BleepingComputer.com: Malware Damage

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Malware Damage

#1 User is offline   Dypro 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 6
  • Joined: 03-June 11

Posted 07 June 2011 - 10:27 PM

Ironically, I was browsing the internet and was about to download an antivirus. I downloaded Bitdefender, and it required me to install its software. It was a secure site, this was not the source of my problem. Anyways, I restarted, then I noticed I lost function of my mouse, along with my internet. I attempted to do a system restore but, that didn't work. When I clicked on it, it came out as a blank page.

I scanned my computer with MalwareBytes, and it found one Trojan.Agent. Still, the damage was done, I restarted and found no changes.

I decided to then repair install my computer. This resolved system restore functionality. However, I believe my mouse is still damaged. It's not the mouse itself, I believe it had something to do with some registry corrupted files or someother type of corrupted files. I know it cannot be the hardware itself because I JUST bought a new mouse and that didn't work either. Whoever can solve this problem is a genius!

Your help is immensely appreciated!

PS: I included a picture to show what it gives me in device manager!









ComboFix 11-06-06.01 - Owner 06/06/2011 10:29:46.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.755 [GMT -7:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: F:\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Owner\Application Data\oembios.exe
c:\documents and settings\Owner\Application Data\twex.exe
.
.
--------------- FCopy ---------------
.
c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll --> c:\windows\system32\mspmsnsv.dll
.
((((((((((((((((((((((((( Files Created from 2011-05-06 to 2011-06-06 )))))))))))))))))))))))))))))))
.
.
2011-06-06 17:26 . 2011-06-06 17:33 -------- d-----w- c:\windows\LastGood
2011-06-06 03:48 . 2011-06-06 03:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Systweak
2011-06-06 03:43 . 2011-06-06 03:43 -------- d-----w- c:\documents and settings\Owner\Application Data\Systweak
2011-06-06 03:42 . 2010-07-31 01:35 17136 ----a-w- c:\windows\system32\sasnative32.exe
2011-06-06 03:42 . 2011-06-06 03:52 -------- d-----w- c:\program files\Advanced System Optimizer 3
2011-06-06 03:22 . 2011-06-06 03:22 -------- d-----w- C:\found.000
2011-06-06 03:11 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-06-06 03:10 . 2010-07-16 12:05 1288192 -c----w- c:\windows\system32\dllcache\ole32.dll
2011-06-06 03:08 . 2010-08-17 13:17 58880 -c----w- c:\windows\system32\dllcache\spoolsv.exe
2011-06-06 03:07 . 2010-06-18 17:45 293376 -c----w- c:\windows\system32\dllcache\winsrv.dll
2011-06-06 03:06 . 2010-04-16 15:36 406016 -c----w- c:\windows\system32\dllcache\usp10.dll
2011-06-06 03:03 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-06-06 02:59 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-06-06 02:58 . 2011-06-06 02:58 -------- d-----w- c:\windows\system32\winrm
2011-06-06 02:58 . 2011-06-06 02:58 -------- d-----w- c:\windows\system32\GroupPolicy
2011-06-06 02:57 . 2011-06-06 02:58 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-06-06 02:54 . 2010-03-05 14:37 65536 -c----w- c:\windows\system32\dllcache\asycfilt.dll
2011-06-06 02:52 . 2011-03-07 05:33 692736 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2011-06-06 02:51 . 2009-12-24 06:59 177664 -c----w- c:\windows\system32\dllcache\wintrust.dll
2011-06-06 02:50 . 2010-02-12 04:33 100864 -c----w- c:\windows\system32\dllcache\6to4svc.dll
2011-06-06 02:50 . 2010-02-11 12:02 226880 -c----w- c:\windows\system32\dllcache\tcpip6.sys
2011-06-06 02:49 . 2010-01-13 14:01 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2011-06-06 02:46 . 2009-12-16 18:43 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
2011-06-06 02:45 . 2009-11-27 16:07 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2011-06-06 02:45 . 2009-11-27 16:07 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
2011-06-06 02:45 . 2009-11-27 16:07 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2011-06-06 02:45 . 2009-11-27 16:07 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2011-06-06 02:43 . 2009-11-27 17:11 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2011-06-06 02:43 . 2010-02-05 18:27 1291776 -c----w- c:\windows\system32\dllcache\quartz.dll
2011-06-06 02:42 . 2009-12-08 09:23 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
2011-06-06 02:42 . 2010-08-27 08:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-06-06 02:42 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-06-06 02:40 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-06-06 02:39 . 2009-10-13 10:30 270336 -c----w- c:\windows\system32\dllcache\oakley.dll
2011-06-06 02:38 . 2009-10-12 13:38 149504 -c----w- c:\windows\system32\dllcache\rastls.dll
2011-06-06 02:38 . 2009-10-12 13:38 79872 -c----w- c:\windows\system32\dllcache\raschap.dll
2011-06-06 02:37 . 2010-06-14 07:41 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-06-06 02:36 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2011-06-06 02:36 . 2010-12-22 12:34 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2011-06-06 02:36 . 2010-06-30 12:31 149504 -c----w- c:\windows\system32\dllcache\schannel.dll
2011-06-06 02:36 . 2009-09-11 14:18 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2011-06-06 02:36 . 2009-06-25 08:25 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2011-06-06 02:35 . 2009-07-17 16:22 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2011-06-06 02:34 . 2009-09-04 21:03 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2011-06-06 02:33 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-06-06 02:32 . 2009-06-10 06:14 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll
2011-06-06 02:31 . 2009-08-05 09:01 204800 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2011-06-06 02:31 . 2009-06-12 12:31 76288 -c----w- c:\windows\system32\dllcache\telnet.exe
2011-06-06 02:30 . 2009-07-17 19:01 58880 -c----w- c:\windows\system32\dllcache\atl.dll
2011-06-06 02:28 . 2009-05-07 15:32 345600 -c----w- c:\windows\system32\dllcache\localspl.dll
2011-06-06 02:27 . 2009-06-25 08:25 56832 -c----w- c:\windows\system32\dllcache\secur32.dll
2011-06-06 02:27 . 2009-03-21 14:06 989696 -c----w- c:\windows\system32\dllcache\kernel32.dll
2011-06-06 02:26 . 2009-08-25 09:17 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
2011-06-06 02:25 . 2008-06-12 14:23 91648 -c----w- c:\windows\system32\dllcache\mtxoci.dll
2011-06-06 02:25 . 2008-06-12 14:23 956928 -c----w- c:\windows\system32\dllcache\msdtctm.dll
2011-06-06 02:25 . 2008-06-12 14:23 66560 -c----w- c:\windows\system32\dllcache\mtxclu.dll
2011-06-06 02:25 . 2008-06-12 14:23 58880 -c----w- c:\windows\system32\dllcache\msdtclog.dll
2011-06-06 02:25 . 2008-06-12 14:23 161792 -c----w- c:\windows\system32\dllcache\msdtcuiu.dll
2011-06-06 02:22 . 2008-10-23 12:36 286720 -c----w- c:\windows\system32\dllcache\gdi32.dll
2011-06-06 02:20 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-06-06 02:19 . 2008-08-28 07:46 104960 -c----w- c:\windows\system32\dllcache\win32spl.dll
2011-06-06 02:19 . 2008-08-28 07:46 74752 -c----w- c:\windows\system32\dllcache\msw3prt.dll
2011-06-06 02:18 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-06-06 02:17 . 2008-07-07 20:26 253952 -c----w- c:\windows\system32\dllcache\es.dll
2011-06-06 02:15 . 2008-06-24 16:43 74240 -c----w- c:\windows\system32\dllcache\mscms.dll
2011-06-06 02:10 . 2008-05-09 10:53 90112 -c----w- c:\windows\system32\dllcache\wshext.dll
2011-06-06 02:10 . 2008-05-09 10:53 172032 -c----w- c:\windows\system32\dllcache\scrrun.dll
2011-06-06 02:10 . 2008-05-09 10:53 180224 -c----w- c:\windows\system32\dllcache\scrobj.dll
2011-06-06 02:10 . 2011-03-04 06:45 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2011-06-06 02:10 . 2011-03-04 06:45 434176 -c----w- c:\windows\system32\dllcache\vbscript.dll
2011-06-06 02:10 . 2008-05-09 08:45 135168 -c----w- c:\windows\system32\dllcache\cscript.exe
2011-06-06 02:10 . 2008-05-08 11:24 155648 -c----w- c:\windows\system32\dllcache\wscript.exe
2011-06-06 02:08 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-06-06 02:07 . 2011-06-06 02:07 -------- d-----w- c:\program files\MSSOAP
2011-06-06 02:06 . 2011-06-06 17:33 -------- d-----w- c:\program files\BitDefender
2011-06-06 01:39 . 2011-02-17 13:51 81920 -c----w- c:\windows\system32\dllcache\ieencode.dll
2011-06-06 01:38 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-06-06 01:34 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-06-06 01:30 . 2011-06-06 01:30 -------- d-----w- c:\program files\IObit
