Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Many browser redirects after run in with Virtumonde


  • This topic is locked This topic is locked
10 replies to this topic

#1 Jfurtado

Jfurtado

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 11 July 2009 - 09:26 PM

Hi, and thank you so much in advance! My computer, which recently had a run-in with Virtumonde, is now experiencing Firefox browser redirects to MANY different websites. The latest of the redirects has been to Shopica. I've ran many scans with Nod32 and Superantispyware, but to no avail. I really hope you can help!


DDS (Ver_09-06-26.01) - NTFSx86
Run by J.C.YOUNG at 19:16:09.20 on Sat 07/11/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1454 [GMT -7:00]

AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\xampplite\apache\bin\apache.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\xampplite\apache\bin\apache.exe
C:\xampplite\mysql\bin\mysqld-nt.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\J.C.YOUNG\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.ca/
mStart Page = hxxp://home.ez-tracks.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [TCOYFReminder] c:\progra~1\tcoyf\tcoyftray.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\windows\system32\imon.dll
DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} - hxxp://fulfillment.puretracks.com/onager.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5670/mcfscan.cab
TCP: {60BF12F5-A44A-4287-8FD5-BE00F1156114} = 192.168.1.254
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jc305b~1.you\applic~1\mozilla\firefox\profiles\c1x8jt7d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca
FF - plugin: c:\documents and settings\all users\application data\realarcade\npraclient.dll
FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\progra~1\mozill~1\plugins\np32dsw.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npgcplug.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npLegitCheckPlugin.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npmozax.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npnul32.dll
FF - plugin: c:\progra~1\mozill~1\plugins\NPOFFICE.DLL
FF - plugin: c:\progra~1\mozill~1\plugins\npPandoWebInst.dll
FF - plugin: c:\progra~1\mozill~1\plugins\nppdf32.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin2.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin3.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin4.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin5.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin6.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin7.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npraclient.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npracplug.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npstrlnk.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npraclient.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - HiddenExtension: XUL Cache: No Registry Reference - c:\program files\mozilla firefox\extensions\{15AB97BE-7309-4582-9131-1325F1E49F7D}
FF - HiddenExtension: XUL Cache: No Registry Reference - c:\program files\mozilla firefox\extensions\{290FB0A9-9E81-409F-A910-1BD044CDD241}
FF - HiddenExtension: XUL Cache: No Registry Reference - c:\program files\mozilla firefox\extensions\{B1E35CA9-1B55-46DA-A015-6719A1552096}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: XUL Cache: No Registry Reference - c:\program files\mozilla firefox\extensions\{D0CB75FD-E5CD-4654-A946-871CB52A0BD9}
FF - HiddenExtension: XUL Cache: No Registry Reference - c:\program files\mozilla firefox\extensions\{D31874EC-1ED0-46DD-B25F-412FF2B7C9E5}
FF - HiddenExtension: XUL Cache: No Registry Reference - c:\program files\mozilla firefox\extensions\{EFFA9354-AF87-4633-BD14-EBCA2195D1C7}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDCE08D86A-A41A-410A-943C-13BABB7DC474", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA9EDC9ED-603A-4F3F-BBEA-59C8853A3236", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID90D10942-D952-4863-9DD6-A2BDBBAD456E", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0ECEE744-7B69-4912-AB91-AE76D61ECB04", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF25635B2-1AB9-47B5-88D1-8877B22C86DE", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID27B7F812-4159-45B9-A389-B7A118A58DE4", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF849DF29-393B-4F8B-99D1-117A70D66FC7", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDBF1E9C3D-637C-4171-BD12-28A7360B879A", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDDE1C0601-7947-4D7F-A6E5-E68BF6BA1E37", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4EA0DCCE-4D98-4876-9C6A-E5C563D0820A", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID446462BA-2AAD-4C88-BC63-5210E2F31465", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0862E368-A40E-4E55-83EB-FBC5571BABA4", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDD2A96E3C-FFB3-4D38-9AC3-B127527BEA35", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4B05B39A-9DDC-4650-A7F8-D5B134E5FFE5", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDC8E2574A-7BCE-4B93-A22E-61831DFD6DB8", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID659796C0-8B5D-48D7-A4EB-7E6874E26274", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID78071AB5-E729-414E-8D02-9C1D034F82E7", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDCC3F71E1-17F3-4C5B-997D-44CA56943197", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE67D5C78-B2D4-4BA0-8D69-1C7AF4BB08B5", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFC5F3D7A-D321-412C-8A5D-9AD0C8041941", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID6EC5CD16-81BC-4515-9EDD-9265C906F56E", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID67CFB2C5-E491-4395-977B-CD45E4124655", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID73600569-52E6-4760-8BAB-B68202937D98", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB02EBD42-6885-401A-9389-E089F7DDC872", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDBAE5CB8C-4075-4743-B2E4-78DA8D8CDC64", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID28B07B04-DA99-4FD3-BF27-4972F2B8142B", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0D53448F-D12B-4102-8CE2-697DAE8D6643", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE3266A47-A141-47B8-AAA8-5F16FB4F8CCD", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB33AB7AF-76D7-4B1C-B709-5D6BF9E7B1C7", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID153B7451-0BB5-4B37-95C0-44D89E2F1F2B", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID3BBE8E21-0D3D-4BAA-AC6F-C7BCEF750849", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID9B5B4F2D-A7D9-4329-B0FE-92B301A8CAAD", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA5C42921-8CD0-4924-97C3-01B5B0610BC6", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID06969252-F90F-4CF2-9074-33772EB64859", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFBF37655-1236-4C0D-96C5-F94E1724841B", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDC1A3F035-B68F-4B2B-9FD5-E36DAAAF26DD", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID368F3685-543E-4812-9FDE-96E097E453FC", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID43969873-56AA-4113-84CB-4AB2AEB9AA31", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA205DD80-63D4-4E41-B785-26EC3D90B97B", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID068D43E7-7551-4A2F-AE96-4A38A9AD1953", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF443E9CB-9EEC-456E-8AE7-F3102D5CD47D", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE36A7B16-645D-4261-BFF8-3A7E69C5F7A5", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID379805E3-E0E2-40DC-B51B-6DC1AE5802AA", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF6240D69-A06D-44A1-8003-8496CCEF2C53", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID26C3113D-5A71-4F1B-A2CB-BE59E1279DDA", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID92B97F2B-7565-4CE9-9AC7-0598DFD731F8", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID2AA5E7CF-9696-42F0-B76A-8655296EADF2", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0AAACE0B-ACEF-4781-83F4-BFB52EEC995A", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0D56FF58-A39D-4E8C-A40B-2E3711251772", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID946121C2-11F1-49DD-A7E3-CF793DE827A4", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB853303D-1BAB-43F3-9D7D-101D0DA8E7A5", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID9E578247-FE29-4F8C-8202-A24A5688CF2A", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID6D065A8F-FFC0-4A0F-B863-1D724B8C786B", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4451D291-6940-42CE-9D3C-CA1D4C96549C", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID064B722D-079D-4EBB-B3CF-9FCBF64FFF5D", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID38F8AB0F-5DFB-43D9-889E-8717CC4AB59B", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4EC68CD1-0EF1-4CB9-9EF1-3D64AB266149", "AllAccess");
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID44F96B27-CFAD-41E1-83A1-6B28040C3BDE", "AllAccess");

============= SERVICES / DRIVERS ===============

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-2-18 15424]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [2009-5-10 120320]
R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2008-2-18 552064]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;c:\windows\system32\drivers\atl01_xp.sys [2006-12-6 34048]
S3 PCD65X2;PCD65X2;\??\c:\docume~1\jc305b~1.you\locals~1\temp\pcd65x2.sys --> c:\docume~1\jc305b~1.you\locals~1\temp\PCD65X2.sys [?]

=============== Created Last 30 ================

2009-07-10 23:54 <DIR> --d----- c:\program files\WoW UI Designer
2009-07-10 00:07 1,712,128 a------- c:\windows\system32\libmysql_d.dll
2009-07-09 22:31 <DIR> --d----- c:\windows\system32\XPSViewer
2009-07-09 22:30 14,048 -------- c:\windows\system32\spmsg2.dll
2009-07-09 12:30 <DIR> --d----- c:\windows\McAfee.com
2009-06-26 17:47 40,960 a----r-- c:\windows\system32\psfind.dll
2009-06-26 17:36 <DIR> --d----- c:\program files\Games
2009-06-26 09:23 13 a------- C:\Winvdrvr.dll
2009-06-23 00:09 <DIR> --d----- C:\VundoFix Backups
2009-06-22 19:07 <DIR> --d----- c:\program files\Combofix
2009-06-22 19:01 <DIR> -cd----- c:\windows\system32\dllcache\cache
2009-06-22 18:53 <DIR> a-dshr-- C:\cmdcons
2009-06-22 18:52 161,792 a------- c:\windows\SWREG.exe
2009-06-22 18:52 155,136 a------- c:\windows\PEV.exe
2009-06-22 18:52 98,816 a------- c:\windows\sed.exe
2009-06-22 18:44 4,379,984 a------- c:\windows\system32\D3DX9_40.dll
2009-06-22 18:44 2,036,576 a------- c:\windows\system32\D3DCompiler_40.dll
2009-06-22 18:44 452,440 a------- c:\windows\system32\d3dx10_40.dll
2009-06-22 18:44 514,384 a------- c:\windows\system32\XAudio2_3.dll
2009-06-22 18:44 70,992 a------- c:\windows\system32\XAPOFX1_2.dll
2009-06-22 18:44 235,856 a------- c:\windows\system32\xactengine3_3.dll
2009-06-22 18:44 23,376 a------- c:\windows\system32\X3DAudio1_5.dll
2009-06-22 18:33 <DIR> --d----- c:\program files\Activision
2009-06-20 18:17 <DIR> --d----- c:\program files\Lavasoft
2009-06-17 21:57 593,920 -------- c:\windows\system32\ati2sgag.exe
2009-06-17 21:45 <DIR> --d----- c:\program files\ATI Technologies
2009-06-17 01:53 <DIR> --d----- c:\docume~1\jc305b~1.you\applic~1\IObit
2009-06-17 01:53 <DIR> --d----- c:\program files\IObit
2009-06-12 13:19 1,420,824 a------- c:\windows\system32\D3DCompiler_37.dll
2009-06-12 13:19 462,864 a------- c:\windows\system32\d3dx10_37.dll
2009-06-12 13:19 3,786,760 a------- c:\windows\system32\D3DX9_37.dll
2009-06-12 13:19 267,272 a------- c:\windows\system32\xactengine2_10.dll
2009-06-12 13:19 1,374,232 a------- c:\windows\system32\D3DCompiler_36.dll
2009-06-12 13:19 444,776 a------- c:\windows\system32\d3dx10_36.dll
2009-06-12 13:19 3,734,536 a------- c:\windows\system32\d3dx9_36.dll
2009-06-12 13:19 267,112 a------- c:\windows\system32\xactengine2_9.dll
2009-06-12 13:19 1,358,192 a------- c:\windows\system32\D3DCompiler_35.dll
2009-06-12 13:19 444,776 a------- c:\windows\system32\d3dx10_35.dll
2009-06-12 13:19 3,727,720 a------- c:\windows\system32\d3dx9_35.dll
2009-06-12 13:18 <DIR> --d----- c:\windows\Logs
2009-06-12 13:18 413,696 a------- c:\windows\system32\wrap_oal.dll
2009-06-12 13:18 110,592 a------- c:\windows\system32\OpenAL32.dll
2009-06-12 12:48 <DIR> --d----- c:\program files\Defraggler
2009-06-12 12:33 <DIR> --d----- c:\windows\system32\AGEIA
2009-06-12 12:27 <DIR> --d----- c:\docume~1\jc305b~1.you\applic~1\Malwarebytes
2009-06-12 12:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DAEMON Tools Lite
2009-06-12 12:06 <DIR> --d----- c:\program files\DAEMON Tools Toolbar
2009-06-12 12:05 <DIR> --d----- c:\program files\DAEMON Tools Lite
2009-06-12 12:02 <DIR> --d----- c:\docume~1\jc305b~1.you\applic~1\DAEMON Tools Lite

==================== Find3M ====================

2009-06-12 12:02 721,904 a------- c:\windows\system32\drivers\sptd.sys
2009-06-12 09:40 123,064 a------- c:\windows\HPHins11.dat
2009-06-10 15:51 73,216 a------- c:\windows\ST6UNST.EXE
2009-05-15 20:58 4,069,888 a------- c:\windows\system32\drivers\ati2mtag.sys
2009-05-15 20:39 442,368 a------- c:\windows\system32\ATIDEMGX.dll
2009-05-15 20:38 335,872 a------- c:\windows\system32\ati2dvag.dll
2009-05-15 20:18 204,800 a------- c:\windows\system32\atipdlxx.dll
2009-05-15 20:17 155,648 a------- c:\windows\system32\Oemdspif.dll
2009-05-15 20:17 26,112 a------- c:\windows\system32\Ati2mdxx.exe
2009-05-15 20:17 43,520 a------- c:\windows\system32\ati2edxx.dll
2009-05-15 20:17 155,648 a------- c:\windows\system32\ati2evxx.dll
2009-05-15 20:15 602,112 a------- c:\windows\system32\ati2evxx.exe
2009-05-15 20:14 53,248 a------- c:\windows\system32\ATIDDC.DLL
2009-05-15 20:07 2,987,136 a------- c:\windows\system32\ati3duag.dll
2009-05-15 19:55 11,423,744 a------- c:\windows\system32\atioglxx.dll
2009-05-15 19:54 2,122,624 a------- c:\windows\system32\ativvaxx.dll
2009-05-15 19:54 887,724 a------- c:\windows\system32\ativva6x.dat
2009-05-15 19:51 311,296 a------- c:\windows\system32\atiiiexx.dll
2009-05-15 19:38 49,664 a------- c:\windows\system32\atimpc32.dll
2009-05-15 19:38 49,664 a------- c:\windows\system32\amdpcom32.dll
2009-05-15 19:33 479,232 a------- c:\windows\system32\atikvmag.dll
2009-05-15 19:31 139,264 a------- c:\windows\system32\atiadlxx.dll
2009-05-15 19:31 17,408 a------- c:\windows\system32\atitvo32.dll
2009-05-15 19:30 53,248 a------- c:\windows\system32\drivers\ati2erec.dll
2009-05-15 19:26 376,832 a------- c:\windows\system32\atiok3x2.dll
2009-05-15 19:24 651,264 a------- c:\windows\system32\ati2cqag.dll
2009-05-15 18:35 45,056 a------- c:\windows\system32\aticalrt.dll
2009-05-15 18:34 45,056 a------- c:\windows\system32\aticalcl.dll
2009-05-15 18:33 3,158,016 a------- c:\windows\system32\aticaldd.dll
2009-05-07 08:32 345,600 a------- c:\windows\system32\localspl.dll
2009-05-05 12:33 118,784 a------- c:\windows\system32\atibtmon.exe
2009-04-28 21:46 666,624 a------- c:\windows\system32\wininet.dll
2009-04-28 21:46 81,920 a------- c:\windows\system32\ieencode.dll
2009-04-23 12:04 189,051 a------- c:\windows\system32\atiicdxx.dat
2009-04-17 05:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-15 07:51 585,216 a------- c:\windows\system32\rpcrt4.dll

============= FINISH: 19:16:44.14 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:02:09 PM

Posted 21 July 2009 - 07:35 AM

Hello and welcome to Bleeping Computer.

