BleepingComputer.com: Redirecting in all search engines

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Redirecting in all search engines searching is fine but once you click the link it redirects

#1 User is offline   Affinity Computers 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 14
  • Joined: 21-October 07

Posted 05 August 2011 - 11:13 AM

Referred from here: http://www.bleepingcomputer.com/forums/topic412728.html ~ OB

DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Smiley82 at 11:43:15 on 2011-08-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3838.1754 [GMT -4:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\system32\lxdqcoms.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\system32\Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WTablet\TabUserW.exe
C:\Windows\system32\Tablet.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mStart Page = about:blank
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [avp] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Smiley82\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre1.5.0\bin\npjpi150.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 205.152.37.23 205.152.150.23
TCP: Interfaces\{9F617790-5114-4690-B917-4DD8C73C7490} : NameServer = 205.152.37.23,205.152.37.150
TCP: Interfaces\{9F617790-5114-4690-B917-4DD8C73C7490} : DhcpNameServer = 205.152.37.23 205.152.150.23
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
BHO-X64: link filter bho - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB-X64: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [avp] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Smiley82\AppData\Roaming\Mozilla\Firefox\Profiles\582k2qyk.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://stp.startnow.com/s/?src=addrbar&provider=bing&provider_name=bing&provider_code=Z087&partner_id=681&product_id=691&affiliate_id=&channel=183221483&toolbar_id=200&toolbar_version=2.1.0&install_country=US&install_date=20110706&user_guid=F4642C61E28C411F90D700ED3F0AE43D&machine_id=6e34b76a840dea0fe66f4eb156a03703&browser=FF&os=win&os_version=6.1-x64-SP0&q=
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.5.0\bin\NPJPI150.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-7-18 146816]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-11-2 365336]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-25 92216]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-7-6 375176]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-1-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 lxdq_device;lxdq_device;C:\Windows\system32\lxdqcoms.exe -service --> C:\Windows\system32\lxdqcoms.exe -service [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-14 136176]
S2 lxdqCATSCustConnectService;lxdqCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxdqserv.exe [2009-4-28 29184]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-14 136176]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-08-05 06:36:34 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54F580A3-B48A-4C7B-A344-C9AFF6E1C2E5}\mpengine.dll
2011-08-05 01:23:40 -------- d-----w- C:\Program Files (x86)\ESET
2011-08-03 21:48:37 -------- d-sh--w- C:\$RECYCLE.BIN
2011-08-03 20:26:01 -------- d-----w- C:\combofix
2011-08-03 20:19:39 35712 ----a-w- C:\Windows\SysWow64\drivers\BlackBox.sys
2011-08-03 20:18:13 34560 ----a-w- C:\Windows\SysWow64\drivers\Normandy.sys
2011-08-03 20:08:23 388096 ----a-r- C:\Users\Smiley82\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-03 20:08:23 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-08-03 18:20:52 -------- d-----w- C:\Users\Smiley82\AppData\Roaming\SUPERAntiSpyware.com
2011-08-03 18:20:36 -------- d-----w- C:\ProgramData\!SASCORE
2011-08-03 18:20:35 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-08-03 18:20:35 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-08-03 14:44:37 -------- d---a-w- C:\Windows\VDLL.DLL
2011-08-03 14:44:37 -------- d---a-w- C:\Windows\SysWow64\runouce.exe
2011-08-03 14:44:37 -------- d---a-w- C:\Windows\RUNDL132.EXE
2011-08-03 14:44:37 -------- d---a-w- C:\Windows\logo_1.exe
2011-08-03 14:43:15 632064 ----a-w- C:\Windows\SysWow64\msvcr80.dll
2011-08-03 14:43:14 554240 ----a-w- C:\Windows\SysWow64\msvcp80.dll
2011-08-03 14:43:13 34048 ----a-w- C:\Windows\SysWow64\eEmpty.exe
2011-08-03 14:43:09 -------- d-----w- C:\Program Files (x86)\Common Files\MicroWorld
2011-08-03 14:43:04 -------- d-----w- C:\ProgramData\MicroWorld
2011-08-02 16:06:06 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-02 15:48:14 -------- d-----w- C:\Program Files (x86)\Yahoo!
2011-08-02 15:48:12 -------- d-----w- C:\Program Files (x86)\CCleaner
2011-08-01 19:40:05 256000 ----a-w- C:\Windows\PEV.exe
2011-07-23 18:46:10 -------- d-----w- C:\Users\Smiley82\AppData\Roaming\Windows Live Writer
2011-07-23 18:46:10 -------- d-----w- C:\Users\Smiley82\AppData\Local\Windows Live Writer
2011-07-21 18:25:39 150200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak\components\kavlinkfilter.dll
2011-07-21 18:23:54 -------- d-----w- C:\ProgramData\Kaspersky Lab
2011-07-21 18:23:54 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2011-07-21 17:28:19 -------- d-----w- C:\Windows\en
2011-07-21 17:26:22 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2011-07-21 17:26:22 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2011-07-21 17:26:21 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2011-07-21 17:26:21 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2011-07-21 16:44:36 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\78ca58701cc47c52d\InstallManager_WLE_WLE.exe
2011-07-21 16:44:11 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6a4696101cc47c522\MeshBetaRemover.exe
2011-07-21 16:43:52 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\DSETUP.dll
2011-07-21 16:43:52 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\DXSETUP.exe
2011-07-21 16:43:52 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\dsetup32.dll
2011-07-21 16:43:50 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\DSETUP.dll
2011-07-21 16:43:50 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\DXSETUP.exe
2011-07-21 16:43:50 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\dsetup32.dll
2011-07-21 16:42:54 -------- d-----w- C:\Users\Smiley82\AppData\Local\Windows Live
2011-07-21 16:33:11 -------- d-----w- C:\Windows\System32\SPReview
2011-07-21 16:32:18 -------- d-----w- C:\Windows\System32\EventProviders
2011-07-20 21:12:09 98816 ----a-w- C:\Windows\sed.exe
2011-07-20 21:12:09 518144 ----a-w- C:\Windows\SWREG.exe
2011-07-20 21:12:09 208896 ----a-w- C:\Windows\MBR.exe
2011-07-20 19:45:03 -------- d-----w- C:\Users\Smiley82\AppData\Roaming\Malwarebytes
2011-07-20 19:44:58 -------- d-----w- C:\ProgramData\Malwarebytes
2011-07-20 19:44:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-19 22:25:06 -------- d-----w- C:\Program Files (x86)\WildTangent Games
2011-07-13 14:00:58 3137536 ----a-w- C:\Windows\System32\win32k.sys
2011-07-12 17:14:50 -------- d-----w- C:\117ae68ef9f125395b78
2011-07-12 17:14:43 -------- d-----w- C:\Users\Smiley82\AppData\Local\LogMeIn
2011-07-12 17:14:39 60800 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2011-07-12 17:14:39 33152 ----a-w- C:\Windows\System32\LMIport.dll
2011-07-12 17:14:38 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-07-12 17:14:38 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2011-07-12 17:14:35 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-07-12 17:14:33 -------- d-----w- C:\ProgramData\LogMeIn
2011-07-12 17:14:21 -------- d-----w- C:\Program Files (x86)\LogMeIn
2011-07-12 17:11:59 -------- d-----w- C:\Users\Smiley82\AppData\Local\Apps
2011-07-12 17:11:58 -------- d-----w- C:\Users\Smiley82\AppData\Local\Deployment
2011-07-09 23:42:43 0 ----a-w- C:\Users\Smiley82\AppData\Local\BIT3747.tmp
.
==================== Find3M ====================
.
2011-08-01 19:27:29 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-21 16:40:32 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-07-21 16:40:31 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe
2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-05-24 23:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
.
