Gaming Random Computer Restarts

alo123

Well-Known Member
OP
Member
Joined
Apr 21, 2009
Messages
169
Trophies
0
XP
217
Country
United States
When I am on the internet my computer randomly restarts showing a blue
screen and an error messege. I have been trying to fix this for 3 days now
but I can't hopefully someone here can help me

This is the error messege

DRIVER_IRQL_NOT_LESS_OR_EQUAL
Stop: 0x000000D1(0x430A0D30,0x00000002,0xF81DBF4C)
e1000225.sys Address F81DBF4C base at F81DB000, Date Stamp 3dd422a

Sometimes it says Stop 0000007e idntdi.sys or IRQL_NOT_LESS_OR_EQUAL
Stop 0000000a
 

raulpica

With your drill, thrust to the sky!
Former Staff
Joined
Oct 23, 2007
Messages
11,056
Trophies
0
Location
PowerLevel: 9001
XP
5,716
Country
Italy
Either a malfunctioning driver, or a RAM stick gone bad.

The 2nd case is easy to test, just grab memtest+, burn it to an ISO or place it on a floppy, and run it in the boot phase.

EDIT:

Nevermind, "e1000225.sys" reminds me of a virus. Try using ComboFix and paste the log here.
 

alo123

Well-Known Member
OP
Member
Joined
Apr 21, 2009
Messages
169
Trophies
0
XP
217
Country
United States
Here is the combofix log

ComboFix 10-09-12.04 - Administrator 09/13/2010 11:44:39.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.279 [GMT -7:00]
Running from: c:\documents and settings\Administrator.ALO.000\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Files Created from 2010-08-13 to 2010-09-13 )))))))))))))))))))))))))))))))
.