2011-06-06 01:20 . 2011-02-17 13:18 455936 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-06-06 01:13 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-06-06 01:13 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2011-06-06 01:13 . 2010-08-16 08:45 590848 ----a-w- c:\windows\system32\SET6E.tmp
2011-06-06 01:11 . 2011-06-06 01:11 -------- d-----w- c:\windows\Internet Logs
2011-06-06 00:30 . 2008-04-14 12:42 218624 ----a-w- c:\windows\system32\uxtheme.uxtender
2011-06-05 22:06 . 2011-06-05 22:12 -------- d-----w- c:\windows\system32\wbem\Repository.001
2011-06-05 22:06 . 2009-07-31 17:05 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll
2011-06-05 22:06 . 2008-04-14 05:57 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2011-06-05 22:06 . 2008-04-14 12:42 380416 ------w- c:\windows\system32\irprops.cpl
2011-06-05 22:02 . 2006-12-29 07:31 19569 ----a-w- c:\windows\003232_.tmp
2011-06-05 21:56 . 2004-07-14 22:36 57344 ----a-w- c:\windows\system32\ICONSPY.EXE
2011-06-05 21:56 . 2007-04-25 18:06 18944 ----a-w- c:\windows\system32\drivers\PELMOUSE.SYS
2011-06-05 21:56 . 2007-04-12 00:08 17920 ----a-w- c:\windows\system32\drivers\pelusblf.sys
2011-06-05 18:00 . 2004-08-20 22:50 159744 ----a-w- c:\windows\system32\igfxres.dll
2011-06-05 17:52 . 2011-06-05 17:52 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-06-05 17:52 . 2011-06-06 00:52 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-06-05 17:52 . 2011-06-06 00:52 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-06-04 20:29 . 2009-08-07 02:24 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2011-06-04 19:55 . 2011-06-04 19:55 -------- d-----w- C:\WUTemp
2011-06-04 19:55 . 2008-04-14 12:41 191488 ----a-w- c:\windows\system32\iuengine.dll
2011-06-04 19:29 . 2003-07-16 20:22 10129408 -c--a-w- c:\windows\system32\dllcache\hwxkor.dll
2011-06-04 19:22 . 2008-04-14 12:42 45568 ----a-w- c:\windows\system32\safrslv.dll
2011-06-04 19:19 . 2008-04-14 07:15 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2011-06-04 19:19 . 2008-04-14 07:15 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2011-06-04 19:18 . 2008-04-14 07:10 57600 ----a-w- c:\windows\system32\drivers\redbook.sys
2011-06-04 19:15 . 2003-07-16 20:54 7046 ----a-r- c:\windows\SETA7.tmp
2011-06-04 19:15 . 2003-07-16 20:30 13608 ----a-r- c:\windows\SET95.tmp
2011-06-04 19:15 . 2003-07-16 20:39 1086182 ----a-r- c:\windows\SET7E.tmp
2011-06-04 18:36 . 2003-07-16 20:54 7046 ----a-r- c:\windows\SET9C.tmp
2011-06-04 18:36 . 2003-07-16 20:30 13608 ----a-r- c:\windows\SET8A.tmp
2011-06-04 18:36 . 2003-07-16 20:39 1086182 ----a-r- c:\windows\SET70.tmp
2011-06-04 18:08 . 2003-07-16 20:54 7046 ----a-r- c:\windows\SET8E.tmp
2011-06-04 18:08 . 2003-07-16 20:30 13608 ----a-r- c:\windows\SET7C.tmp
2011-06-04 18:08 . 2003-07-16 20:39 1086182 ----a-r- c:\windows\SET63.tmp
2011-06-04 08:35 . 2003-07-16 20:54 7046 ----a-r- c:\windows\SET80.tmp
2011-06-04 08:35 . 2003-07-16 20:30 13608 ----a-r- c:\windows\SET6E.tmp
2011-06-04 08:34 . 2003-07-16 20:39 1086182 ----a-r- c:\windows\SET51.tmp
2011-06-04 08:28 . 2003-07-16 20:54 7046 ----a-r- c:\windows\SET75.tmp
2011-06-04 08:28 . 2003-07-16 20:30 13608 ----a-r- c:\windows\SET60.tmp
2011-06-04 08:28 . 2003-07-16 20:39 1086182 ----a-r- c:\windows\SET48.tmp
2011-06-04 08:18 . 2003-07-16 20:54 7046 ----a-r- c:\windows\SET64.tmp
2011-06-04 08:18 . 2003-07-16 20:30 13608 ----a-r- c:\windows\SET52.tmp
2011-06-04 08:18 . 2003-07-16 20:39 1086182 ----a-r- c:\windows\SET46.tmp
2011-06-04 07:14 . 2003-07-16 20:54 7046 ----a-r- c:\windows\SET62.tmp
2011-06-04 07:14 . 2003-07-16 20:30 13608 ----a-r- c:\windows\SET50.tmp
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-06 00:30 . 2003-07-16 20:49 218624 ----a-w- c:\windows\system32\uxtheme.dll
2011-04-06 23:20 . 2011-04-06 23:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 23:20 . 2011-04-06 23:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 23:20 . 2011-04-06 23:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 23:20 . 2011-04-06 23:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-08 17:37 . 2010-07-08 17:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-05_22.39.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-06-06 17:14 . 2011-06-06 17:14 16384 c:\windows\Temp\Perflib_Perfdata_3bc.dat
+ 2009-10-09 21:56 . 2009-10-09 21:56 14848 c:\windows\system32\wsmprovhost.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 12288 c:\windows\system32\wsmplpxy.dll
+ 2003-07-16 20:53 . 2008-05-09 10:53 90112 c:\windows\system32\wshext.dll
- 2003-07-16 20:53 . 2008-04-14 12:42 90112 c:\windows\system32\wshext.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 12288 c:\windows\system32\winrssrv.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 22528 c:\windows\system32\winrshost.exe
+ 2009-10-09 23:22 . 2009-10-09 23:22 69632 c:\windows\system32\winrs.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 25088 c:\windows\system32\winrmprov.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 24064 c:\windows\system32\WindowsPowerShell\v1.0\pwrshsip.dll
+ 2003-07-16 20:50 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2003-07-16 20:47 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe
+ 2003-07-16 20:46 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll
+ 2003-07-16 20:46 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2011-04-05 02:27 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
- 2011-04-05 02:27 . 2007-08-11 03:46 17272 c:\windows\system32\spmsg.dll
+ 2003-07-16 20:44 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
+ 2003-07-16 20:43 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
- 2003-07-16 20:42 . 2008-04-14 12:42 79872 c:\windows\system32\raschap.dll
+ 2003-07-16 20:42 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
+ 2009-10-09 23:22 . 2009-10-09 23:22 42496 c:\windows\system32\pwrshplugin.dll
+ 2005-10-29 06:49 . 2005-10-29 06:49 84480 c:\windows\system32\pintool.exe
- 2003-07-16 20:41 . 2011-06-05 22:21 67416 c:\windows\system32\perfc009.dat
+ 2003-07-16 20:41 . 2011-06-06 03:28 67416 c:\windows\system32\perfc009.dat
+ 2003-07-16 20:40 . 2009-10-08 21:56 20480 c:\windows\system32\oleaccrc.dll
+ 2011-06-04 19:21 . 2008-06-12 14:23 91648 c:\windows\system32\mtxoci.dll
- 2011-06-04 19:21 . 2008-04-14 12:42 91648 c:\windows\system32\mtxoci.dll
+ 2003-07-16 20:37 . 2008-06-12 14:23 66560 c:\windows\system32\mtxclu.dll
- 2003-07-16 20:37 . 2008-04-14 12:42 66560 c:\windows\system32\mtxclu.dll
+ 2001-08-17 22:36 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2003-07-16 20:36 . 2008-08-28 07:46 74752 c:\windows\system32\msw3prt.dll
+ 2003-07-16 20:36 . 2009-11-27 16:07 28672 c:\windows\system32\msvidc32.dll
- 2003-07-16 20:36 . 2008-04-14 12:42 11264 c:\windows\system32\msrle32.dll
+ 2003-07-16 20:36 . 2009-11-27 16:07 11264 c:\windows\system32\msrle32.dll
- 2011-06-04 19:21 . 2008-04-14 12:42 58880 c:\windows\system32\msdtclog.dll
+ 2011-06-04 19:21 . 2008-06-12 14:23 58880 c:\windows\system32\msdtclog.dll
+ 2003-07-16 20:35 . 2008-06-24 16:43 74240 c:\windows\system32\mscms.dll
+ 2003-07-16 20:35 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll
- 2011-06-04 19:22 . 2008-04-14 12:41 81920 c:\windows\system32\isign32.dll
+ 2011-06-04 19:22 . 2010-11-18 18:12 81920 c:\windows\system32\isign32.dll
- 2003-07-16 20:29 . 2008-04-14 12:41 80384 c:\windows\system32\iccvid.dll
+ 2003-07-16 20:29 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
+ 2003-07-16 20:28 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
+ 2003-07-16 20:37 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
+ 2003-07-16 20:31 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2003-07-16 20:27 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
- 2003-07-16 20:27 . 2008-04-14 12:41 45568 c:\windows\system32\dnsrslvr.dll
+ 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2003-07-16 20:43 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe
+ 2003-07-16 20:40 . 2009-10-08 21:56 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2003-07-16 20:36 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2010-08-03 05:20 . 2008-04-14 12:42 52224 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
+ 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2010-12-09 14:30 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2003-07-16 20:26 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll
+ 2003-07-16 20:25 . 2010-01-13 14:01 86016 c:\windows\system32\cabview.dll
+ 2005-10-29 06:49 . 2005-10-29 06:49 25600 c:\windows\system32\bcsprsrc.dll
+ 2005-10-28 23:40 . 2005-10-28 23:40 96792 c:\windows\system32\basecsp.dll
+ 2003-07-16 20:24 . 2009-11-27 16:07 84992 c:\windows\system32\avifil32.dll
- 2003-07-16 20:24 . 2008-04-14 12:41 84992 c:\windows\system32\avifil32.dll
+ 2003-07-16 20:24 . 2009-07-17 19:01 58880 c:\windows\system32\atl.dll
