48 0 d-----w- c:\windows\ERUNT 2009-10-21 10:04:41 0 d-----w- C:\SDFix 2009-10-21 09:57:04 12800 ----a-w- c:\windows\system32\bootdelete.exe 2009-10-21 09:33:46 11904 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2009-10-21 09:33:10 0 d-----w- c:\program files\Hitman Pro 3.5 2009-10-21 09:33:10 0 d-----w- c:\docume~1\alluse~1\applic~1\Hitman Pro 2009-10-21 09:20:00 0 d-----w- c:\program files\Uniblue 2009-10-21 08:21:36 0 d-----w- C:\VundoFix Backups 2009-10-21 04:47:41 1033728 ------w- c:\windows\explorer.exe ==================== Find3M ==================== 2009-09-25 05:37:11 667136 ------w- c:\windows\system32\wininet.dll 2009-09-25 05:37:09 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-03-21 11:46:49 10504864 ----a-w- c:\program files\iMeshV8.exe 2009-03-19 08:03:57 3073749 ----a-w- c:\program files\Setup_MagicISO.exe 2009-03-09 06:03:14 15727416 ----a-w- c:\program files\brico-pack-crystal-xp-crystalxp.net-en-117.zip 2009-03-09 05:49:33 547496 ----a-w- c:\program files\ChromeSetup.exe 2007-09-13 05:51:14 9679815 ----a-w- c:\program files\vlc-0.8.6c-win32.exe ============= FINISH: 20:13:29.87 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-10-26.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 21/02/2009 10:22:55 AM System Uptime: 16/11/2009 7:30:42 PM (1 hours ago) Motherboard: ASUSTeK Computer INC. | | P5KPL-AM/PS Processor: Intel Pentium III Xeon processor | Socket 775 | 2500/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 466 GiB total, 290.276 GiB free. D: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318} Description: Microsoft PS/2 Mouse Device ID: ACPI\PNP0F03\4&2C575ACB&0 Manufacturer: Microsoft Name: Microsoft PS/2 Mouse PNP Device ID: ACPI\PNP0F03\4&2C575ACB&0 Service: i8042prt Class GUID: Description: Device ID: ROOT\LEGACY_BEEP\XX_LCBXPQ_XX Manufacturer: Name: PNP Device ID: ROOT\LEGACY_BEEP\XX_LCBXPQ_XX Service: lcbxpq Class GUID: Description: Device ID: ROOT\LEGACY_BEEP\XX_VZAYWOE_XX Manufacturer: Name: PNP Device ID: ROOT\LEGACY_BEEP\XX_VZAYWOE_XX Service: vzaywoe Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia Windows Portable Device Driver Device ID: ROOT\WPD\0000 Manufacturer: Nokia Name: Nokia N97 PNP Device ID: ROOT\WPD\0000 Service: WUDFRd Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia 6110 Navigator Device ID: ROOT\WPD\0001 Manufacturer: Nokia Name: Nokia 6110 Navigator PNP Device ID: ROOT\WPD\0001 Service: WUDFRd ==== System Restore Points =================== RP1: 25/10/2009 2:12:47 PM - System Checkpoint RP2: 6/11/2009 8:43:14 PM - Software Distribution Service 3.0 RP3: 6/11/2009 11:30:46 PM - Software Distribution Service 3.0 RP4: 8/11/2009 4:04:35 PM - Removed Kaspersky Anti-Virus 2010. RP5: 8/11/2009 11:03:45 PM - Software Distribution Service 3.0 RP6: 9/11/2009 11:27:31 PM - System Checkpoint RP7: 11/11/2009 9:44:34 PM - System Checkpoint RP8: 12/11/2009 10:38:14 PM - Software Distribution Service 3.0 RP9: 15/11/2009 12:35:06 PM - System Checkpoint RP10: 15/11/2009 1:24:27 PM - Removed Nero 7 Essentials RP11: 15/11/2009 11:03:48 PM - Software Distribution Service 3.0 ==== Installed Programs ====================== 2007 Microsoft Office Suite Service Pack 1 (SP1) a-squared Free 4.5 Acrobat.com Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge 1.0 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Common File Installer Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Fonts All Adobe Help Center 1.0 Adobe Help Viewer CS3 Adobe Illustrator CS3 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS2 Adobe Photoshop CS3 Adobe Reader 9.1.2 Adobe Setup Adobe SING CS3 Adobe Stock Photos 1.0 Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 Any Video Converter 2.7.6 ArcSoft PhotoImpression 5 Ashampoo Burning Studio 6 Ask Toolbar Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver avast! Antivirus Choice Guard Clubbox ÆÄÀÏÀü¼Û°ü¸®ÀÚ Convert FLV to MP3 1.0 DNA DVD Suite EPSON Attach To Email EPSON Copy Utility 3 EPSON Easy Photo Print EPSON File Manager EPSON Image Clip Palette EPSON Printer Software EPSON Scan EPSON Scan Assistant EPSON Web-To-Page ESPRX530 User's Guide ffdshow [rev 3026] [2009-07-05] Free DVD Creator version 2.0 Free Studio version 4.2 Free Video to Mp3 Converter version 3.1 Free YouTube FLV Converter v1.0 Google Chrome HijackThis 1.99.1 Hitman Pro 3.5 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Intel® Graphics Media Accelerator Driver Japanese Language Support Java 6 Update 14 Junk Mail filter update K-Lite Codec Pack 4.3.1 (Full) LAME v3.98.2 for Audacity Logitech Audio Echo Cancellation Component Logitech QuickCam Logitech Video Enumerator Logitech® Camera Driver Magic DVD Ripper V5.4.2 Magic ISO Maker v5.5 (build 0274) Malwarebytes' Anti-Malware Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Software Update for Web Folders (English) 12 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.5 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox (3.0.11) MSN MSVC80_x86 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 6.0 Parser (KB933579) MVision neroxml Nokia Connectivity Cable Driver Nokia Home Media Server Nokia Map Loader Nokia Music Nokia Ovi Application Installer Nokia Ovi Application Installer 6.85.3011 Nokia Ovi Content Copier Nokia Ovi Content Copier 6.85.3011 Nokia Ovi One Touch Access Nokia Ovi One Touch Access 6.85.3011 Nokia Ovi Suite Nokia Ovi System Utilities Nokia Ovi System Utilities 6.85.3013 Nokia PC Suite Nokia Photos Nokia Software Updater Pack Crystal XP 3.0 PC Connectivity Solution PC Pitstop Exterminate2 2.0 PDF Settings PIF DESIGNER Platform PowerDVD PowerProducer REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver RocketDock 1.3.5 Security Update for 2007 Microsoft Office System (KB951550) Security Update for 2007 Microsoft Office System (KB951944) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB973704) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Excel 2007 (KB973593) Security Update for Microsoft Office OneNote 2007 (KB950130) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office Publisher 2007 (KB969693) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB969604) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960714) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB963027) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969897) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972260) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974455) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Segoe UI STOIK Video Converter 2 Storm Hawks Sky Race SUPERAntiSpyware Free Edition SweetIM for Messenger 2.7 SweetIM Toolbar for Internet Explorer 3.4 TwonkyMedia Uniblue RegistryBooster 2010 Uninstall 1.0.0.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Outlook 2007 Junk Email Filter (kb975960) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB973815) Update for Windows XP (KB976749) VIA Platform Device Manager Video To MPEG Converter 1.00 VideoLAN VLC media player 0.8.6c WebFldrs XP Windows Driver Package - Nokia Modem (02/15/2007 3.1) Windows Driver Package - Nokia Modem (02/23/2009 7.01.0.2) Windows Driver Package - Nokia Modem (02/24/2009 4.0) Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Toolbar Windows Live Upload Tool Windows Live Writer Windows Media Format 11 runtime WinRAR archiver ==== Event Viewer Messages From Past Week ======== 9/11/2009 9:36:59 PM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D. 9/11/2009 9:12:36 PM, error: Dhcp [1002] - The IP address lease 114.76.254.188 for the Network Card with network address 002215BDA82F has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 15/11/2009 6:46:20 PM, error: Dhcp [1002] - The IP address lease 114.76.236.52 for the Network Card with network address 002215BDA82F has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 15/11/2009 4:47:39 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 15/11/2009 11:39:40 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 15/11/2009 11:24:37 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 11/11/2009 10:22:49 PM, error: Dhcp [1002] - The IP address lease 114.76.250.26 for the Network Card with network address 002215BDA82F has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). ==== End Of File =========================== My computer is running quite slower than usual. But other than that, it's fine.