============= FINISH: 11:52:22.20 ===============

This post has been edited by Orange Blossom: 05 August 2011 - 11:41 PM

#2 User is offline   Affinity Computers 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 14
  • Joined: 21-October 07

Posted 05 August 2011 - 11:24 AM

ComboFix 11-08-01.05 - Smiley82 08/01/2011 15:47:59.2.2 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3838.2740 [GMT -4:00]
Running from: c:\users\Smiley82\Desktop\combofix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\StartNow Toolbar
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_images.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_news.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_web.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_games.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files (x86)\StartNow Toolbar\Resources\installer.xml
c:\program files (x86)\StartNow Toolbar\Resources\protect\index.html
c:\program files (x86)\StartNow Toolbar\Resources\protect\NotIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\OnlyIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\SearchProtectIcon.png
c:\program files (x86)\StartNow Toolbar\Resources\protect\window.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\window.js
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\index.html
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\LeftImage.png
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\NotIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\OnlyIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\window.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\window.js
c:\program files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_background.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\separator.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\splitter.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files (x86)\StartNow Toolbar\Resources\toolbar.xml
c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe
c:\program files (x86)\StartNow Toolbar\Toolbar32.dll
c:\program files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
c:\program files (x86)\StartNow Toolbar\uninstall.dat
c:\programdata\SPL4EDA.tmp
c:\programdata\SPL5A9D.tmp
c:\programdata\SPL5F9C.tmp
c:\programdata\SPL6C58.tmp
c:\programdata\SPL9022.tmp
c:\programdata\SPL99DE.tmp
c:\programdata\SPLA40B.tmp
c:\programdata\SPLAFC5.tmp
c:\programdata\SPLCD70.tmp
c:\programdata\SPLDCE0.tmp
c:\programdata\SPLEB5D.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-07-01 to 2011-08-01 )))))))))))))))))))))))))))))))
.
.
2011-08-01 20:23 . 2011-08-01 20:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-29 12:42 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF7916BE-0FB8-4D73-B48F-3DFCF2661F49}\mpengine.dll
2011-07-23 18:46 . 2011-07-23 18:46 -------- d-----w- c:\users\Smiley82\AppData\Local\Windows Live Writer
2011-07-23 18:46 . 2011-07-23 18:46 -------- d-----w- c:\users\Smiley82\AppData\Roaming\Windows Live Writer
2011-07-21 18:25 . 2010-10-06 00:27 150200 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak\components\kavlinkfilter.dll
2011-07-21 18:23 . 2011-08-01 20:27 -------- d-----w- c:\programdata\Kaspersky Lab
2011-07-21 18:23 . 2011-07-21 18:23 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2011-07-21 17:28 . 2011-07-21 17:28 -------- d-----w- c:\windows\en
2011-07-21 17:26 . 2011-07-21 17:26 -------- d-----w- c:\program files\Windows Live
2011-07-21 17:26 . 2009-09-04 21:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-07-21 17:26 . 2009-09-04 21:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-07-21 17:26 . 2009-09-04 21:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-07-21 17:26 . 2009-09-04 21:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-07-21 16:44 . 2011-07-21 16:44 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\78ca58701cc47c52d\InstallManager_WLE_WLE.exe
2011-07-21 16:44 . 2011-07-21 16:44 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\6a4696101cc47c522\MeshBetaRemover.exe
2011-07-21 16:43 . 2011-07-21 16:43 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\DSETUP.dll
2011-07-21 16:43 . 2011-07-21 16:43 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\DXSETUP.exe
2011-07-21 16:43 . 2011-07-21 16:43 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\dsetup32.dll
2011-07-21 16:43 . 2011-07-21 16:43 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\DSETUP.dll
2011-07-21 16:43 . 2011-07-21 16:43 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\DXSETUP.exe
2011-07-21 16:43 . 2011-07-21 16:43 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\dsetup32.dll
2011-07-21 16:42 . 2011-07-23 16:49 -------- d-----w- c:\users\Smiley82\AppData\Local\Windows Live
2011-07-21 16:33 . 2011-07-21 16:33 -------- d-----w- c:\windows\system32\SPReview
2011-07-21 16:32 . 2011-07-21 16:32 -------- d-----w- c:\windows\system32\EventProviders
2011-07-20 19:45 . 2011-07-20 19:45 -------- d-----w- c:\users\Smiley82\AppData\Roaming\Malwarebytes
2011-07-20 19:44 . 2011-07-20 19:44 -------- d-----w- c:\programdata\Malwarebytes
2011-07-20 19:44 . 2011-07-23 12:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-19 22:25 . 2011-07-19 22:25 -------- d-----w- c:\program files (x86)\WildTangent Games
2011-07-13 14:00 . 2011-06-11 03:07 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-07-12 17:14 . 2011-07-12 17:16 -------- d-----w- C:\117ae68ef9f125395b78
2011-07-12 17:14 . 2011-07-12 17:14 -------- d-----w- c:\users\Smiley82\AppData\Local\LogMeIn
2011-07-12 17:14 . 2011-07-06 20:33 60800 ----a-w- c:\windows\system32\Spool\prtprocs\x64\LMIproc.dll
2011-07-12 17:14 . 2011-07-06 20:33 33152 ----a-w- c:\windows\system32\LMIport.dll
2011-07-12 17:14 . 2011-07-06 20:33 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-07-12 17:14 . 2011-01-11 23:04 72216 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2011-07-12 17:14 . 2011-07-06 20:33 80768 ----a-w- c:\windows\system32\LMIinit.dll
2011-07-12 17:14 . 2011-08-01 13:24 -------- d-----w- c:\programdata\LogMeIn
2011-07-12 17:14 . 2011-07-12 17:14 -------- d-----w- c:\program files (x86)\LogMeIn
2011-07-12 17:11 . 2011-07-12 17:11 -------- d-----w- c:\users\Smiley82\AppData\Local\Apps
2011-07-12 17:11 . 2011-07-12 17:12 -------- d-----w- c:\users\Smiley82\AppData\Local\Deployment
2011-07-09 23:42 . 2011-07-09 23:42 0 ----a-w- c:\users\Smiley82\AppData\Local\BIT3747.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-01 19:27 . 2011-05-16 13:24 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-21 17:27 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-21 16:40 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-21 16:40 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-06-09 12:24 . 2011-06-09 12:24 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-06-09 12:23 . 2011-06-09 12:23 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-06-09 12:23 . 2011-06-09 12:23 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-06-03 05:57 . 2011-07-13 14:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-28 03:30 . 2011-06-16 14:27 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-28 02:53 . 2011-06-16 14:27 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-05-24 23:14 . 2010-08-12 16:15 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-24 11:42 . 2011-06-29 12:51 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-29 12:51 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-29 12:51 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-29 12:51 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-29 12:51 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-05-04 05:25 . 2011-06-29 12:51 2315776 ----a-w- c:\windows\system32\tquery.dll