- 2003-07-16 20:24 . 2008-04-14 12:41 58880 c:\windows\system32\atl.dll
+ 2003-07-16 20:24 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
+ 2011-06-06 17:27 . 2010-01-20 02:32 85128 c:\windows\LastGood\system32\DRIVERS\bdvedisk.sys
+ 2011-06-06 02:12 . 2011-06-06 02:12 57344 c:\windows\Installer\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\texticon.exe
+ 2011-06-06 02:43 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2011-06-06 02:45 . 2009-11-27 16:07 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\d3184c93213fa6a13593dd95c68ba607\Microsoft.WSMan.Runtime.ni.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\04bb1138bd0eb5ed341d9b4a0bbd6c0b\Microsoft.WSMan.Management.resources.ni.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 24576 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dc1c1449f51f84dd5228441c9c5be758\Microsoft.PowerShell.GraphicalHost.resources.ni.dll
+ 2011-06-06 03:00 . 2011-06-06 03:00 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dba3472e7f1a9f4a6cfef4b1bd84f5ad\Microsoft.PowerShell.Commands.Diagnostics.resources.ni.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c4895ae8fcf6ed13f29691ba96c3f7c1\Microsoft.PowerShell.GPowerShell.resources.ni.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b568f16d2a9908a326769e7d1784f7a2\Microsoft.PowerShell.Security.resources.ni.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 67072 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b116c22af6c8dbe51dce002e4dd4e594\Microsoft.PowerShell.Editor.resources.ni.dll
+ 2011-06-06 03:01 . 2011-06-06 03:01 38912 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5ba798388411ce372f8b38bb9c13dacd\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2011-06-06 03:01 . 2011-06-06 03:01 45568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\54bed570c51fd36183f85caa3c11e1f5\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2011-06-06 03:00 . 2011-06-06 03:00 31744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\50e4f78521a12824b109c03e100d54e6\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2011-06-06 02:59 . 2011-06-06 02:59 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\cb10e8baec74ef36db1c6d53018d1ef4\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll
+ 2011-06-06 02:59 . 2011-06-06 02:59 14848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\20887c41d4b8a21914aef9d74e1e8db1\Microsoft.BackgroundIntelligentTransfer.Management.resources.ni.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 13824 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 69632 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 16896 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.resources.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 40960 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.resources.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 69632 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Editor.resources.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 40960 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.resources.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 49152 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.resources.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 36864 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.resources.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 10752 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 57344 c:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management\1.0.0.0__31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.dll
+ 2009-10-09 21:57 . 2009-10-09 21:57 20480 c:\windows\$968930Uinstall_KB968930$\PSCustomSetupUtil.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 2048 c:\windows\system32\winrsmgr.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 4608 c:\windows\system32\WindowsPowerShell\v1.0\pwrshmsg.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 4096 c:\windows\system32\WindowsPowerShell\v1.0\powershell_ise.resources.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\tsbyuv.dll
+ 2011-06-06 02:45 . 2009-11-27 16:07 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 7168 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Runtime\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Runtime.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 9216 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.resources.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 7168 c:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.resources.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 9216 c:\windows\$968930Uinstall_KB968930$\PSSetupNativeUtils.exe
+ 2007-01-31 21:50 . 2007-01-31 21:50 913408 c:\windows\system32\xreglib.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 209408 c:\windows\system32\WsmWmiPl.dll
+ 2009-10-09 23:22 . 2009-10-09 23:22 368640 c:\windows\system32\WsmRes.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 139776 c:\windows\system32\WsmAuto.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 225280 c:\windows\system32\wsmanhttpconfig.exe
- 2003-07-16 20:53 . 2008-04-14 12:42 155648 c:\windows\system32\wscript.exe
+ 2003-07-16 20:53 . 2008-05-08 11:24 155648 c:\windows\system32\wscript.exe
+ 2003-07-16 20:52 . 2009-06-10 06:14 132096 c:\windows\system32\wkssvc.dll
- 2003-07-16 20:52 . 2008-04-14 12:42 132096 c:\windows\system32\wkssvc.dll
+ 2003-07-16 20:51 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
+ 2003-07-16 20:51 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
- 2003-07-16 20:51 . 2008-04-14 12:42 293376 c:\windows\system32\winsrv.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 233984 c:\windows\system32\winrscmd.dll
+ 2009-08-01 06:27 . 2009-08-01 06:27 201184 c:\windows\system32\winrm.vbs
+ 2003-07-16 20:51 . 2011-02-17 13:51 667136 c:\windows\system32\wininet.dll
+ 2001-09-07 18:41 . 2001-09-07 18:41 290816 c:\windows\system32\WINHTTP5.DLL
+ 2003-07-16 20:51 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 148480 c:\windows\system32\WindowsPowerShell\v1.0\pspluginwkr.dll
+ 2009-10-09 21:57 . 2009-10-09 21:57 204800 c:\windows\system32\WindowsPowerShell\v1.0\powershell_ise.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 448000 c:\windows\system32\WindowsPowerShell\v1.0\powershell.exe
+ 2009-10-09 21:57 . 2009-10-09 21:57 112640 c:\windows\system32\WindowsPowerShell\v1.0\Modules\BitsTransfer\microsoft.backgroundintelligenttransfer.management.interop.dll
+ 2009-07-16 17:22 . 2009-07-16 17:22 126976 c:\windows\system32\WindowsPowerShell\v1.0\CompiledComposition.Microsoft.PowerShell.GPowerShell.dll
+ 2003-07-16 20:51 . 2008-08-28 07:46 104960 c:\windows\system32\win32spl.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 178176 c:\windows\system32\wevtfwd.dll
+ 2011-06-04 19:21 . 2009-02-06 10:10 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2011-06-04 19:21 . 2009-02-09 12:10 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2011-06-04 19:21 . 2009-02-09 12:10 473600 c:\windows\system32\wbem\fastprox.dll
- 2003-07-16 20:49 . 2008-04-14 12:42 434176 c:\windows\system32\vbscript.dll
+ 2003-07-16 20:49 . 2011-03-04 06:45 434176 c:\windows\system32\vbscript.dll
+ 2003-07-16 20:49 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
- 2003-07-16 20:49 . 2008-04-14 12:42 406016 c:\windows\system32\usp10.dll
+ 2003-07-16 20:49 . 2011-02-17 13:51 629760 c:\windows\system32\urlmon.dll
+ 2008-07-30 02:59 . 2009-10-08 21:57 611328 c:\windows\system32\uiautomationcore.dll
+ 2003-07-16 20:47 . 2010-08-27 08:02 119808 c:\windows\system32\t2embed.dll
+ 2003-07-16 20:46 . 2009-08-26 08:00 247326 c:\windows\system32\strmdll.dll
+ 2003-07-16 20:44 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
- 2003-07-16 20:44 . 2008-04-14 12:42 135168 c:\windows\system32\shsvcs.dll
+ 2003-07-16 20:44 . 2009-12-08 09:23 474112 c:\windows\system32\shlwapi.dll
- 2003-07-16 20:44 . 2008-04-14 12:42 474112 c:\windows\system32\shlwapi.dll
+ 2003-07-16 20:44 . 2011-01-21 14:44 439296 c:\windows\system32\shimgvw.dll
+ 2003-07-16 20:44 . 2009-02-06 11:11 110592 c:\windows\system32\services.exe
+ 2003-07-16 20:44 . 2008-05-09 10:53 172032 c:\windows\system32\scrrun.dll
- 2003-07-16 20:44 . 2008-04-14 12:42 172032 c:\windows\system32\scrrun.dll
+ 2003-07-16 20:44 . 2008-05-09 10:53 180224 c:\windows\system32\scrobj.dll
- 2003-07-16 20:44 . 2008-04-14 12:42 180224 c:\windows\system32\scrobj.dll
+ 2003-07-16 20:43 . 2010-06-30 12:31 149504 c:\windows\system32\schannel.dll
+ 2003-07-16 20:43 . 2011-02-09 13:53 270848 c:\windows\system32\sbe.dll
- 2003-07-16 20:43 . 2008-04-14 12:42 270848 c:\windows\system32\sbe.dll
+ 2003-07-16 20:43 . 2009-02-09 12:10 401408 c:\windows\system32\rpcss.dll
+ 2003-07-16 20:42 . 2009-10-12 13:38 149504 c:\windows\system32\rastls.dll