2010-09-13 14:14 . 2009-08-07 02:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-09-13 05:30 . 2008-08-29 00:37 41080 ----a-w- c:\windows\system32\NicInstG.dll
2010-09-13 05:30 . 2007-08-07 07:28 28272 ----a-w- c:\windows\system32\NicCo2.dll
2010-09-13 05:30 . 2007-12-14 19:06 121440 ----a-w- c:\windows\system32\e1000msg.dll
2010-09-13 05:20 . 2010-09-13 05:20 -------- d-----w- c:\program files\ATI Technologies
2010-09-13 05:18 . 2010-09-13 05:18 -------- d-----w- c:\windows\system32\drivers\INF
2010-09-13 05:18 . 2010-09-13 05:18 -------- d-----w- c:\windows\system32\drivers\system32
2010-09-13 05:17 . 2010-09-13 05:17 -------- d-----w- c:\windows\system32\AsusUSBSwitch
2010-09-13 05:16 . 2010-09-13 05:16 -------- d-----w- C:\Compaq
2010-09-13 05:14 . 2010-09-13 05:14 -------- d-----w- C:\hp
2010-09-13 05:13 . 2010-09-13 05:13 -------- d-----w- C:\Ibmtools
2010-09-13 05:10 . 2010-09-13 05:32 -------- d-----w- c:\program files\Intel
2010-09-13 05:10 . 2008-12-04 16:31 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-09-13 05:10 . 2010-09-13 05:10 -------- d-----w- C:\Intel
2010-09-13 04:57 . 2010-09-13 04:57 469235 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Blitware\DriverRobot\downloads\84021c284b39003970732cd428056f10\sp27449.exe
2010-09-13 04:57 . 2010-09-13 04:57 2638675 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Blitware\DriverRobot\downloads\9076a43a7252a5aeec3c83c2044ad2a6\qi3z05us.exe
2010-09-13 04:49 . 2010-09-13 04:49 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Blitware
2010-09-13 04:49 . 2010-09-13 04:49 -------- d-----w- c:\program files\Driver Robot
2010-09-13 04:20 . 2010-09-13 04:20 -------- d-----w- c:\windows\system32\winrm
2010-09-13 04:20 . 2010-09-13 04:20 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2010-09-13 04:18 . 2010-09-13 04:18 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-13 04:06 . 2010-09-13 04:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\LogiShrd
2010-09-13 04:02 . 2008-05-02 09:38 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2010-09-13 04:02 . 2010-09-13 04:02 10134 ----a-r- c:\documents and settings\Administrator.ALO.000\Application Data\Microsoft\Installer\{3101CB58-3482-4D21-AF1A-7057FC935355}\ARPPRODUCTICON.exe
2010-09-13 04:02 . 2010-09-13 04:03 -------- d-----w- c:\program files\Common Files\Logishrd
2010-09-12 19:08 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-12 19:08 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-12 19:08 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-12 19:08 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-12 19:08 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-12 19:08 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-12 19:08 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-12 19:07 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-12 19:07 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-12 16:39 . 2010-09-12 16:40 -------- d-----w- c:\program files\MusicMp3Downloader
2010-09-12 15:15 . 2010-09-12 15:15 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\Conduit
2010-09-12 15:15 . 2010-09-12 15:15 -------- d-----w- c:\program files\Conduit
2010-09-12 15:15 . 2010-09-12 15:15 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\SuperMP3Download
2010-09-12 15:11 . 2010-09-12 15:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SuperMP3Download
2010-09-12 15:10 . 2010-09-12 15:10 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Thinstall
2010-09-12 15:10 . 2010-09-12 15:10 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\Thinstall
2010-09-10 11:28 . 2010-09-10 11:28 52224 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-09-10 11:28 . 2010-09-10 11:28 117760 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-09-10 11:28 . 2010-09-10 11:28 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2010-09-10 11:28 . 2010-09-10 11:28 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\SUPERAntiSpyware.com
2010-09-09 22:16 . 2010-09-09 22:16 -------- d-----w- c:\program files\Alwil Software
2010-09-09 17:29 . 2010-08-30 21:33 43008 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-09-09 17:29 . 2010-08-30 21:33 338944 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-09-09 17:29 . 2010-08-30 21:34 1496064 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-09-09 17:29 . 2010-08-30 21:33 346112 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-09-08 05:11 . 2010-09-08 05:11 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\IObit
2010-09-08 03:25 . 2010-09-08 03:25 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\Microsoft Help
2010-09-08 03:24 . 2010-09-08 03:44 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2010-09-07 23:13 . 2010-09-07 23:39 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\IObit
2010-09-07 23:13 . 2010-09-07 23:13 -------- d-----w- c:\program files\IObit
2010-09-07 22:55 . 2010-09-10 21:37 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Auslogics
2010-09-07 22:52 . 2010-09-07 22:52 -------- d-----w- c:\program files\Auslogics
2010-09-05 07:18 . 2010-09-05 07:29 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\MusicMP3Downloader
2010-09-05 07:18 . 2010-09-05 07:18 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\MusicMP3Downloader
2010-09-04 15:50 . 2010-09-04 15:50 247136 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\IDM\idmmzcc3\components2\idmmzcc.dll
2010-09-04 05:00 . 2010-09-04 05:00 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.000\Application Data\TuneUp Software
2010-09-04 04:08 . 2010-09-04 04:08 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\TuneUp Software
2010-09-04 04:08 . 2010-09-07 21:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software
2010-09-04 04:08 . 2010-09-04 04:08 -------- d-sh--w- c:\documents and settings\All Users.WINDOWS\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-09-04 00:01 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-04 00:01 . 2010-09-04 00:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-04 00:01 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-02 03:47 . 2010-07-26 17:13 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-09-02 03:47 . 2010-09-02 03:47 -------- d-----w- c:\program files\ffdshow
2010-09-02 03:25 . 2009-08-12 04:21 1021440 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\BSplayer PRO\AC3 Filter\ac3filter_intl.dll
2010-09-02 03:24 . 2010-09-02 03:43 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\BSplayer PRO
2010-09-02 03:24 . 2010-09-02 03:43 -------- d-----w- c:\program files\Webteh
2010-09-01 07:19 . 2010-09-09 08:29 -------- d-----w- c:\program files\LimeWire
2010-09-01 00:49 . 2009-01-29 02:49 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-08-31 17:44 . 2010-08-31 17:44 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\Xilisoft
2010-08-31 17:44 . 2010-08-31 17:44 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Xilisoft
2010-08-31 09:19 . 2010-08-31 09:23 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Nero
2010-08-31 07:22 . 2010-08-31 12:43 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Nero
2010-08-31 06:32 . 2010-08-31 06:44 47360 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\pcouffin.sys
2010-08-31 06:32 . 2010-08-31 06:32 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-08-31 06:32 . 2010-08-31 06:44 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Vso
2010-08-30 15:41 . 2010-08-30 15:41 -------- d--h--w- c:\windows\PIF
2010-08-30 07:46 . 2010-09-04 15:50 251232 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2010-08-30 07:43 . 2010-09-05 20:15 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\IDM
2010-08-30 05:28 . 2010-09-07 23:35 -------- d-----w- c:\program files\Internet Download Manager
2010-08-30 04:19 . 2010-08-30 04:19 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2010-08-30 02:45 . 2010-09-07 23:35 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\WinAVI
2010-08-30 01:28 . 2010-09-02 01:33 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\MozillaControl
2010-08-30 01:24 . 2010-09-02 01:33 -------- d-----w- C:\aidualc3
2010-08-29 22:51 . 2010-08-29 22:59 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SpeedBit
2010-08-27 08:59 . 2010-09-13 18:41 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\DMCache
2010-08-25 14:40 . 2010-08-25 14:36 76768 ----a-w- c:\windows\system32\drivers\idmtdi.sys
2010-08-22 23:32 . 2010-08-22 23:35 -------- d-----w- c:\documents and settings\Administrator.ALO.000\dwhelper
2010-08-20 23:06 . 2010-08-20 23:06 -------- d-s---w- c:\documents and settings\NetworkService.NT AUTHORITY.000\UserData
2010-08-16 08:51 . 2010-08-16 08:51 -------- d-----w- c:\program files\Free M4a to MP3 Converter