My name is Syler, I will be helping you to solve your Malware issues. Whilst I am helping you, I would
be grateful if you would note the following:
  • Please do not run other tools or scans unless I ask you to and follow all the steps I give you, in order.
  • Copy and paste all logs requested in you reply, Do not attach them unless asked too.
  • If you don't know or understand something, please don't hesitate to say or ask before you proceed with my instructions.
  • Please continue to work with me, until I tell you your machine appears to be clean. Absence of symptoms does not mean that everything is clear.
  • If I do not hear back from you within 5 days of my last post, then this topic will be closed.

Please download Malwarebytes' Anti-Malware from Here

Note: If you already have Malwarebytes' Anti-Malware, just update then run it.
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan (the scan may take some time to finish, so please be patient).
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and Paste the entire report in your next reply .
Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Next
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Then please post back here with the following:
  • MBAM log
  • log.txt
  • info.txt
Thanks

unite.jpg


#3 Jfurtado

Jfurtado
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 22 July 2009 - 01:31 AM

I want to thank you again for helping me :thumbup2:

Malwarebytes' Anti-Malware Log:

Malwarebytes' Anti-Malware 1.39
Database version: 2474
Windows 5.1.2600 Service Pack 3

7/21/2009 12:34:58 PM
mbam-log-2009-07-21 (12-34-58).txt

Scan type: Full Scan (C:\|)
Objects scanned: 406325
Time elapsed: 1 hour(s), 23 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/WINDOWS/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\internet antivirus pro_is1 (Rogue.InternetAntiVirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Illysoft (Rogue.SpyNoMore) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Illysoft (Rogue.SpyNoMore) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\c:\WINDOWS\downloaded program files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\J.C.YOUNG\Application Data\ptidle (Trojan.Downloader) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\superantispyware\keygen.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully.
c:\system volume information\_restore{7eef19dc-934e-4477-b1f0-076911dfb85c}\RP618\A0056907.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\WINDOWS\downloaded program files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\Documents and Settings\J.C.YOUNG\Local Settings\Application Data\Microsoft\Windows\pguard.ini (Rogue.InternetAntiVirus) -> Quarantined and deleted successfully.


RSIT Log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by J.C.YOUNG at 2009-07-21 23:21:52
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (7%) free of 191 GB
Total RAM: 2047 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:24:20 PM, on 7/21/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\xampplite\apache\bin\apache.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\xampplite\mysql\bin\mysqld-nt.exe
C:\xampplite\apache\bin\apache.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncServer.exe
C:\Documents and Settings\J.C.YOUNG\Desktop\RSIT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\J.C.YOUNG.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [TCOYFReminder] C:\PROGRA~1\TCOYF\tcoyftray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - http://fulfillment.puretracks.com/onager.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...670/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{60BF12F5-A44A-4287-8FD5-BE00F1156114}: NameServer = 192.168.1.254
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apache2 - Apache Software Foundation - C:\xampplite\apache\bin\apache.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: mysql - Unknown owner - C:\xampplite\mysql\bin\mysqld-nt.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9026 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-22 77824]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-02-18 949376]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-20 177472]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"TCOYFReminder"=C:\PROGRA~1\TCOYF\tcoyftray.exe [2006-09-19 155648]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
C:\Program Files\Lexmark 2300 Series\ezprint.exe [2005-08-01 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe [2006-03-22 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe [2006-03-22 94208]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-05-15 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-22 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\WINDOWS\system32\lxcgcoms.exe"="C:\WINDOWS\system32\lxcgcoms.exe:*:Enabled:2300 Series Server"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxcgpswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxcgpswx.exe:*:Enabled:2300 Series Printer Status"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\xampplite\apache\bin\apache.exe"="C:\xampplite\apache\bin\apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"C:\Games\World of Warcraft\BackgroundDownloader.exe"="C:\Games\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\NeverwinterNights\NWN\nwmain.exe"="C:\NeverwinterNights\NWN\nwmain.exe:*:Enabled:Neverwinter Nights"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords_PitBoss.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"C:\Program Files\Neverwinter Nights 2\nwn2main.exe"="C:\Program Files\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main"
"C:\Program Files\Neverwinter Nights 2\nwn2main_amdxp.exe"="C:\Program Files\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD"
"C:\Program Files\Neverwinter Nights 2\nwupdate.exe"="C:\Program Files\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater"
"C:\Program Files\Neverwinter Nights 2\nwn2server.exe"="C:\Program Files\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Games\Worms Armageddon - New Edition\WA.exe"="C:\Games\Worms Armageddon - New Edition\WA.exe:*:Enabled:Worms Armageddon"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\My Games\Sacred Underworld\sacred.exe"="C:\My Games\Sacred Underworld\sacred.exe:*:Enabled:Sacred"
"C:\My Games\Sacred Underworld\gameserver.exe"="C:\My Games\Sacred Underworld\gameserver.exe:*:Enabled:Sacred Gameserver"
"C:\Games\Sacred 2 - Fallen Angel\system\s2gs.exe"="C:\Games\Sacred 2 - Fallen Angel\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
"C:\Games\Sacred 2 - Fallen Angel\system\sacred2.exe"="C:\Games\Sacred 2 - Fallen Angel\system\sacred2.exe:*:Enabled:Sacred 2"
"C:\Program Files\Games\Titan Quest Immortal Throne\Tqit.exe"="C:\Program Files\Games\Titan Quest Immortal Throne\Tqit.exe:*:Enabled:Tqit"
"C:\Games\World of Warcraft\Launcher.exe"="C:\Games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Games\Vampire\vampire.exe"="C:\Games\Vampire\vampire.exe:*:Enabled:vampire"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2009-07-21 23:21:52 ----D---- C:\rsit
2009-07-21 23:21:52 ----D---- C:\Program Files\trend micro
2009-07-21 11:08:17 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-07-21 11:08:01 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-07-21 11:08:00 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-21 11:07:14 ----D---- C:\Program Files\Unlocker
2009-07-19 14:15:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-19 14:15:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-19 14:14:58 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-15 19:58:54 ----D---- C:\Program Files\iPod
2009-07-15 19:58:52 ----D---- C:\Program Files\iTunes
2009-07-14 16:25:20 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-11 22:34:54 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-07-11 22:13:50 ----D---- C:\WINDOWS\SxsCaPendDel
2009-07-11 22:09:50 ----D---- C:\WINDOWS\ie8updates
2009-07-11 22:09:05 ----A---- C:\WINDOWS\imsins.BAK
2009-07-11 22:08:58 ----D---- C:\WINDOWS\WBEM
2009-07-11 22:08:08 ----HDC---- C:\WINDOWS\ie8
2009-07-11 22:06:32 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-10 23:54:09 ----D---- C:\Program Files\WoW UI Designer
2009-07-10 00:07:50 ----A---- C:\WINDOWS\system32\libmysql_d.dll
2009-07-09 22:31:13 ----D---- C:\Program Files\MSBuild
2009-07-09 22:31:09 ----D---- C:\WINDOWS\system32\XPSViewer
2009-07-09 22:31:05 ----D---- C:\Program Files\Reference Assemblies
2009-07-09 22:30:32 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-07-09 12:30:59 ----D---- C:\WINDOWS\McAfee.com
2009-06-26 17:47:08 ----RA---- C:\WINDOWS\system32\psfind.dll
2009-06-26 17:36:17 ----D---- C:\Program Files\Games
2009-06-26 09:23:58 ----A---- C:\Winvdrvr.dll
2009-06-23 00:09:57 ----A---- C:\VundoFix.txt
2009-06-22 19:19:53 ----SHD---- C:\RECYCLER
2009-06-22 19:14:36 ----D---- C:\WINDOWS\temp
2009-06-22 19:14:35 ----A---- C:\ComboFix.txt
2009-06-22 19:07:44 ----D---- C:\Program Files\Combofix
2009-06-22 18:53:15 ----A---- C:\Boot.bak
2009-06-22 18:53:05 ----RASHD---- C:\cmdcons
2009-06-22 18:52:15 ----A---- C:\WINDOWS\zip.exe
2009-06-22 18:52:15 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-06-22 18:52:15 ----A---- C:\WINDOWS\SWSC.exe
2009-06-22 18:52:15 ----A---- C:\WINDOWS\SWREG.exe
2009-06-22 18:52:15 ----A---- C:\WINDOWS\sed.exe
2009-06-22 18:52:15 ----A---- C:\WINDOWS\PEV.exe
2009-06-22 18:52:15 ----A---- C:\WINDOWS\NIRCMD.exe
2009-06-22 18:52:15 ----A---- C:\WINDOWS\grep.exe
2009-06-22 18:44:52 ----D---- C:\Qoobox
2009-06-22 18:44:14 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-06-22 18:44:14 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-06-22 18:44:14 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-06-22 18:44:13 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-06-22 18:44:13 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-06-22 18:44:12 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-06-22 18:44:12 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll

======List of files/folders modified in the last 1 months======

2009-07-21 23:21:52 ----D---- C:\Program Files
2009-07-21 23:19:40 ----D---- C:\WINDOWS\Prefetch
2009-07-21 23:19:37 ----D---- C:\Program Files\Mozilla Firefox
2009-07-21 23:14:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-21 18:25:13 ----D---- C:\Documents and Settings\J.C.YOUNG\Application Data\Adobe
2009-07-21 12:38:14 ----D---- C:\WINDOWS\system32\drivers
2009-07-21 12:38:14 ----D---- C:\WINDOWS
2009-07-20 15:04:12 ----A---- C:\WINDOWS\NeroDigital.ini
2009-07-19 23:08:07 ----D---- C:\Program Files\RealArcade
2009-07-19 23:08:07 ----D---- C:\My Games
2009-07-19 23:07:10 ----D---- C:\downloads
2009-07-19 23:05:16 ----SD---- C:\Documents and Settings\J.C.YOUNG\Application Data\Microsoft
2009-07-19 23:05:15 ----SHD---- C:\WINDOWS\Installer
2009-07-19 23:05:15 ----HD---- C:\Config.Msi
2009-07-19 22:56:13 ----D---- C:\Games
2009-07-19 22:56:07 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-19 14:15:43 ----HD---- C:\WINDOWS\inf
2009-07-19 14:15:39 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-19 14:15:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-19 14:15:36 ----D---- C:\WINDOWS\system32
2009-07-19 13:51:42 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-15 19:58:54 ----D---- C:\Program Files\Common Files\Apple
2009-07-14 22:29:13 ----D---- C:\Documents and Settings\J.C.YOUNG\Application Data\uTorrent
2009-07-14 16:38:55 ----D---- C:\Documents and Settings\J.C.YOUNG\Application Data\Apple Computer
2009-07-14 16:25:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-07-14 16:23:12 ----D---- C:\Program Files\QuickTime
2009-07-14 16:20:30 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-07-11 22:52:40 ----D---- C:\WINDOWS\Microsoft.NET
2009-07-11 22:52:26 ----RSD---- C:\WINDOWS\assembly
2009-07-11 22:36:19 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-11 22:27:01 ----D---- C:\WINDOWS\Help
2009-07-11 22:27:01 ----D---- C:\Program Files\Internet Explorer
2009-07-11 22:19:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-11 22:18:48 ----D---- C:\WINDOWS\WinSxS
2009-07-11 22:14:54 ----D---- C:\WINDOWS\system32\en-us
2009-07-11 22:14:47 ----RSD---- C:\WINDOWS\Fonts
2009-07-11 22:09:01 ----D---- C:\WINDOWS\system32\config
2009-07-11 22:08:51 ----D---- C:\WINDOWS\Media
2009-07-11 21:59:56 ----D---- C:\WINDOWS\SoftwareDistribution
2009-07-09 22:30:44 ----D---- C:\WINDOWS\system32\spool
2009-07-09 15:12:43 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-09 14:47:58 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-09 14:47:58 ----D---- C:\Documents and Settings\All Users\Application Data\GameHouse
2009-07-09 14:07:58 ----D---- C:\Program Files\ESET
2009-07-09 14:00:12 ----D---- C:\Program Files\Common Files
2009-07-07 10:26:56 ----D---- C:\Program Files\Hormonal Forecaster
2009-07-07 10:12:13 ----A---- C:\hfcrgrt.ini
2009-06-29 00:14:12 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-06-29 00:14:11 ----D---- C:\Program Files\SUPERAntiSpyware
2009-06-26 17:57:06 ----D---- C:\WINDOWS\system32\DirectX
2009-06-23 02:29:06 ----SD---- C:\WINDOWS\Tasks
2009-06-22 19:27:03 ----D---- C:\Program Files\Lavasoft
2009-06-22 19:27:03 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-06-22 19:23:56 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-06-22 19:12:57 ----A---- C:\WINDOWS\system.ini
2009-06-22 19:12:14 ----D---- C:\WINDOWS\AppPatch
2009-06-22 18:53:16 ----RASH---- C:\boot.ini
2009-06-22 18:41:40 ----D---- C:\Program Files\Common Files\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-02-18 15424]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-04-16 5632]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-02-18 512096]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l151x86.sys [2008-11-12 37376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-05-15 4069888]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-03-29 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-03-29 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-03-29 21568]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-08-10 393088]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 aphbejg5;aphbejg5; C:\WINDOWS\system32\drivers\aphbejg5.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\JC305B~1.YOU\LOCALS~1\Temp\catchme.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-22 1166972]
S3 PCD65X2;PCD65X2; \??\C:\DOCUME~1\JC305B~1.YOU\LOCALS~1\Temp\PCD65X2.sys []
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\sscdserd.sys [2005-12-22 108003]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 vncmirror;vncmirror; C:\WINDOWS\system32\DRIVERS\vncmirror.sys [2007-10-09 3072]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apache2;Apache2; C:\xampplite\apache\bin\apache.exe [2006-05-09 16896]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-05-15 602112]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 mysql;mysql; C:\xampplite\mysql\bin\mysqld-nt --defaults-file=C:\xampplite\mysql\bin\my.cnf mysql []
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-02-18 552064]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-11-22 69632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-05-15 593920]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-02-23 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 lxcg_device;lxcg_device; C:\WINDOWS\system32\lxcgcoms.exe [2005-07-25 491520]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2006-12-07 68096]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