  12. Malwarebytes' Anti-Malware 1.41 Database version: 3153 Windows 5.1.2600 Service Pack 3 12/11/2009 8:05:21 PM mbam-log-2009-11-12 (20-05-21).txt Scan type: Quick Scan Objects scanned: 123736 Time elapsed: 3 minute(s), 39 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Kaspersky scan: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Thursday, November 12, 2009 Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Thursday, November 12, 2009 09:36:34 Records in database: 3194503 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - My Computer: A:\ C:\ D:\ Scan statistics: Objects scanned: 152262 Threats found: 6 Infected objects found: 18 Suspicious objects found: 0 Scan duration: 02:23:59 File name / Threat / Threats count C:\Program Files\Alwil Software\Avast4\DATA\moved\111.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\140.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\180.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\19.tmp.vir Infected: Backdoor.Win32.Agent.akwi 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\230.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\245.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\258.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\489.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\549.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\5C.tmp.vir Infected: Backdoor.Win32.Agent.akwi 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\750.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\850.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\992.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\995.exe.vir Infected: Trojan-Downloader.Win32.FraudLoad.wtgt 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\ld15.exe.vir Infected: Net-Worm.Win32.Koobface.btj 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\njdlukgq.exe.vir Infected: Trojan-Downloader.Win32.Small.anry 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\pr3xy[1].exe.vir Infected: Trojan.Win32.Crypt.bgj 1 C:\Program Files\Alwil Software\Avast4\DATA\moved\SKYNETrowpaakahr.tmp.vir Infected: Packed.Win32.TDSS.z 1 Selected area has been scanned.
  13. Hi Catbyte, I have 3 mbam logs from the first time I tried scanning through just in case you need it cos I've only just completed the kaspersky one. Malwarebytes' Anti-Malware 1.41 Database version: 2775 Windows 5.1.2600 Service Pack 3 9/11/2009 10:47:46 PM mbam-log-2009-11-09 (22-47-46).txt Scan type: Quick Scan Objects scanned: 111472 Time elapsed: 3 minute(s), 12 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows client (Backdoor.Bot) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Malwarebytes' Anti-Malware 1.41 Database version: 3145 Windows 5.1.2600 Service Pack 3 11/11/2009 9:26:29 PM mbam-log-2009-11-11 (21-26-29).txt Scan type: Quick Scan Objects scanned: 121742 Time elapsed: 3 minute(s), 32 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba603215-23f2-42ad-f4e4-00aac39caa53} (Trojan.Ertfor) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  14. ComboFix 09-11-04.05 - User 08/11/2009 20:43.7.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.2038.1255 [GMT 11:00] Running from: c:\documents and settings\User\Desktop\CombaFix.exe Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt AV: avast! antivirus 4.8.1356 [VPS 091107-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} file zipped: C:\aons.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\aons.exe . ((((((((((((((((((((((((( Files Created from 2009-10-08 to 2009-11-08 ))))))))))))))))))))))))))))))) . 2009-11-08 05:03 . 2009-11-08 05:06 -------- d-----w- c:\windows\LastGood 2009-11-08 04:55 . 2009-11-08 04:55 -------- d-----w- c:\documents and settings\User\Application Data\Uniblue 2009-11-05 11:50 . 2009-11-05 12:04 -------- d-----w- C:\CombaFix17696C 2009-11-05 11:46 . 2009-11-05 11:47 -------- d-----w- C:\CombaFix17998C 2009-10-30 10:51 . 2009-10-30 10:56 -------- d-----w- C:\CombaFix12294C 2009-10-30 10:44 . 2009-10-30 10:44 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe 2009-10-25 04:32 . 2009-10-30 10:24 -------- d-----w- C:\CombaFix1202C 2009-10-25 03:42 . 2009-10-30 10:24 -------- d-----w- C:\CombaFix24855C 2009-10-25 02:57 . 2009-10-30 10:24 -------- d-----w- C:\CombaFix 2009-10-21 10:05 . 2009-10-21 10:05 -------- d-----w- c:\windows\ERUNT 2009-10-21 10:04 . 2009-11-06 09:54 -------- d-----w- C:\SDFix 2009-10-21 09:57 . 2009-10-21 09:57 12800 ----a-w- c:\windows\system32\bootdelete.exe 2009-10-21 09:33 . 2009-11-08 05:00 11904 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2009-10-21 09:33 . 2009-10-21 09:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro 2009-10-21 09:33 . 2009-10-21 09:33 -------- d-----w- c:\program files\Hitman Pro 3.5 2009-10-21 09:20 . 2009-10-21 09:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Uniblue 2009-10-21 09:20 . 2009-10-21 09:20 -------- d-----w- c:\program files\Uniblue 2009-10-21 08:21 . 2009-10-21 08:21 -------- d-----w- C:\VundoFix Backups 2009-10-21 07:50 . 2009-10-21 07:52 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Temp 2009-10-21 07:50 . 2009-10-21 07:50 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google 2009-10-21 07:49 . 2009-10-21 07:50 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Deployment 2009-10-21 07:46 . 2009-10-21 07:46 92608 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-21 05:38 . 2009-10-21 07:43 -------- d-----w- c:\documents and settings\Administrator\Tracing 2009-10-21 04:47 . 2008-04-14 12:00 1033728 ------w- c:\windows\explorer.exe 2009-10-21 02:19 . 2009-10-21 08:08 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-10-21 02:16 . 2009-10-21 02:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com 2009-10-21 00:51 . 2009-09-15 09:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-10-21 00:51 . 2009-09-15 09:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-10-21 00:51 . 2009-09-15 09:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-10-21 00:51 . 2009-09-15 09:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-10-21 00:51 . 2009-09-15 09:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-10-21 00:51 . 2009-09-15 09:53 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-10-21 00:51 . 