i was told by an router tech(net gear) that because of an infection i have i/he was unable to access or change my forgotten wifi passord, he said it was a network infection and both my computers were infected, i hope i am posting this all right, i do have a windows xp cd but i am not sure if it is for my laptop or desktop, i initially submitted a report on my laptop a few days ago and am still waiting for a response, but this is my desktop and it has gotten 10 times worse!! super slow, freezing, shockwave crashing all the time, almost unusable, i know this will take some time and am waiting patiently. this router tech told me even if i was to get a new computer it would still get this virus because of the network? both of my computers are pretty old and both were bought refurbished awhile ago;/ i am at my wits end because i have a online store and have had a hard time printing postage and stuff:angry:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 12:29:02 on 2012-09-21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.390 [GMT -5:00]
.
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\Stamps.com Internet Postage\ipostage.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
c:\program files\avira\antivir desktop\ipmGui.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11g_ActiveX.exe -update activex
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
uPolicies-explorer: NoInstrumentation = 1 (0x1)
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1278466436234
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1278471706093
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{14C78B23-57AA-4125-AAE3-7BD5B74EC2BA} : DhcpNameServer = 192.168.1.1
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-12-29 64288]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-23 36000]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2011-11-17 913792]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-23 86224]
R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2011-10-23 110032]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-23 83392]
S?2 LMIRescue_a18a8ea3-2ee0-46e9-8420-266326199d19;LogMeIn Rescue (a18a8ea3-2ee0-46e9-8420-266326199d19);c:\documents and settings\administrator\local settings\application data\logmein rescue applet\lmir0002.tmp\LMI_Rescue_srv.exe [2012-9-12 2487208]
S?2 LMIRescue_f4074766-c948-4508-87b9-e0fbe84a11ca;LogMeIn Rescue (f4074766-c948-4508-87b9-e0fbe84a11ca);c:\documents and settings\administrator\local settings\application data\logmein rescue applet\lmir0001.tmp\LMI_Rescue_srv.exe [2012-9-12 2487208]
S1 MpKsl1b140f01;MpKsl1b140f01; [x]
S1 MpKsl2a78afff;MpKsl2a78afff; [x]
S1 MpKsl45029335;MpKsl45029335; [x]
S1 MpKsl5362fdfc;MpKsl5362fdfc; [x]
S1 MpKsl67131e9d;MpKsl67131e9d; [x]
S1 MpKsl72343fe0;MpKsl72343fe0; [x]
S1 MpKsl88d70b12;MpKsl88d70b12; [x]
S1 MpKsl96e79da2;MpKsl96e79da2; [x]
S1 MpKslc5bc81e0;MpKslc5bc81e0; [x]
S1 MpKslf0b77a83;MpKslf0b77a83; [x]
S2 Ca533av;Icatch(IV) Video Camera Device;c:\windows\system32\drivers\ca533av.sys --> c:\windows\system32\drivers\Ca533av.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-12-28 136176]
S2 SupportDockService.exe;Support Dock Service; [x]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-12-28 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; [x]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-28 14336]
S4 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
.
=============== Created Last 30 ================
.
2012-09-20 03:51:49 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-17 00:00:50 -------- d-----w- c:\documents and settings\all users\application data\{232FC370-3714-4F10-BC93-DA33AA1D6D22}
2012-09-15 00:11:25 -------- d-----w- c:\program files\ESET
2012-09-13 01:04:27 -------- d-sha-r- C:\cmdcons
2012-09-13 01:01:19 98816 ----a-w- c:\windows\sed.exe
2012-09-13 01:01:19 518144 ----a-w- c:\windows\SWREG.exe
2012-09-13 01:01:19 256000 ----a-w- c:\windows\PEV.exe
2012-09-13 01:01:19 208896 ----a-w- c:\windows\MBR.exe
2012-09-12 18:29:54 -------- d-----w- c:\windows\pss
2012-09-12 18:20:55 -------- d-----w- c:\documents and settings\administrator\local settings\application data\LogMeIn Rescue Applet
2012-09-10 15:16:04 388096 ----a-r- c:\documents and settings\administrator\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-08-24 21:04:15 -------- d-----w- c:\program files\iYogi Support Dock
.