RSIT Info

info.txt logfile of random's system information tool 1.06 2009-07-21 23:24:22

======Uninstall list======

-->MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Add or Remove Adobe Creative Suite 3 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\4dcfd9b7e901b57f81f667144603236\Setup.exe
Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Contribute CS3-->MsiExec.exe /I{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}
Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{8718DC03-D066-4957-94E5-50C3C5042E8E}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe Encore CS3 Codecs-->MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
Adobe Encore CS3-->MsiExec.exe /I{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Fireworks CS3-->MsiExec.exe /I{7DFC1012-D346-46CE-B03E-FF79125AE029}
Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop 6.0-->C:\WINDOWS\ISUNINST.EXE -fc:\graphics\Photoshop6\Uninst.isu -cc:\graphics\Photoshop6\Uninst.dll
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
Adobe Premiere Pro CS3 Third Party Content-->MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
Adobe Reader 7.0.9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe Setup-->MsiExec.exe /I{4458C442-7376-4CF9-AF58-E8CEA6722363}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Soundbooth CS3 Codecs-->MsiExec.exe /I{0327FA9D-975C-448C-A086-577D57BB25B8}
Adobe Soundbooth CS3-->MsiExec.exe /I{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe SVG Viewer-->C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu"
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AGEIA PhysX v7.11.13-->MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Alice Greenfingers 2-->"C:\Program Files\Alice Greenfingers 2\ReflexiveArcade\unins000.exe"
Amelies Cafe-->"C:\WINDOWS\Amelies Cafe\uninstall.exe" "/U:C:\Games\Uninstall\uninstall.xml"
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HFX Pack-->C:\WINDOWS\unvise32.exe C:\WINDOWS\unhfxati.log
Attansic Ethernet Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F698102-5739-441E-96F0-74F4EA540F06}\setup.exe" -l0x9
Attansic L1 Gigabit Ethernet Driver-->rundll32.exe C:\WINDOWS\system32\Attansic\L1\atcInst.dll,AtcUninst C:\WINDOWS\system32\Attansic\L1 x86 1969 1048 L1
Avery Media Software 32 bit-->C:\WINDOWS\MVUNINST\App1\unwise.exe C:\WINDOWS\MVUNINST\APP1\INSTALL.LOG "Avery Media Software Uninstall"
Baldur's Gate™ II - Shadows of Amn™-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DAE4336-2B71-11D4-9A6C-006067325E47}\setup.exe"
Beach Party Craze-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\beachpartycraze.rguninst" "AddRemove"
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
BioWare Premium Module: Neverwinter Nights™ Kingmaker-->C:\NeverwinterNights\NWN\premium\uninst Neverwinter Nights™ Kingmaker.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Build A Lot 3 Passport To Europe-->"C:\Games\Build A Lot 3 Passport To Europe\ReflexiveArcade\unins000.exe"
Build-a-lot - Town of the Year-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\buildalottownoftheyear.rguninst" "AddRemove"
Build-a-lot 2 - Town of the Year-->MsiExec.exe /I{1A292D38-BFA3-4132-9704-D9C94B7436B9}
Buildalot-->"C:\Program Files\Buildalot\ReflexiveArcade\unins000.exe"
Burger Shop-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\Burger Shop.rguninst" "AddRemove"
Cake Mania Deluxe-->"C:\Games\Cake Mania Deluxe\unins000.exe"
CardRd81-->MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6}
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
CD Viewer-->"C:\Program Files\Storefront.com\CD VIEWER\unins000.exe"
CoffeeCup Free FTP-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B66899F2-C58D-4CEC-9FA8-867883FFB707}\Setup.exe" -l0x9
Cooking Dash™-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\cookingdashtm.rguninst" "AddRemove"
CR2-->MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0}
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Darkstone-->C:\WINDOWS\uninst.exe -fc:\games\darkstone\DeIsL2.isu
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
Delicious - Emily's Tea Garden 1.00-->C:\Games\Delicious - Emily's Tea Garden\Uninstall.exe
Delicious - Emily's Tea Garden-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\deliciousemilysteagarden.rguninst" "AddRemove"
Delicious Deluxe-->C:\Games\DELICI~1\UNWISE.EXE /U C:\Games\DELICI~1\INSTALL.LOG
Dress Up Rush-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\dressuprush.rguninst" "AddRemove"
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp-->MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC-->MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
essvcpt-->MsiExec.exe /I{D1973749-F5E7-40EB-B528-F2B78685B9FF}
exPressit S.E. 2.2-->"C:\Program Files\exPressit S.E. 2.2\UninstallerData\Uninstall exPressit S.E. 2.2.exe"
Fall Further 050-->"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Mods\Fall Further 050\unins000.exe"
Fall Further 051-->"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Mods\Fall Further 051\unins000.exe"
Fast Audio Converter version 1.4-->"C:\Program Files\LitexMedia\Fast Audio Converter\unins000.exe"
First Class Flurry-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\firstclassflurry.rguninst" "AddRemove"
First Class Flurry-->"C:\WINDOWS\First Class Flurry\uninstall.exe" "/U:C:\Games\Flurry\Uninstall\uninstall.xml"
Fitness Dash™-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\fitnessdashtm.rguninst" "AddRemove"
Fix-it-Up - Kate's Adventure-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\fixitupkatesadventure.rguninst" "AddRemove"
Flash Dating-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\Flash Dating.rguninst" "AddRemove"
High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HLPPDOCK-->MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
Hormonal Forecaster v 5.1-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Hormonal Forecaster\ST6UNST.LOG"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB910998)-->"C:\WINDOWS\$NtUninstallKB910998$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
HP Photosmart and Deskjet 7.0 Software-->C:\Program Files\HP\Digital Imaging\{76BEC1D7-8A9F-472D-84C7-014BB155E4B2}\setup\hpzscr01.exe -datfile hphscr11.dat -showdisconnect -forcereboot
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
Huru Beach Party-->"C:\Games\Huru Beach Party\ReflexiveArcade\unins000.exe"
Ice Cream Craze Tycoon Takeover-->"C:\Program Files\Ice Cream Craze Tycoon Takeover\ReflexiveArcade\unins000.exe"
Icewind Dale-->C:\WINDOWS\IsUninst.exe -fc:\games\icewindale\Uninst.isu
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
Java™ 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
kgcbase-->MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
Kodak EasyShare software-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0010_250f4\Setup.exe /APR-REMOVE
KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Leeloo's Talent Agency 1.00-->C:\Games\Leeloo's Talent Agency\Uninstall.exe
Leeloo's Talent Agency-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\leeloostalentagency.rguninst" "AddRemove"
Lexmark 2300 Series-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxcgUNST.EXE -NOLICENSE
Lexmark Fax Solutions-->C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe
Macromedia Flash MX 2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F353D44-73BB-4971-B31D-F7642E9E9531}\Setup.exe" -l0x9 UNINSTALL
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Master of Magic - Implode's Multiplayer Edition-->MsiExec.exe /X{82A9EA04-1BF0-4BD3-B622-3FCD9CE0CA8A}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
MobileMe Control Panel-->MsiExec.exe /I{CADBCBBA-6CDD-4119-B5ED-4AE075B153E7}
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Music Manager-->"C:\Program Files\ezt\uninstall.exe"
Mystic Emporium-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\mysticemporium.rguninst" "AddRemove"
Mystic Emporium-->"C:\WINDOWS\Mystic Emporium\uninstall.exe" "/U:C:\Games\Mystic\Uninstall\uninstall.xml"
Nanny Mania 2-->"C:\WINDOWS\Amelies Cafe\uninstall.exe" "/U:C:\Games\Uninstall\uninstall.xml"
Nanny Mania-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\nannymania.rguninst" "AddRemove"
Napster Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Napster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe" -l0x9 -removeonly
Nero 7 Lite v7.5.1.1-->"C:\Program Files\Nero\unins000.exe"
Neverwinter Nights 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F20C1251-1D0A-4944-B2AE-678581B33B19}\SETUP.exe" -l0x9 -removeonly
Neverwinter Nights-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1583439-B034-4881-819C-D52A0587662B}\setup.exe" -l0x9
NOD32 antivirus system-->C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OTtBP-->MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK-->MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
Outspark Launcher-->C:\Program Files\Forrest\Launcher\uninstall.exe
Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe
Parking Dash™-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\parkingdashtm.rguninst" "AddRemove"
Parking Dash-->"C:\Games\Parking Dash\unins000.exe"
Party Down-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\partydown.rguninst" "AddRemove"
Party Down-->"C:\WINDOWS\Amelies Cafe\uninstall.exe" "/U:C:\Games\Uninstall\uninstall.xml"
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Pet Shop Hop™-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\petshophoptm.rguninst" "AddRemove"
Pet Shop Hop-->C:\Games\Pet Shop Hop\Uninstal.exe
Posh Boutique-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\Posh Boutique.rguninst" "AddRemove"
Posh Boutique-->MsiExec.exe /I{25A5D4F0-A0EF-41D2-A47A-55D1F7C8CE61}
Posh Shop-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\poshshop.rguninst" "AddRemove"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Rainlendar2 (remove only)-->"C:\Program Files\Rainlendar2\uninst.exe"
Ranch Rush-->"C:\Program Files\Ranch Rush\ReflexiveArcade\unins000.exe"
Ranch Rush-->"C:\WINDOWS\Amelies Cafe\uninstall.exe" "/U:C:\Games\Uninstall\uninstall.xml"
RealArcade-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\RealArcade.rguninst" "AddRemove"
Restaurant Rush-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\restaurantrush.rguninst" "AddRemove"
Rune Co-Op-->C:\WINDOWS\IsUninst.exe -fC:\Games\Rune\Co-OpUninst.isu
Rune-->C:\Games\Rune\System\Setup.exe uninstall "Rune"
Sacred 2-->MsiExec.exe /I{1023383E-D9F6-478C-A965-23A4657B3C9A}
Sacred Underworld-->"C:\My Games\Sacred Underworld\unins000.exe"
Sally's Salon-->C:\Games\SALLY'~1\SALLY'~1\UNWISE.EXE /U C:\Games\SALLY'~1\SALLY'~1\INSTALL.LOG
Sally's Spa-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\Sally's Spa.rguninst" "AddRemove"
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x9 -removeonly
Samsung PC Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x9 -removeonly
Sandlot Games Client Services-->"C:\Program Files\Common Files\Sandlot Shared\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Serious Sam 2-->C:\Games\Serious Sam 2\Bin\Uninstall.exe
SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
Sid Meier's Civilization 4 - Beyond the Sword-->C:\Program Files\InstallShield Installation Information\{32E4F0D2-C135-475E-A841-1D59A0D22989}\setup.exe -runfromtemp -l0x0009 -removeonly
Sid Meier's Civilization 4 - Warlords-->C:\Program Files\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\setup.exe -runfromtemp -l0x0009 -removeonly
Sid Meier's Civilization 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
SKIN0001-->MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Stand O' Food-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\Stand O' Food.rguninst" "AddRemove"
staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
System Shock2-->C:\WINDOWS\IsUninst.exe -fC:\games\Sshock2\SShocku.log
Taking Charge of Your Fertility Software-->C:\PROGRA~1\TCOYF\UNWISE.EXE C:\PROGRA~1\TCOYF\INSTALL.LOG
Titan Quest Immortal Throne-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}\setup.exe" -l0x9 -removeonly
Titan Quest-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}\setup.exe" -l0x9 -removeonly
TortoiseCVS 1.8.28-->"C:\Program Files\TortoiseCVS\unins000.exe"
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
URGE-->MsiExec.exe /I{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}
Vampire - The Masquerade Bloodlines-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Web Games Player Plugin-->"C:\Program Files\Zylom Games\UninstallPlugin.exe" --uninstall
Wendy's Wellness Final-->"C:\WINDOWS\Wendy's Wellness Final\uninstall.exe" "/U:C:\Games\Wendyz Wellness\Uninstall\uninstall.xml"
Wendy's Wellness-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\wendyswellness.rguninst" "AddRemove"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRar\uninstall.exe
WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Youda Farmer-->"C:\WINDOWS\Youda Farmer\uninstall.exe" "/U:C:\Games\Youda Farmer\Uninstall\uninstall.xml"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: ESET NOD32 antivirus system 2.70

======System event log======

Computer Name: JCYOUNG
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.