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-13 16:55 . 2010-03-10 22:25 -------- d-----w- c:\documents and settings\Administrator\Application Data\MegauploadToolbar
2010-09-13 05:55 . 2009-09-04 17:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-13 04:03 . 2010-09-13 04:03 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-09-13 04:02 . 2010-03-10 19:01 -------- d-----w- c:\program files\Common Files\Logitech
2010-09-12 02:58 . 2010-03-29 02:49 -------- d---a-w- c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2010-09-10 11:31 . 2009-09-04 14:47 -------- d-----w- c:\program files\Windows Media Connect 2
2010-09-09 08:54 . 2010-03-07 02:40 471040 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v4jjs4oc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.dll
2010-09-09 08:54 . 2010-03-06 20:53 73728 ----a-w- c:\documents and settings\Administrator\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
2010-09-09 08:54 . 2010-03-06 20:53 102400 ----a-w- c:\documents and settings\Administrator\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
2010-09-09 08:54 . 2010-03-06 20:53 8462336 ----a-w- c:\documents and settings\Administrator\Application Data\LimeWire\browser\xulrunner\xul.dll
2010-09-09 00:27 . 2010-03-26 15:23 20408 ----a-w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-06 02:00 . 2010-04-26 05:15 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\vlc
2010-09-05 09:02 . 2010-07-26 00:17 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\dvdcss
2010-09-01 01:03 . 2010-07-13 09:10 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-08-31 19:54 . 2010-07-02 19:21 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Epson
2010-08-31 19:52 . 2010-07-02 17:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\EPSON
2010-08-31 00:55 . 2010-07-26 00:25 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Media Player Classic
2010-08-22 20:38 . 2008-04-13 23:00 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2010-08-14 08:52 . 2010-03-06 21:56 -------- d-----w- c:\program files\QuickTime
2010-08-14 08:51 . 2010-04-14 06:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2010-08-14 08:50 . 2010-08-14 08:50 -------- d-----w- c:\program files\Apple Software Update
2010-08-14 08:50 . 2010-08-14 08:50 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Apple
2010-08-14 01:18 . 2010-07-13 09:46 -------- d-----w- c:\program files\DVDVideoSoft
2010-08-07 21:30 . 2010-08-07 06:57 1 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-07 06:56 . 2010-08-07 06:56 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\OpenOffice.org
2010-08-03 11:05 . 2010-07-13 09:12 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\AVS4YOU
2010-07-29 06:41 . 2010-07-10 04:52 64216 ----a-w- c:\documents and settings\LocalService.NT AUTHORITY.000\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-07-26 08:48 . 2010-07-26 08:48 -------- d-----w- c:\program files\Babylon
2010-07-26 00:01 . 2010-07-26 00:01 -------- d-----w- c:\program files\AC3Filter
2010-06-30 12:31 . 2008-04-13 23:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:10 . 2008-04-13 23:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:10 . 2008-04-13 23:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2008-04-13 23:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2008-04-13 23:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2008-04-13 23:00 80384 ----a-w- c:\windows\system32\iccvid.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-09-10_19.24.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-09 21:56 . 2009-10-09 21:56 14848 c:\windows\system32\wsmprovhost.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 12288 c:\windows\system32\wsmplpxy.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 12288 c:\windows\system32\winrssrv.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 22528 c:\windows\system32\winrshost.exe
+ 2009-10-09 23:22 . 2009-10-09 23:22 69632 c:\windows\system32\winrs.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 25088 c:\windows\system32\winrmprov.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 24064 c:\windows\system32\windowspowershell\v1.0\pwrshsip.dll
+ 2008-04-14 05:42 . 2008-04-14 12:42 74240 c:\windows\system32\usbui.dll
- 2008-04-14 05:42 . 2008-04-13 23:00 74240 c:\windows\system32\usbui.dll
- 2010-03-28 08:44 . 2007-07-27 17:41 26488 c:\windows\system32\spupdsvc.exe
+ 2010-03-28 08:44 . 2009-03-23 17:50 26488 c:\windows\system32\spupdsvc.exe
- 2010-04-12 15:04 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
+ 2010-04-12 15:04 . 2009-03-23 17:50 17272 c:\windows\system32\spmsg.dll
+ 2010-09-13 05:55 . 2008-04-14 07:06 68224 c:\windows\system32\ReinstallBackups030\DriverFiles\i386\pci.sys
+ 2010-09-13 05:55 . 2008-04-14 07:06 37248 c:\windows\system32\ReinstallBackups029\DriverFiles\i386\isapnp.sys
+ 2010-09-13 05:31 . 2001-06-22 18:25 53248 c:\windows\system32\ReinstallBackups028\DriverFiles\Prounstl.exe
+ 2010-09-13 05:31 . 2001-07-20 14:40 23040 c:\windows\system32\ReinstallBackups028\DriverFiles\IntelNic.dll
+ 2010-09-13 05:31 . 2002-11-12 18:02 99840 c:\windows\system32\ReinstallBackups028\DriverFiles\e1000325.sys
+ 2010-09-13 05:18 . 2008-04-14 12:42 74240 c:\windows\system32\ReinstallBackups027\DriverFiles\i386\usbui.dll
+ 2010-09-13 05:18 . 2008-04-14 07:15 59520 c:\windows\system32\ReinstallBackups027\DriverFiles\i386\usbhub.sys
+ 2010-09-13 05:18 . 2008-04-13 23:00 30208 c:\windows\system32\ReinstallBackups027\DriverFiles\i386\usbehci.sys
+ 2010-09-13 05:55 . 2008-04-13 23:00 24960 c:\windows\system32\ReinstallBackups026\DriverFiles\i386\pciidex.sys
+ 2010-09-13 05:55 . 2008-04-13 23:00 96512 c:\windows\system32\ReinstallBackups026\DriverFiles\i386\atapi.sys
+ 2010-09-13 05:55 . 2008-04-14 12:42 74240 c:\windows\system32\ReinstallBackups025\DriverFiles\i386\usbui.dll