2011-05-04 05:22 . 2011-06-29 12:51 2223616 ----a-w- c:\windows\system32\mssrch.dll
2011-05-04 05:22 . 2011-06-29 12:51 778752 ----a-w- c:\windows\system32\mssvp.dll
2011-05-04 05:22 . 2011-06-29 12:51 75264 ----a-w- c:\windows\system32\msscntrs.dll
2011-05-04 05:22 . 2011-06-29 12:51 491520 ----a-w- c:\windows\system32\mssph.dll
2011-05-04 05:22 . 2011-06-29 12:51 288256 ----a-w- c:\windows\system32\mssphtb.dll
2011-05-04 05:19 . 2011-06-29 12:51 591872 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-05-04 05:19 . 2011-06-29 12:51 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-05-04 05:19 . 2011-06-29 12:51 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-05-04 04:34 . 2011-06-29 12:51 1549312 ----a-w- c:\windows\SysWow64\tquery.dll
2011-05-04 04:32 . 2011-06-29 12:51 666624 ----a-w- c:\windows\SysWow64\mssvp.dll
2011-05-04 04:32 . 2011-06-29 12:51 1401344 ----a-w- c:\windows\SysWow64\mssrch.dll
2011-05-04 04:32 . 2011-06-29 12:51 337408 ----a-w- c:\windows\SysWow64\mssph.dll
2011-05-04 04:32 . 2011-06-29 12:51 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll
2011-05-04 04:32 . 2011-06-29 12:51 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll
2011-05-04 04:28 . 2011-06-29 12:51 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:28 . 2011-06-29 12:51 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe
2011-05-04 04:28 . 2011-06-29 12:51 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-20_21.56.31 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 00:14 . 2009-07-14 01:16 51200 c:\windows\twain_32.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 51200 c:\windows\twain_32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 27648 c:\windows\SysWOW64\wups.dll
- 2009-07-14 00:14 . 2009-07-14 01:16 87552 c:\windows\SysWOW64\wudriver.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 87552 c:\windows\SysWOW64\wudriver.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 33792 c:\windows\SysWOW64\wuapp.exe
- 2009-07-14 00:14 . 2009-07-14 01:14 33792 c:\windows\SysWOW64\wuapp.exe
+ 2011-07-02 18:29 . 2010-11-20 12:21 40448 c:\windows\SysWOW64\wtsapi32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 51712 c:\windows\SysWOW64\wsnmp32.dll
- 2009-07-13 23:55 . 2009-07-14 01:16 51712 c:\windows\SysWOW64\wsnmp32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 11264 c:\windows\SysWOW64\wshirda.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 36352 c:\windows\SysWOW64\wshbth.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 21504 c:\windows\SysWOW64\wsdchngr.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 51712 c:\windows\SysWOW64\wscapi.dll
- 2009-07-13 23:37 . 2009-07-14 01:16 47104 c:\windows\SysWOW64\wkscli.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 47104 c:\windows\SysWOW64\wkscli.dll
- 2009-07-13 23:27 . 2009-07-14 01:14 28672 c:\windows\SysWOW64\WerFaultSecure.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 28672 c:\windows\SysWOW64\WerFaultSecure.exe
+ 2011-07-02 18:29 . 2010-11-20 12:21 89600 c:\windows\SysWOW64\wbem\WmiApRpl.dll
- 2009-07-13 23:31 . 2009-07-14 01:16 89600 c:\windows\SysWOW64\wbem\WmiApRpl.dll
+ 2011-07-02 18:29 . 2010-11-20 12:17 66048 c:\windows\SysWOW64\w32tm.exe
+ 2011-07-02 18:28 . 2010-11-20 12:21 25600 c:\windows\SysWOW64\vpnikeapi.dll
- 2009-07-14 00:03 . 2009-07-14 01:16 56832 c:\windows\SysWOW64\vfwwdm32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 56832 c:\windows\SysWOW64\vfwwdm32.dll
- 2009-07-14 00:02 . 2009-07-14 01:16 31744 c:\windows\SysWOW64\utildll.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 31744 c:\windows\SysWOW64\utildll.dll
+ 2011-07-02 18:29 . 2010-11-20 12:17 26624 c:\windows\SysWOW64\userinit.exe
+ 2011-07-02 18:29 . 2010-11-20 12:21 81920 c:\windows\SysWOW64\userenv.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 78848 c:\windows\SysWOW64\UserAccountControlSettings.dll
- 2009-07-13 23:40 . 2009-07-14 01:16 78848 c:\windows\SysWOW64\UserAccountControlSettings.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 34304 c:\windows\SysWOW64\unlodctr.exe
+ 2011-07-02 18:28 . 2010-11-20 12:21 59392 c:\windows\SysWOW64\unimdmat.dll
- 2009-07-13 23:55 . 2009-07-14 01:16 59392 c:\windows\SysWOW64\unimdmat.dll
- 2009-07-13 23:15 . 2009-07-14 01:14 47616 c:\windows\SysWOW64\tzutil.exe
+ 2011-07-02 18:29 . 2010-11-20 12:17 47616 c:\windows\SysWOW64\tzutil.exe
+ 2011-07-02 18:29 . 2010-11-20 12:21 65024 c:\windows\SysWOW64\TSpkg.dll
- 2009-07-13 23:34 . 2009-07-14 01:16 65024 c:\windows\SysWOW64\TSpkg.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 36864 c:\windows\SysWOW64\tsgqec.dll
- 2009-07-14 00:02 . 2009-07-14 01:16 36864 c:\windows\SysWOW64\tsgqec.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 12288 c:\windows\SysWOW64\tsbyuv.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 12288 c:\windows\SysWOW64\tsbyuv.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 21504 c:\windows\SysWOW64\TRAPI.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 69632 c:\windows\SysWOW64\tlscsp.dll
- 2009-07-13 23:40 . 2009-07-14 01:16 82944 c:\windows\SysWOW64\thumbcache.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 82944 c:\windows\SysWOW64\thumbcache.dll
+ 2011-07-02 18:29 . 2009-07-14 01:16 61440 c:\windows\SysWOW64\tcpmonui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 51200 c:\windows\SysWOW64\takeown.exe
+ 2011-07-02 18:28 . 2010-11-20 12:21 14848 c:\windows\SysWOW64\syssetup.dll
+ 2011-07-02 18:28 . 2010-11-20 12:08 96768 c:\windows\SysWOW64\sspicli.dll
- 2010-08-12 17:28 . 2009-12-11 07:36 96768 c:\windows\SysWOW64\sspicli.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 90112 c:\windows\SysWOW64\srvcli.dll
- 2009-07-13 23:37 . 2009-07-14 01:16 90112 c:\windows\SysWOW64\srvcli.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 19968 c:\windows\SysWOW64\spopk.dll
- 2009-07-13 23:17 . 2009-07-14 01:16 19968 c:\windows\SysWOW64\spopk.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 61952 c:\windows\SysWOW64\spbcd.dll
- 2009-07-13 23:17 . 2009-07-14 01:16 61952 c:\windows\SysWOW64\spbcd.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 14336 c:\windows\SysWOW64\slwga.dll
- 2011-02-09 20:54 . 2010-12-21 05:38 14336 c:\windows\SysWOW64\slwga.dll
- 2009-07-13 23:14 . 2009-07-14 01:16 19456 c:\windows\SysWOW64\sisbkup.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 19456 c:\windows\SysWOW64\sisbkup.dll
+ 2010-09-23 04:47 . 2010-09-23 04:47 49016 c:\windows\SysWOW64\sirenacm.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 10752 c:\windows\SysWOW64\shunimpl.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 35840 c:\windows\SysWOW64\shimgvw.dll
- 2009-07-13 23:39 . 2009-07-14 01:16 35840 c:\windows\SysWOW64\shimgvw.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 20992 c:\windows\SysWOW64\shgina.dll
- 2009-07-13 23:40 . 2009-07-14 01:16 20992 c:\windows\SysWOW64\shgina.dll
+ 2011-07-13 14:00 . 2011-06-03 05:57 25600 c:\windows\SysWOW64\setup16.exe
- 2011-07-13 14:00 . 2011-06-02 05:56 25600 c:\windows\SysWOW64\setup16.exe
+ 2011-07-02 18:29 . 2010-11-20 12:20 67584 c:\windows\SysWOW64\Setup\pbkmigr.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 22016 c:\windows\SysWOW64\secur32.dll
- 2010-08-12 17:28 . 2009-12-11 07:39 22016 c:\windows\SysWOW64\secur32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 85504 c:\windows\SysWOW64\secproc_ssp_isv.dll