Record Number: 10818
Source Name: Service Control Manager
Time Written: 20090612123115.000000-420
Event Type: error
User:

Computer Name: JCYOUNG
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.


Record Number: 10815
Source Name: Service Control Manager
Time Written: 20090612123115.000000-420
Event Type: error
User:

Computer Name: JCYOUNG
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.


Record Number: 10812
Source Name: Service Control Manager
Time Written: 20090612123115.000000-420
Event Type: error
User:

Computer Name: JCYOUNG
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.


Record Number: 10809
Source Name: Service Control Manager
Time Written: 20090612123111.000000-420
Event Type: error
User:

Computer Name: JCYOUNG
Event Code: 51
Message: An error was detected on device \Device\Harddisk1\D during a paging operation.

Record Number: 10806
Source Name: Disk
Time Written: 20090612122201.000000-420
Event Type: warning
User:

=====Application event log=====

Computer Name: OFFICE
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Record Number: 31146
Source Name: Adobe Version Cue CS3
Time Written: 20090721125142.000000-420
Event Type: error
User:

Computer Name: OFFICE
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Record Number: 31145
Source Name: Adobe Version Cue CS3
Time Written: 20090721125142.000000-420
Event Type: error
User:

Computer Name: OFFICE
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Record Number: 31144
Source Name: Adobe Version Cue CS3
Time Written: 20090721125142.000000-420
Event Type: error
User:

Computer Name: OFFICE
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Record Number: 31143
Source Name: Adobe Version Cue CS3
Time Written: 20090721125142.000000-420
Event Type: error
User:

Computer Name: OFFICE
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Record Number: 31142
Source Name: Adobe Version Cue CS3
Time Written: 20090721125142.000000-420
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

Edited by syler, 22 July 2009 - 04:20 AM.
To remove codebox tags


#4 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:02:09 PM

Posted 22 July 2009 - 02:33 AM

Hi Jfurtado,

Could you please post them logs again but without the code boxes, it is extremely difficult to review your logs like that.

Thanks

Edited by syler, 22 July 2009 - 04:21 AM.

unite.jpg


#5 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:02:09 PM

Posted 22 July 2009 - 04:59 AM

IMPORTANT NOTE: Your scan log results indicate you are using keygens/crack tools.

The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

**********************************************

ComboFix should not be run unless requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Post the contents of C:\ComboFix.txt in your next reply.


Download and Run Rooter SD

Please download Rooter.exe and save it to your desktop
  • Double-click it to start the tool. If you are using Vista, please right-click and choose Run As Administrator
  • Alow it to run when you get a Security Warning
  • A black Command Windows will open saying: "Please Wait..."
  • It will now begin to scan, please be paitent. The scan should not take more than 2 minutes
  • A Notepad file containing the report will open soon. It can also be found at %systemdrive%\Rooter.txt
  • Please post the contents of that log in your next reply
Then please post back here with the following:
  • Rooter.txt
  • Combofix.txt
Thanks

unite.jpg


#6 Jfurtado

Jfurtado
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 22 July 2009 - 01:38 PM

ComboFix 09-07-22.01 - J.C.YOUNG 07/22/2009 11:22.4.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1453 [GMT -7:00]
Running from: c:\program files\Combofix\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Mozilla Firefox\extensions\{15AB97BE-7309-4582-9131-1325F1E49F7D}
c:\program files\Mozilla Firefox\extensions\{15AB97BE-7309-4582-9131-1325F1E49F7D}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{15AB97BE-7309-4582-9131-1325F1E49F7D}\chrome\content\overlay.xul
c:\program files\Mozilla Firefox\extensions\{15AB97BE-7309-4582-9131-1325F1E49F7D}\install.rdf
c:\program files\Mozilla Firefox\extensions\{290FB0A9-9E81-409F-A910-1BD044CDD241}
c:\program files\Mozilla Firefox\extensions\{290FB0A9-9E81-409F-A910-1BD044CDD241}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{290FB0A9-9E81-409F-A910-1BD044CDD241}\chrome\content\overlay.xul
c:\program files\Mozilla Firefox\extensions\{290FB0A9-9E81-409F-A910-1BD044CDD241}\install.rdf
c:\program files\Mozilla Firefox\extensions\{B1E35CA9-1B55-46DA-A015-6719A1552096}
c:\program files\Mozilla Firefox\extensions\{B1E35CA9-1B55-46DA-A015-6719A1552096}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{B1E35CA9-1B55-46DA-A015-6719A1552096}\chrome\content\overlay.xul
c:\program files\Mozilla Firefox\extensions\{B1E35CA9-1B55-46DA-A015-6719A1552096}\install.rdf
c:\program files\Mozilla Firefox\extensions\{D0CB75FD-E5CD-4654-A946-871CB52A0BD9}
c:\program files\Mozilla Firefox\extensions\{D0CB75FD-E5CD-4654-A946-871CB52A0BD9}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{D0CB75FD-E5CD-4654-A946-871CB52A0BD9}\chrome\content\overlay.xul
c:\program files\Mozilla Firefox\extensions\{D0CB75FD-E5CD-4654-A946-871CB52A0BD9}\install.rdf
c:\program files\Mozilla Firefox\extensions\{D31874EC-1ED0-46DD-B25F-412FF2B7C9E5}
c:\program files\Mozilla Firefox\extensions\{D31874EC-1ED0-46DD-B25F-412FF2B7C9E5}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{D31874EC-1ED0-46DD-B25F-412FF2B7C9E5}\chrome\content\overlay.xul
c:\program files\Mozilla Firefox\extensions\{D31874EC-1ED0-46DD-B25F-412FF2B7C9E5}\install.rdf
c:\program files\Mozilla Firefox\extensions\{EFFA9354-AF87-4633-BD14-EBCA2195D1C7}
c:\program files\Mozilla Firefox\extensions\{EFFA9354-AF87-4633-BD14-EBCA2195D1C7}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{EFFA9354-AF87-4633-BD14-EBCA2195D1C7}\chrome\content\overlay.xul
c:\program files\Mozilla Firefox\extensions\{EFFA9354-AF87-4633-BD14-EBCA2195D1C7}\install.rdf
c:\windows\Downloaded Program Files\popcaploader.inf
c:\windows\Installer\12b35c7.msp
c:\windows\Installer\12b3604.msp
C:\Winvdrvr.dll

.
((((((((((((((((((((((((( Files Created from 2009-06-22 to 2009-07-22 )))))))))))))))))))))))))))))))
.