+ 2010-09-13 05:55 . 2008-04-14 07:15 20608 c:\windows\system32\ReinstallBackups025\DriverFiles\i386\usbuhci.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 59520 c:\windows\system32\ReinstallBackups025\DriverFiles\i386\usbhub.sys
+ 2010-09-13 05:55 . 2008-04-14 12:42 74240 c:\windows\system32\ReinstallBackups023\DriverFiles\i386\usbui.dll
+ 2010-09-13 05:55 . 2008-04-14 07:15 20608 c:\windows\system32\ReinstallBackups023\DriverFiles\i386\usbuhci.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 59520 c:\windows\system32\ReinstallBackups023\DriverFiles\i386\usbhub.sys
+ 2010-09-13 05:55 . 2008-04-14 12:42 74240 c:\windows\system32\ReinstallBackups022\DriverFiles\i386\usbui.dll
+ 2010-09-13 05:55 . 2008-04-14 07:15 20608 c:\windows\system32\ReinstallBackups022\DriverFiles\i386\usbuhci.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 59520 c:\windows\system32\ReinstallBackups022\DriverFiles\i386\usbhub.sys
+ 2010-09-13 04:03 . 2008-04-14 08:09 14592 c:\windows\system32\ReinstallBackups020\DriverFiles\i386\kbdhid.sys
+ 2010-09-13 04:03 . 2008-04-14 08:09 24576 c:\windows\system32\ReinstallBackups020\DriverFiles\i386\kbdclass.sys
+ 2010-09-13 04:03 . 2007-01-23 23:45 33296 c:\windows\system32\ReinstallBackups012\DriverFiles\LMouFilt.Sys
+ 2010-09-13 04:03 . 2008-02-29 10:13 35344 c:\windows\system32\ReinstallBackups012\DriverFiles\LHidFilt.Sys
+ 2010-09-13 04:03 . 2001-08-17 21:48 12160 c:\windows\system32\ReinstallBackups012\DriverFiles\i386\mouhid.sys
+ 2010-09-13 04:03 . 2008-04-14 08:09 23040 c:\windows\system32\ReinstallBackups012\DriverFiles\i386\mouclass.sys
+ 2009-10-09 23:22 . 2009-10-09 23:22 42496 c:\windows\system32\pwrshplugin.dll
+ 2008-04-13 23:00 . 2009-10-08 21:56 20480 c:\windows\system32\oleaccrc.dll
+ 2010-03-28 08:43 . 2008-05-02 09:40 84496 c:\windows\system32\KemXML.dll
- 2008-04-13 23:00 . 2008-04-13 23:00 20608 c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 20608 c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 59520 c:\windows\system32\drivers\usbhub.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 59520 c:\windows\system32\drivers\usbhub.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 30208 c:\windows\system32\drivers\usbehci.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 30208 c:\windows\system32\drivers\usbehci.sys
+ 2010-09-13 05:18 . 2008-04-13 23:00 74240 c:\windows\system32\drivers\system32\usbui.dll
+ 2010-09-13 05:18 . 2008-04-13 23:00 20608 c:\windows\system32\drivers\system32\DRIVERS\usbuhci.sys
+ 2010-09-13 05:18 . 2008-04-13 23:00 59520 c:\windows\system32\drivers\system32\DRIVERS\usbhub.sys
+ 2010-09-13 05:18 . 2008-04-13 23:00 37248 c:\windows\system32\drivers\system32\DRIVERS\isapnp.sys
+ 2008-04-13 23:00 . 2008-04-14 07:10 24960 c:\windows\system32\drivers\pciidex.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 24960 c:\windows\system32\drivers\pciidex.sys
+ 2008-04-13 23:00 . 2008-04-14 07:06 68224 c:\windows\system32\drivers\pci.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 68224 c:\windows\system32\drivers\pci.sys
+ 2001-08-17 13:48 . 2001-08-17 20:48 12160 c:\windows\system32\drivers\mouhid.sys
- 2001-08-17 13:48 . 2001-08-17 21:48 12160 c:\windows\system32\drivers\mouhid.sys
+ 2008-04-14 00:09 . 2008-04-14 07:09 23040 c:\windows\system32\drivers\mouclass.sys
- 2008-04-14 00:09 . 2008-04-14 08:09 23040 c:\windows\system32\drivers\mouclass.sys
+ 2010-03-28 08:43 . 2008-02-29 10:13 36880 c:\windows\system32\drivers\LMouFilt.Sys
+ 2010-03-28 08:43 . 2008-02-29 10:13 35344 c:\windows\system32\drivers\LHidFilt.Sys
- 2008-04-13 23:00 . 2008-04-14 08:09 14592 c:\windows\system32\drivers\kbdhid.sys
+ 2008-04-13 23:00 . 2008-04-14 07:09 14592 c:\windows\system32\drivers\kbdhid.sys
- 2008-04-13 23:00 . 2008-04-14 08:09 24576 c:\windows\system32\drivers\kbdclass.sys
+ 2008-04-13 23:00 . 2008-04-14 07:09 24576 c:\windows\system32\drivers\kbdclass.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 37248 c:\windows\system32\drivers\isapnp.sys
+ 2008-04-13 23:00 . 2008-04-14 07:06 37248 c:\windows\system32\drivers\isapnp.sys
+ 2008-11-27 02:20 . 2008-11-27 02:20 30816 c:\windows\system32\drivers\iqvw32.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 96512 c:\windows\system32\drivers\atapi.sys
+ 2008-04-13 23:00 . 2008-04-14 07:10 96512 c:\windows\system32\drivers\atapi.sys
+ 2008-04-14 05:42 . 2008-04-14 12:42 74240 c:\windows\system32\dllcache\usbui.dll
+ 2008-04-13 23:00 . 2008-04-14 07:15 20608 c:\windows\system32\dllcache\usbuhci.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 59520 c:\windows\system32\dllcache\usbhub.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 30208 c:\windows\system32\dllcache\usbehci.sys
+ 2008-04-13 23:00 . 2008-04-14 07:10 24960 c:\windows\system32\dllcache\pciidex.sys
+ 2008-04-13 23:00 . 2008-04-14 07:06 68224 c:\windows\system32\dllcache\pci.sys
+ 2008-04-13 23:00 . 2009-10-08 21:56 20480 c:\windows\system32\dllcache\oleaccrc.dll
- 2001-08-17 13:48 . 2001-08-17 21:48 12160 c:\windows\system32\dllcache\mouhid.sys
+ 2001-08-17 13:48 . 2001-08-17 20:48 12160 c:\windows\system32\dllcache\mouhid.sys
- 2008-04-14 00:09 . 2008-04-14 08:09 23040 c:\windows\system32\dllcache\mouclass.sys
+ 2008-04-14 00:09 . 2008-04-14 07:09 23040 c:\windows\system32\dllcache\mouclass.sys
+ 2008-04-13 23:00 . 2008-04-14 07:09 14592 c:\windows\system32\dllcache\kbdhid.sys
- 2008-04-13 23:00 . 2008-04-14 08:09 14592 c:\windows\system32\dllcache\kbdhid.sys
+ 2008-04-13 23:00 . 2008-04-14 07:09 24576 c:\windows\system32\dllcache\kbdclass.sys
- 2008-04-13 23:00 . 2008-04-14 08:09 24576 c:\windows\system32\dllcache\kbdclass.sys
+ 2008-04-13 23:00 . 2008-04-14 07:06 37248 c:\windows\system32\dllcache\isapnp.sys
+ 2008-04-13 23:00 . 2008-04-14 07:10 96512 c:\windows\system32\dllcache\atapi.sys
+ 2010-09-13 05:17 . 2005-10-27 22:34 20480 c:\windows\system32\AsusUSBSwitch\AsUsbSw.exe
+ 2010-09-13 05:17 . 2005-09-30 18:13 20480 c:\windows\system32\AsusUSBSwitch\AsUsbSetup.exe