+ 2003-07-16 20:41 . 2011-06-06 03:28 432302 c:\windows\system32\perfh009.dat
- 2003-07-16 20:41 . 2011-06-05 22:21 432302 c:\windows\system32\perfh009.dat
- 2003-07-16 20:41 . 2008-04-14 12:42 284160 c:\windows\system32\pdh.dll
+ 2003-07-16 20:41 . 2009-03-06 14:22 284160 c:\windows\system32\pdh.dll
+ 2003-07-16 20:40 . 2009-10-08 21:57 220160 c:\windows\system32\oleacc.dll
+ 2003-07-16 20:40 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll
- 2003-07-16 20:40 . 2008-04-14 12:42 249856 c:\windows\system32\odbc32.dll
+ 2003-07-16 20:40 . 2009-10-13 10:30 270336 c:\windows\system32\oakley.dll
- 2003-07-16 20:40 . 2008-04-14 12:42 270336 c:\windows\system32\oakley.dll
+ 2003-07-16 20:39 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll
+ 2003-07-16 20:37 . 2008-10-15 16:34 337408 c:\windows\system32\netapi32.dll
- 2003-07-16 20:37 . 2008-04-14 12:42 337408 c:\windows\system32\netapi32.dll
+ 2003-07-16 20:37 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
- 2003-07-16 20:37 . 2008-04-14 12:42 245248 c:\windows\system32\mswsock.dll
+ 2003-07-16 20:37 . 2009-08-05 09:01 204800 c:\windows\system32\mswebdvd.dll
+ 2003-07-16 20:36 . 2009-09-11 14:18 136192 c:\windows\system32\msv1_0.dll
- 2011-06-04 19:21 . 2008-04-14 12:42 677888 c:\windows\system32\mstsc.exe
+ 2011-06-04 19:21 . 2011-01-27 11:57 677888 c:\windows\system32\mstsc.exe
+ 2003-07-16 20:36 . 2011-02-17 13:51 532480 c:\windows\system32\mstime.dll
- 2003-07-16 20:36 . 2008-04-14 12:42 532480 c:\windows\system32\mstime.dll
- 2011-06-04 19:21 . 2008-04-14 12:42 343040 c:\windows\system32\mspaint.exe
+ 2011-06-04 19:21 . 2009-12-16 18:43 343040 c:\windows\system32\mspaint.exe
- 2003-07-16 20:35 . 2008-04-14 12:42 449024 c:\windows\system32\mshtmled.dll
+ 2003-07-16 20:35 . 2011-02-17 13:51 449024 c:\windows\system32\mshtmled.dll
- 2011-06-04 19:21 . 2008-04-14 12:42 161792 c:\windows\system32\msdtcuiu.dll
+ 2011-06-04 19:21 . 2008-06-12 14:23 161792 c:\windows\system32\msdtcuiu.dll
+ 2011-06-04 19:21 . 2008-06-12 14:23 956928 c:\windows\system32\msdtctm.dll
- 2011-06-04 19:21 . 2008-04-14 12:42 956928 c:\windows\system32\msdtctm.dll
+ 2011-06-04 19:21 . 2008-06-13 02:53 428032 c:\windows\system32\msdtcprx.dll
+ 2003-07-16 20:33 . 2011-02-08 13:33 974848 c:\windows\system32\mfc42u.dll
+ 2003-07-16 20:33 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll
+ 2003-07-16 20:33 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll
+ 2003-07-16 20:33 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll
+ 2003-07-16 20:32 . 2010-12-20 17:26 730112 c:\windows\system32\lsasrv.dll
+ 2003-07-16 20:32 . 2008-06-10 10:11 103936 c:\windows\system32\logagent.exe
- 2003-07-16 20:32 . 2008-04-14 12:42 103936 c:\windows\system32\logagent.exe
+ 2003-07-16 20:32 . 2009-05-07 15:32 345600 c:\windows\system32\localspl.dll
+ 2003-07-16 20:31 . 2009-03-21 14:06 989696 c:\windows\system32\kernel32.dll
- 2003-07-16 20:31 . 2008-04-14 12:41 989696 c:\windows\system32\kernel32.dll
+ 2003-07-16 20:31 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll
- 2003-07-16 20:31 . 2008-04-14 12:41 512000 c:\windows\system32\jscript.dll
+ 2003-07-16 20:31 . 2011-03-04 06:45 512000 c:\windows\system32\jscript.dll
+ 2011-06-04 19:22 . 2011-03-07 05:33 692736 c:\windows\system32\inetcomm.dll
+ 2005-10-29 06:49 . 2005-10-29 06:49 151552 c:\windows\system32\ifxcardm.dll
- 2003-07-16 20:30 . 2008-04-14 12:41 251904 c:\windows\system32\iepeers.dll
+ 2003-07-16 20:30 . 2011-02-17 13:51 251904 c:\windows\system32\iepeers.dll
+ 2003-07-16 20:28 . 2008-10-23 12:36 286720 c:\windows\system32\gdi32.dll
+ 2003-07-16 20:27 . 2008-07-07 20:26 253952 c:\windows\system32\es.dll
- 2003-07-16 20:27 . 2008-04-14 12:41 186880 c:\windows\system32\encdec.dll
+ 2003-07-16 20:27 . 2011-02-09 13:53 186880 c:\windows\system32\encdec.dll
+ 2003-07-16 20:47 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2003-07-16 20:47 . 2008-06-20 11:51 361600 c:\windows\system32\drivers\tcpip.sys
+ 2003-07-16 20:46 . 2011-02-17 13:18 357888 c:\windows\system32\drivers\srv.sys
+ 2003-07-16 20:43 . 2008-05-08 14:02 203136 c:\windows\system32\drivers\rmcast.sys
+ 2003-07-16 20:34 . 2011-02-17 13:18 455936 c:\windows\system32\drivers\mrxsmb.sys
+ 2003-07-16 20:23 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys
+ 2003-07-16 20:27 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
+ 2011-06-06 02:24 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe
+ 2011-06-06 02:24 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2011-06-06 02:24 . 2009-02-09 12:10 453120 c:\windows\system32\dllcache\wmiprvsd.dll
+ 2011-02-17 13:51 . 2011-02-17 13:51 667136 c:\windows\system32\dllcache\wininet.dll
+ 2011-02-17 13:51 . 2011-02-17 13:51 629760 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-20 11:51 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\tcpip.sys
+ 2003-07-16 20:46 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2011-02-17 13:18 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2011-01-21 14:44 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
+ 2011-06-06 02:24 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\services.exe
+ 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
+ 2011-06-06 02:24 . 2009-02-09 12:10 401408 c:\windows\system32\dllcache\rpcss.dll
+ 2011-06-06 02:24 . 2009-03-06 14:22 284160 c:\windows\system32\dllcache\pdh.dll
+ 2003-07-16 20:40 . 2009-10-08 21:57 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2011-06-06 02:24 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
+ 2008-06-20 16:02 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2011-02-17 13:51 . 2011-02-17 13:51 532480 c:\windows\system32\dllcache\mstime.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
+ 2011-02-17 13:51 . 2011-02-17 13:51 449024 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-06-13 02:53 . 2008-06-13 02:53 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
+ 2010-03-30 19:24 . 2010-03-30 19:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2011-02-08 13:33 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2011-02-08 13:33 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2003-07-16 20:33 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
+ 2011-06-06 02:24 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2003-07-16 20:32 . 2008-06-10 10:11 103936 c:\windows\system32\dllcache\logagent.exe
- 2003-07-16 20:32 . 2008-04-14 12:42 103936 c:\windows\system32\dllcache\logagent.exe
+ 2011-01-27 11:57 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2011-02-17 13:51 . 2011-02-17 13:51 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2011-06-06 02:24 . 2009-02-09 12:10 473600 c:\windows\system32\dllcache\fastprox.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2011-03-03 06:55 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2011-02-15 12:56 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2008-10-16 14:43 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys
+ 2011-06-06 02:24 . 2009-02-09 12:10 617472 c:\windows\system32\dllcache\advapi32.dll
+ 2003-07-16 20:26 . 2008-05-09 08:45 135168 c:\windows\system32\cscript.exe
- 2003-07-16 20:25 . 2008-04-14 12:41 617472 c:\windows\system32\comctl32.dll
+ 2003-07-16 20:25 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll
+ 2007-04-11 18:11 . 2007-04-11 18:11 511328 c:\windows\system32\capicom.dll
+ 2005-10-29 06:49 . 2005-10-29 06:49 133120 c:\windows\system32\axaltocm.dll
+ 2003-07-16 20:24 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll
+ 2003-07-16 20:23 . 2009-02-09 12:10 617472 c:\windows\system32\advapi32.dll
- 2003-07-16 20:23 . 2008-04-14 12:41 617472 c:\windows\system32\advapi32.dll
+ 2003-07-16 20:23 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll
+ 2011-06-04 19:22 . 2010-06-14 14:31 744448 c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
- 2011-06-04 19:22 . 2008-04-14 12:42 744448 c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
+ 2011-06-06 17:26 . 2011-06-06 02:45 306320 c:\windows\LastGood\system32\DRIVERS\Trufos.sys
+ 2011-06-06 17:33 . 2011-03-24 22:36 353096 c:\windows\LastGood\system32\DRIVERS\bdfsfltr.sys
+ 2011-06-06 17:27 . 2010-08-20 22:41 111696 c:\windows\LastGood\system32\DRIVERS\bdfndisf.sys
+ 2011-06-06 17:27 . 2011-06-06 02:46 153440 c:\windows\LastGood\system32\DRIVERS\bdfm.sys
+ 2011-06-06 17:27 . 2010-11-29 21:12 535824 c:\windows\LastGood\system32\DRIVERS\avc3.sys
+ 2011-06-06 02:12 . 2011-06-06 02:12 336782 c:\windows\Installer\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\register_icon.exe