- 2010-08-12 17:30 . 2010-01-18 23:29 85504 c:\windows\SysWOW64\secproc_ssp_isv.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 85504 c:\windows\SysWOW64\secproc_ssp.dll
- 2010-08-12 17:30 . 2010-01-18 23:29 85504 c:\windows\SysWOW64\secproc_ssp.dll
- 2009-07-13 23:37 . 2009-07-14 01:16 17408 c:\windows\SysWOW64\schedcli.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 17408 c:\windows\SysWOW64\schedcli.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 51200 c:\windows\SysWOW64\samcli.dll
- 2009-07-13 23:41 . 2009-07-14 01:14 50688 c:\windows\SysWOW64\runonce.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 50688 c:\windows\SysWOW64\runonce.exe
- 2010-08-12 17:29 . 2010-06-19 06:23 37376 c:\windows\SysWOW64\rtutils.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 37376 c:\windows\SysWOW64\rtutils.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 46080 c:\windows\SysWOW64\RpcRtRemote.dll
+ 2011-07-02 18:29 . 2010-11-20 12:17 98816 c:\windows\SysWOW64\Robocopy.exe
+ 2011-07-02 18:28 . 2010-11-20 12:21 71168 c:\windows\SysWOW64\resutils.dll
- 2009-07-13 23:21 . 2009-07-14 01:16 71168 c:\windows\SysWOW64\resutils.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 37888 c:\windows\SysWOW64\relog.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 83968 c:\windows\SysWOW64\RegisterIEPKEYs.exe
- 2009-07-13 23:43 . 2009-07-14 01:14 83968 c:\windows\SysWOW64\RegisterIEPKEYs.exe
+ 2011-07-02 18:29 . 2010-11-20 12:21 72192 c:\windows\SysWOW64\regapi.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 22016 c:\windows\SysWOW64\ReAgentc.exe
+ 2011-07-02 18:28 . 2010-11-20 12:21 21504 c:\windows\SysWOW64\rdprefdrvapi.dll
- 2009-07-14 00:01 . 2009-07-14 01:16 21504 c:\windows\SysWOW64\rdprefdrvapi.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 52224 c:\windows\SysWOW64\rdpd3d.dll
- 2009-07-14 00:02 . 2009-07-14 01:16 52224 c:\windows\SysWOW64\rdpd3d.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 69632 c:\windows\SysWOW64\rastapi.dll
- 2009-07-13 23:54 . 2009-07-14 01:16 69632 c:\windows\SysWOW64\rastapi.dll
- 2009-07-13 23:52 . 2009-07-14 01:16 80896 c:\windows\SysWOW64\QUTIL.DLL
+ 2011-07-02 18:28 . 2010-11-20 12:21 80896 c:\windows\SysWOW64\QUTIL.DLL
- 2009-07-13 23:52 . 2009-07-14 01:16 99328 c:\windows\SysWOW64\QSVRMGMT.DLL
+ 2011-07-02 18:28 . 2010-11-20 12:20 99328 c:\windows\SysWOW64\QSVRMGMT.DLL
+ 2011-07-02 18:28 . 2010-11-20 12:20 71680 c:\windows\SysWOW64\QCLIPROV.DLL
- 2009-07-13 23:52 . 2009-07-14 01:16 71680 c:\windows\SysWOW64\QCLIPROV.DLL
+ 2011-07-02 18:29 . 2010-11-20 12:17 28672 c:\windows\SysWOW64\proquota.exe
+ 2011-04-27 13:42 . 2011-02-18 05:39 31232 c:\windows\SysWOW64\prevhost.exe
- 2011-04-27 13:42 . 2011-02-18 05:33 31232 c:\windows\SysWOW64\prevhost.exe
+ 2011-07-02 18:30 . 2010-11-05 01:53 99176 c:\windows\SysWOW64\PresentationHostProxy.dll
- 2010-08-12 22:17 . 2009-11-25 16:47 99176 c:\windows\SysWOW64\PresentationHostProxy.dll
+ 2011-07-02 18:28 . 2010-11-20 12:05 35328 c:\windows\SysWOW64\pifmgr.dll
- 2009-07-14 00:02 . 2009-07-14 01:16 17408 c:\windows\SysWOW64\perfts.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 17408 c:\windows\SysWOW64\perfts.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 46592 c:\windows\SysWOW64\pdhui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 77824 c:\windows\SysWOW64\olethk32.dll
- 2009-07-13 23:43 . 2009-07-14 01:16 90112 c:\windows\SysWOW64\olepro32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 90112 c:\windows\SysWOW64\olepro32.dll
- 2009-07-14 00:12 . 2009-07-14 01:16 40960 c:\windows\SysWOW64\odbcconf.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 40960 c:\windows\SysWOW64\odbcconf.dll
- 2011-07-13 14:00 . 2011-06-02 05:59 14336 c:\windows\SysWOW64\ntvdm64.dll
+ 2011-07-13 14:00 . 2011-06-03 06:00 14336 c:\windows\SysWOW64\ntvdm64.dll
+ 2011-07-02 18:29 . 2010-11-20 12:20 69120 c:\windows\SysWOW64\ntlanman.dll
- 2009-07-13 23:31 . 2009-07-14 01:16 69120 c:\windows\SysWOW64\ntlanman.dll
+ 2011-07-02 18:29 . 2010-11-20 12:17 98304 c:\windows\SysWOW64\nslookup.exe
+ 2011-07-02 18:28 . 2010-11-20 12:06 69120 c:\windows\SysWOW64\nlsbres.dll
+ 2011-07-02 18:29 . 2010-11-20 12:20 52224 c:\windows\SysWOW64\nlaapi.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 22528 c:\windows\SysWOW64\netutils.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 25600 c:\windows\SysWOW64\netiougc.exe
+ 2011-07-02 18:29 . 2010-11-05 01:58 49488 c:\windows\SysWOW64\netfxperf.dll
- 2009-07-13 23:53 . 2009-07-14 01:14 24064 c:\windows\SysWOW64\netbtugc.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 24064 c:\windows\SysWOW64\netbtugc.exe
+ 2011-07-02 18:28 . 2010-11-20 12:20 56832 c:\windows\SysWOW64\netapi32.dll
- 2009-07-13 23:37 . 2009-07-14 01:16 56832 c:\windows\SysWOW64\netapi32.dll
- 2009-07-13 23:32 . 2009-07-14 01:16 60928 c:\windows\SysWOW64\ncryptui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 60928 c:\windows\SysWOW64\ncryptui.dll
+ 2011-07-02 18:29 . 2010-11-20 12:20 78848 c:\windows\SysWOW64\nci.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 68096 c:\windows\SysWOW64\napdsnap.dll
+ 2011-07-02 18:28 . 2010-11-20 12:36 46080 c:\windows\SysWOW64\NAPCRYPT.DLL
- 2009-07-13 23:53 . 2009-07-14 01:22 46080 c:\windows\SysWOW64\NAPCRYPT.DLL
+ 2011-07-02 18:28 . 2010-11-20 12:17 70656 c:\windows\SysWOW64\MuiUnattend.exe
- 2009-07-13 23:13 . 2009-07-14 01:14 70656 c:\windows\SysWOW64\MuiUnattend.exe
+ 2011-07-02 18:28 . 2010-11-20 12:19 13312 c:\windows\SysWOW64\muifontsetup.dll
- 2009-07-13 23:25 . 2009-07-14 01:15 13312 c:\windows\SysWOW64\muifontsetup.dll
+ 2011-07-02 18:29 . 2010-11-05 01:58 11600 c:\windows\SysWOW64\MUI\0409\mscorees.dll
- 2010-08-12 22:17 . 2009-11-25 16:47 11600 c:\windows\SysWOW64\MUI\0409\mscorees.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 22528 c:\windows\SysWOW64\msyuv.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 31744 c:\windows\SysWOW64\msvidc32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 31744 c:\windows\SysWOW64\msvidc32.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 13312 c:\windows\SysWOW64\msrle32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 13312 c:\windows\SysWOW64\msrle32.dll
- 2009-07-13 23:31 . 2009-07-14 01:14 73216 c:\windows\SysWOW64\msiexec.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 73216 c:\windows\SysWOW64\msiexec.exe
- 2011-06-16 14:27 . 2011-04-22 19:31 67072 c:\windows\SysWOW64\mshtmled.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 67072 c:\windows\SysWOW64\mshtmled.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 12800 c:\windows\SysWOW64\msfeedssync.exe
- 2011-06-16 14:27 . 2011-04-22 19:30 12800 c:\windows\SysWOW64\msfeedssync.exe
+ 2011-07-02 18:29 . 2010-11-20 12:19 64512 c:\windows\SysWOW64\msfeedsbs.dll
- 2011-06-16 14:27 . 2011-04-22 19:31 64512 c:\windows\SysWOW64\msfeedsbs.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 30720 c:\windows\SysWOW64\msdmo.dll
+ 2011-07-02 18:29 . 2010-11-05 01:58 80720 c:\windows\SysWOW64\mscories.dll
- 2009-07-13 20:46 . 2009-06-10 21:23 80720 c:\windows\SysWOW64\mscories.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 34304 c:\windows\SysWOW64\msasn1.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 42496 c:\windows\SysWOW64\mimefilt.dll
- 2009-07-13 23:42 . 2009-07-14 01:16 90112 c:\windows\SysWOW64\migwiz\replacementmanifests\microsoft-windows-shmig\shmig.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 90112 c:\windows\SysWOW64\migwiz\replacementmanifests\microsoft-windows-shmig\shmig.dll