2009-09-15 09:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-10-21 00:51 . 2009-09-15 09:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-10-21 00:51 . 2009-09-15 09:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-10-21 00:51 . 2009-10-21 00:51 -------- d-----w- c:\program files\Alwil Software 2009-10-21 00:19 . 2009-10-21 00:19 -------- d-s---w- c:\documents and settings\Administrator\UserData 2009-10-20 12:09 . 2009-10-20 12:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-08 09:41 . 2009-03-12 06:04 -------- d-----w- c:\documents and settings\User\Application Data\DNA 2009-11-08 04:59 . 2009-08-25 06:51 117760 ----a-w- c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-11-08 04:58 . 2009-03-12 06:04 -------- d-----w- c:\program files\DNA 2009-11-08 00:19 . 2009-08-21 13:11 496328 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-11-06 12:32 . 2009-02-21 01:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-06 09:49 . 2009-10-20 12:08 26640 ----a-w- c:\windows\system32\drivers\Vet-Filt.1 2009-11-06 09:49 . 2009-10-20 12:08 21392 ----a-w- c:\windows\system32\drivers\Vet-Rec.1 2009-10-21 04:56 . 2009-08-11 04:32 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2009-10-16 09:19 . 2009-09-23 10:56 -------- d-----w- c:\program files\a-squared Free 2009-10-10 12:29 . 2009-03-09 05:55 92608 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-06 23:48 . 2009-05-19 08:29 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-10-05 23:30 . 2009-02-21 01:29 -------- d-----w- c:\documents and settings\All Users\Application Data\PCPitstop 2009-09-30 12:53 . 2009-06-08 08:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2009-09-30 12:52 . 2009-04-06 05:13 -------- d-----w- c:\program files\Nokia 2009-09-30 12:51 . 2009-06-08 09:51 -------- d-----w- c:\program files\Common Files\Nokia 2009-09-30 12:51 . 2009-09-30 12:51 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\Sleep.exe 2009-09-30 12:51 . 2009-09-30 12:51 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\msxml6Exec.exe 2009-09-30 12:51 . 2009-09-30 12:51 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\vcredistExec.exe 2009-09-30 12:49 . 2009-09-30 12:51 24501456 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\NokiaSoftwareUpdaterSetup_1.7.3EN.exe 2009-09-30 03:47 . 2009-03-21 11:48 -------- d-----w- c:\program files\iMesh Applications 2009-09-30 03:46 . 2009-08-06 07:02 -------- d-----w- c:\program files\SweetIM 2009-09-25 05:37 . 2008-04-14 12:00 667136 ----a-w- c:\windows\system32\wininet.dll 2009-09-25 05:37 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-09-17 00:14 . 2009-05-28 08:36 -------- d-----w- c:\program files\freestar 2009-09-16 06:20 . 2009-09-16 06:20 -------- d-----w- c:\program files\MagicDVDRipper 2009-09-16 02:52 . 2009-08-18 09:34 -------- d-----w- c:\program files\PCPitstop 2009-09-11 14:18 . 2008-04-14 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:03 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-26 08:00 . 2008-04-14 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-25 09:06 . 2009-05-12 02:26 5 ----a-w- c:\windows\system32\SySvideotompeg.dat 2009-08-25 06:47 . 2009-08-25 06:47 64 ----a-w- c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\zzw44m2o.default\extensions\dvscontextmenuy@dvdvideosoft.com 2009-08-17 12:33 . 2009-08-17 12:33 1193832 ----a-w- c:\windows\system32\FM20.DLL 2009-03-21 11:46 . 2009-03-21 11:46 10504864 ----a-w- c:\program files\iMeshV8.exe 2009-03-19 08:03 . 2009-03-19 08:03 3073749 ----a-w- c:\program files\Setup_MagicISO.exe 2009-03-09 06:03 . 2009-03-09 06:03 15727416 ----a-w- c:\program files\brico-pack-crystal-xp-crystalxp.net-en-117.zip 2009-03-09 05:49 . 2009-03-09 05:49 547496 ----a-w- c:\program files\ChromeSetup.exe 2007-09-13 05:51 . 2009-03-09 08:23 9679815 ----a-w- c:\program files\vlc-0.8.6c-win32.exe . ((((((((((((((((((((((((((((( SnapShot@2009-11-05_11.55.09 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-08 04:58 . 2009-11-08 04:58 16384 c:\windows\temp\Perflib_Perfdata_dbc.dat + 2009-11-08 04:58 . 2009-11-08 04:58 16384 c:\windows\temp\Perflib_Perfdata_494.dat + 2008-10-16 03:09 . 2009-08-06 08:24 44768 c:\windows\system32\wups2.dll + 2009-02-20 23:19 . 2009-08-06 08:24 35552 c:\windows\system32\wups.dll + 2009-02-20 23:19 . 2009-08-06 08:24 53472 c:\windows\system32\wuauclt.exe + 2009-11-06 09:45 . 2009-08-06 08:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll + 2009-11-06 09:45 . 2009-08-06 08:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll + 2008-04-14 12:00 . 2009-11-06 12:35 69606 c:\windows\system32\perfc009.dat + 2009-02-20 23:19 . 2009-08-06 08:24 35552 c:\windows\system32\dllcache\wups.dll + 2009-02-20 23:19 . 2009-08-06 08:24 53472 c:\windows\system32\dllcache\wuauclt.exe + 2008-04-14 12:00 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll + 2008-04-14 12:00 . 2009-09-25 05:37 81920 c:\windows\system32\dllcache\ieencode.dll - 2008-04-14 12:00 . 2009-06-26 16:50 81920 c:\windows\system32\dllcache\ieencode.dll + 2008-04-14 12:00 . 2009-08-06 08:24 96480 c:\windows\system32\dllcache\cdm.dll + 2008-04-14 12:00 . 2009-08-06 08:24 96480 c:\windows\system32\cdm.dll + 2009-11-08 05:04 . 2009-05-16 10:59 19472 c:\windows\LastGood\system32\DRIVERS\klmouflt.sys + 2009-11-08 05:04 . 2008-12-15 10:41 33808 c:\windows\LastGood\system32\DRIVERS\klbg.sys + 2009-03-12 06:52 . 2009-11-06 12:32 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2009-03-12 06:52 . 2009-08-12 15:10 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2009-03-12 06:52 . 2009-08-12 15:10 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2009-03-12 06:52 . 2009-11-06 12:32 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2009-03-12 06:52 . 2009-08-12 15:10 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2009-03-12 06:52 . 2009-11-06 12:32 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2006-10-26 11:58 . 2006-10-26 11:58 33080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VPREVIEW.EXE + 2009-11-08 09:09 . 2009-11-08 09:09 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\c1dc6dbdd2c50f2e6672881eadbab19b\WindowsLiveWriter.ni.exe + 2009-11-08 09:09 . 2009-11-08 09:09 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3154239f4e03d51fdc12de103957babc\WindowsLive.Writer.Api.ni.dll + 2009-11-08 00:03 . 2009-11-08 00:03 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll + 2009-11-08 00:01 . 2009-11-08 00:01 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe + 2009-11-08 00:01 . 2009-11-08 00:01 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\1ded203bd27031c3a5e3441f94b528c0\Microsoft.VisualC.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe + 2009-11-08 08:41 . 2009-11-08 08:41 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll - 2009-08-21 09:01 . 2009-08-21 09:01 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2009-11-06 12:34 . 2009-11-06 12:34 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2009-11-06 12:34 . 2009-11-06 12:34 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2009-08-21 09:01 . 2009-08-21 09:01 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2009-08-21 09:01 . 2009-08-21 09:01 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2009-11-06 12:35 . 2009-11-06 12:35 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2009-11-06 12:34 . 