+ 2011-06-06 01:20 . 2011-02-17 13:18 455936 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-06-06 03:03 . 2011-06-06 03:03 250368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\bb33e2add6c9815adb5504c13a04c11b\System.Management.Automation.resources.ni.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\01ed65e1ba8b56ae8d5deef7cc5e988b\Microsoft.WSMan.Management.ni.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\bd7921272bb48a6a80e18dd0521a2c56\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-06-06 03:01 . 2011-06-06 03:01 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\847363271bf83e3ed1d1b2809c9989fe\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-06-06 03:00 . 2011-06-06 03:00 737792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6d8097e41d8accbd67573c95526d0d08\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1d799a510fa7cf10c5e3963a66bf5a4f\Microsoft.PowerShell.Security.ni.dll
+ 2011-06-06 03:00 . 2011-06-06 03:00 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1d47db5f44fe4d7cd1a462c2a07cb885\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 253952 c:\windows\assembly\GAC_MSIL\System.Management.Automation.resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.resources.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 274432 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 278528 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 651264 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 991232 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Editor.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 200704 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 618496 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 262144 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 102400 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.dll
+ 2003-07-16 20:23 . 2009-11-21 15:51 471552 c:\windows\AppPatch\aclayers.dll
- 2010-10-14 22:44 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979687\update\updspapi.dll
+ 2010-10-14 22:44 . 2009-05-26 09:01 382840 c:\windows\$hf_mig$\KB979687\update\updspapi.dll
- 2010-10-14 22:44 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979687\update\update.exe
+ 2010-10-14 22:44 . 2009-05-26 09:01 755576 c:\windows\$hf_mig$\KB979687\update\update.exe
- 2010-08-03 15:24 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979309\update\updspapi.dll
+ 2010-08-03 15:24 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB979309\update\updspapi.dll
- 2010-08-03 15:24 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979309\update\update.exe
+ 2010-08-03 15:24 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB979309\update\update.exe
+ 2010-08-03 15:24 . 2009-05-27 00:10 382840 c:\windows\$hf_mig$\KB978706\update\updspapi.dll
- 2010-08-03 15:24 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978706\update\updspapi.dll
- 2010-08-03 15:26 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978601\update\updspapi.dll
+ 2010-08-03 15:26 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB978601\update\updspapi.dll
+ 2010-08-03 15:26 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB978601\update\update.exe
- 2010-08-03 15:26 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978601\update\update.exe
+ 2010-08-03 15:23 . 2010-02-23 02:53 382840 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
- 2010-08-03 15:23 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
- 2010-08-03 15:23 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-08-03 15:23 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB975562\update\update.exe
- 2010-08-03 15:26 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
+ 2010-08-03 15:26 . 2009-05-27 00:10 382840 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
- 2010-08-03 15:28 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971657\update\updspapi.dll
+ 2010-08-03 15:28 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB971657\update\updspapi.dll
- 2010-08-03 15:28 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971657\update\update.exe
+ 2010-08-03 15:28 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB971657\update\update.exe
+ 2010-08-03 15:29 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB969059\update\updspapi.dll
- 2010-08-03 15:29 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969059\update\updspapi.dll
+ 2010-08-03 15:22 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB968389\update\updspapi.dll
- 2010-08-03 15:22 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB968389\update\updspapi.dll
- 2010-08-07 10:03 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB961503\update\updspapi.dll
+ 2010-08-07 10:03 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB961503\update\updspapi.dll
+ 2010-08-07 10:03 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB961503\update\update.exe
- 2010-08-07 10:03 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB961503\update\update.exe
+ 2010-08-03 15:27 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB961501\update\update.exe
- 2010-08-03 15:27 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB961501\update\update.exe
+ 2010-08-03 15:30 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB960859\update\updspapi.dll
- 2010-08-03 15:30 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB960859\update\updspapi.dll
+ 2010-08-03 15:30 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB960859\update\update.exe
- 2010-08-03 15:30 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB960859\update\update.exe
+ 2010-08-03 15:24 . 2007-11-30 11:18 382840 c:\windows\$hf_mig$\KB960803\update\updspapi.dll
- 2010-08-03 15:24 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB960803\update\updspapi.dll
- 2010-08-03 15:24 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB960803\update\update.exe
+ 2010-08-03 15:24 . 2007-11-30 11:18 755576 c:\windows\$hf_mig$\KB960803\update\update.exe
+ 2010-08-03 15:30 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB959426\update\updspapi.dll
- 2010-08-03 15:30 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB959426\update\updspapi.dll
- 2010-08-03 15:30 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB959426\update\update.exe
+ 2010-08-03 15:30 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB959426\update\update.exe
- 2010-08-03 15:23 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2010-08-03 15:23 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956802\update\updspapi.dll
- 2010-08-03 15:23 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2010-08-03 15:23 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB956802\update\update.exe
- 2010-08-03 15:25 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB954459\update\updspapi.dll
+ 2010-08-03 15:25 . 2007-11-30 11:18 382840 c:\windows\$hf_mig$\KB954459\update\updspapi.dll
- 2010-08-03 15:25 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2010-08-03 15:25 . 2007-11-30 11:18 755576 c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2010-08-03 15:30 . 2007-11-30 11:18 382840 c:\windows\$hf_mig$\KB952954\update\updspapi.dll
- 2010-08-03 15:30 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2010-08-03 15:30 . 2007-11-30 11:18 755576 c:\windows\$hf_mig$\KB952954\update\update.exe
- 2010-08-03 15:30 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2010-08-03 15:26 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB952004\update\updspapi.dll
- 2010-08-03 15:26 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB952004\update\updspapi.dll
+ 2010-08-03 15:26 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB952004\update\update.exe
- 2010-08-03 15:26 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB952004\update\update.exe
+ 2010-08-03 15:29 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB951978\update\updspapi.dll
- 2010-08-03 15:29 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB951978\update\updspapi.dll
- 2010-08-03 15:29 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB951978\update\update.exe
+ 2010-08-03 15:29 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB951978\update\update.exe
+ 2010-08-03 15:28 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB950974\update\updspapi.dll
- 2010-08-03 15:28 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2010-08-03 15:28 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB950974\update\update.exe
- 2010-08-03 15:28 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB950974\update\update.exe
- 2010-09-15 09:33 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2121546\update\update.exe
+ 2010-09-15 09:33 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2121546\update\update.exe
+ 2011-06-06 02:57 . 2009-06-18 01:59 379184 c:\windows\$968930Uinstall_KB968930$\spuninst\updspapi.dll
+ 2011-06-06 02:57 . 2009-06-18 01:59 221488 c:\windows\$968930Uinstall_KB968930$\spuninst\spuninst.exe
+ 2011-06-06 01:28 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
- 2011-04-14 04:40 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