- 2009-07-13 23:42 . 2009-07-14 01:16 90112 c:\windows\SysWOW64\migwiz\dlmanifests\Microsoft-Windows-shmig-DL\shmig.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 90112 c:\windows\SysWOW64\migwiz\dlmanifests\Microsoft-Windows-shmig-DL\shmig.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 67584 c:\windows\SysWOW64\migration\WSMT\rras\replacementmanifests\Microsoft-Windows-RasApi-MigPlugin\pbkmigr-Mig.dll
- 2011-06-16 14:27 . 2011-04-22 19:31 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2011-06-16 14:27 . 2011-04-22 19:10 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2009-07-13 23:41 . 2009-07-14 01:16 90112 c:\windows\SysWOW64\migration\shmig.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 90112 c:\windows\SysWOW64\migration\shmig.dll
- 2009-07-14 00:03 . 2009-07-14 01:15 36352 c:\windows\SysWOW64\mciqtz32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 36352 c:\windows\SysWOW64\mciqtz32.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 84480 c:\windows\SysWOW64\mciavi32.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 84480 c:\windows\SysWOW64\mciavi32.dll
- 2009-07-14 00:12 . 2009-07-14 01:15 76800 c:\windows\SysWOW64\mapistub.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 76800 c:\windows\SysWOW64\mapistub.dll
- 2009-07-14 00:12 . 2009-07-14 01:15 76800 c:\windows\SysWOW64\mapi32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 76800 c:\windows\SysWOW64\mapi32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 41984 c:\windows\SysWOW64\luainstall.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 21504 c:\windows\SysWOW64\lsmproxy.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 82944 c:\windows\SysWOW64\logman.exe
- 2009-07-14 00:08 . 2009-07-14 01:14 95232 c:\windows\SysWOW64\logagent.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 95232 c:\windows\SysWOW64\logagent.exe
+ 2011-07-02 18:29 . 2010-11-20 12:19 44544 c:\windows\SysWOW64\licmgr10.dll
- 2011-06-16 14:27 . 2011-04-22 19:31 44544 c:\windows\SysWOW64\licmgr10.dll
- 2011-06-16 14:27 . 2011-04-22 19:31 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2011-06-16 14:27 . 2011-04-22 19:09 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 50176 c:\windows\SysWOW64\iyuv_32.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 50176 c:\windows\SysWOW64\iyuv_32.dll
+ 2011-07-02 18:29 . 2010-11-20 12:17 86528 c:\windows\SysWOW64\isoburn.exe
- 2009-07-13 23:40 . 2009-07-14 01:14 86528 c:\windows\SysWOW64\isoburn.exe
+ 2011-07-02 18:28 . 2010-11-20 12:19 28672 c:\windows\SysWOW64\iscsium.dll
- 2009-07-13 23:46 . 2009-07-14 01:15 28672 c:\windows\SysWOW64\iscsium.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 96256 c:\windows\SysWOW64\inseng.dll
- 2009-07-13 23:42 . 2009-07-14 01:15 96256 c:\windows\SysWOW64\inseng.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 52736 c:\windows\SysWOW64\inetmib1.dll
- 2009-07-13 23:42 . 2009-07-14 01:15 34304 c:\windows\SysWOW64\imgutil.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 34304 c:\windows\SysWOW64\imgutil.dll
- 2009-07-13 23:26 . 2009-07-14 01:14 90112 c:\windows\SysWOW64\IME\IMESC5\IMSCPROP.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 90112 c:\windows\SysWOW64\IME\IMESC5\IMSCPROP.exe
+ 2011-07-02 18:28 . 2010-11-20 12:19 82944 c:\windows\SysWOW64\iccvid.dll
- 2010-08-12 17:28 . 2010-07-29 06:30 82944 c:\windows\SysWOW64\iccvid.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 78848 c:\windows\SysWOW64\iasacct.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 34816 c:\windows\SysWOW64\httpapi.dll
- 2009-07-13 23:12 . 2009-07-14 01:15 34816 c:\windows\SysWOW64\httpapi.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 66560 c:\windows\SysWOW64\hbaapi.dll
- 2009-07-13 23:55 . 2009-07-14 01:14 42496 c:\windows\SysWOW64\ftp.exe
+ 2011-07-02 18:29 . 2010-11-20 12:17 42496 c:\windows\SysWOW64\ftp.exe
+ 2011-04-27 13:42 . 2011-03-11 05:31 74240 c:\windows\SysWOW64\fsutil.exe
- 2011-04-27 13:42 . 2011-03-11 05:37 74240 c:\windows\SysWOW64\fsutil.exe
+ 2011-07-02 18:28 . 2010-11-20 12:19 98304 c:\windows\SysWOW64\fphc.dll
+ 2011-02-09 20:54 . 2010-09-30 06:47 70656 c:\windows\SysWOW64\fontsub.dll
- 2010-04-01 00:07 . 2009-10-19 14:10 70656 c:\windows\SysWOW64\fontsub.dll
- 2009-07-13 23:25 . 2009-07-14 01:15 93696 c:\windows\SysWOW64\fms.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 93696 c:\windows\SysWOW64\fms.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 62976 c:\windows\SysWOW64\findstr.exe
+ 2011-07-02 18:29 . 2010-11-20 12:19 59904 c:\windows\SysWOW64\fdeploy.dll
- 2009-07-14 05:35 . 2009-07-14 02:11 69632 c:\windows\SysWOW64\en\AuthFWWizFwk.Resources.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 69632 c:\windows\SysWOW64\en\AuthFWWizFwk.Resources.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 22528 c:\windows\SysWOW64\elsTrans.dll
- 2009-07-13 23:56 . 2009-07-14 01:15 94208 c:\windows\SysWOW64\eappgnui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 94208 c:\windows\SysWOW64\eappgnui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 30208 c:\windows\SysWOW64\dsauth.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 82432 c:\windows\SysWOW64\dot3cfg.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 91136 c:\windows\SysWOW64\dot3api.dll
+ 2011-04-15 13:45 . 2011-03-03 05:36 28672 c:\windows\SysWOW64\dnscacheugc.exe
- 2011-04-15 13:45 . 2011-03-03 05:27 28672 c:\windows\SysWOW64\dnscacheugc.exe
- 2009-07-13 23:18 . 2009-07-14 01:15 89600 c:\windows\SysWOW64\Dism\LogProvider.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 89600 c:\windows\SysWOW64\Dism\LogProvider.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 49152 c:\windows\SysWOW64\Dism\FolderProvider.dll
- 2009-07-13 23:18 . 2009-07-14 01:15 49152 c:\windows\SysWOW64\Dism\FolderProvider.dll
- 2009-07-13 23:18 . 2009-07-14 01:14 82944 c:\windows\SysWOW64\Dism\DismHost.exe
+ 2011-07-02 18:29 . 2010-11-20 12:17 82944 c:\windows\SysWOW64\Dism\DismHost.exe
+ 2011-07-02 18:28 . 2010-11-20 12:18 50688 c:\windows\SysWOW64\Dism\DismCorePS.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 80384 c:\windows\SysWOW64\davclnt.dll
- 2011-02-09 20:54 . 2010-12-21 05:34 80384 c:\windows\SysWOW64\davclnt.dll
- 2009-07-13 23:14 . 2009-07-14 01:15 23040 c:\windows\SysWOW64\cscdll.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 23040 c:\windows\SysWOW64\cscdll.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 34816 c:\windows\SysWOW64\cscapi.dll
- 2009-07-13 23:14 . 2009-07-14 01:15 34816 c:\windows\SysWOW64\cscapi.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 17408 c:\windows\SysWOW64\credssp.dll
- 2009-07-14 04:54 . 2011-07-18 21:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-08-01 20:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-08-01 20:26 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-18 21:45 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-18 21:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-01 20:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-02 18:28 . 2010-11-20 12:17 84992 c:\windows\SysWOW64\cmstp.exe
- 2009-07-13 23:54 . 2009-07-14 01:14 84992 c:\windows\SysWOW64\cmstp.exe
- 2009-07-13 23:36 . 2009-07-14 01:15 65024 c:\windows\SysWOW64\CertPolEng.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 65024 c:\windows\SysWOW64\CertPolEng.dll
- 2009-07-14 00:05 . 2009-07-14 01:15 66560 c:\windows\SysWOW64\cca.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 66560 c:\windows\SysWOW64\cca.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 73216 c:\windows\SysWOW64\cabinet.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 11264 c:\windows\SysWOW64\C_ISCII.DLL