+ 2010-09-13 05:17 . 2005-08-15 23:12 50688 c:\windows\system32\AsusUSBSwitch\AsMultiLang.dll
+ 2010-03-28 08:43 . 2008-02-29 10:12 76304 c:\windows\KHALMNPR.Exe
+ 2010-09-13 04:18 . 2010-09-13 04:18 38400 c:\windows\Installer\c6710.msi
+ 2010-09-13 04:19 . 2010-09-13 04:19 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-09-13 05:32 . 2010-09-13 05:32 40960 c:\windows\Installer\{777AD08E-B32A-4456-AFE1-094DBECEB268}\ARPPRODUCTICON.exe
+ 2010-09-13 04:03 . 2010-09-13 04:03 10134 c:\windows\Installer\{0C826C5B-B131-423A-A229-C71B3CACCD6A}\ARPPRODUCTICON.exe
+ 2010-09-13 05:17 . 2006-06-23 21:48 32768 c:\windows\inf\UpdateUSB.exe
+ 2010-09-13 04:23 . 2010-09-13 04:23 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\34fe99136a2a52306499615d9d0d0e74\Microsoft.WSMan.Runtime.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\3d05a3219a430d76825fe4ccc9edf675\Microsoft.WSMan.Management.resources.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a79a6e4a8bb69504dd5282d90ab05e23\Microsoft.PowerShell.GPowerShell.resources.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 24576 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\939818eb30e31949fd3a523fc7d8de42\Microsoft.PowerShell.GraphicalHost.resources.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 31744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\642276a950670a66fcb19cac8a327e45\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5059d3e89b4450ea0adffe6c7b4ca992\Microsoft.PowerShell.Security.resources.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 67072 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\23cb96335bdd8996d925ebfe72fd91c8\Microsoft.PowerShell.Editor.resources.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 45568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\13ded54c292128122faea6a4380d4bca\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\104c56efa3a4835752536ed035bdf2d8\Microsoft.PowerShell.Commands.Diagnostics.resources.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 38912 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#e79c6a000be2c7df28ac68eb02a026d\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\86190801f195b014ec18234ad4816432\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 14848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\2cce9000758d15842b5bb7099bd83cde\Microsoft.BackgroundIntelligentTransfer.Management.resources.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 13824 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 69632 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 16896 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 40960 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 69632 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Editor.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 40960 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 49152 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 36864 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 10752 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 57344 c:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management\1.0.0.0__31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.dll
+ 2009-10-09 21:57 . 2009-10-09 21:57 20480 c:\windows\$968930Uinstall_KB968930$\PSCustomSetupUtil.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 2048 c:\windows\system32\winrsmgr.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 4608 c:\windows\system32\windowspowershell\v1.0\pwrshmsg.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 4096 c:\windows\system32\windowspowershell\v1.0\powershell_ise.resources.dll
+ 2010-09-13 05:18 . 2008-04-13 23:00 7168 c:\windows\system32\ReinstallBackups027\DriverFiles\i386\hccoin.dll
+ 2010-09-13 05:55 . 2008-04-13 23:00 5504 c:\windows\system32\ReinstallBackups026\DriverFiles\i386\intelide.sys
+ 2008-04-13 23:00 . 2001-08-17 20:51 3328 c:\windows\system32\drivers\pciide.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 3328 c:\windows\system32\drivers\pciide.sys
+ 2008-04-13 23:00 . 2001-08-17 20:51 3328 c:\windows\system32\dllcache\pciide.sys
+ 2010-09-13 04:20 . 2010-09-13 04:20 7168 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Runtime\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Runtime.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 9216 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 7168 c:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.resources.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 9216 c:\windows\$968930Uinstall_KB968930$\PSSetupNativeUtils.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 209408 c:\windows\system32\WsmWmiPl.dll
+ 2009-10-09 23:22 . 2009-10-09 23:22 368640 c:\windows\system32\WsmRes.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 139776 c:\windows\system32\WsmAuto.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 225280 c:\windows\system32\wsmanhttpconfig.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 233984 c:\windows\system32\winrscmd.dll
+ 2009-08-01 06:27 . 2009-08-01 06:27 201184 c:\windows\system32\winrm.vbs
+ 2009-10-09 23:23 . 2009-10-09 23:23 148480 c:\windows\system32\windowspowershell\v1.0\pspluginwkr.dll
+ 2009-10-09 21:57 . 2009-10-09 21:57 204800 c:\windows\system32\windowspowershell\v1.0\powershell_ise.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 448000 c:\windows\system32\windowspowershell\v1.0\powershell.exe
+ 2009-10-09 21:57 . 2009-10-09 21:57 112640 c:\windows\system32\windowspowershell\v1.0\Modules\BitsTransfer\microsoft.backgroundintelligenttransfer.management.interop.dll
+ 2009-07-16 17:22 . 2009-07-16 17:22 126976 c:\windows\system32\windowspowershell\v1.0\CompiledComposition.Microsoft.PowerShell.GPowerShell.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 178176 c:\windows\system32\wevtfwd.dll
+ 2008-07-30 03:59 . 2009-10-08 21:57 611328 c:\windows\system32\uiautomationcore.dll