2009-11-06 12:34 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2009-08-21 09:01 . 2009-08-21 09:01 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2009-08-21 09:01 . 2009-08-21 09:01 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2009-11-06 12:34 . 2009-11-06 12:34 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2009-11-06 12:34 . 2009-11-06 12:34 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2009-08-21 09:01 . 2009-08-21 09:01 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2009-11-06 12:34 . 2009-11-06 12:34 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2009-08-21 09:01 . 2009-08-21 09:01 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2009-11-06 12:34 . 2009-11-06 12:34 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2009-08-21 09:01 . 2009-08-21 09:01 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2009-11-06 12:34 . 2009-11-06 12:34 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2009-08-21 09:01 . 2009-08-21 09:01 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2009-11-06 12:34 . 2009-11-06 12:34 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2009-08-21 09:01 . 2009-08-21 09:01 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2009-08-21 09:01 . 2009-08-21 09:01 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2009-11-06 12:34 . 2009-11-06 12:34 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2009-11-06 12:34 . 2009-11-06 12:34 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2009-08-21 09:01 . 2009-08-21 09:01 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2009-08-21 09:01 . 2009-08-21 09:01 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2009-11-06 12:34 . 2009-11-06 12:34 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2009-11-06 12:34 . 2009-11-06 12:34 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2009-08-21 09:01 . 2009-08-21 09:01 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2009-11-06 12:34 . 2009-11-06 12:34 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2009-08-21 09:01 . 2009-08-21 09:01 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2009-11-06 12:35 . 2009-11-06 12:35 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2009-08-21 09:01 . 2009-08-21 09:01 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2009-08-21 09:01 . 2009-08-21 09:01 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2009-11-06 12:34 . 2009-11-06 12:34 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2009-11-06 12:34 . 2009-11-06 12:34 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2009-08-21 09:01 . 2009-08-21 09:01 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2009-08-21 09:01 . 2009-08-21 09:01 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2009-11-06 12:34 . 2009-11-06 12:34 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2009-11-06 12:34 . 2009-11-06 12:34 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2009-08-21 09:01 . 2009-08-21 09:01 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2009-02-20 23:19 . 2009-08-06 08:24 209632 c:\windows\system32\wuweb.dll + 2009-02-20 23:19 . 2009-08-06 08:24 327896 c:\windows\system32\wucltui.dll + 2009-02-20 23:19 . 2009-08-06 08:23 575704 c:\windows\system32\wuapi.dll + 2008-04-14 12:00 . 2009-04-01 12:02 604160 c:\windows\system32\wmspdmod.dll + 2008-04-14 12:00 . 2009-09-25 05:37 627712 c:\windows\system32\urlmon.dll + 2008-04-14 12:00 . 2009-11-06 12:35 437718 c:\windows\system32\perfh009.dat + 2009-03-12 06:54 . 2009-08-06 08:23 215920 c:\windows\system32\muweb.dll + 2009-03-12 06:54 . 2009-08-06 08:23 274288 c:\windows\system32\mucltui.dll + 2008-04-14 12:00 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll - 2008-04-14 12:00 . 2008-05-09 10:53 512000 c:\windows\system32\jscript.dll + 2009-02-20 23:19 . 2009-08-06 08:24 209632 c:\windows\system32\dllcache\wuweb.dll + 2009-02-20 23:19 . 2009-08-06 08:24 327896 c:\windows\system32\dllcache\wucltui.dll + 2009-02-20 23:19 . 2009-08-06 08:23 575704 c:\windows\system32\dllcache\wuapi.dll + 2008-04-14 12:00 . 2009-04-01 12:02 604160 c:\windows\system32\dllcache\wmspdmod.dll + 2008-04-14 12:00 . 2009-09-25 05:37 667136 c:\windows\system32\dllcache\wininet.dll + 2008-04-14 12:00 . 2009-09-25 05:37 627712 c:\windows\system32\dllcache\urlmon.dll + 2009-02-20 23:19 . 2009-06-21 21:44 153088 c:\windows\system32\dllcache\triedit.dll - 2009-02-20 23:19 . 2008-04-14 12:00 153088 c:\windows\system32\dllcache\triedit.dll + 2008-04-14 12:00 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll - 2008-04-14 12:00 . 2008-10-03 10:02 247326 c:\windows\system32\dllcache\strmdll.dll - 2008-04-14 12:00 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll + 2008-04-14 12:00 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll - 2008-04-14 12:00 . 2008-05-09 10:53 512000 c:\windows\system32\dllcache\jscript.dll + 2008-04-14 12:00 . 2009-08-13 15:16 512000 c:\windows\system32\dllcache\jscript.dll + 2009-08-07 12:51 . 2009-08-07 12:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2009-11-08 05:03 . 2008-10-16 03:06 208744 c:\windows\LastGood\system32\muweb.dll + 2009-11-08 05:03 . 2008-10-16 03:06 268648 c:\windows\LastGood\system32\mucltui.dll + 2009-11-08 05:05 . 2009-09-17 01:53 296976 c:\windows\LastGood\system32\DRIVERS\klif.sys + 2009-03-20 00:48 . 2009-03-20 00:48 183808 c:\windows\Installer\9c6f54.msp + 2009-03-12 06:52 . 2009-11-06 12:32 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2009-03-12 06:52 . 2009-08-12 15:10 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2009-03-12 06:52 . 2009-08-12 15:10 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2009-03-12 06:52 . 2009-11-06 12:32 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2009-03-12 06:52 . 2009-08-12 15:10 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2009-03-12 06:52 . 2009-11-06 12:32 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2009-03-12 06:52 . 2009-08-12 15:10 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-03-12 06:52 . 2009-11-06 12:32 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-03-12 06:52 . 2009-11-06 12:32 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-03-12 06:52 . 2009-08-12 15:10 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-03-12 06:52 . 2009-08-12 15:10 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2009-03-12 06:52 . 2009-11-06 12:32 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2009-03-12 06:52 . 2009-11-06 12:32 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2009-03-12 06:52 . 2009-08-12 15:10 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2009-11-08 09:10 . 2009-11-08 09:10 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe + 2009-11-08 09:09 . 2009-11-08 09:09 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\a9f622a002ec8f497bd1a9d7a15bc3cc\WindowsLiveLocal.WriterPlugin.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fe4b83365bea555b61ad18a44c82bc5f\WindowsLive.Writer.Localization.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f91af7a087fa0fd79c6813e89bdca8e2\WindowsLive.Writer.Extensibility.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d3f86b9030219e29458c632c9b3607b6\WindowsLive.Writer.FileDestinations.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a9f89cb4fd6fbbf97ced86cbc4ede684\WindowsLive.Writer.Instrumentation.