+ 2011-07-02 18:28 . 2010-11-20 12:18 10752 c:\windows\SysWOW64\browseui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 41984 c:\windows\SysWOW64\browcli.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 19456 c:\windows\SysWOW64\bitsperf.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 28160 c:\windows\SysWOW64\AzSqlExt.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 91648 c:\windows\SysWOW64\avifil32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 91648 c:\windows\SysWOW64\avifil32.dll
- 2011-04-15 13:46 . 2011-02-19 05:32 34304 c:\windows\SysWOW64\atmlib.dll
+ 2011-04-15 13:46 . 2011-02-19 06:30 34304 c:\windows\SysWOW64\atmlib.dll
- 2010-08-12 17:30 . 2010-03-05 07:42 67584 c:\windows\SysWOW64\asycfilt.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 67584 c:\windows\SysWOW64\asycfilt.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 70656 c:\windows\SysWOW64\amstream.dll
- 2009-07-14 00:03 . 2009-07-14 01:14 70656 c:\windows\SysWOW64\amstream.dll
- 2009-07-13 23:26 . 2009-07-14 01:14 45568 c:\windows\SysWOW64\acppage.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 45568 c:\windows\SysWOW64\acppage.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 48640 c:\windows\system32\wwanprotdim.dll
- 2009-07-14 00:12 . 2009-07-14 01:41 48640 c:\windows\system32\wwanprotdim.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 37376 c:\windows\system32\wups2.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 33280 c:\windows\system32\wups.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 98304 c:\windows\system32\wudriver.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 78848 c:\windows\system32\WUDFSvc.dll
- 2009-07-14 00:06 . 2009-07-14 01:41 44544 c:\windows\system32\WUDFCoinstaller.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 44544 c:\windows\system32\WUDFCoinstaller.dll
+ 2011-07-02 18:28 . 2010-11-20 13:25 51200 c:\windows\system32\wuauclt.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 36864 c:\windows\system32\wuapp.exe
- 2011-07-12 17:16 . 2009-08-06 22:59 36864 c:\windows\system32\wuapp.exe
- 2009-07-14 00:10 . 2009-07-14 01:41 67072 c:\windows\system32\wsnmp32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 67072 c:\windows\system32\wsnmp32.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 13824 c:\windows\system32\wshirda.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 47104 c:\windows\system32\wshbth.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 26112 c:\windows\system32\wsdchngr.dll
- 2011-02-09 20:54 . 2010-12-21 06:16 97280 c:\windows\system32\wscsvc.dll
+ 2009-07-13 23:48 . 2009-07-14 01:41 97280 c:\windows\system32\wscsvc.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 63488 c:\windows\system32\wscapi.dll
- 2011-07-13 14:00 . 2011-06-02 06:45 13312 c:\windows\system32\wow64cpu.dll
+ 2011-07-13 14:00 . 2011-06-03 06:57 13312 c:\windows\system32\wow64cpu.dll
- 2009-07-13 23:53 . 2009-07-14 01:41 71680 c:\windows\system32\wkscli.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 71680 c:\windows\system32\wkscli.dll
+ 2011-07-02 18:29 . 2010-11-20 13:25 26112 c:\windows\system32\WerFaultSecure.exe
- 2009-07-13 23:40 . 2009-07-14 01:39 26112 c:\windows\system32\WerFaultSecure.exe
+ 2011-07-02 18:28 . 2010-11-20 13:27 36352 c:\windows\system32\wdiasqmmodule.dll
+ 2010-03-31 23:26 . 2011-08-01 13:27 47842 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-08-01 20:29 23572 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-07-02 18:28 . 2010-11-20 13:27 61952 c:\windows\system32\WavDest.dll
- 2009-07-14 00:25 . 2009-07-14 01:41 61952 c:\windows\system32\WavDest.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 61952 c:\windows\system32\vss_ps.dll
- 2009-07-13 23:36 . 2009-07-14 01:41 61952 c:\windows\system32\vss_ps.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 38912 c:\windows\system32\vpnikeapi.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 68096 c:\windows\system32\vfwwdm32.dll
- 2009-07-14 00:18 . 2009-07-14 01:41 68096 c:\windows\system32\vfwwdm32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:25 30720 c:\windows\system32\userinit.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 84480 c:\windows\system32\UserAccountControlSettings.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 73216 c:\windows\system32\unimdmat.dll
- 2009-07-14 00:10 . 2009-07-14 01:41 73216 c:\windows\system32\unimdmat.dll
- 2009-07-13 23:35 . 2009-07-14 01:41 59904 c:\windows\system32\umb.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 59904 c:\windows\system32\umb.dll
+ 2011-07-02 18:29 . 2010-11-20 13:25 58368 c:\windows\system32\tzutil.exe
+ 2011-07-02 18:30 . 2010-11-20 13:27 12288 c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 40960 c:\windows\system32\TsUsbGDCoInstaller.dll
- 2009-07-13 23:50 . 2009-07-14 01:41 86016 c:\windows\system32\TSpkg.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 86016 c:\windows\system32\TSpkg.dll
- 2009-07-14 00:17 . 2009-07-14 01:41 44032 c:\windows\system32\tsgqec.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 44032 c:\windows\system32\tsgqec.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 14848 c:\windows\system32\tsbyuv.dll
- 2010-08-12 17:28 . 2009-12-19 09:50 14848 c:\windows\system32\tsbyuv.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 21504 c:\windows\system32\TRAPI.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 73728 c:\windows\system32\tlscsp.dll
- 2009-07-14 00:16 . 2009-07-14 01:41 73728 c:\windows\system32\tlscsp.dll
+ 2011-07-02 18:29 . 2010-11-20 13:25 69120 c:\windows\system32\taskhost.exe
- 2009-07-13 23:31 . 2009-07-14 01:39 69120 c:\windows\system32\taskhost.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 63488 c:\windows\system32\takeown.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 92672 c:\windows\system32\TabSvc.dll
- 2009-07-14 00:03 . 2009-07-14 01:39 78848 c:\windows\system32\tabcal.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 78848 c:\windows\system32\tabcal.exe
+ 2011-07-02 18:28 . 2010-11-20 13:27 17408 c:\windows\system32\syssetup.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 29184 c:\windows\system32\sspisrv.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 13312 c:\windows\system32\sscore.dll
- 2009-07-13 23:53 . 2009-07-14 01:41 13312 c:\windows\system32\sscore.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 18944 c:\windows\system32\spopk.dll
- 2009-07-13 23:29 . 2009-07-14 01:41 18944 c:\windows\system32\spopk.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 39424 c:\windows\system32\spool\prtprocs\x64\winprint.dll
- 2009-07-14 00:39 . 2009-07-14 01:41 39424 c:\windows\system32\spool\prtprocs\x64\winprint.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 78848 c:\windows\system32\spbcd.dll
- 2009-07-13 23:29 . 2009-07-14 01:41 78848 c:\windows\system32\spbcd.dll
- 2011-02-09 20:54 . 2010-12-21 06:15 15360 c:\windows\system32\slwga.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 15360 c:\windows\system32\slwga.dll
- 2009-07-13 23:23 . 2009-07-14 01:41 24064 c:\windows\system32\sisbkup.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 24064 c:\windows\system32\sisbkup.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 11264 c:\windows\system32\shunimpl.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 37376 c:\windows\system32\shimgvw.dll
- 2009-07-13 23:55 . 2009-07-14 01:41 37376 c:\windows\system32\shimgvw.dll