- 2010-10-14 06:41 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2011-06-06 03:11 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2011-04-14 04:40 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\InstallTemp\4123373\GdiPlus.dll
+ 2010-10-14 06:41 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\InstallTemp\11361265\comctl32.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 1107456 c:\windows\system32\WsmSvc.dll
+ 2003-07-16 20:52 . 2010-04-08 21:03 2113536 c:\windows\system32\WMVCore.dll
+ 2003-07-16 20:52 . 2008-06-10 13:11 1053696 c:\windows\system32\WMNetmgr.dll
+ 2003-07-16 20:51 . 2011-03-03 13:21 1857920 c:\windows\system32\win32k.sys
+ 2003-07-16 20:44 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
+ 2003-07-16 20:44 . 2011-02-17 13:51 1510400 c:\windows\system32\shdocvw.dll
- 2003-07-16 20:42 . 2008-04-14 12:42 1435648 c:\windows\system32\query.dll
+ 2003-07-16 20:42 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
+ 2003-07-16 20:42 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll
+ 2003-07-16 20:40 . 2010-07-16 12:05 1288192 c:\windows\system32\ole32.dll
+ 2003-07-16 20:39 . 2010-12-09 13:38 2192768 c:\windows\system32\ntoskrnl.exe
+ 2002-08-29 01:04 . 2010-12-09 13:07 2069376 c:\windows\system32\ntkrnlpa.exe
+ 2010-08-03 05:20 . 2009-07-31 17:05 1372672 c:\windows\system32\msxml6.dll
+ 2003-07-16 20:37 . 2010-06-14 07:41 1172480 c:\windows\system32\msxml3.dll
+ 2011-06-04 19:21 . 2011-02-02 07:58 2067456 c:\windows\system32\mstscax.dll
+ 2003-07-16 20:35 . 2011-02-17 13:51 3078656 c:\windows\system32\mshtml.dll
+ 2010-08-02 16:47 . 2011-06-06 14:55 3487944 c:\windows\system32\FNTCACHE.DAT
+ 2003-07-16 20:52 . 2010-04-08 21:03 2113536 c:\windows\system32\dllcache\WMVCore.dll
+ 2003-07-16 20:52 . 2008-06-10 13:11 1053696 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2011-03-03 13:21 . 2011-03-03 13:21 1857920 c:\windows\system32\dllcache\win32k.sys
+ 2009-07-27 23:17 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2011-02-17 13:51 . 2011-02-17 13:51 1510400 c:\windows\system32\dllcache\shdocvw.dll
+ 2011-06-06 02:24 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2011-06-06 02:24 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-08 02:02 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2011-06-06 02:24 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2011-06-04 19:21 . 2009-06-10 16:19 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2010-01-30 03:31 . 2010-01-30 03:31 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2011-02-17 13:51 . 2011-02-17 13:51 3078656 c:\windows\system32\dllcache\mshtml.dll
+ 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2011-02-17 13:51 . 2011-02-17 13:51 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2003-07-16 20:24 . 2011-02-17 13:51 1025024 c:\windows\system32\browseui.dll
- 2003-07-16 20:24 . 2008-04-14 12:41 1025024 c:\windows\system32\browseui.dll
+ 2011-06-06 17:27 . 2010-11-29 21:12 1066232 c:\windows\LastGood\system32\DRIVERS\avckf.sys
+ 2011-06-06 02:07 . 2011-06-06 02:07 1470464 c:\windows\Installer\2a14d8.msi
+ 2011-06-06 02:24 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2011-06-06 02:24 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-08 02:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2011-06-06 02:24 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-06-06 03:03 . 2011-06-06 03:03 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\4712e2b0eeef07ede187c12268070629\System.Management.Automation.ni.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f4b983358dae94854ef161a5a0aaa1cf\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-06-06 03:01 . 2011-06-06 03:01 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\733ac210fc218c3f0f04616d2733524d\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-06-06 03:02 . 2011-06-06 03:02 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\54633bac86442417dcbcd2d0a7f41e04\Microsoft.PowerShell.Editor.ni.dll
+ 2011-06-06 02:58 . 2011-06-06 02:58 2682880 c:\windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 412560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2004-08-20 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2004-08-20 118784]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2010-07-30 110696]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2010-07-30 13923432]
"Mouse Suite 98 Daemon"="ICO.EXE" [2004-07-14 57344]
"Advanced System Optimizer"="c:\program files\Advanced System Optimizer 3\ASO3.exe" [2010-10-05 3521848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"LinkInstaller"="c:\program files\Common Files\LinkInstaller.exe" [2010-07-08 101544]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Rainmeter.lnk]
backup=c:\windows\pss\Rainmeter.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ShortKeys 3.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\ShortKeys 3.lnk
backup=c:\windows\pss\ShortKeys 3.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 10:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 11:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim]
2011-01-05 17:11 4321112 ----a-w- c:\program files\AIM\aim.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtcMaestro]
2005-02-21 20:53 245760 ------w- c:\program files\HP Wireless Keyboard\Kmaestro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun]
1999-10-11 01:00 41984 ------w- c:\windows\Ctregrun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-03 03:29 136176 ----atw- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2004-08-20 22:51 118784 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 09:41 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-27 08:22 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 12:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 05:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2010-04-12 08:40 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
2010-08-09 10:03 389352 ----a-w- c:\program files\Sandboxie\SbieCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-04-02 01:17 15145352 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 20:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-01-31 00:46 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [6/9/2010 6:43 PM 11352]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [6/5/2011 6:30 PM 353168]
R2 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\Advanced System Optimizer 3\ASO3DefragSrv.exe [6/5/2011 8:42 PM 239928]
S0 dexwjbc;dexwjbc;c:\windows\system32\drivers\ogcs.sys --> c:\windows\system32\drivers\ogcs.sys [?]
S3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [10/19/2010 1:30 AM 2421384]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [6/3/2011 5:57 PM 23456]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8/3/2010 3:56 PM 38224]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000]
S3 P0630VID;Creative WebCam Live!;c:\windows\system32\drivers\P0630Vid.sys [8/6/2010 12:10 AM 91830]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [8/3/2010 11:43 AM 14424]
S3 PORTIO64;PORTIO64;\??\c:\documents and settings\Owner\Desktop\Benq and Samsung\JungleFlasher v0.1.76 Beta (166)\portio32.sys --> c:\documents and settings\Owner\Desktop\Benq and Samsung\JungleFlasher v0.1.76 Beta (166)\portio32.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [8/5/2010 4:59 AM 27064]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [7/1/2010 2:21 PM 34896]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys --> c:\windows\system32\DRIVERS\wdcsam.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [7/16/2003 1:47 PM 14336]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [11/11/2010 1:57 PM 268528]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - Bdvedisk
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 18:50]
.
2011-06-06 c:\windows\Tasks\ASC4_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 4\PMonitor.exe [2011-06-06 21:46]
.
2011-06-06 c:\windows\Tasks\ASOService.job
- c:\program files\Advanced System Optimizer 3\ASO3.exe [2011-06-06 20:59]
.
2011-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-436374069-725345543-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-03 03:29]
.
2011-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-436374069-725345543-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-03 03:29]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\dbye1jcs.default\
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-06 10:38
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-06-06 10:41:20
ComboFix-quarantined-files.txt 2011-06-06 17:41
ComboFix2.txt 2011-06-05 22:42
ComboFix3.txt 2011-06-05 15:57
.
Pre-Run: 153,383,309,312 bytes free
Post-Run: 154,664,701,952 bytes free
.
- - End Of File - - F479BDF3C3E3E6F1FD78115090FDFF87