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\921543e46eaefd342cba979efe010eea\WindowsLive.Writer.HtmlEditor.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\72a19b44bac1535f419f588a5d27a120\WindowsLive.Writer.Passport.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6ef81f4842909219ba4bf7765e1a6945\WindowsLive.Writer.BlogClient.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\586aec89f41e693a45782661f56434c7\WindowsLive.Writer.Interop.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\551d4211cde9574615ad847741667699\WindowsLive.Writer.Interop.SHDocVw.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3cc2fb9f57b84e39eb26207a4b424c3b\WindowsLive.Writer.Interop.Mshtml.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\287c1754962c0328b9e4def098e0561b\WindowsLive.Writer.Controls.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1e534e26d4e0252375680a6cb5403809\WindowsLive.Writer.HtmlParser.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1978e7abc502d3514b61823ef1583156\WindowsLive.Writer.BrowserControl.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0fc99e925062511881d9d6b53810ca4f\WindowsLive.Writer.SpellChecker.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0167de94f26ba25b7d149efa7fb9a1d0\WindowsLive.Writer.Mshtml.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\2bab3cb51d4d8c18755aa271d7d54403\WindowsLive.Client.ni.dll + 2009-11-08 00:03 . 2009-11-08 00:03 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll + 2009-11-08 00:03 . 2009-11-08 00:03 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll + 2009-11-08 00:03 . 2009-11-08 00:03 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\af21e3011fb4e107b13ea5c40c351ec4\System.Runtime.Remoting.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll + 2009-11-08 09:08 . 2009-11-08 09:08 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll + 2009-11-08 09:08 . 2009-11-08 09:08 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll + 2009-11-08 09:09 . 2009-11-08 09:09 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll + 2009-11-08 00:02 . 2009-11-08 00:02 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe + 2009-11-08 09:09 . 2009-11-08 09:09 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe + 2009-11-08 00:02 . 2009-11-08 00:02 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll + 2009-11-08 00:02 . 2009-11-08 00:02 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll + 2009-11-08 00:02 . 2009-11-08 00:02 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll + 2009-11-08 00:02 . 2009-11-08 00:02 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe + 2009-11-08 09:09 . 2009-11-08 09:09 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe + 2009-11-08 08:41 . 2009-11-08 08:41 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll - 2009-08-21 09:01 . 2009-08-21 09:01 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2009-11-06 12:34 . 2009-11-06 12:34 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2009-08-21 09:01 . 2009-08-21 09:01 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2009-11-06 12:34 . 2009-11-06 12:34 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2009-11-06 12:34 . 2009-11-06 12:34 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2009-08-21 09:01 . 2009-08-21 09:01 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2009-08-21 09:01 . 2009-08-21 09:01 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2009-11-06 12:34 . 2009-11-06 12:34 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2009-11-06 12:34 . 2009-11-06 12:34 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2009-08-21 09:01 . 2009-08-21 09:01 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2009-11-06 12:34 . 2009-11-06 12:34 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2009-08-21 09:01 . 2009-08-21 09:01 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2009-11-06 12:34 . 2009-11-06 12:34 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2009-08-21 09:01 . 2009-08-21 09:01 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2009-08-21 09:01 . 2009-08-21 09:01 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2009-11-06 12:34 . 2009-11-06 12:34 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2009-11-06 12:34 . 2009-11-06 12:34 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2009-08-21 09:01 . 2009-08-21 09:01 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2009-11-06 12:34 . 2009-11-06 12:34 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2009-08-21 09:01 . 2009-08-21 09:01 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2009-11-06 12:34 . 2009-11-06 12:34 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2009-08-21 09:01 . 2009-08-21 09:01 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2009-11-06 12:35 . 2009-11-06 12:35 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2009-08-21 09:01 . 2009-08-21 09:01 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2009-08-21 09:01 . 2009-08-21 09:01 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2009-11-06 12:35 . 2009-11-06 12:35 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2009-08-21 09:01 . 2009-08-21 09:01 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2009-11-06 12:35 . 2009-11-06 12:35 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2009-11-06 12:35 . 2009-11-06 12:35 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2009-08-21 09:01 . 2009-08-21 09:01 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2009-08-21 09:01 . 2009-08-21 09:01 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2009-11-06 12:34 . 2009-11-06 12:34 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2009-11-06 12:34 . 2009-11-06 12:34 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2009-08-21 09:01 . 2009-08-21 09:01 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2009-08-21 09:01 . 2009-08-21 09:01 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2009-11-06 12:34 . 2009-11-06 12:34 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2009-08-21 09:01 . 2009-08-21 09:01 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2009-11-06 12:34 . 2009-11-06 12:34 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2009-08-21 09:01 . 2009-08-21 09:01 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2009-11-06 12:34 . 2009-11-06 12:34 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2009-11-06 12:34 . 2009-11-06 12:34 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2009-08-21 09:01 . 2009-08-21 09:01 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2009-11-06 12:34 . 2009-11-06 12:34 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2009-08-21 09:01 . 2009-08-21 09:01 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2009-08-21 09:01 . 2009-08-21 09:01 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2009-11-06 12:34 . 2009-11-06 12:34 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2009-11-06 12:34 . 2009-11-06 12:34 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2009-08-21 09:01 . 2009-08-21 09:01 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2009-08-21 09:01 . 2009-08-21 09:01 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2009-11-06 12:34 . 2009-11-06 12:34 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2009-11-06 12:35 . 2009-11-06 12:35 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2009-08-21 09:01 . 