+ 2010-09-13 05:18 . 2008-04-14 07:15 143872 c:\windows\system32\ReinstallBackups027\DriverFiles\i386\usbport.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 143872 c:\windows\system32\ReinstallBackups025\DriverFiles\i386\usbport.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 143872 c:\windows\system32\ReinstallBackups023\DriverFiles\i386\usbport.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 143872 c:\windows\system32\ReinstallBackups022\DriverFiles\i386\usbport.sys
+ 2010-09-13 04:03 . 2007-01-23 23:44 101136 c:\windows\system32\ReinstallBackups012\DriverFiles\KHALMNPR.Exe
+ 2010-03-28 09:13 . 2008-11-13 14:41 252544 c:\windows\system32\Prounstl.exe
+ 2007-11-29 00:25 . 2007-11-29 00:25 227928 c:\windows\system32\PRONtObj.dll
+ 2008-04-13 23:00 . 2009-10-08 21:57 220160 c:\windows\system32\oleacc.dll
+ 2006-04-07 18:07 . 2006-04-07 18:07 548864 c:\windows\system32\ncscrt8_p.dll
+ 2006-04-07 18:05 . 2006-04-07 18:05 622592 c:\windows\system32\ncscrt8.dll
+ 2008-12-11 23:13 . 2008-12-11 23:13 180224 c:\windows\system32\Ncs2Setp.dll
+ 2008-12-11 22:44 . 2008-12-11 22:44 145968 c:\windows\system32\ncs2instutility.dll
+ 2008-12-11 23:06 . 2008-12-11 23:06 756272 c:\windows\system32\ncs2dmix.dll
+ 2009-08-07 02:23 . 2009-08-07 02:23 215904 c:\windows\system32\muweb.dll
+ 2010-03-28 08:43 . 2008-05-02 09:40 117264 c:\windows\system32\KemWnd.dll
+ 2010-03-28 08:43 . 2008-05-02 09:39 145936 c:\windows\system32\KemUtil.dll
+ 2010-03-28 08:43 . 2008-05-02 09:39 170512 c:\windows\system32\kemutb.dll
- 2008-04-13 23:00 . 2008-04-13 23:00 143872 c:\windows\system32\drivers\usbport.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 143872 c:\windows\system32\drivers\usbport.sys
+ 2010-09-13 05:18 . 2008-04-13 23:00 143872 c:\windows\system32\drivers\system32\DRIVERS\usbport.sys
+ 2008-11-12 10:28 . 2008-11-12 10:28 115848 c:\windows\system32\drivers\ianswxp.sys
+ 2010-03-28 09:13 . 2008-08-20 21:18 171152 c:\windows\system32\drivers\e1000325.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 143872 c:\windows\system32\dllcache\usbport.sys
+ 2008-04-13 23:00 . 2009-10-08 21:57 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2010-09-13 05:17 . 2005-07-06 16:23 474624 c:\windows\system32\AsusUSBSwitch\AsusSetup.exe
+ 2008-12-11 23:06 . 2008-12-11 23:06 518704 c:\windows\system32\accesor.dll
+ 2010-06-04 15:26 . 1998-10-29 23:45 306688 c:\windows\IsUninst.exe
+ 2010-09-13 04:23 . 2010-09-13 04:23 250368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\e732ae44611dbec5dda52e088e17741d\System.Management.Automation.resources.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\a90fef2e90e3c1c1de3bf24a835dcfa0\Microsoft.WSMan.Management.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 737792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ff9583e53a4bec6da6aae423a613ba6c\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f449b2674e5198e37ce8642b27a94823\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8aece00b9a77cc2d75a921465abcce57\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\715cee741bcf47ecaf75a856c156f3cb\Microsoft.PowerShell.Security.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3d7d5070c97ef550f64bc835a8959341\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 253952 c:\windows\assembly\GAC_MSIL\System.Management.Automation.resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 274432 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 278528 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 651264 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 991232 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Editor.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 200704 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 618496 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 262144 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 102400 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.dll
+ 2010-09-13 04:20 . 2009-06-18 01:59 379184 c:\windows\$968930Uinstall_KB968930$\spuninst\updspapi.dll
+ 2010-09-13 04:20 . 2009-06-18 01:59 221488 c:\windows\$968930Uinstall_KB968930$\spuninst\spuninst.exe
+ 2009-10-09 23:23 . 2009-10-09 23:23 1107456 c:\windows\system32\WsmSvc.dll
+ 2010-03-28 08:43 . 2007-06-22 19:34 1419232 c:\windows\system32\WdfCoInstaller01005.dll
+ 2010-09-13 04:03 . 2007-06-22 19:34 1419232 c:\windows\system32\ReinstallBackups012\DriverFiles\WdfCoInstaller01005.dll
+ 2008-12-11 22:32 . 2008-12-11 22:32 1481264 c:\windows\system32\ncscolib.dll
+ 2010-09-13 04:03 . 2010-09-13 04:03 2933248 c:\windows\Installer\e9829.msi
+ 2010-09-13 04:02 . 2010-09-13 04:02 2587648 c:\windows\Installer\e980c.msi
+ 2010-09-13 05:32 . 2010-09-13 05:32 5319680 c:\windows\Installer\7ebba.msi
+ 2010-09-13 04:23 . 2010-09-13 04:23 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\47a2229038c869951b36a1081a3c8768\System.Management.Automation.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6408339c6991217900316808e44f5158\Microsoft.PowerShell.Editor.ni.dll
+ 2010-09-13 04:21 . 2010-09-13 04:21 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3a9a012a1f912cefb0ef9f69781264c8\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\27894b3ee67930492bb4925dc27c9e6b\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 2682880 c:\windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll
+ 2010-09-13 04:18 . 2010-09-13 04:18 20242432 c:\windows\Installer\c6716.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-08-25 14:36 70264 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-10-19 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-10-19 126976]
"readericon10"="c:\program files\Multimedia Card Reader\readericon10.exe" [2007-05-03 131072]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-08-10 421888]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"Asus USB Switch"="c:\windows\system32\AsusUSBSwitch\AsUsbSw.exe" [2005-10-27 20480]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-8-19 503808]