2009-07-22 06:21 . 2009-07-22 06:24 -------- d-----w- C:\rsit
2009-07-22 06:21 . 2009-07-22 06:24 -------- d-----w- c:\program files\trend micro
2009-07-21 18:08 . 2009-07-13 20:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-21 18:08 . 2009-07-21 18:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-21 18:08 . 2009-07-13 20:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-21 18:08 . 2009-07-21 18:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-21 18:07 . 2009-07-21 18:07 -------- d-----w- c:\program files\Unlocker
2009-07-16 02:58 . 2009-07-16 02:58 -------- d-----w- c:\program files\iPod
2009-07-16 02:58 . 2009-07-16 02:59 -------- d-----w- c:\program files\iTunes
2009-07-16 02:53 . 2009-07-16 02:53 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-14 23:25 . 2009-07-14 23:25 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-12 10:21 . 2009-07-12 10:27 -------- d-----w- c:\documents and settings\J.C.YOUNG\Local Settings\Application Data\Ryorn_Coding_Productions
2009-07-12 05:31 . 2009-07-12 05:31 -------- d-sh--w- c:\documents and settings\J.C.YOUNG\PrivacIE
2009-07-12 05:30 . 2009-07-12 05:30 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-07-12 05:30 . 2009-07-12 05:30 -------- d-sh--w- c:\documents and settings\J.C.YOUNG\IETldCache
2009-07-12 05:13 . 2009-07-12 05:27 -------- d-----w- c:\windows\SxsCaPendDel
2009-07-12 05:10 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-12 05:09 . 2009-07-12 05:09 -------- d-----w- c:\windows\ie8updates
2009-07-12 05:09 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-12 05:09 . 2009-04-30 21:22 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-07-12 05:09 . 2009-04-30 21:22 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-07-12 05:09 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-12 05:08 . 2009-07-12 05:08 -------- dc-h--w- c:\windows\ie8
2009-07-11 06:54 . 2009-07-11 06:54 -------- d-----w- c:\documents and settings\J.C.YOUNG\Local Settings\Application Data\SSC
2009-07-11 06:54 . 2009-07-11 06:55 -------- d-----w- c:\program files\WoW UI Designer
2009-07-10 07:07 . 2009-05-12 20:12 1712128 ----a-w- c:\windows\system32\libmysql_d.dll
2009-07-10 05:31 . 2009-07-10 05:31 -------- d-----w- c:\program files\MSBuild
2009-07-10 05:31 . 2009-07-12 05:14 -------- d-----w- c:\windows\system32\XPSViewer
2009-07-10 05:31 . 2009-07-10 05:31 -------- d-----w- c:\program files\Reference Assemblies
2009-07-10 05:30 . 2006-06-29 20:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-07-09 19:30 . 2009-07-09 19:30 -------- d-----w- c:\windows\McAfee.com
2009-06-29 04:25 . 2009-06-29 04:25 -------- d-----w- c:\documents and settings\J.C.YOUNG\Local Settings\Application Data\Codeciti
2009-06-27 00:47 . 2007-01-02 03:03 40960 ----a-r- c:\windows\system32\psfind.dll
2009-06-27 00:36 . 2009-06-27 00:49 -------- d-----w- c:\program files\Games
2009-06-23 02:07 . 2009-07-22 18:20 -------- d-----w- c:\program files\Combofix
2009-06-23 01:44 . 2008-10-10 11:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-06-23 01:44 . 2008-10-10 11:52 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-06-23 01:44 . 2008-10-10 11:52 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-06-23 01:44 . 2008-10-27 17:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2009-06-23 01:44 . 2008-10-27 17:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2009-06-23 01:44 . 2008-10-27 17:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2009-06-23 01:44 . 2008-10-27 17:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-20 06:08 . 2008-01-28 05:26 -------- d-----w- c:\program files\RealArcade
2009-07-20 05:56 . 2006-12-07 01:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-16 02:58 . 2008-12-29 08:19 -------- d-----w- c:\program files\Common Files\Apple
2009-07-15 05:29 . 2008-08-24 23:46 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\uTorrent
2009-07-14 23:38 . 2008-12-29 08:22 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\Apple Computer
2009-07-14 23:23 . 2006-12-08 01:19 -------- d-----w- c:\program files\QuickTime
2009-07-14 23:20 . 2008-12-29 08:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-07-12 05:30 . 2006-12-07 02:38 83664 ----a-w- c:\documents and settings\J.C.YOUNG\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-09 22:12 . 2008-02-19 01:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-09 21:47 . 2008-04-03 02:25 -------- d-----w- c:\documents and settings\All Users\Application Data\GameHouse
2009-07-09 21:07 . 2008-02-19 00:54 -------- d-----w- c:\program files\ESET
2009-07-07 17:26 . 2009-06-10 22:52 -------- d-----w- c:\program files\Hormonal Forecaster
2009-06-29 07:14 . 2009-05-19 18:48 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-29 07:14 . 2009-05-19 18:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-06-29 07:11 . 2009-05-19 18:48 117760 ----a-w- c:\documents and settings\J.C.YOUNG\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-23 02:27 . 2009-06-21 01:17 -------- d-----w- c:\program files\Lavasoft
2009-06-23 02:27 . 2009-06-21 01:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-06-23 02:23 . 2008-02-19 01:01 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-18 05:02 . 2009-06-18 05:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-06-18 04:58 . 2009-06-18 04:45 -------- d-----w- c:\program files\ATI Technologies
2009-06-17 08:53 . 2009-06-17 08:53 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\IObit
2009-06-17 08:53 . 2009-06-17 08:53 -------- d-----w- c:\program files\IObit
2009-06-16 14:36 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2006-02-28 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-14 18:48 . 2009-06-12 19:05 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-06-13 07:36 . 2009-06-13 07:36 -------- d--h--r- c:\documents and settings\J.C.YOUNG\Application Data\SecuROM
2009-06-12 20:18 . 2009-06-12 20:18 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-06-12 20:18 . 2009-06-12 20:18 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-06-12 19:49 . 2008-04-14 04:23 -------- d-----w- c:\program files\CCleaner
2009-06-12 19:48 . 2009-06-12 19:48 -------- d-----w- c:\program files\Defraggler
2009-06-12 19:39 . 2006-12-08 03:09 -------- d-----w- c:\program files\Pinnacle
2009-06-12 19:33 . 2009-06-12 19:33 -------- d-----w- c:\program files\AGEIA Technologies
2009-06-12 19:27 . 2009-06-12 19:27 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\Malwarebytes
2009-06-12 19:25 . 2009-02-11 06:24 -------- d-----w- c:\program files\Forrest
2009-06-12 19:24 . 2009-02-11 06:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Outspark
2009-06-12 19:15 . 2009-03-23 05:42 -------- d-----w- c:\program files\Graboid
2009-06-12 19:13 . 2009-06-12 19:02 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\DAEMON Tools Lite
2009-06-12 19:06 . 2009-06-12 19:06 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-06-12 19:06 . 2009-06-12 19:06 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-06-12 19:02 . 2008-02-23 22:20 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-12 16:40 . 2007-01-06 00:05 123064 ----a-w- c:\windows\HPHins11.dat
2009-06-10 22:51 . 2009-06-10 22:51 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-06-09 17:52 . 2009-06-09 17:52 -------- d-----w- c:\program files\Rainlendar2
2009-06-05 18:42 . 2009-03-26 04:04 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-05 18:42 . 2008-12-29 08:20 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-06-03 19:09 . 2006-02-28 12:00 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-06-02 21:07 . 2006-12-08 02:03 -------- d-----w- c:\program files\Lx_cats
2009-06-02 21:05 . 2007-01-07 02:11 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\Image Zone Express
2009-06-02 00:25 . 2009-06-02 00:24 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\HuruBeachParty
2009-05-28 05:24 . 2008-01-09 08:25 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-05-16 04:05 . 2009-06-18 04:57 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-05-16 03:58 . 2006-03-17 09:24 4069888 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-05-16 03:39 . 2009-05-16 03:39 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-05-16 03:38 . 2006-03-17 09:24 335872 ----a-w- c:\windows\system32\ati2dvag.dll
2009-05-16 03:18 . 2009-05-16 03:18 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-05-16 03:17 . 2009-05-16 03:17 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-05-16 03:17 . 2009-05-16 03:17 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-05-16 03:17 . 2009-05-16 03:17 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-05-16 03:17 . 2009-05-16 03:17 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-05-16 03:15 . 2009-05-16 03:15 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-05-16 03:14 . 2009-05-16 03:14 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-05-16 03:07 . 2006-03-17 09:10 2987136 ----a-w- c:\windows\system32\ati3duag.dll
2009-05-16 02:55 . 2009-05-16 02:55 11423744 ----a-w- c:\windows\system32\atioglxx.dll
2009-05-16 02:54 . 2006-03-17 09:05 2122624 ----a-w- c:\windows\system32\ativvaxx.dll
2009-05-16 02:54 . 2009-05-16 02:54 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-05-16 02:54 . 2009-05-16 02:54 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-05-16 02:51 . 2009-05-16 02:51 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-05-16 02:38 . 2009-05-16 02:38 49664 ----a-w- c:\windows\system32\atimpc32.dll
2009-05-16 02:38 . 2009-05-16 02:38 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-05-16 02:33 . 2009-05-16 02:33 479232 ----a-w- c:\windows\system32\atikvmag.dll
2009-05-16 02:31 . 2009-05-16 02:31 139264 ----a-w- c:\windows\system32\atiadlxx.dll
2009-05-16 02:31 . 2009-05-16 02:31 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-05-16 02:30 . 2009-05-16 02:30 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-05-16 02:26 . 2009-05-16 02:26 376832 ----a-w- c:\windows\system32\atiok3x2.dll
2009-05-16 02:24 . 2006-03-17 08:47 651264 ----a-w- c:\windows\system32\ati2cqag.dll
2009-05-16 01:35 . 2009-05-16 01:35 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-05-16 01:34 . 2009-05-16 01:34 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-05-16 01:33 . 2009-05-16 01:33 3158016 ----a-w- c:\windows\system32\aticaldd.dll
2009-05-13 05:15 . 2006-02-28 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-11 04:35 . 2009-05-11 04:35 120320 ----a-w- c:\windows\system32\drivers\SSHDRV65.sys
2009-05-07 15:32 . 2006-02-28 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-05-05 19:33 . 2009-05-05 19:33 118784 ----a-w- c:\windows\system32\atibtmon.exe
2009-04-23 19:04 . 2009-04-23 19:04 189051 ----a-w- c:\windows\system32\atiicdxx.dat
2009-06-03 03:00 . 2009-06-18 01:23 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-06-23_02.01.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 09:19 . 2007-11-07 09:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2007-10-09 19:58 . 2007-10-09 19:58 16896 c:\windows\system32\tswpfwrp.exe
+ 2006-12-07 01:32 . 2009-01-08 01:21 26144 c:\windows\system32\spupdsvc.exe
+ 2009-07-10 05:30 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2007-08-20 03:09 . 2009-01-08 01:20 16928 c:\windows\system32\spmsg.dll
+ 2009-07-16 02:55 . 2009-06-05 18:42 39424 c:\windows\system32\ReinstallBackups\0020\DriverFiles\usbaapl.sys
+ 2009-07-12 05:05 . 2006-07-19 01:52 34048 c:\windows\system32\ReinstallBackups\0018\DriverFiles\atl01_xp.sys
+ 2009-07-12 05:05 . 2006-06-12 08:28 53248 c:\windows\system32\ReinstallBackups\0018\DriverFiles\atcInst.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 43544 c:\windows\system32\PresentationHostProxy.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 46592 c:\windows\system32\pngfilt.dll
+ 2006-02-28 12:00 . 2009-07-12 05:19 68360 c:\windows\system32\perfc009.dat
+ 2009-01-08 01:20 . 2009-01-08 01:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 24576 c:\windows\system32\nlsdl.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 48128 c:\windows\system32\mshtmler.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 66560 c:\windows\system32\mshtmled.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 55296 c:\windows\system32\msfeedsbs.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 83968 c:\windows\system32\mscories.dll
+ 2006-02-28 12:00 . 2009-03-08 11:34 43008 c:\windows\system32\licmgr10.dll
+ 2006-02-28 12:00 . 2009-04-30 21:22 25600 c:\windows\system32\jsproxy.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 94720 c:\windows\system32\inseng.dll
+ 2008-07-30 02:24 . 2008-07-30 02:24 97800 c:\windows\system32\infocardapi.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 34816 c:\windows\system32\imgutil.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 36864 c:\windows\system32\ieudinit.exe
+ 2006-02-28 12:00 . 2009-03-08 11:32 71680 c:\windows\system32\iesetup.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 55808 c:\windows\system32\iernonce.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 26112 c:\windows\system32\idndl.dll
+ 2008-07-30 02:24 . 2008-07-30 02:24 11264 c:\windows\system32\icardres.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 59904 c:\windows\system32\icardie.dll
+ 2007-10-09 20:03 . 2007-10-09 20:03 73752 c:\windows\system32\dxva2.dll
+ 2009-07-14 23:20 . 2009-06-05 18:42 39424 c:\windows\system32\DRVSTORE\usbaapl_872A2434B7205D4BD84BBE53811BDCE15F347D5B\usbaapl.sys
+ 2009-07-14 23:20 . 2009-06-05 18:42 17408 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\netaapl.sys
+ 2009-07-14 23:25 . 2009-03-19 23:32 23400 c:\windows\system32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspiWDM.sys
+ 2008-11-12 21:54 . 2008-11-12 21:54 37376 c:\windows\system32\drivers\l151x86.sys
+ 2008-12-29 08:22 . 2009-03-19 23:32 23400 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2009-03-08 11:31 . 2009-03-08 11:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2009-03-08 11:34 . 2009-03-08 11:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 11:33 . 2009-04-30 21:22 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2009-03-08 11:24 . 2009-03-08 11:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2007-03-23 03:24 . 2008-07-06 12:06 89088 c:\windows\system32\dllcache\filterpipelineprintproc.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 96760 c:\windows\system32\dfshim.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 96760 c:\windows\system32\dfshim.dll