- 2009-07-13 23:55 . 2009-07-14 01:41 28160 c:\windows\system32\shgina.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 28160 c:\windows\system32\shgina.dll
+ 2011-07-02 18:29 . 2010-11-20 13:25 88576 c:\windows\system32\setupcl.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 57856 c:\windows\system32\Setup\pbkmigr.dll
+ 2011-04-15 13:45 . 2010-11-20 13:27 63488 c:\windows\system32\setbcdlocale.dll
- 2009-07-13 23:50 . 2009-07-14 01:41 28160 c:\windows\system32\secur32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 28160 c:\windows\system32\secur32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 30720 c:\windows\system32\seclogon.dll
- 2009-07-13 23:53 . 2009-07-14 01:41 30720 c:\windows\system32\seclogon.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 24064 c:\windows\system32\schedcli.dll
- 2009-07-13 23:53 . 2009-07-14 01:41 24064 c:\windows\system32\schedcli.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 67584 c:\windows\system32\samcli.dll
+ 2011-07-02 18:28 . 2010-11-20 13:25 56832 c:\windows\system32\runonce.exe
- 2009-07-13 23:57 . 2009-07-14 01:39 56832 c:\windows\system32\runonce.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 52224 c:\windows\system32\rtutils.dll
- 2010-08-12 17:29 . 2010-06-19 06:53 52224 c:\windows\system32\rtutils.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 65536 c:\windows\system32\RpcRtRemote.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 10752 c:\windows\system32\riched32.dll
- 2009-07-13 23:22 . 2009-07-14 01:39 51712 c:\windows\system32\repair-bde.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 51712 c:\windows\system32\repair-bde.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 43008 c:\windows\system32\relog.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 98816 c:\windows\system32\RegisterIEPKEYs.exe
- 2009-07-13 23:58 . 2009-07-14 01:39 98816 c:\windows\system32\RegisterIEPKEYs.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 95232 c:\windows\system32\regapi.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 77312 c:\windows\system32\rdpwsx.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 23040 c:\windows\system32\rdprefdrvapi.dll
- 2009-07-14 00:16 . 2009-07-14 01:41 23040 c:\windows\system32\rdprefdrvapi.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 68096 c:\windows\system32\rdpd3d.dll
- 2009-07-14 00:17 . 2009-07-14 01:41 68096 c:\windows\system32\rdpd3d.dll
- 2009-07-14 00:17 . 2009-07-14 01:41 10240 c:\windows\system32\rdpcfgex.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 10240 c:\windows\system32\rdpcfgex.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 79872 c:\windows\system32\QCLIPROV.DLL
- 2009-07-14 00:07 . 2009-07-14 01:41 79872 c:\windows\system32\QCLIPROV.DLL
+ 2011-07-02 18:29 . 2010-11-20 13:25 31744 c:\windows\system32\proquota.exe
+ 2011-07-02 18:28 . 2010-11-20 13:27 33792 c:\windows\system32\profprov.dll
- 2009-07-14 00:39 . 2009-07-14 01:41 48128 c:\windows\system32\PrintIsolationProxy.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 48128 c:\windows\system32\PrintIsolationProxy.dll
- 2011-04-27 13:42 . 2011-02-18 06:33 31232 c:\windows\system32\prevhost.exe
+ 2011-04-27 13:42 . 2011-02-18 10:51 31232 c:\windows\system32\prevhost.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 62976 c:\windows\system32\PnPUnattend.exe
+ 2011-07-02 18:28 . 2010-11-20 13:12 35328 c:\windows\system32\pifmgr.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 57856 c:\windows\system32\oobe\spprgrss.dll
- 2009-07-13 23:57 . 2009-07-14 01:39 71168 c:\windows\system32\oobe\msoobe.exe
+ 2011-07-02 18:28 . 2010-11-20 13:24 71168 c:\windows\system32\oobe\msoobe.exe
- 2009-07-14 00:28 . 2009-07-14 01:41 53248 c:\windows\system32\odbcconf.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 53248 c:\windows\system32\odbcconf.dll
+ 2011-07-13 14:00 . 2011-06-03 06:57 16384 c:\windows\system32\ntvdm64.dll
- 2011-07-13 14:00 . 2011-06-02 06:42 16384 c:\windows\system32\ntvdm64.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 15360 c:\windows\system32\nrpsrv.dll
+ 2011-07-02 18:28 . 2010-11-20 13:13 69120 c:\windows\system32\nlsbres.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 70656 c:\windows\system32\nlaapi.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 29184 c:\windows\system32\netutils.dll
+ 2011-07-02 18:30 . 2010-11-05 01:57 48976 c:\windows\system32\netfxperf.dll
- 2009-07-13 23:53 . 2009-07-14 01:41 72704 c:\windows\system32\netapi32.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 72704 c:\windows\system32\netapi32.dll
- 2009-07-13 23:49 . 2009-07-14 01:41 66048 c:\windows\system32\ncryptui.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 66048 c:\windows\system32\ncryptui.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 90112 c:\windows\system32\nci.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 72192 c:\windows\system32\napdsnap.dll
- 2009-07-14 00:09 . 2009-07-14 01:51 50176 c:\windows\system32\NAPCRYPT.DLL
+ 2011-07-02 18:29 . 2010-11-20 13:44 50176 c:\windows\system32\NAPCRYPT.DLL
- 2009-07-14 00:03 . 2009-07-14 01:39 51712 c:\windows\system32\MultiDigiMon.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 51712 c:\windows\system32\MultiDigiMon.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 16896 c:\windows\system32\muifontsetup.dll
+ 2011-07-02 18:29 . 2010-11-05 01:57 11600 c:\windows\system32\MUI\0409\mscorees.dll
- 2010-08-12 22:17 . 2009-11-25 16:47 11600 c:\windows\system32\MUI\0409\mscorees.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 25600 c:\windows\system32\msyuv.dll
- 2010-08-12 17:28 . 2009-12-19 09:47 38912 c:\windows\system32\msvidc32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 38912 c:\windows\system32\msvidc32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 16384 c:\windows\system32\msrle32.dll
- 2010-08-12 17:28 . 2009-12-19 09:47 16384 c:\windows\system32\msrle32.dll
- 2011-06-16 14:27 . 2011-04-22 20:14 97280 c:\windows\system32\mshtmled.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 97280 c:\windows\system32\mshtmled.dll
- 2011-06-16 14:27 . 2011-04-22 20:09 12288 c:\windows\system32\msfeedssync.exe
+ 2011-07-02 18:28 . 2010-11-20 13:24 12288 c:\windows\system32\msfeedssync.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 82944 c:\windows\system32\msfeedsbs.dll
- 2011-06-16 14:27 . 2011-04-22 20:14 82944 c:\windows\system32\msfeedsbs.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 35840 c:\windows\system32\msdmo.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 46592 c:\windows\system32\msasn1.dll
- 2010-04-01 00:08 . 2009-08-29 07:50 46592 c:\windows\system32\msasn1.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 41472 c:\windows\system32\mimefilt.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 57856 c:\windows\system32\migration\WSMT\rras\replacementmanifests\Microsoft-Windows-RasApi-MigPlugin\pbkmigr-Mig.dll
+ 2011-06-16 14:27 . 2011-04-22 22:08 95232 c:\windows\system32\migration\WininetPlugin.dll
- 2011-06-16 14:27 . 2011-04-22 20:18 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 84992 c:\windows\system32\Mcx2Svc.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 41472 c:\windows\system32\mciqtz32.dll
- 2009-07-14 00:18 . 2009-07-14 01:41 41472 c:\windows\system32\mciqtz32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 91648 c:\windows\system32\mapistub.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 91648 c:\windows\system32\mapi32.dll
+ 2011-07-02 18:28 . 2010-11-20 13:24 79872 c:\windows\system32\manage-bde.exe
- 2009-07-13 23:22 . 2009-07-14 01:39 79872 c:\windows\system32\manage-bde.exe