c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-3-10 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 09:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/12/2010 12:08 PM 165584]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [8/25/2010 7:40 AM 76768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/12/2010 12:08 PM 17744]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [3/28/2010 1:43 AM 10640]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9/3/2010 5:01 PM 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9/3/2010 5:01 PM 20952]
S0 cerc6;cerc6; [x]
S1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS --> c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.SYS --> c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [?]
S3 libusb0;LibUsb-Win32 - Kernel Driver 1.1.14.3, 06/11/2010;c:\windows\system32\drivers\libusb0.sys [6/14/2010 9:13 PM 21504]
S3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS --> c:\program files\SUPERAntiSpyware\SASENUM.SYS [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [4/13/2008 4:00 PM 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder

2010-09-13 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-09-07 21:11]

2010-09-13 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-09-07 18:08]

2010-09-13 c:\windows\Tasks\Driver Robot.job
- c:\program files\Driver Robot\Driver Robot.lnk [2010-09-13 04:49]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5555
IE: &Download All using 4shared Desktop
IE: &Download All with FlashGet
IE: &Download with FlashGet
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
LSP: c:\windows\system32\idmmbc.dll
FF - ProfilePath - c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\documents and settings\Administrator.ALO.000\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

BHO-{9384bd4c-dd14-4be9-80f7-f6277511e4f5} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, <a href="http://www.gmer.net" target="_blank">http://www.gmer.net</a>
Rootkit scan 2010-09-13 11:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{148c1a30-91e2-428c-b867-0575c5c799f6}]
@Denied: (Full) (Everyone)
"Model"=dword:000000f1
"Therad"=dword:00000017