+ 2006-02-28 12:00 . 2009-03-08 11:33 18944 c:\windows\system32\corpol.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 72704 c:\windows\system32\admparse.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-30 04:10 . 2008-07-30 04:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-30 02:59 . 2008-07-30 02:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 04:10 . 2008-07-30 04:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-30 02:32 . 2008-07-30 02:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 18:17 . 2008-07-25 18:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 18:17 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2006-12-18 18:03 . 2006-12-18 18:03 16921 c:\windows\McAfee.com\FreeScan\rwabs32.dll
+ 2007-07-13 18:54 . 2007-07-13 18:54 24576 c:\windows\McAfee.com\FreeScan\avdat.exe
+ 2009-04-19 06:37 . 2009-04-19 06:37 51712 c:\windows\Installer\1ca871e6.msi
+ 2008-07-30 04:07 . 2008-07-30 04:07 23040 c:\windows\Installer\135a60b.msp
+ 2009-07-12 05:12 . 2009-07-12 05:12 88576 c:\windows\Installer\1326428.msi
+ 2006-12-07 02:08 . 2009-07-19 21:15 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-07-12 05:09 . 2009-03-08 11:33 12288 c:\windows\ie8updates\KB969897-IE8\xpshims.dll
+ 2009-07-12 05:09 . 2009-03-08 11:33 25600 c:\windows\ie8updates\KB969897-IE8\jsproxy.dll
+ 2009-07-12 05:08 . 2008-04-14 00:12 37888 c:\windows\ie8\url.dll
+ 2009-07-12 05:08 . 2009-03-08 21:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2009-07-12 05:08 . 2008-04-14 00:12 39424 c:\windows\ie8\pngfilt.dll
+ 2009-07-12 05:08 . 2008-04-14 00:12 96256 c:\windows\ie8\occache.dll
+ 2009-07-12 05:08 . 2008-04-13 16:26 56832 c:\windows\ie8\mshtmler.dll
+ 2009-07-12 05:08 . 2008-04-14 00:12 29184 c:\windows\ie8\mshta.exe
+ 2009-07-12 05:08 . 2008-04-14 00:11 22016 c:\windows\ie8\licmgr10.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 15872 c:\windows\ie8\jsproxy.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 96256 c:\windows\ie8\inseng.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 35840 c:\windows\ie8\imgutil.dll
+ 2009-07-12 05:08 . 2008-04-14 00:12 93184 c:\windows\ie8\iexplore.exe
+ 2009-07-12 05:08 . 2008-04-14 00:11 62976 c:\windows\ie8\iesetup.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 48640 c:\windows\ie8\iernonce.dll
+ 2009-07-12 05:08 . 2009-04-29 04:46 81920 c:\windows\ie8\ieencode.dll
+ 2009-07-12 05:08 . 2008-04-14 00:12 34304 c:\windows\ie8\ie4uinit.exe
+ 2009-07-12 05:08 . 2008-04-14 00:11 38912 c:\windows\ie8\hmmapi.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 35328 c:\windows\ie8\corpol.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 99840 c:\windows\ie8\advpack.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 61440 c:\windows\ie8\admparse.dll
+ 2009-07-12 05:14 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 50688 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\9e249f5c0ef3e391c5aec1f9da805519\UIAutomationProvider.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 77824 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\fbcb343f14b7a8940d8cd2cb41d6d23a\System.Windows.Presentation.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-07-10 05:32 . 2009-07-10 05:32 48640 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\4ce7fd62d4107fbe996ab305eb21ee6a\PresentationFontCache.ni.exe
+ 2009-07-12 05:20 . 2009-07-12 05:20 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe
+ 2009-07-12 05:20 . 2009-07-12 05:20 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 40960 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3df824565150953afd560ca20237b881\PresentationCFFRasterizer.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 77824 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\e674ba75a514e00b26329e212da938e0\Microsoft.Vsa.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\b853ec09162fa93757d7bbb0d5435f4e\Microsoft.Build.Framework.ni.dll
+ 2009-07-12 05:24 . 2009-07-12 05:24 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-07-12 05:24 . 2009-07-12 05:24 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2009-07-12 05:24 . 2009-07-12 05:24 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-07-12 05:16 . 2009-07-12 05:16 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-07-12 05:16 . 2009-07-12 05:16 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-07-12 05:16 . 2009-07-12 05:16 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-07-12 05:16 . 2009-07-12 05:16 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-07-12 05:16 . 2009-07-12 05:16 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-07-12 05:14 . 2009-07-12 05:14 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-24 08:47 . 2007-10-24 08:47 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-24 08:47 . 2007-10-24 08:47 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2006-12-18 18:03 . 2006-12-18 18:03 7449 c:\windows\McAfee.com\FreeScan\rwabs16.dll
+ 2008-07-09 12:30 . 2008-07-09 12:30 5444 c:\windows\McAfee.com\FreeScan\config.dat
+ 2006-12-07 02:08 . 2009-07-19 21:15 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-07-12 05:10 . 2009-03-08 11:35 2048 c:\windows\ie8updates\KB971930-IE8\iecompat.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-04-11 08:03 . 2008-04-11 08:03 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-04-11 08:04 . 2008-04-11 08:04 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-07 08:19 . 2007-11-07 08:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 08:19 . 2007-11-07 08:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-07 03:23 . 2007-11-07 03:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-30 04:26 . 2008-07-30 04:26 301568 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2007-03-23 13:07 . 2008-07-06 12:06 575488 c:\windows\system32\xpsshhdr.dll
- 2008-08-18 23:39 . 2008-04-14 00:12 121856 c:\windows\system32\xmllite.dll
+ 2008-08-18 23:39 . 2009-01-08 01:21 121856 c:\windows\system32\xmllite.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2006-02-28 12:00 . 2009-03-08 11:34 236544 c:\windows\system32\webcheck.dll
+ 2006-02-28 12:00 . 2009-03-08 11:33 420352 c:\windows\system32\vbscript.dll
+ 2006-02-28 12:00 . 2009-03-08 11:34 105984 c:\windows\system32\url.dll
+ 2007-10-09 20:03 . 2007-10-09 20:03 161304 c:\windows\system32\UIAutomationCore.dll
+ 2009-07-10 05:30 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2009-07-10 05:30 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-07-10 05:30 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2009-07-10 05:30 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2009-07-10 05:30 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2007-03-23 03:25 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2006-12-07 22:57 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
- 2006-12-07 22:57 . 2007-05-15 08:08 761344 c:\windows\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2006-12-07 22:57 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2006-12-07 22:57 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
- 2006-12-07 22:57 . 2008-04-14 00:12 373248 c:\windows\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2007-03-23 03:24 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2007-03-23 03:24 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2006-08-24 23:15 . 2006-08-24 23:15 150808 c:\windows\system32\rgb9rast_2.dll
+ 2007-03-23 03:25 . 2008-07-06 12:06 117760 c:\windows\system32\prntvpt.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 781344 c:\windows\system32\PresentationNative_v0300.dll
+ 2008-07-30 03:35 . 2008-07-30 03:35 326160 c:\windows\system32\PresentationHost.exe
+ 2008-07-30 02:59 . 2008-07-30 02:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2006-02-28 12:00 . 2009-07-12 05:19 435590 c:\windows\system32\perfh009.dat
+ 2006-02-28 12:00 . 2009-03-08 11:34 109568 c:\windows\system32\occache.dll
+ 2003-03-19 06:14 . 2006-07-12 01:35 503808 c:\windows\system32\MSVCP71.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 611840 c:\windows\system32\mstime.dll
+ 2006-02-28 12:00 . 2009-03-08 11:34 193536 c:\windows\system32\msrating.dll
+ 2006-02-28 12:00 . 2009-03-08 11:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 594432 c:\windows\system32\msfeeds.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 265720 c:\windows\system32\msdbg2.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 282112 c:\windows\system32\mscoree.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 282112 c:\windows\system32\mscoree.dll
+ 2006-02-28 12:00 . 2009-03-08 11:33 726528 c:\windows\system32\jscript.dll
+ 2009-03-08 11:22 . 2009-03-08 11:22 164352 c:\windows\system32\ieui.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 183808 c:\windows\system32\iepeers.dll
+ 2006-02-28 12:00 . 2009-04-30 21:22 385536 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 11:11 . 2009-03-08 11:11 445952 c:\windows\system32\ieapfltr.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 163840 c:\windows\system32\ieakui.dll
+ 2006-02-28 12:00 . 2009-03-08 11:33 229376 c:\windows\system32\ieaksie.dll
+ 2006-02-28 12:00 . 2009-03-08 11:33 125952 c:\windows\system32\ieakeng.dll
+ 2006-02-28 12:00 . 2009-04-30 11:21 173056 c:\windows\system32\ie4uinit.exe
+ 2008-07-30 02:24 . 2008-07-30 02:24 622080 c:\windows\system32\icardagt.exe
+ 2007-10-09 20:03 . 2007-10-09 20:03 493080 c:\windows\system32\evr.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 216064 c:\windows\system32\dxtrans.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 348160 c:\windows\system32\dxtmsft.dll
+ 2009-07-14 23:25 . 2008-04-17 19:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspi.dll
+ 2006-02-28 12:00 . 2008-04-14 00:12 338432 c:\windows\system32\dllcache\zipfldr.dll
+ 2007-03-23 13:07 . 2008-07-06 12:06 575488 c:\windows\system32\dllcache\xpsshhdr.dll
+ 2008-04-21 06:44 . 2009-05-13 05:15 915456 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2008-05-09 10:53 . 2009-03-08 11:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 105984 c:\windows\system32\dllcache\url.dll
+ 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2007-03-23 03:25 . 2008-07-06 10:50 597504 c:\windows\system32\dllcache\printfilterpipelinesvc.exe
+ 2009-03-08 11:34 . 2009-03-08 11:34 109568 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2006-02-28 12:00 . 2009-03-08 11:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2008-05-09 10:53 . 2009-03-08 11:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2009-03-08 21:09 . 2009-03-08 21:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 183808 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 21:09 . 2009-04-30 21:22 385536 c:\windows\system32\dllcache\iedkcs32.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2009-03-08 11:32 . 2009-04-30 11:21 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 128512 c:\windows\system32\advpack.dll
+ 2008-08-18 23:38 . 2006-02-28 12:00 366080 c:\windows\ServicePackFiles\i386\digreqex.msi
+ 2008-08-18 23:38 . 2006-02-28 12:00 863232 c:\windows\ServicePackFiles\i386\digopt.msi
+ 2008-07-30 06:40 . 2008-07-30 06:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-30 01:47 . 2008-07-30 01:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-30 01:47 . 2008-07-30 01:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-30 06:15 . 2008-07-30 06:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-30 06:40 . 2008-07-30 06:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-30 03:35 . 2008-07-30 03:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2007-08-06 05:30 . 2007-08-06 05:30 797696 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-30 02:24 . 2008-07-30 02:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 11:59 . 2008-11-25 11:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2009-07-08 20:04 . 2009-07-08 20:04 156936 c:\windows\McAfee.com\FreeScan\mcfscan.dll
+ 2009-02-23 00:58 . 2009-02-23 00:58 271872 c:\windows\Installer\cbd1e8b0.msi
+ 2009-05-22 03:02 . 2009-05-22 03:02 470528 c:\windows\Installer\ba87682.msi
+ 2007-08-16 03:03 . 2007-08-16 03:03 431104 c:\windows\Installer\a7823.msi
+ 2006-12-08 01:19 . 2006-12-08 01:19 510976 c:\windows\Installer\9cc984.msi
+ 2006-12-08 01:19 . 2006-12-08 01:19 589824 c:\windows\Installer\9cc97f.msi
+ 2006-12-08 01:19 . 2006-12-08 01:19 157184 c:\windows\Installer\9cc97a.msi
+ 2006-12-08 01:18 . 2006-12-08 01:18 754176 c:\windows\Installer\9cc96b.msi
+ 2006-12-08 01:18 . 2006-12-08 01:18 305152 c:\windows\Installer\9cc946.msi
+ 2006-12-08 01:18 . 2006-12-08 01:18 235008 c:\windows\Installer\9cc902.msi
+ 2006-12-07 01:15 . 2006-12-07 01:15 264704 c:\windows\Installer\98361.msi
+ 2009-03-20 18:48 . 2009-03-20 18:48 183808 c:\windows\Installer\7efc5.msp
+ 2009-07-10 05:10 . 2009-07-10 05:10 228352 c:\windows\Installer\6e33211.msi
+ 2008-02-14 00:25 . 2008-02-14 00:25 282624 c:\windows\Installer\6ca9e.msi
+ 2009-06-18 04:58 . 2009-06-18 04:58 193536 c:\windows\Installer\698e3.msi
+ 2009-06-18 04:58 . 2009-06-18 04:58 252416 c:\windows\Installer\698dd.msi
+ 2009-06-18 04:58 . 2009-06-18 04:58 257536 c:\windows\Installer\698d7.msi
+ 2009-06-18 04:58 . 2009-06-18 04:58 179200 c:\windows\Installer\698d1.msi
+ 2009-06-18 04:58 . 2009-06-18 04:58 259584 c:\windows\Installer\698cb.msi
+ 2009-06-18 04:58 . 2009-06-18 04:58 285696 c:\windows\Installer\698c5.msi
+ 2009-06-18 04:57 . 2009-06-18 04:57 181248 c:\windows\Installer\698bf.msi
+ 2009-06-18 04:57 . 2009-06-18 04:57 266240 c:\windows\Installer\698b9.msi
+ 2009-06-18 04:57 . 2009-06-18 04:57 321536 c:\windows\Installer\698b3.msi
+ 2009-06-18 04:57 . 2009-06-18 04:57 257024 c:\windows\Installer\698ad.msi
+ 2008-05-08 01:22 . 2008-05-08 01:22 289792 c:\windows\Installer\64f34.msi
+ 2008-11-12 11:00 . 2008-11-12 11:00 432640 c:\windows\Installer\620a7d08.msi
+ 2008-07-09 07:09 . 2008-07-09 07:09 198144 c:\windows\Installer\586f9808.msi
+ 2009-04-21 02:09 . 2009-04-21 02:09 771584 c:\windows\Installer\3cdde60.msi
+ 2009-06-21 01:17 . 2009-06-21 01:17 236032 c:\windows\Installer\3c17189.msi
+ 2008-04-16 18:48 . 2008-04-16 18:48 160256 c:\windows\Installer\3c07ff.msi
+ 2007-01-06 00:15 . 2007-01-06 00:15 356352 c:\windows\Installer\2cedea.msi
+ 2007-01-06 00:15 . 2007-01-06 00:15 239104 c:\windows\Installer\2cede4.msi
+ 2007-01-06 00:15 . 2007-01-06 00:15 425984 c:\windows\Installer\2cedda.msi
+ 2007-01-06 00:15 . 2007-01-06 00:15 302592 c:\windows\Installer\2cedd5.msi
+ 2007-01-06 00:14 . 2007-01-06 00:14 351232 c:\windows\Installer\2cedd0.msi
+ 2007-01-06 00:14 . 2007-01-06 00:14 758272 c:\windows\Installer\2cedc5.msi