2009-08-21 09:01 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2009-11-06 09:54 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll + 2009-02-20 23:19 . 2009-08-06 08:23 1929952 c:\windows\system32\wuaueng.dll - 2008-04-14 12:00 . 2008-06-17 19:03 2458112 c:\windows\system32\WMVCore.dll + 2008-04-14 12:00 . 2009-05-19 17:56 2458112 c:\windows\system32\WMVCore.dll + 2008-04-14 12:00 . 2009-09-25 05:37 1509888 c:\windows\system32\shdocvw.dll - 2008-04-14 12:00 . 2009-07-18 16:05 1509888 c:\windows\system32\shdocvw.dll - 2008-04-14 12:00 . 2008-04-14 12:00 1435648 c:\windows\system32\query.dll + 2008-04-14 12:00 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll + 2008-04-14 12:00 . 2009-08-04 15:13 2145280 c:\windows\system32\ntoskrnl.exe - 2008-04-14 12:00 . 2009-02-06 11:06 2145280 c:\windows\system32\ntoskrnl.exe - 2008-04-14 00:01 . 2009-02-06 10:32 2023936 c:\windows\system32\ntkrnlpa.exe + 2008-04-14 00:01 . 2009-08-04 14:20 2023936 c:\windows\system32\ntkrnlpa.exe + 2008-04-14 12:00 . 2009-09-25 05:37 3070976 c:\windows\system32\mshtml.dll + 2009-02-20 23:19 . 2009-08-06 08:23 1929952 c:\windows\system32\dllcache\wuaueng.dll + 2008-04-14 12:00 . 2009-05-19 17:56 2458112 c:\windows\system32\dllcache\WMVCore.dll - 2008-04-14 12:00 . 2008-06-17 19:03 2458112 c:\windows\system32\dllcache\WMVCore.dll - 2008-04-14 12:00 . 2009-07-18 16:05 1509888 c:\windows\system32\dllcache\shdocvw.dll + 2008-04-14 12:00 . 2009-09-25 05:37 1509888 c:\windows\system32\dllcache\shdocvw.dll - 2008-04-14 12:00 . 2008-04-14 12:00 1435648 c:\windows\system32\dllcache\query.dll + 2008-04-14 12:00 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll + 2009-03-09 05:47 . 2009-08-04 09:44 2189184 c:\windows\system32\dllcache\ntoskrnl.exe + 2009-03-09 05:47 . 2009-08-04 14:20 2023936 c:\windows\system32\dllcache\ntkrpamp.exe - 2009-03-09 05:47 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\ntkrpamp.exe - 2009-03-09 05:47 . 2009-02-07 09:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe + 2009-03-09 05:47 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe - 2009-03-09 05:47 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe + 2009-03-09 05:47 . 2009-08-04 15:13 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe + 2008-04-14 12:00 . 2009-09-25 05:37 3070976 c:\windows\system32\dllcache\mshtml.dll + 2009-08-07 12:51 . 2009-08-07 12:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2009-08-07 12:51 . 2009-08-07 12:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll - 2008-11-24 18:59 . 2008-11-24 18:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2009-08-04 20:49 . 2009-08-04 20:49 3457024 c:\windows\Installer\9c6f4a.msp + 2009-07-26 17:31 . 2009-07-26 17:31 3738624 c:\windows\Installer\9c6f32.msp + 2009-09-17 22:30 . 2009-09-17 22:30 5016576 c:\windows\Installer\9c6f1c.msp + 2009-08-18 02:08 . 2009-08-18 02:08 1373696 c:\windows\Installer\9c6f06.msp - 2009-03-12 06:52 . 2009-08-12 15:10 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2009-03-12 06:52 . 2009-11-06 12:32 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2009-03-12 06:52 . 2009-11-06 12:32 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2009-03-12 06:52 . 2009-08-12 15:10 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2007-08-23 20:10 . 2007-08-23 20:10 3735424 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\VVIEWER.DLL + 2007-08-23 20:10 . 2007-08-23 20:10 1846160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\VVIEWDWG.DLL + 2007-08-22 14:03 . 2007-08-22 14:03 1195888 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\FM20.DLL + 2009-03-09 05:47 . 2009-08-04 09:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe - 2009-03-09 05:47 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2009-03-09 05:47 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe - 2009-03-09 05:47 . 2009-02-07 09:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2009-03-09 05:47 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2009-03-09 05:47 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe - 2009-03-09 05:47 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2009-11-08 09:09 . 2009-11-08 09:09 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ae4a3cefdeb4b2fbdb05fd56d01dc8f0\WindowsLive.Writer.PostEditor.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9825bbe6bf20ebcda60cefe422eede2c\WindowsLive.Writer.ApplicationFramework.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\376ae72881aea66d17b2e2b7ea3e93f3\WindowsLive.Writer.CoreServices.ni.dll + 2009-11-08 00:01 . 2009-11-08 00:01 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll + 2009-11-08 00:03 . 2009-11-08 00:03 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll + 2009-11-08 00:01 . 2009-11-08 00:01 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll + 2009-11-08 00:03 . 2009-11-08 00:03 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d\System.WorkflowServices.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030\System.Workflow.Runtime.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef\System.Workflow.ComponentModel.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\65328898148a720d394f802f192fc2a0\System.Workflow.Activities.ni.dll + 2009-11-08 09:09 . 2009-11-08 09:09 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\ea07ac791bb5cb9f83679e3dd1a0c0cc\System.Web.Services.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\System.Web.Mobile.ni.dll + 2009-11-08 09:11 . 2009-11-08 09:11 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\981dea02bc63c0c083e335adf9018788\System.Web.Extensions.ni.dll + 2009-11-08 00:02 . 2009-11-08 00:02 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll + 2009-11-08 09:10 . 2009-11-08 09:10 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\e182695d05ea57257568bc5f3208aca7\System.ServiceModel.Web.ni.dl
  15. Sorry. Here you go. ComboFix 09-11-04.05 - Administrator 06/11/2009 20:35.6.2 - NTFSx86 NETWORK Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.2038.1736 [GMT 11:00] Running from: c:\documents and settings\Administrator\Desktop\CombaFix.exe Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt AV: avast! antivirus 4.8.1356 [VPS 091020-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: CA Anti-Virus *On-access scanning disabled* (Outdated) {17CFD1EA-56CF-40B5-A06B-BD3A27397C93} AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FILE :: "c:\program files\nywjltd.txt" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\13355934 c:\documents and settings\All Users\Application Data\13355934\13355934 c:\documents and settings\All Users\Application Data\13355934\pc13355934ins c:\program files\nywjltd.txt . --------------- FCopy --------------- c:\windows\system32\dllcache\explorer.exe --> c:\windows\explorer.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_LCBXPQ -------\Legacy_VZAYWOE -------\Service_lcbxpq -------\Service_vzaywoe ((((((((((((((((((((((((( Files Created from 2009-10-06 to 2009-11-06 ))))))))))))))))))))))))))))))) . 2009-11-05 11:50 . 2009-11-05 12:04 -------- d-----w- C:\CombaFix17696C 2009-11-05 11:46 . 2009-11-05 11:47 -------- d-----w- C:\CombaFix17998C 2009-10-30 10:51 . 2009-10-30 10:56 -------- d-----w- C:\CombaFix12294C 2009-10-30 10:44 . 2009-10-30 10:44 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe 2009-10-25 04:32 . 