==================== Find3M ====================
.
2012-08-16 15:01:08 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-08-16 15:01:08 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-07-23 20:59:24 22400 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ------w- c:\windows\system32\html.iec
.
============= FINISH: 12:30:52.17 ===============
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 12:29:02 on 2012-09-21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.390 [GMT -5:00]
.
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\Stamps.com Internet Postage\ipostage.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
c:\program files\avira\antivir desktop\ipmGui.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11g_ActiveX.exe -update activex
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
uPolicies-explorer: NoInstrumentation = 1 (0x1)
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1278466436234
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1278471706093
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{14C78B23-57AA-4125-AAE3-7BD5B74EC2BA} : DhcpNameServer = 192.168.1.1
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-12-29 64288]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-23 36000]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2011-11-17 913792]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-23 86224]
R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2011-10-23 110032]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-23 83392]
S?2 LMIRescue_a18a8ea3-2ee0-46e9-8420-266326199d19;LogMeIn Rescue (a18a8ea3-2ee0-46e9-8420-266326199d19);c:\documents and settings\administrator\local settings\application data\logmein rescue applet\lmir0002.tmp\LMI_Rescue_srv.exe [2012-9-12 2487208]
S?2 LMIRescue_f4074766-c948-4508-87b9-e0fbe84a11ca;LogMeIn Rescue (f4074766-c948-4508-87b9-e0fbe84a11ca);c:\documents and settings\administrator\local settings\application data\logmein rescue applet\lmir0001.tmp\LMI_Rescue_srv.exe [2012-9-12 2487208]
S1 MpKsl1b140f01;MpKsl1b140f01; [x]
S1 MpKsl2a78afff;MpKsl2a78afff; [x]
S1 MpKsl45029335;MpKsl45029335; [x]
S1 MpKsl5362fdfc;MpKsl5362fdfc; [x]
S1 MpKsl67131e9d;MpKsl67131e9d; [x]
S1 MpKsl72343fe0;MpKsl72343fe0; [x]
S1 MpKsl88d70b12;MpKsl88d70b12; [x]
S1 MpKsl96e79da2;MpKsl96e79da2; [x]
S1 MpKslc5bc81e0;MpKslc5bc81e0; [x]
S1 MpKslf0b77a83;MpKslf0b77a83; [x]
S2 Ca533av;Icatch(IV) Video Camera Device;c:\windows\system32\drivers\ca533av.sys --> c:\windows\system32\drivers\Ca533av.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-12-28 136176]
S2 SupportDockService.exe;Support Dock Service; [x]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-12-28 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; [x]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-28 14336]
S4 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
.
=============== Created Last 30 ================
.
2012-09-20 03:51:49 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-17 00:00:50 -------- d-----w- c:\documents and settings\all users\application data\{232FC370-3714-4F10-BC93-DA33AA1D6D22}
2012-09-15 00:11:25 -------- d-----w- c:\program files\ESET
2012-09-13 01:04:27 -------- d-sha-r- C:\cmdcons
2012-09-13 01:01:19 98816 ----a-w- c:\windows\sed.exe
2012-09-13 01:01:19 518144 ----a-w- c:\windows\SWREG.exe
2012-09-13 01:01:19 256000 ----a-w- c:\windows\PEV.exe
2012-09-13 01:01:19 208896 ----a-w- c:\windows\MBR.exe
2012-09-12 18:29:54 -------- d-----w- c:\windows\pss
2012-09-12 18:20:55 -------- d-----w- c:\documents and settings\administrator\local settings\application data\LogMeIn Rescue Applet
2012-09-10 15:16:04 388096 ----a-r- c:\documents and settings\administrator\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-08-24 21:04:15 -------- d-----w- c:\program files\iYogi Support Dock
.
==================== Find3M ====================
.
2012-08-16 15:01:08 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-08-16 15:01:08 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-07-23 20:59:24 22400 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ------w- c:\windows\system32\html.iec
.
============= FINISH: 12:30:52.17 ===============