+ 2007-01-06 00:14 . 2007-01-06 00:14 183296 c:\windows\Installer\2ced9e.msi
+ 2006-12-13 18:20 . 2006-12-13 18:20 155136 c:\windows\Installer\27d13.msi
+ 2006-12-13 18:19 . 2006-12-13 18:19 169984 c:\windows\Installer\27ce3.msi
+ 2006-12-13 18:19 . 2006-12-13 18:19 237568 c:\windows\Installer\27cde.msi
+ 2006-12-13 18:19 . 2006-12-13 18:19 318464 c:\windows\Installer\27cbd.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 226304 c:\windows\Installer\27cb4.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 688640 c:\windows\Installer\27ca5.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 166912 c:\windows\Installer\27c7c.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 192512 c:\windows\Installer\27c77.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 179712 c:\windows\Installer\27c5a.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 161792 c:\windows\Installer\27c30.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 156672 c:\windows\Installer\27c25.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 157184 c:\windows\Installer\27c0a.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 334848 c:\windows\Installer\27bfe.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 194560 c:\windows\Installer\27a9d.msi
+ 2006-12-13 18:18 . 2006-12-13 18:18 155136 c:\windows\Installer\27a7c.msi
+ 2006-12-13 18:17 . 2006-12-13 18:17 159232 c:\windows\Installer\27a6c.msi
+ 2006-12-13 18:17 . 2006-12-13 18:17 160768 c:\windows\Installer\27a67.msi
+ 2006-12-13 18:17 . 2006-12-13 18:17 233472 c:\windows\Installer\27a40.msi
+ 2006-12-13 18:17 . 2006-12-13 18:17 238080 c:\windows\Installer\27a37.msi
+ 2006-12-13 18:17 . 2006-12-13 18:17 968192 c:\windows\Installer\27a31.msi
+ 2008-06-11 21:02 . 2008-06-11 21:02 830464 c:\windows\Installer\2442278d.msp
+ 2008-07-28 21:59 . 2008-07-28 21:59 180736 c:\windows\Installer\24422778.msp
+ 2009-06-23 01:41 . 2009-06-23 01:41 331264 c:\windows\Installer\2203a81.msi
+ 2006-12-09 10:29 . 2006-12-09 10:29 428544 c:\windows\Installer\182d85f.msi
+ 2007-07-14 17:59 . 2007-07-14 17:59 282624 c:\windows\Installer\145341.msi
+ 2008-12-13 16:58 . 2008-12-13 16:58 754688 c:\windows\Installer\136ce70.msp
+ 2009-07-12 05:16 . 2009-07-12 05:16 648192 c:\windows\Installer\136cdd9.msi
+ 2008-07-30 04:23 . 2008-07-30 04:23 250880 c:\windows\Installer\135a614.msp
+ 2008-07-30 04:28 . 2008-07-30 04:28 278016 c:\windows\Installer\135a612.msp
+ 2008-07-30 02:40 . 2008-07-30 02:40 291840 c:\windows\Installer\135a610.msp
+ 2009-07-12 05:15 . 2009-07-12 05:15 137728 c:\windows\Installer\135a60a.msi
+ 2008-07-30 00:35 . 2008-07-30 00:35 553472 c:\windows\Installer\132642d.msp
+ 2008-07-30 00:33 . 2008-07-30 00:33 506368 c:\windows\Installer\132642b.msp
+ 2008-07-30 00:37 . 2008-07-30 00:37 911360 c:\windows\Installer\132642a.msp
+ 2009-07-16 02:59 . 2009-07-16 02:59 102400 c:\windows\Installer\{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}\iTunesIco.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2006-12-07 02:08 . 2009-06-14 07:12 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2006-12-07 02:08 . 2009-07-19 21:15 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-07-12 05:10 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971930-IE8\spuninst\updspapi.dll
+ 2009-07-12 05:10 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971930-IE8\spuninst\spuninst.exe
+ 2009-07-12 05:09 . 2009-03-08 11:34 914944 c:\windows\ie8updates\KB969897-IE8\wininet.dll
+ 2009-07-12 05:09 . 2008-07-09 07:38 382840 c:\windows\ie8updates\KB969897-IE8\spuninst\updspapi.dll
+ 2009-07-12 05:09 . 2007-11-30 12:39 231288 c:\windows\ie8updates\KB969897-IE8\spuninst\spuninst.exe
+ 2009-07-12 05:09 . 2009-03-08 11:33 246784 c:\windows\ie8updates\KB969897-IE8\ieproxy.dll
+ 2009-07-12 05:09 . 2009-03-08 21:09 391536 c:\windows\ie8updates\KB969897-IE8\iedkcs32.dll
+ 2009-07-12 05:09 . 2009-03-08 11:32 173056 c:\windows\ie8updates\KB969897-IE8\ie4uinit.exe
+ 2009-07-12 05:08 . 2009-04-29 04:46 666624 c:\windows\ie8\wininet.dll
+ 2009-07-12 05:08 . 2008-04-14 00:12 276480 c:\windows\ie8\webcheck.dll
+ 2009-07-12 05:08 . 2008-04-14 00:12 851968 c:\windows\ie8\vgx.dll
+ 2009-07-12 05:08 . 2008-05-09 10:53 430080 c:\windows\ie8\vbscript.dll
+ 2009-07-12 05:08 . 2009-04-29 04:46 620032 c:\windows\ie8\urlmon.dll
+ 2009-07-12 05:08 . 2009-01-08 01:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2009-07-12 05:08 . 2009-01-08 01:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-07-12 05:08 . 2008-04-14 00:12 532480 c:\windows\ie8\mstime.dll
+ 2009-07-12 05:08 . 2008-04-14 00:12 146432 c:\windows\ie8\msrating.dll
+ 2009-07-12 05:08 . 2006-02-28 12:00 146432 c:\windows\ie8\msls31.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 449024 c:\windows\ie8\mshtmled.dll
+ 2009-07-12 05:08 . 2008-05-09 10:53 512000 c:\windows\ie8\jscript.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 251904 c:\windows\ie8\iepeers.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 323584 c:\windows\ie8\iedkcs32.dll
+ 2009-07-12 05:08 . 2006-02-28 12:00 221184 c:\windows\ie8\ieakui.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 216576 c:\windows\ie8\ieaksie.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 143360 c:\windows\ie8\ieakeng.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 205312 c:\windows\ie8\dxtrans.dll
+ 2009-07-12 05:08 . 2008-04-14 00:11 357888 c:\windows\ie8\dxtmsft.dll
+ 2009-07-12 05:14 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-07-12 05:14 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-07-12 05:14 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-07-12 05:14 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-07-12 05:14 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2008-04-11 08:04 . 2008-04-11 08:04 299008 c:\windows\assembly\temp\FU12XRLGB6\System.Runtime.Remoting.dll
+ 2009-07-12 05:24 . 2009-07-12 05:24 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-07-10 06:11 . 2009-07-10 06:11 380928 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\13f498f606b7cb97c086eea149b8c872\WsatConfig.ni.exe
+ 2009-07-10 06:21 . 2009-07-10 06:21 270336 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b7c202147607f93463ead99e743c78b9\WindowsFormsIntegration.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 196608 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\46e3ec015dd7b25d5ddc185534458122\UIAutomationTypes.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 483328 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2e5aa36c753a605bdefb97ab83e8806\UIAutomationClient.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2009-07-12 05:52 . 2009-07-12 05:52 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 458752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\0e1c79174260c4e2bf159a2cc1d77338\System.Xml.Linq.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 880640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\1e0ce08988c4cd1659caa7981b4c60fc\System.Web.Extensions.Design.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 339968 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1f5cf8178029f5b959a9af75cb8cfedb\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\3cefb375df4f668badf6dc74f3288960\System.Net.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 356352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\0c0688825a79e72951210318eef63c82\System.Management.Instrumentation.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 417792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e1e6aa5272543f1d9dad98be897b693e\System.IO.Log.ni.dll
+ 2009-07-12 05:23 . 2009-07-12 05:23 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-07-12 05:23 . 2009-07-12 05:23 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 241664 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\492d16599426c7ab35ad2c499a9d4ae6\System.IdentityModel.Selectors.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 937984 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11892d4e65aaa4f475af5608b9497007\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 184320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\c014bb2f4ee4bf27c65ce1d1d78d750c\System.Data.DataSetExtensions.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
+ 2009-07-12 05:24 . 2009-07-12 05:24 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 163840 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\c46625ea87db53ccf6194fe17ee05c19\System.Configuration.Install.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 696320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\514e98c9aa203a2983cbf329753cb9c3\System.AddIn.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 102400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\eeb4d1669350e6eb17e48b867655aeba\System.AddIn.Contract.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 323584 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\a098c66aa40d958878f3f5344e6ae1a4\SMSvcHost.ni.exe
+ 2009-07-12 05:24 . 2009-07-12 05:24 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2009-07-12 05:24 . 2009-07-12 05:24 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 299008 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\169ba2fe1a4d87ede3ab8dd3d44d867e\SMDiagnostics.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 139264 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\feac66e81309d67b48f7a9f4cb98f7c8\ServiceModelReg.ni.exe
+ 2009-07-12 05:24 . 2009-07-12 05:24 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-07-12 05:20 . 2009-07-12 05:20 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll
+ 2009-07-10 05:33 . 2009-07-10 05:33 245760 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9df61ec7aad39fe0bac82139cd84e5e5\PresentationFramework.Classic.ni.dll
+ 2009-07-10 05:33 . 2009-07-10 05:33 274432 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\81d2540bc1c18190d0431d9a61bee65b\PresentationFramework.Royale.ni.dll
+ 2009-07-12 05:20 . 2009-07-12 05:20 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll
+ 2009-07-12 05:20 . 2009-07-12 05:20 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll
+ 2009-07-10 05:33 . 2009-07-10 05:33 552960 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3f18bff5107c9a8accae6c248fdf3c2e\PresentationFramework.Luna.ni.dll
+ 2009-07-10 05:33 . 2009-07-10 05:33 393216 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\36c6cfd5d4e80d5c548f823b2bbf5457\PresentationFramework.Aero.ni.dll
+ 2009-07-12 05:20 . 2009-07-12 05:20 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 155648 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\aa99ebdd26e5d493fec18b1714458782\MSBuild.ni.exe
+ 2009-07-12 05:24 . 2009-07-12 05:24 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2009-07-10 06:11 . 2009-07-10 06:11 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f3902a808549b40d648206c9303f2788\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-07-12 05:24 . 2009-07-12 05:24 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 196608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\da5206e4c016dbdb944957d0046d7869\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 237568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\d097b5a3c886d0c3b053f46b7a310501\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 503808 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\bb3c2f59a821abc54f420f3a9e051d6a\ComSvcConfig.ni.exe
+ 2009-07-12 05:23 . 2009-07-12 05:23 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
+ 2009-07-12 05:24 . 2009-07-12 05:24 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-07-12 05:16 . 2009-07-12 05:16 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-07-12 05:16 . 2009-07-12 05:16 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-07-12 05:19 . 2009-07-12 05:19 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-07-12 05:19 . 2009-07-12 05:19 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-07-10 05:31 . 2009-07-10 05:31 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2008-04-11 08:03 . 2008-04-11 08:03 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2008-04-11 08:03 . 2008-04-11 08:03 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-07-12 05:16 . 2009-07-12 05:16 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-07-12 05:19 . 2009-07-12 05:19 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-07-12 05:19 . 2009-07-12 05:19 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-04-11 08:03 . 2008-04-11 08:03 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-04-11 08:04 . 2008-04-11 08:04 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2007-03-23 13:07 . 2008-07-06 12:06 1676288 c:\windows\system32\xpssvcs.dll
+ 2006-02-28 12:00 . 2006-02-28 12:00 1326080 c:\windows\system32\webfldrs.msi
+ 2006-02-28 12:00 . 2009-04-30 21:22 1207808 c:\windows\system32\urlmon.dll
+ 2009-07-10 05:30 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2009-07-10 05:30 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2009-07-10 05:30 . 2008-07-07 00:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2009-07-10 05:30 . 2008-07-07 00:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2007-03-23 13:07 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2009-07-16 02:55 . 2009-06-05 18:42 2060288 c:\windows\system32\ReinstallBackups\0020\DriverFiles\usbaaplrc.dll
+ 2006-02-28 12:00 . 2009-05-13 05:15 5936128 c:\windows\system32\mshtml.dll
- 2003-03-19 12:20 . 2003-03-19 12:20 1060864 c:\windows\system32\mfc71.dll
+ 2003-03-19 12:20 . 2006-07-12 01:43 1060864 c:\windows\system32\mfc71.dll
+ 2008-03-21 01:06 . 2008-03-21 01:06 1480232 c:\windows\system32\LegitCheckControl.dll
+ 2009-03-08 11:32 . 2009-04-30 21:22 1985024 c:\windows\system32\iertutil.dll
+ 2009-02-07 04:07 . 2009-02-07 04:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2006-12-06 16:51 . 2009-07-12 05:27 1575968 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 23:20 . 2009-06-05 18:42 2060288 c:\windows\system32\DRVSTORE\usbaapl_872A2434B7205D4BD84BBE53811BDCE15F347D5B\usbaaplrc.dll
+ 2009-07-14 23:20 . 2009-06-05 18:42 1419232 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\wdfcoinstaller01005.dll
+ 2007-03-23 13:07 . 2008-07-06 12:06 1676288 c:\windows\system32\dllcache\xpssvcs.dll
+ 2008-06-26 08:15 . 2009-04-30 21:22 1207808 c:\windows\system32\dllcache\urlmon.dll
+ 2008-05-07 05:12 . 2009-06-03 19:09 1291264 c:\windows\system32\dllcache\quartz.dll
+ 2008-04-21 06:44 . 2009-05-13 05:15 5936128 c:\windows\system32\dllcache\mshtml.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 1022976 c:\windows\system32\dllcache\browseui.dll