Here is a dds log:

.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_24
Run by Owner at 9:12:34 on 2011-06-07
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.452 [GMT -7:00]
.
AV: BitDefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\Program Files\Zune\ZuneBusEnum.exe
C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
TB: Bitdefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe"
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1307312376890
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{58C8E938-1C0E-468A-A6EF-096C1D3FE3E7} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\dbye1jcs.default\
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\dbye1jcs.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\dbye1jcs.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\dbye1jcs.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\dbye1jcs.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
============= SERVICES / DRIVERS ===============
.
R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [2011-6-6 12960]
R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2010-1-19 85128]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
R2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2011\updatesrv.exe [2011-3-24 43936]
R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-4-22 149520]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-8-3 38224]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2010-8-9 123112]
S0 dexwjbc;dexwjbc;c:\windows\system32\drivers\ogcs.sys --> c:\windows\system32\drivers\ogcs.sys [?]
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2010-8-20 111696]
S3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\s.a.d\cyberghost vpn\CGVPNCliService.exe [2010-10-19 2421384]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2011-6-3 23456]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 P0630VID;Creative WebCam Live!;c:\windows\system32\drivers\P0630Vid.sys [2010-8-6 91830]
S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2010-8-3 14424]
S3 PORTIO64;PORTIO64;\??\c:\documents and settings\owner\desktop\benq and samsung\jungleflasher v0.1.76 beta (166)\portio32.sys --> c:\documents and settings\owner\desktop\benq and samsung\jungleflasher v0.1.76 beta (166)\portio32.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-8-5 27064]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2010-7-1 34896]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 Update Server;BitDefender Update Server v2;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2010-11-30 307544]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys --> c:\windows\system32\drivers\wdcsam.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2003-7-16 14336]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2010-11-11 268528]
S4 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\iobit\advanced systemcare 4\ASCService.exe [2011-6-5 353168]
S4 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\advanced system optimizer 3\ASO3DefragSrv.exe [2011-6-5 239928]
.
=============== Created Last 30 ================
.
2011-06-07 16:12:22 -------- d--h--w- c:\windows\PIF
2011-06-07 05:19:53 -------- d-----w- c:\documents and settings\owner\application data\BitDefender
2011-06-07 05:14:38 -------- d-----w- c:\program files\BitDefender
2011-06-07 04:59:43 -------- d-----w- c:\documents and settings\all users\application data\BitDefender
2011-06-07 04:59:21 308296 ----a-w- c:\windows\system32\drivers\Trufos.sys
2011-06-07 04:59:20 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2011-06-07 04:59:20 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys
2011-06-07 04:39:32 -------- d-----w- c:\program files\Unknown Device Identifier
2011-06-06 03:48:57 -------- d-----w- c:\documents and settings\all users\application data\Systweak
2011-06-06 03:43:00 -------- d-----w- c:\documents and settings\owner\application data\Systweak
2011-06-06 03:42:39 17136 ----a-w- c:\windows\system32\sasnative32.exe
2011-06-06 03:42:25 -------- d-----w- c:\program files\Advanced System Optimizer 3
2011-06-06 03:22:13 -------- d-----w- C:\found.000
2011-06-06 03:11:08 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-06-06 03:10:07 1288192 -c----w- c:\windows\system32\dllcache\ole32.dll
2011-06-06 03:08:29 58880 -c----w- c:\windows\system32\dllcache\spoolsv.exe
2011-06-06 03:07:10 293376 -c----w- c:\windows\system32\dllcache\winsrv.dll
2011-06-06 03:06:06 406016 -c----w- c:\windows\system32\dllcache\usp10.dll
2011-06-06 03:03:20 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-06-06 02:59:28 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-06-06 02:58:07 -------- d-----w- c:\windows\system32\winrm
2011-06-06 02:58:07 -------- d-----w- c:\windows\system32\GroupPolicy
2011-06-06 02:57:41 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-06-06 02:54:16 65536 -c----w- c:\windows\system32\dllcache\asycfilt.dll
2011-06-06 02:52:34 692736 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2011-06-06 02:51:21 177664 -c----w- c:\windows\system32\dllcache\wintrust.dll
2011-06-06 02:50:00 226880 -c----w- c:\windows\system32\dllcache\tcpip6.sys
2011-06-06 02:50:00 100864 -c----w- c:\windows\system32\dllcache\6to4svc.dll
2011-06-06 02:49:10 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2011-06-06 02:46:44 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
2011-06-06 02:45:39 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2011-06-06 02:45:38 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
2011-06-06 02:45:38 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2011-06-06 02:45:38 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2011-06-06 02:43:52 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2011-06-06 02:43:51 1291776 -c----w- c:\windows\system32\dllcache\quartz.dll
2011-06-06 02:42:55 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
2011-06-06 02:42:14 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-06-06 02:42:14 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-06-06 02:40:18 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-06-06 02:39:26 270336 -c----w- c:\windows\system32\dllcache\oakley.dll
2011-06-06 02:38:33 79872 -c----w- c:\windows\system32\dllcache\raschap.dll
2011-06-06 02:38:33 149504 -c----w- c:\windows\system32\dllcache\rastls.dll
2011-06-06 02:37:22 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-06-06 02:36:35 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2011-06-06 02:36:34 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2011-06-06 02:36:34 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2011-06-06 02:36:34 149504 -c----w- c:\windows\system32\dllcache\schannel.dll
2011-06-06 02:36:34 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2011-06-06 02:35:48 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2011-06-06 02:34:30 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2011-06-06 02:33:11 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-06-06 02:32:32 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll
2011-06-06 02:31:51 204800 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2011-06-06 02:31:08 76288 -c----w- c:\windows\system32\dllcache\telnet.exe
2011-06-06 02:30:28 58880 -c----w- c:\windows\system32\dllcache\atl.dll
2011-06-06 02:28:24 345600 -c----w- c:\windows\system32\dllcache\localspl.dll
2011-06-06 02:27:02 989696 -c----w- c:\windows\system32\dllcache\kernel32.dll
2011-06-06 02:27:02 56832 -c----w- c:\windows\system32\dllcache\secur32.dll
2011-06-06 02:26:22 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
2011-06-06 02:25:43 91648 -c----w- c:\windows\system32\dllcache\mtxoci.dll
2011-06-06 02:25:42 956928 -c----w- c:\windows\system32\dllcache\msdtctm.dll
2011-06-06 02:25:42 66560 -c----w- c:\windows\system32\dllcache\mtxclu.dll
2011-06-06 02:25:42 58880 -c----w- c:\windows\system32\dllcache\msdtclog.dll
2011-06-06 02:25:42 161792 -c----w- c:\windows\system32\dllcache\msdtcuiu.dll
2011-06-06 02:22:15 286720 -c----w- c:\windows\system32\dllcache\gdi32.dll
2011-06-06 02:20:59 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-06-06 02:19:33 104960 -c----w- c:\windows\system32\dllcache\win32spl.dll
2011-06-06 02:19:32 74752 -c----w- c:\windows\system32\dllcache\msw3prt.dll
2011-06-06 02:18:18 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-06-06 02:17:45 253952 -c----w- c:\windows\system32\dllcache\es.dll
2011-06-06 02:15:24 74240 -c----w- c:\windows\system32\dllcache\mscms.dll
2011-06-06 02:10:46 90112 -c----w- c:\windows\system32\dllcache\wshext.dll
2011-06-06 02:10:46 180224 -c----w- c:\windows\system32\dllcache\scrobj.dll
2011-06-06 02:10:46 172032 -c----w- c:\windows\system32\dllcache\scrrun.dll
2011-06-06 02:10:45 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2011-06-06 02:10:44 434176 -c----w- c:\windows\system32\dllcache\vbscript.dll
2011-06-06 02:10:44 155648 -c----w- c:\windows\system32\dllcache\wscript.exe
2011-06-06 02:10:44 135168 -c----w- c:\windows\system32\dllcache\cscript.exe
2011-06-06 02:08:47 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-06-06 02:07:30 -------- d-----w- c:\program files\MSSOAP