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):52,c1,bb,99,4f,5c,1d,a5,2c,87,8f,35,b7,db,6c,6e,83,3b,e1,85,d2,
e0,59,4b,75,1a,5f,0b,03,85,19,ea,bb,a9,17,13,db,29,0f,f7,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(800)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(2428)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\Internet Download Manager\IDMShellExt.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-09-13 11:53:55
ComboFix-quarantined-files.txt 2010-09-13 18:53
ComboFix2.txt 2010-09-10 19:27

Pre-Run: 24,770,605,056 bytes free
Post-Run: 24,952,274,944 bytes free

- - End Of File - - 4FBB1F7D17FFCDDC5E9095EB35A78A3C
 

Rydian

Resident Furvert™
Member
Joined
Feb 4, 2010
Messages
27,880
Trophies
0
Age
36
Location
Cave Entrance, Watching Cyan Write Letters
Website
rydian.net
XP
9,111
Country
United States
That dump reports...

9/13/2010 3:43:20 PM
IRQL_NOT_LESS_OR_EQUAL
0x1000000a
0x5939700d
0x00000002
0x00000001
0x804e2ebd

idmtdi.sys
tcpip.sys
aswTdi.SYS
One of those three files could be it for that dump...

But the fact that you're seeing multiple types of errors with different "roots" means it's either some type of infection as raulpica said... or perhaps a memory error. If it turns out to not be an infection, follow the guide in the spoiler.

[*]http://www.memtest.org/#downiso

Go there and choose the "Download - Pre-Compiled Bootable ISO (.zip)".

Download the zip file, extract the .iso out of it (like, drag it out of the zipped folder onto ypur desktop or somewhere), and then use some CD burning program that can burn iso images to disc as a disc image (like burnatonce, which is free), simply burning that file onto a disc as a single file will not work.

Generally in the program, you'd go to "file" and "open disc image" or "open image" or something and point it to the .iso and it takes care of the rest.

Since it's an OS CD, I suggest burning it at a rather slow speed, like 2x or 4x or 8x, just to make sure there's no errors during burning. Just go read a book or something while it's burning.

[*]When it's done, leave the CD in the computer, and turn the computer off. Unplug it (from the power), wait a minute, and then open it. You might need a screwdriver to unscrew a screw at the back of the case, some computers you can just slide the side panel off, whatever, as long as you open it.

This is what a stick of ram generally looks like, and this is where ram goes. That's four slots right next to eachother in the picture (with two of the slots filled), your computer might have more or less slots. The slots are almost always right up against each other in the computer like you see in the image.
http://static.howstuffworks.com/gif/upgrade-pc-ram-2.jpg

You see how the white tabs on one empty slot are pulled back? You do that and it allows you to pull the ram out, and when you push the ram in, they should get pushed back into place.

If you have more than one stick of ram, take one out and keep it on your desk or something, because the point is to test the sticks one at a time. If you only have one stick, that's fine, you'll just be testing that one.

[*]Then start your computer. If it tells you to press a certain key to boot from CD while it's starting up, press that key. The memtest should start. It will do some tests, and then repeat those tests. When it's done with the first set of tests, that's all you need. If it doesn't find any errors after running through the tests the first time, it's safe to assume that stick you're testing is good, go ahead and shut off the computer (you won't damage it while it's testing!), and try the other stick if there is one to test.

When you're trying to put a stick of ram back in, if it won't go in, try turning it around, as it'll only go in one way. If there's enough light you can probably see how the notches in the bottom of the ram match up to the notches in the slot.
If one of the sticks is found to be bad, tell us. It will need to be replaced, and we'll help you find info on replacing it without costing much money if possible.
 

alo123

Well-Known Member
OP
Member
Joined
Apr 21, 2009
Messages
169
Trophies
0
XP
217
Country
United States
Would burning it on a dvd+r work because I do not have any
blank cds

Edit: Forgot my computer can not read dvd+r

Also how can I tell if my computer is infected because I ran malwarebytes
and avast but they do not find anything
 

alo123

Well-Known Member
OP
Member
Joined
Apr 21, 2009
Messages
169
Trophies
0
XP
217
Country
United States
I uninstalled avast and installed a new antivirus program and I have not had
any random crashes I think it might have been avast causing the problems
 

raulpica

With your drill, thrust to the sky!
Former Staff
Joined
Oct 23, 2007
Messages
11,056
Trophies
0
Location
PowerLevel: 9001
XP
5,716
Country
Italy
Well, nice to know. The ComboFix log is pretty cluttered, but there doesn't seem to be anything harmful in there.

Switch either to AntiVir or Microsoft Security Essential.

Personally, I've never liked Avast.
 

Originality

Chibi-neko
Member
Joined
Apr 21, 2008
Messages
5,716
Trophies
1
Age
35
Location
London, UK
Website
metalix.deviantart.com
XP
1,904
Country
AVG, Avast and earlier versions of McAffee. In the past I've dealt with viruses specifically designed to hijack all three AV programs. Of course, in those days there were viruses for Norton and several other AV programs, but they weren't so easy to execute. Because of that, I've always found AVG especially to be a joke in the AV world.

There is no better AV solution than a knowledged person's wits (and uncommon sense - the number of MSN STIs I've seen spread around... and I've even seen 2 more people infected with them only last week!)
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    LeoTCK @ LeoTCK: yes for nearly a month i was officially a wanted fugitive, until yesterday when it ended