2009-10-30 10:24 -------- d-----w- C:\CombaFix1202C 2009-10-25 03:42 . 2009-10-30 10:24 -------- d-----w- C:\CombaFix24855C 2009-10-25 02:57 . 2009-10-30 10:24 -------- d-----w- C:\CombaFix 2009-10-21 10:05 . 2009-10-21 10:05 -------- d-----w- c:\windows\ERUNT 2009-10-21 10:04 . 2009-11-06 09:41 -------- d-----w- C:\SDFix 2009-10-21 09:57 . 2009-10-21 09:57 12800 ----a-w- c:\windows\system32\bootdelete.exe 2009-10-21 09:33 . 2009-10-21 09:33 11904 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2009-10-21 09:33 . 2009-10-21 09:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro 2009-10-21 09:33 . 2009-10-21 09:33 -------- d-----w- c:\program files\Hitman Pro 3.5 2009-10-21 09:20 . 2009-10-21 09:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Uniblue 2009-10-21 09:20 . 2009-10-21 09:20 -------- d-----w- c:\program files\Uniblue 2009-10-21 08:21 . 2009-10-21 08:21 -------- d-----w- C:\VundoFix Backups 2009-10-21 07:50 . 2009-10-21 07:52 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Temp 2009-10-21 07:50 . 2009-10-21 07:50 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google 2009-10-21 07:49 . 2009-10-21 07:50 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Deployment 2009-10-21 07:46 . 2009-10-21 07:46 92608 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-21 05:38 . 2009-10-21 07:43 -------- d-----w- c:\documents and settings\Administrator\Tracing 2009-10-21 04:47 . 2008-04-14 12:00 1033728 ----a-w- c:\windows\explorer.exe 2009-10-21 02:19 . 2009-10-21 08:08 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-10-21 02:16 . 2009-10-21 02:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com 2009-10-21 00:51 . 2009-09-15 09:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-10-21 00:51 . 2009-09-15 09:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-10-21 00:51 . 2009-09-15 09:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-10-21 00:51 . 2009-09-15 09:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-10-21 00:51 . 2009-09-15 09:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-10-21 00:51 . 2009-09-15 09:53 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-10-21 00:51 . 2009-09-15 09:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-10-21 00:51 . 2009-09-15 09:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-10-21 00:51 . 2009-09-15 09:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-10-21 00:51 . 2009-10-21 00:51 -------- d-----w- c:\program files\Alwil Software 2009-10-21 00:19 . 2009-10-21 00:19 -------- d-s---w- c:\documents and settings\Administrator\UserData 2009-10-20 12:09 . 2009-10-20 12:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-10-20 12:08 . 2007-04-10 06:38 32528 ----a-w- c:\windows\system32\drivers\vetmonnt.sys 2009-10-20 12:08 . 2007-04-10 06:38 21648 ----a-w- c:\windows\system32\drivers\vetfddnt.sys 2009-10-20 12:08 . 2007-04-10 06:38 21392 ----a-w- c:\windows\system32\drivers\vet-rec.sys 2009-10-20 12:08 . 2007-04-10 06:38 26640 ----a-w- c:\windows\system32\drivers\vet-filt.sys 2009-10-20 12:08 . 2007-04-10 06:38 75280 ----a-w- c:\windows\system32\isafprod.dll 2009-10-20 12:08 . 2007-04-10 06:38 95760 ----a-w- c:\windows\system32\isafeif.dll 2009-10-20 12:08 . 2006-10-02 06:17 629264 ----a-w- c:\windows\system32\drivers\vetefile.sys 2009-10-20 12:08 . 2006-10-02 06:17 108592 ----a-w- c:\windows\system32\drivers\veteboot.sys 2009-10-20 12:08 . 2006-08-05 03:21 75280 ----a-w- c:\windows\system32\vetredir.dll 2009-10-20 12:07 . 2009-10-20 12:07 -------- d-----w- c:\documents and settings\All Users\Application Data\CA 2009-10-20 12:07 . 2009-10-20 12:07 -------- d-----w- c:\program files\CA 2009-10-15 01:32 . 2009-10-15 01:32 25088 ----a-w- C:\aons.exe 2009-10-14 04:48 . 2009-10-14 04:48 94643 ----a-w- c:\windows\system32\drivers\klick.dat 2009-10-14 04:48 . 2009-10-14 04:48 105395 ----a-w- c:\windows\system32\drivers\klin.dat 2009-10-14 04:47 . 2009-05-16 10:59 19472 ----a-w- c:\windows\system32\drivers\klmouflt.sys 2009-10-14 04:47 . 2008-12-15 10:41 33808 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-10-14 04:47 . 2009-11-05 11:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-10-14 04:47 . 2009-10-14 04:47 -------- d-----w- c:\program files\Kaspersky Lab 2009-10-14 04:46 . 2009-10-14 04:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-06 09:42 . 2009-08-25 06:51 117760 ----a-w- c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-11-06 09:41 . 2009-03-12 06:04 -------- d-----w- c:\program files\DNA 2009-11-06 09:41 . 2009-03-12 06:04 -------- d-----w- c:\documents and settings\User\Application Data\DNA 2009-10-21 04:56 . 2009-08-11 04:32 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2009-10-16 09:19 . 2009-09-23 10:56 -------- d-----w- c:\program files\a-squared Free 2009-10-10 12:29 . 2009-03-09 05:55 92608 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-07 00:40 . 2009-08-21 13:11 272048 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-10-06 23:48 . 2009-05-19 08:29 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-10-05 23:30 . 2009-02-21 01:29 -------- d-----w- c:\documents and settings\All Users\Application Data\PCPitstop 2009-09-30 12:53 . 2009-06-08 08:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2009-09-30 12:52 . 2009-04-06 05:13 -------- d-----w- c:\program files\Nokia 2009-09-30 12:51 . 2009-06-08 09:51 -------- d-----w- c:\program files\Common Files\Nokia 2009-09-30 12:51 . 2009-09-30 12:51 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\Sleep.exe 2009-09-30 12:51 . 2009-09-30 12:51 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\msxml6Exec.exe 2009-09-30 12:51 . 2009-09-30 12:51 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\vcredistExec.exe 2009-09-30 12:49 . 2009-09-30 12:51 24501456 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\NokiaSoftwareUpdaterSetup_1.7.3EN.exe 2009-09-30 03:47 . 2009-03-21 11:48 -------- d-----w- c:\program files\iMesh Applications 2009-09-30 03:46 . 2009-08-06 07:02 -------- d-----w- c:\program files\SweetIM 2009-09-17 00:14 . 2009-05-28 08:36 -------- d-----w- c:\program files\freestar 2009-09-16 06:20 . 2009-09-16 06:20 -------- d-----w- c:\program files\MagicDVDRipper 2009-09-16 02:52 . 2009-08-18 09:34 -------- d-----w- c:\program files\PCPitstop 2009-08-25 09:06 . 2009-05-12 02:26 5 ----a-w- c:\windows\system32\SySvideotompeg.dat 2009-08-25 06:47 . 2009-08-25 06:47 64 ----a-w- c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\zzw44m2o.default\extensions\dvscontextmenuy@dvdvideosoft.com 2009-03-21 11:46 . 2009-03-21 11:46 10504864 ----a-w- c:\program files\iMeshV8.exe 2009-03-19 08:03 . 2009-03-19 08:03 3073749 ----a-w- c:\program files\Setup_MagicISO.exe 2009-03-09 06:03 . 2009-03-09 06:03 15727416 ----a-w- c:\program files\brico-pack-crystal-xp-crystalxp.net-en-117.zip 2009-03-09 05:49 . 2009-03-09 05:49 547496 ----a-w- c:\program files\ChromeSetup.exe 2007-09-13 05:51 . 2009-03-09 08:23 9679815 ----a-w- c:\program files\vlc-0.8.6c-win32.exe . (((((((((((((((((((((((((((((((((((((((((( SR_Search )))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ((((((((((((((((((((((((((((( SnapShot@2009-11-05_11.55.09 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-06 09:40 . 2009-11-06 09:40 16384 c:\windows\temp\Perflib_Perfdata_6e4.dat + 2009-11-06 09:40 . 