+ 2011-07-02 18:28 . 2010-11-20 13:26 48640 c:\windows\system32\luainstall.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 50176 c:\windows\system32\lsmproxy.dll
- 2009-07-13 23:52 . 2009-07-14 01:39 27648 c:\windows\system32\LogonUI.exe
+ 2011-07-02 18:28 . 2010-11-20 13:24 27648 c:\windows\system32\LogonUI.exe
- 2011-06-16 14:27 . 2011-04-22 20:14 57856 c:\windows\system32\licmgr10.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 57856 c:\windows\system32\licmgr10.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 90624 c:\windows\system32\KMSVC.DLL
- 2009-07-14 00:07 . 2009-07-14 01:41 90624 c:\windows\system32\KMSVC.DLL
- 2011-04-15 13:45 . 2011-02-05 12:41 20352 c:\windows\system32\kdusb.dll
+ 2011-04-15 13:45 . 2011-02-05 17:10 20352 c:\windows\system32\kdusb.dll
+ 2011-04-15 13:45 . 2011-02-05 17:10 17792 c:\windows\system32\kdcom.dll
- 2011-04-15 13:45 . 2011-02-05 12:41 17792 c:\windows\system32\kdcom.dll
- 2011-04-15 13:45 . 2011-02-05 12:41 19328 c:\windows\system32\kd1394.dll
+ 2011-04-15 13:45 . 2011-02-05 17:10 19328 c:\windows\system32\kd1394.dll
- 2011-06-16 14:27 . 2011-04-22 20:13 64512 c:\windows\system32\jsproxy.dll
+ 2011-06-16 14:27 . 2011-04-22 22:04 64512 c:\windows\system32\jsproxy.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 54272 c:\windows\system32\iyuv_32.dll
- 2010-08-12 17:28 . 2009-12-19 09:46 54272 c:\windows\system32\iyuv_32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:24 91648 c:\windows\system32\isoburn.exe
+ 2011-07-02 18:29 . 2010-11-20 13:26 37376 c:\windows\system32\iscsium.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 65536 c:\windows\system32\inetmib1.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 76800 c:\windows\system32\imagehlp.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 45056 c:\windows\system32\httpapi.dll
- 2009-07-13 23:21 . 2009-07-14 01:41 45056 c:\windows\system32\httpapi.dll
- 2009-07-13 23:55 . 2009-07-14 01:41 27136 c:\windows\system32\HotStartUserAgent.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 27136 c:\windows\system32\HotStartUserAgent.dll
- 2009-07-14 00:01 . 2009-07-14 01:40 78848 c:\windows\system32\hbaapi.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 78848 c:\windows\system32\hbaapi.dll
+ 2011-07-02 18:28 . 2010-11-20 13:24 18432 c:\windows\system32\FXSUNATD.exe
+ 2011-07-02 18:28 . 2010-11-20 13:26 41984 c:\windows\system32\FXSMON.dll
- 2009-07-14 00:10 . 2009-07-14 01:39 48128 c:\windows\system32\ftp.exe
+ 2011-07-02 18:29 . 2010-11-20 13:24 48128 c:\windows\system32\ftp.exe
+ 2011-04-27 13:42 . 2011-03-11 06:30 96768 c:\windows\system32\fsutil.exe
- 2011-04-27 13:42 . 2011-03-11 06:15 96768 c:\windows\system32\fsutil.exe
+ 2011-07-02 18:28 . 2010-11-20 13:24 17920 c:\windows\system32\fixmapi.exe
+ 2011-07-02 18:28 . 2010-11-20 13:24 71168 c:\windows\system32\findstr.exe
+ 2011-07-02 18:28 . 2010-11-20 13:26 74240 c:\windows\system32\fdProxy.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 72192 c:\windows\system32\fdeploy.dll
+ 2011-07-21 16:32 . 2011-07-21 16:32 13312 c:\windows\system32\EventProviders\spcmsg.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 25600 c:\windows\system32\elsTrans.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 36864 c:\windows\system32\dsauth.dll
- 2009-07-14 05:30 . 2011-07-13 18:44 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-07-21 18:24 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-07-02 18:28 . 2010-11-20 13:27 83968 c:\windows\system32\DriverStore\FileRepository\wpdcomp.inf_amd64_neutral_11bbf54c8508434e\Wpdcomp.dll
+ 2011-07-02 18:29 . 2010-11-20 10:43 41984 c:\windows\system32\DriverStore\FileRepository\winusb.inf_amd64_neutral_6cb50ae9f480775b\winusb.sys
+ 2011-04-27 13:42 . 2011-03-11 04:37 91648 c:\windows\system32\DriverStore\FileRepository\usbstor.inf_amd64_neutral_26b33263a639795d\USBSTOR.SYS
+ 2011-07-02 18:29 . 2010-11-20 10:44 91648 c:\windows\system32\DriverStore\FileRepository\usbstor.inf_amd64_neutral_0725c2806a159a9d\USBSTOR.SYS
+ 2009-07-14 00:06 . 2009-07-14 00:06 30720 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbuhci.sys
+ 2009-07-14 00:06 . 2009-07-14 00:06 25600 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbohci.sys
+ 2011-07-02 18:29 . 2010-11-20 10:43 52224 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbehci.sys
+ 2011-05-11 13:33 . 2011-03-25 03:29 30720 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbuhci.sys
+ 2011-05-11 13:33 . 2011-03-25 03:29 25600 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbohci.sys
+ 2011-05-11 13:33 . 2011-03-25 03:29 52736 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbehci.sys
+ 2011-07-02 18:28 . 2010-11-20 10:44 98816 c:\windows\system32\DriverStore\FileRepository\usb.inf_amd64_neutral_269d7150439b3372\usbccgp.sys
+ 2011-05-11 13:33 . 2011-03-25 03:29 98816 c:\windows\system32\DriverStore\FileRepository\usb.inf_amd64_neutral_153b489118ee37b8\usbccgp.sys
+ 2011-07-02 18:29 . 2010-11-20 10:44 48640 c:\windows\system32\DriverStore\FileRepository\umbus.inf_amd64_neutral_2d4257afa2e35253\umbus.sys
+ 2011-07-02 18:30 . 2010-11-20 11:07 31232 c:\windows\system32\DriverStore\FileRepository\tsgenericusbdriver.inf_amd64_neutral_24c807694f614911\TsUsbGD.sys
+ 2011-07-02 18:29 . 2010-11-20 10:43 41984 c:\windows\system32\DriverStore\FileRepository\transfercable.inf_amd64_neutral_82f4c743c8996d67\amd64\winusb.sys
+ 2011-07-02 18:28 . 2010-11-20 10:34 14336 c:\windows\system32\DriverStore\FileRepository\sffdisk.inf_amd64_neutral_d2425e60845d17d3\sffp_sd.sys
+ 2009-07-14 00:01 . 2009-07-14 00:01 13824 c:\windows\system32\DriverStore\FileRepository\sffdisk.inf_amd64_neutral_d2425e60845d17d3\sffp_mmc.sys
+ 2009-07-14 00:01 . 2009-07-14 00:01 14336 c:\windows\system32\DriverStore\FileRepository\sffdisk.inf_amd64_neutral_d2425e60845d17d3\sffdisk.sys
+ 2011-07-02 18:28 . 2010-11-20 13:27 22016 c:\windows\system32\DriverStore\FileRepository\ntprint.inf_amd64_neutral_4616c3de1949be6d\Amd64\PJLMON.DLL
+ 2009-07-13 23:19 . 2009-07-14 01:45 17488 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\viaide.sys
+ 2009-07-13 23:19 . 2009-07-14 01:45 48720 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\pciidex.sys
+ 2009-07-13 23:19 . 2009-07-14 01:45 12352 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\pciide.sys
+ 2011-07-02 18:29 . 2010-11-20 13:33 31104 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\msahci.sys
+ 2009-07-13 23:19 . 2009-07-14 01:48 16960 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\intelide.sys
+ 2009-07-13 23:19 . 2009-07-14 01:52 17488 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\cmdide.sys
+ 2009-07-13 23:19 . 2009-07-14 01:52 24128 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
+ 2009-07-13 23:19 . 2009-07-14 01:52 15440 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\amdide.sys
+ 2009-07-13 23:19 . 2009-07-14 01:52 15440 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\aliide.sys

#3 User is offline   D-FRED-BROWN 

  • Resident Bracketologist
  • PipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 266
  • Joined: 26-December 08
  • Gender:Male
  • Location:Kansas, USA

Posted 08 August 2011 - 11:04 AM

User already being helped here :)
Proud graduate of SpywareInfo Bootcamp
Follow me on Twitter! @dfredbrown
Posted Image
Unified Network of Instructors and Trained Eliminators
If I have personally helped you, please consider making a donation so I can keep helping people like you.
Every little bit helps! Thank you! Posted Image

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users