2011-06-06 01:39:31 81920 -c----w- c:\windows\system32\dllcache\ieencode.dll
2011-06-06 01:38:50 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-06-06 01:34:34 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-06-06 01:30:53 -------- d-----w- c:\program files\IObit
2011-06-06 01:20:28 455936 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-06-06 01:13:46 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-06-06 01:13:43 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2011-06-06 01:13:43 590848 ----a-w- c:\windows\system32\SET6E.tmp
2011-06-06 01:11:47 -------- d-----w- c:\windows\Internet Logs
2011-06-06 00:30:25 218624 ----a-w- c:\windows\system32\uxtheme.uxtender
2011-06-05 22:02:05 19569 ----a-w- c:\windows\003232_.tmp
2011-06-05 21:56:36 57344 ----a-w- c:\windows\system32\ICONSPY.EXE
2011-06-05 21:56:35 18944 ----a-w- c:\windows\system32\drivers\PELMOUSE.SYS
2011-06-05 21:56:35 17920 ----a-w- c:\windows\system32\drivers\pelusblf.sys
2011-06-05 18:00:37 159744 ----a-w- c:\windows\system32\igfxres.dll
2011-06-05 17:52:39 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-06-05 17:52:38 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-06-05 17:52:38 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-06-05 15:34:36 -------- d-sha-r- C:\cmdcons
2011-06-05 15:26:05 98816 ----a-w- c:\windows\sed.exe
2011-06-05 15:26:05 518144 ----a-w- c:\windows\SWREG.exe
2011-06-05 15:26:05 256512 ----a-w- c:\windows\PEV.exe
2011-06-05 15:26:05 208896 ----a-w- c:\windows\MBR.exe
2011-06-04 20:29:40 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2011-06-04 19:55:47 -------- d-----w- C:\WUTemp
2011-06-04 19:55:41 191488 ----a-w- c:\windows\system32\iuengine.dll
2011-06-04 19:29:56 10129408 -c--a-w- c:\windows\system32\dllcache\hwxkor.dll
2011-06-04 19:22:53 45568 ----a-w- c:\windows\system32\safrslv.dll
2011-06-04 19:21:36 83968 ----a-w- c:\program files\messenger\msgsc.dll
2011-06-04 19:19:12 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2011-06-04 19:19:11 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2011-06-04 19:18:42 57600 ----a-w- c:\windows\system32\drivers\redbook.sys
2011-06-04 19:15:15 7046 ----a-r- c:\windows\SETA7.tmp
2011-06-04 19:15:14 13608 ----a-r- c:\windows\SET95.tmp
2011-06-04 19:15:12 1086182 ----a-r- c:\windows\SET7E.tmp
2011-06-04 18:36:21 7046 ----a-r- c:\windows\SET9C.tmp
2011-06-04 18:36:20 13608 ----a-r- c:\windows\SET8A.tmp
2011-06-04 18:36:18 1086182 ----a-r- c:\windows\SET70.tmp
2011-06-04 18:08:09 7046 ----a-r- c:\windows\SET8E.tmp
2011-06-04 18:08:09 13608 ----a-r- c:\windows\SET7C.tmp
2011-06-04 18:08:06 1086182 ----a-r- c:\windows\SET63.tmp
2011-06-04 08:35:01 7046 ----a-r- c:\windows\SET80.tmp
2011-06-04 08:35:00 13608 ----a-r- c:\windows\SET6E.tmp
2011-06-04 08:34:58 1086182 ----a-r- c:\windows\SET51.tmp
2011-06-04 08:28:47 7046 ----a-r- c:\windows\SET75.tmp
2011-06-04 08:28:46 13608 ----a-r- c:\windows\SET60.tmp
2011-06-04 08:28:44 1086182 ----a-r- c:\windows\SET48.tmp
2011-06-04 08:18:12 7046 ----a-r- c:\windows\SET64.tmp
2011-06-04 08:18:11 13608 ----a-r- c:\windows\SET52.tmp
2011-06-04 08:18:09 1086182 ----a-r- c:\windows\SET46.tmp
2011-06-04 07:14:29 7046 ----a-r- c:\windows\SET62.tmp
2011-06-04 07:14:28 13608 ----a-r- c:\windows\SET50.tmp
2011-06-04 07:14:26 1086182 ----a-r- c:\windows\SET44.tmp
2011-06-04 07:04:17 4096 ----a-w- c:\windows\system32\ksuser.dll
2011-06-04 07:04:17 129536 ----a-w- c:\windows\system32\ksproxy.ax
2011-06-04 07:04:02 40840 ----a-w- c:\windows\system32\drivers\termdd.sys
2011-06-04 07:03:07 741376 ----a-w- c:\program files\common files\microsoft shared\speech\sapi.dll
2011-06-04 07:03:01 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2011-06-04 07:03:01 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-06-04 07:03:01 146432 ----a-w- c:\windows\system\winspool.drv
2011-06-04 07:03:01 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2011-06-04 07:03:01 13312 ----a-w- c:\windows\system32\irclass.dll
2011-06-04 07:03:01 11264 ----a-w- c:\windows\system32\drivers\irenum.sys
2011-06-04 07:03:00 74752 ----a-w- c:\windows\system32\storprop.dll
2011-06-04 07:02:49 7046 ----a-r- c:\windows\SETF4.tmp
2011-06-04 07:02:48 13608 ----a-r- c:\windows\SETE2.tmp
2011-06-04 07:02:46 1086182 ----a-r- c:\windows\SETD6.tmp
2011-06-04 00:57:35 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-06-04 00:57:35 -------- d-----w- c:\documents and settings\owner\local settings\application data\eSupport.com
2011-06-03 23:21:56 -------- d-----w- c:\documents and settings\all users\application data\Kaspersky SDK
2011-06-03 20:09:23 -------- d-----w- c:\documents and settings\owner\application data\QuickScan
2011-06-03 20:07:17 -------- d-----w- c:\program files\common files\BitDefender
2011-06-03 20:06:31 951700 ----a-w- c:\documents and settings\all users\application data\bdinstall.bin
2011-06-03 19:29:02 -------- d-----w- c:\program files\Jnes
2011-05-30 23:33:45 -------- d-----w- c:\documents and settings\owner\application data\DiskAid
2011-05-30 23:33:29 -------- d-----w- c:\program files\DigiDNA
2011-05-26 04:36:49 24 ----a-w- c:\documents and settings\owner\advanced_ip_scanner_MAC.bin
2011-05-26 04:34:45 -------- d-----w- c:\program files\Advanced IP Scanner v2
2011-05-24 03:08:51 -------- d-----w- c:\program files\DAudioK
2011-05-24 03:04:12 -------- d-----w- c:\program files\Aglare MP3 AAC AC3 AMR Converter
2011-05-24 01:00:30 -------- d-----w- c:\program files\BlackSunSoft.net
2011-05-21 17:11:47 -------- d-----w- c:\program files\iPod
2011-05-21 17:03:21 -------- d-----w- c:\program files\Bonjour
2011-05-18 02:32:19 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-05-18 02:31:15 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-05-18 02:31:15 -------- d-----w- c:\documents and settings\all users\Microsoft
2011-05-18 02:29:13 -------- d--h--w- c:\windows\ShellNew
2011-05-15 17:54:27 -------- d-----w- c:\program files\Cain
2011-05-10 20:43:18 -------- d-----w- c:\program files\BinaryBiz
.
==================== Find3M ====================
.
2011-06-06 19:24:02 153440 ----a-w- c:\windows\system32\drivers\bdfm.sys.upd
2011-06-06 19:22:54 306320 ----a-w- c:\windows\system32\drivers\trufos.sys.upd
2011-06-06 00:30:25 218624 ----a-w- c:\windows\system32\uxtheme.dll
2011-04-06 23:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 23:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 23:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 23:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-08 17:37:14 101544 ----a-w- c:\program files\common files\LinkInstaller.exe
.
============= FINISH: 9:14:27.70 ===============



Posted Image



Thank you.

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

#2 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,662
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 14 June 2011 - 03:11 PM

Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. :)

I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:

  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.

  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.

  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!

  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!

  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.

  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!

  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.

  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
    Because of this, you must reply within three days     failure to reply will result in the topic being closed!

  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.


____________________________________________________

Rootkit UnHooker (RkU)
Please download Rootkit Unhooker from one of the following links and save it to your desktop.

In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth Code, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.

-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".



NEXT:


Running OTL

We need to create a FULL OTL Report
  • Please download OTL from here:

  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized


NEXT:


Please provide an update on how things are running in your next reply.
Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

#3 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,662
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 16 June 2011 - 10:41 AM

Hi!

It's been several days since I last posted instructions for you to complete. Do you still require assistance in getting your computer cleaned up?

Please Note: Unless notified in advance, threads with no response in 3 days get closed.

Thanks,
SweetTech.
Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

#4 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,662
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 17 June 2011 - 08:29 AM

Due to lack of feedback this thread will now be closed. If you still require assistance, and would like to have your thread re-opened, please feel free to send me a Private Message (PM) being sure to include a link to your topic, and I'd be happy to re-open it.
Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users