2009-11-06 09:40 16384 c:\windows\temp\Perflib_Perfdata_48c.dat + 2009-11-06 09:41 . 2009-11-06 09:41 1536 c:\windows\temp\NEventMessages.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-09 133104] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-03-12 321344] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-05-18 1312256] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-08-05 1830128] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-21 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-21 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-21 137752] "HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-04-10 29757440] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-02-27 570664] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-23 33648] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-07 488984] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-07 774168] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-16 148888] "Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2008-12-03 2372840] "cctray"="c:\program files\CA\CA Internet Security Suite\cctray\cctray.exe" [2007-04-10 177680] "QOELOADER"="c:\program files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.8.0\QOELoader.exe" [2009-10-20 14352] "CAVRID"="c:\program files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [2007-04-10 230928] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "HitmanPro35"="c:\program files\Hitman Pro 3.5\HitmanPro35.exe" [2009-11-06 4877048] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-07-16 16806400] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\User\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 02:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\kasperskyantivirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"= "c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [21/10/2009 11:51 AM 114768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5/08/2009 5:06 PM 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/08/2009 5:06 PM 74480] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21/10/2009 11:51 AM 20560] R3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [21/10/2009 8:33 PM 11904] R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/08/2009 5:06 PM 7408] S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [21/05/2009 9:08 PM 16512] S3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [21/02/2009 10:43 AM 36864] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [21/02/2009 10:42 AM 222976] S4 pcpitstop scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [16/09/2009 1:52 PM 77312] --- Other Services/Drivers In Memory --- *NewlyCreated* - ASWRDR *NewlyCreated* - HITMANPRO35 *Deregistered* - mbr [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1aefa755-1862-11de-a4c2-002215bda82f}] \shell\autorun\command - e:\recycler\autorun.exe \shell\open\command - e:\recycler\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3658855c-11b4-11de-a4ba-002215bda82f}] \Shell\AutoRun\command - e:\autorun\AutoStart.exe \Shell\Explore\Command - e:\autorun\AutoStart.exe \Shell\Open\Command - e:\autorun\AutoStart.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{685c1991-12b7-11de-a4bb-002215bda82f}] \Shell\AutoRun\command - e:\autorun\AutoStart.exe \Shell\Explore\Command - e:\autorun\AutoStart.exe \Shell\Open\Command - e:\autorun\AutoStart.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0843ee4-2d66-11de-a4df-002215bda82f}] \Shell\AutoRun\command - e:\autorun\AutoStart.exe \Shell\Explore\Command - e:\autorun\AutoStart.exe \Shell\Open\Command - e:\autorun\AutoStart.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de2e0d80-4dab-11de-a50a-002215bda82f}] \shell\autorun\command - e:\recycler\autorun.exe \shell\open\command - e:\recycler\autorun.exe . Contents of the 'Scheduled Tasks' folder 2009-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-602162358-1801674531-1004Core.job - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-09 05:49] 2009-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-602162358-1801674531-1004UA.job - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-09 05:49] 2009-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-602162358-1801674531-500Core.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-21 07:50] . . ------- Supplementary Scan ------- . mStart Page = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\VetRedir.dll Trusted Zone: clubbox.co.kr DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\zzw44m2o.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: browser.search.selectedEngine - SweetIM Search FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= FF - component: c:\program files\Common Files\DVDVideoSoft\Dll\FFContextMenuY\components\FFContextMenu.dll FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file) URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file) HKCU-Run-msnmsgr - ~c:\program files\Windows Live\Messenger\msnmsgr.exe HKCU-Run-LogitechSetup - d:\setup\Setup.exe HKCU-Run-AntiSpyware Service - c:\docume~1\User\LOCALS~1\Temp\oar7a.exe HKCU-Run-WinUpdater AutoRun - c:\autoprotect\DrvMonitor.exe HKCU-Run-Login Software 2009 - c:\docume~1\User\LOCALS~1\Temp\ie6nbzqfm.exe HKCU-Run-12CFG214-K641-12SF-N85P - c:\recycler\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe HKCU-Run-Windows Client - client.exe AddRemove-BitTorrent - c:\program files\BitTorrent\uninst.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-06 20:41 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1???????????????????????????????????????????????? HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = ~"c:\program files\Windows Live\Messenger\msnmsgr.exe" /background? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(544) c:\program files\SUPERAntiSpyware\SASWINLO.dll - - - - - - - > 'lsass.exe'(600) c:\windows\system32\VetRedir.dll c:\windows\system32\ISafeIf.dll - - - - - - - > 'explorer.exe'(1184) c:\program files\RocketDock\RocketDock.dll c:\windows\system32\ntshrui.dll c:\windows\system32\NETSHELL.dll c:\windows\system32\credui.dll c:\windows\system32\MSVCP60.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\program files\ArcSoft\PhotoImpression 5\share\pihook.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\docume~1\User\LOCALS~1\Temp\catchme.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\a-squared Free\a2service.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe c:\windows\system32\igfxsrvc.exe c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe c:\program files\Common Files\LogiShrd\LComMgr\LVComSX.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\windows\system32\wscntfy.exe c:\program files\PC Connectivity Solution\ServiceLayer.exe c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\program files\Java\jre6\bin\jucheck.exe c:\program files\CA\CA Internet Security Suite\ccupdate\CCUpdate.exe c:\program files\CA\CA Internet Security Suite\ccprovsp.exe c:\sdfix\apps\Cghtme.exe . ************************************************************************** . Completion time: 2009-11-06 20:50 - machine was rebooted [user] ComboFix-quarantined-files.txt 2009-11-06 09:50 ComboFix2.txt 2009-11-05 12:04 Pre-Run: 314,877,861,888 bytes free Post-Run: 314,707,525,632 bytes free
×
×
  • Create New...