+ 2008-08-18 23:39 . 2006-02-28 12:00 1326080 c:\windows\ServicePackFiles\i386\webfldrs.msi
+ 2008-08-18 23:38 . 2006-02-28 12:00 5080576 c:\windows\ServicePackFiles\i386\msnmsgs.msi
+ 2008-07-30 06:40 . 2008-07-30 06:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-30 01:47 . 2008-07-30 01:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-06 02:35 . 2008-12-06 02:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2007-08-06 05:30 . 2007-08-06 05:30 2628608 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2007-08-06 05:30 . 2007-08-06 05:30 4874240 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-12-06 03:12 . 2008-12-06 03:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 11:59 . 2008-11-25 11:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2009-07-08 12:30 . 2009-07-08 12:30 1090430 c:\windows\McAfee.com\FreeScan\names.DAT
+ 2008-07-09 12:30 . 2008-07-09 12:30 3092646 c:\windows\McAfee.com\FreeScan\mcscan32.dll
+ 2005-10-26 21:59 . 2005-10-26 21:59 2883072 c:\windows\Installer\ba87696.msp
+ 2009-04-07 00:00 . 2009-04-07 00:00 5518336 c:\windows\Installer\ba8767c.msp
+ 2009-07-14 23:27 . 2009-07-14 23:27 1665024 c:\windows\Installer\abf1e8c.msi
+ 2009-07-14 23:23 . 2009-07-14 23:23 8992256 c:\windows\Installer\abf1b56.msi
+ 2006-12-08 01:18 . 2006-12-08 01:18 1062912 c:\windows\Installer\9cc974.msi
+ 2006-12-08 01:17 . 2006-12-08 01:17 1501696 c:\windows\Installer\9cc8db.msi
+ 2009-03-26 02:32 . 2009-03-26 02:32 1659392 c:\windows\Installer\9baf9ed.msi
+ 2006-12-07 02:08 . 2006-12-07 02:08 5923328 c:\windows\Installer\88062.msi
+ 2006-12-08 00:59 . 2006-12-08 00:59 6886912 c:\windows\Installer\7cd56c.msi
+ 2009-05-12 20:01 . 2009-05-12 20:01 6818816 c:\windows\Installer\7c0f200.msp
+ 2009-05-28 19:32 . 2009-05-28 19:32 5518848 c:\windows\Installer\7c0f1ea.msp
+ 2009-04-24 00:57 . 2009-04-24 00:57 7672832 c:\windows\Installer\7c0f1d4.msp
+ 2009-06-18 04:58 . 2009-06-18 04:58 1085952 c:\windows\Installer\698e9.msi
+ 2009-07-16 02:59 . 2009-07-16 02:59 4945408 c:\windows\Installer\49769e7.msi
+ 2009-07-16 02:55 . 2009-07-16 02:55 3295232 c:\windows\Installer\497669b.msi
+ 2008-02-23 23:03 . 2008-02-23 23:03 1785344 c:\windows\Installer\3b2d4.msi
+ 2008-02-23 23:03 . 2008-02-23 23:03 2435072 c:\windows\Installer\3b2cd.msi
+ 2008-02-23 23:02 . 2008-02-23 23:02 2399744 c:\windows\Installer\3b2c6.msi
+ 2008-02-23 23:01 . 2008-02-23 23:01 2437632 c:\windows\Installer\3b2be.msi
+ 2008-02-23 22:59 . 2008-02-23 22:59 2999808 c:\windows\Installer\3b2b7.msi
+ 2008-02-23 22:57 . 2008-02-23 22:57 2962432 c:\windows\Installer\3b2b0.msi
+ 2008-02-23 22:56 . 2008-02-23 22:56 3037184 c:\windows\Installer\3b2a2.msi
+ 2008-02-23 22:55 . 2008-02-23 22:55 2485760 c:\windows\Installer\3b28e.msi
+ 2008-02-23 22:54 . 2008-02-23 22:54 2423808 c:\windows\Installer\3b27a.msi
+ 2008-02-23 22:53 . 2008-02-23 22:53 2344448 c:\windows\Installer\3b266.msi
+ 2008-02-23 22:52 . 2008-02-23 22:52 3240448 c:\windows\Installer\3b25f.msi
+ 2008-02-23 22:50 . 2008-02-23 22:50 2771456 c:\windows\Installer\3b258.msi
+ 2008-02-23 22:49 . 2008-02-23 22:49 2242048 c:\windows\Installer\3b251.msi
+ 2008-02-23 22:48 . 2008-02-23 22:48 1888256 c:\windows\Installer\3b249.msi
+ 2008-02-23 22:47 . 2008-02-23 22:47 1786368 c:\windows\Installer\3b242.msi
+ 2008-02-23 22:47 . 2008-02-23 22:47 1784832 c:\windows\Installer\3b23b.msi
+ 2008-02-23 22:47 . 2008-02-23 22:47 1786880 c:\windows\Installer\3b22d.msi
+ 2008-02-23 22:42 . 2008-02-23 22:42 1727488 c:\windows\Installer\3b206.msi
+ 2008-02-23 22:42 . 2008-02-23 22:42 1898496 c:\windows\Installer\3b200.msi
+ 2008-02-23 22:41 . 2008-02-23 22:41 3060224 c:\windows\Installer\3b1f3.msi
+ 2008-02-23 22:41 . 2008-02-23 22:41 1765888 c:\windows\Installer\3b1ed.msi
+ 2008-02-23 22:41 . 2008-02-23 22:41 1784832 c:\windows\Installer\3b1e7.msi
+ 2008-02-23 22:40 . 2008-02-23 22:40 1723904 c:\windows\Installer\3b1e1.msi
+ 2008-02-23 22:40 . 2008-02-23 22:40 1763840 c:\windows\Installer\3b1db.msi
+ 2008-02-23 22:40 . 2008-02-23 22:40 1728000 c:\windows\Installer\3b1d5.msi
+ 2008-02-23 22:40 . 2008-02-23 22:40 1794560 c:\windows\Installer\3b1cf.msi
+ 2008-02-23 22:40 . 2008-02-23 22:40 1891840 c:\windows\Installer\3b1c9.msi
+ 2008-02-23 22:39 . 2008-02-23 22:39 2084864 c:\windows\Installer\3b1c2.msi
+ 2008-02-23 22:39 . 2008-02-23 22:39 1724928 c:\windows\Installer\3b1bc.msi
+ 2008-02-23 22:39 . 2008-02-23 22:39 1885696 c:\windows\Installer\3b1b5.msi
+ 2008-02-23 22:38 . 2008-02-23 22:38 1786880 c:\windows\Installer\3b1af.msi
+ 2008-02-23 22:38 . 2008-02-23 22:38 1765376 c:\windows\Installer\3b1a9.msi
+ 2008-02-23 22:38 . 2008-02-23 22:38 1733120 c:\windows\Installer\3b1a3.msi
+ 2008-02-23 22:37 . 2008-02-23 22:37 1722880 c:\windows\Installer\3b19d.msi
+ 2008-02-23 22:37 . 2008-02-23 22:37 1723904 c:\windows\Installer\3b196.msi
+ 2008-02-23 22:37 . 2008-02-23 22:37 1722880 c:\windows\Installer\3b18f.msi
+ 2008-02-23 22:37 . 2008-02-23 22:37 1751040 c:\windows\Installer\3b188.msi
+ 2008-02-23 22:36 . 2008-02-23 22:36 1768448 c:\windows\Installer\3b182.msi
+ 2008-02-23 22:36 . 2008-02-23 22:36 1734656 c:\windows\Installer\3b17c.msi
+ 2008-02-23 22:36 . 2008-02-23 22:36 1766400 c:\windows\Installer\3b176.msi
+ 2008-02-23 22:35 . 2008-02-23 22:35 2166272 c:\windows\Installer\3b170.msi
+ 2008-02-23 22:34 . 2008-02-23 22:34 1722880 c:\windows\Installer\3b16a.msi
+ 2008-02-23 22:34 . 2008-02-23 22:34 1960960 c:\windows\Installer\3b163.msi
+ 2008-02-23 22:33 . 2008-02-23 22:33 1786880 c:\windows\Installer\3b159.msi
+ 2008-02-23 22:33 . 2008-02-23 22:33 1727488 c:\windows\Installer\3b14c.msi
+ 2008-02-23 22:33 . 2008-02-23 22:33 2602496 c:\windows\Installer\3b146.msi
+ 2008-02-23 22:31 . 2008-02-23 22:31 1733632 c:\windows\Installer\3b140.msi
+ 2008-02-23 22:30 . 2008-02-23 22:30 1736704 c:\windows\Installer\3b13a.msi
+ 2008-02-23 22:30 . 2008-02-23 22:30 1768448 c:\windows\Installer\3b134.msi
+ 2008-02-23 22:29 . 2008-02-23 22:29 1759744 c:\windows\Installer\3b12e.msi
+ 2008-02-23 22:29 . 2008-02-23 22:29 1833472 c:\windows\Installer\3b128.msi
+ 2008-02-23 22:29 . 2008-02-23 22:29 1723392 c:\windows\Installer\3b122.msi
+ 2008-02-23 22:28 . 2008-02-23 22:28 1833984 c:\windows\Installer\3b11c.msi
+ 2008-02-23 22:27 . 2008-02-23 22:27 1792512 c:\windows\Installer\3b116.msi
+ 2006-12-07 02:37 . 2006-12-07 02:37 6912000 c:\windows\Installer\3575b.msi
+ 2007-01-06 00:15 . 2007-01-06 00:15 1348608 c:\windows\Installer\2ceddf.msi
+ 2007-01-06 00:14 . 2007-01-06 00:14 1241600 c:\windows\Installer\2ceda2.msi
+ 2006-12-13 18:19 . 2006-12-13 18:19 1150464 c:\windows\Installer\27cff.msi
+ 2008-06-11 22:05 . 2008-06-11 22:05 9994240 c:\windows\Installer\2442286d.msp
+ 2009-05-01 22:49 . 2009-05-01 22:49 4328960 c:\windows\Installer\24422854.msp
+ 2008-10-23 05:48 . 2008-10-23 05:48 7672832 c:\windows\Installer\24422829.msp
+ 2008-04-01 21:33 . 2008-04-01 21:33 5479936 c:\windows\Installer\24422814.msp
+ 2008-01-31 17:30 . 2008-01-31 17:30 9947648 c:\windows\Installer\244227e7.msp
+ 2008-01-14 23:53 . 2008-01-14 23:53 5213696 c:\windows\Installer\244227cb.msp
+ 2008-10-25 16:15 . 2008-10-25 16:15 6227456 c:\windows\Installer\244227b6.msp
+ 2007-11-08 18:42 . 2007-11-08 18:42 4158464 c:\windows\Installer\24422763.msp
+ 2009-03-05 22:40 . 2009-03-05 22:40 6819840 c:\windows\Installer\24422746.msp
+ 2007-01-18 17:01 . 2007-01-18 17:01 3200000 c:\windows\Installer\2413f7.msi
+ 2008-06-01 03:07 . 2008-06-01 03:07 1840640 c:\windows\Installer\1d30d.msi
+ 2008-06-01 03:07 . 2008-06-01 03:07 1768448 c:\windows\Installer\1d2b0.msi
+ 2009-01-15 10:35 . 2009-01-15 10:35 4830720 c:\windows\Installer\1ca871ec.msp
+ 2008-12-29 08:20 . 2008-12-29 08:20 1549312 c:\windows\Installer\1a6270e0.msi
+ 2009-06-30 18:30 . 2009-06-30 18:30 5520384 c:\windows\Installer\1a22ee.msp
+ 2006-12-19 01:53 . 2006-12-19 01:53 5883392 c:\windows\Installer\18025d0.msi
+ 2006-12-17 01:20 . 2006-12-17 01:20 1811456 c:\windows\Installer\17af5d4.msi
+ 2008-12-13 16:57 . 2008-12-13 16:57 8397824 c:\windows\Installer\136ce5b.msp
+ 2008-07-30 02:26 . 2008-07-30 02:26 1043456 c:\windows\Installer\135a613.msp
+ 2008-07-30 03:37 . 2008-07-30 03:37 2679808 c:\windows\Installer\135a611.msp
+ 2008-07-30 04:15 . 2008-07-30 04:15 3697664 c:\windows\Installer\135a60f.msp
+ 2008-07-30 02:34 . 2008-07-30 02:34 1448448 c:\windows\Installer\135a60e.msp
+ 2008-07-30 03:22 . 2008-07-30 03:22 4137984 c:\windows\Installer\135a60d.msp
+ 2008-07-30 02:18 . 2008-07-30 02:18 3376640 c:\windows\Installer\135a60c.msp
+ 2008-07-30 00:45 . 2008-07-30 00:45 2543616 c:\windows\Installer\1326431.msp
+ 2008-07-30 00:29 . 2008-07-30 00:29 2926080 c:\windows\Installer\1326430.msp
+ 2008-07-30 00:41 . 2008-07-30 00:41 6487040 c:\windows\Installer\132642f.msp
+ 2008-07-30 00:39 . 2008-07-30 00:39 3403264 c:\windows\Installer\132642e.msp
+ 2008-07-30 00:43 . 2008-07-30 00:43 1013248 c:\windows\Installer\132642c.msp
+ 2008-07-30 00:31 . 2008-07-30 00:31 6083072 c:\windows\Installer\1326429.msp
+ 2009-06-12 19:33 . 2009-06-12 19:33 1799168 c:\windows\Installer\116f5b.msi
+ 2008-04-16 02:10 . 2008-04-16 02:10 1180160 c:\windows\Installer\10f57e3.msi
+ 2009-07-12 05:09 . 2009-03-08 11:34 1206784 c:\windows\ie8updates\KB969897-IE8\urlmon.dll
+ 2009-07-12 05:09 . 2009-03-08 11:41 5937152 c:\windows\ie8updates\KB969897-IE8\mshtml.dll
+ 2009-07-12 05:09 . 2009-03-08 11:32 1985024 c:\windows\ie8updates\KB969897-IE8\iertutil.dll
+ 2009-07-12 05:08 . 2009-04-29 04:46 3068928 c:\windows\ie8\mshtml.dll
+ 2006-12-13 18:19 . 2006-12-13 18:19 7654400 c:\windows\Downloaded Installations\{EF86FEC5-5132-4392-8DFC-6DE894A634E2}\Bonjour.msi
+ 2009-07-12 05:20 . 2009-07-12 05:20 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll
+ 2009-07-10 05:32 . 2009-07-10 05:32 3395584 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\0703021437c2ec71213a6b701771be86\WindowsBase.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 1118208 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\ae395b4b568f0d71fec35e3902a46a99\UIAutomationClientsideProviders.ni.dll
+ 2009-07-12 05:20 . 2009-07-12 05:20 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2009-07-12 05:52 . 2009-07-12 05:52 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 1531904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\4b5a5ae7e0127bc7198e25e642a93657\System.WorkflowServices.ni.dll
+ 2009-07-12 05:52 . 2009-07-12 05:52 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 2088960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\9d89b57d703aefe4938b45f8b398d378\System.Workflow.Runtime.ni.dll
+ 2009-07-12 05:52 . 2009-07-12 05:52 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 4579328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\575dad1c0dc9d035acbab10846802ce0\System.Workflow.ComponentModel.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 3084288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\9798b3ba448ba7d5f1dd70a8a1fb7562\System.Workflow.Activities.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 2416640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e53994294a9806e82eec3da5a92df440\System.Web.Extensions.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2009-07-10 06:21 . 2009-07-10 06:21 2039808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\d4147c99010667b5c547fcfc56ed7bd5\System.Speech.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 1556480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\b500bb89ae2cc514f4b1c34e5fa26d75\System.ServiceModel.Web.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 2445312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e27527e67611d8acc0d8dff6d286af23\System.Runtime.Serialization.ni.dll
+ 2009-07-12 05:23 . 2009-07-12 05:23 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 1134592 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\f94fbbe7d7c6e76d02cd9fb94ee8d910\System.Printing.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 1064960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\29c7192327cf3999961560bf3a3995c6\System.Management.ni.dll
+ 2009-07-12 05:23 . 2009-07-12 05:23 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 1118208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\bdd94a4c46e4424787dfed9381196cb3\System.IdentityModel.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 2756608 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e59504af41afab5e04681af951d9b302\System.Data.SqlXml.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-07-10 05:33 . 2009-07-10 05:33 2588672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\b764aeb88006085c9cc4202662de94f6\System.Data.Linq.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
+ 2009-07-10 05:33 . 2009-07-10 05:33 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\11a9cf08e5bb06e0770b2b6bbe06df39\System.Core.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 2416640 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\840c64bba900a6ed333ca39e63a9ca3b\ReachFramework.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6d2716a55eb8ce6fc4cbf83f3ab329e3\PresentationUI.ni.dll
+ 2009-07-12 05:20 . 2009-07-12 05:20 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll
+ 2009-07-12 05:20 . 2009-07-12 05:20 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 1581056 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\ab2b2664932688ae7c8e0bd9d10448ef\PresentationBuildTasks.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 1232896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\e3dce636e798c53ec2b44d1d4aadb850\Microsoft.Transactions.Bridge.ni.dll
+ 2009-07-12 05:24 . 2009-07-12 05:24 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2009-07-10 06:20 . 2009-07-10 06:20 2441216 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b3b62fe820b416515420a6ec17b247c3\Microsoft.JScript.ni.dll
+ 2009-07-12 05:45 . 2009-07-12 05:45 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2009-07-12 05:44 . 2009-07-12 05:44 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\19fcf0383bc2340da2d15e1370ef0990\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-07-12 05:24 . 2009-07-12 05:24 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 1892352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\1cfe3ed0c5b5f63d49185967fa4bfe17\Microsoft.Build.Engine.ni.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-07-12 05:19 . 2009-07-12 05:19 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-07-12 05:19 . 2009-07-12 05:19 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-07-12 05:15 . 2009-07-12 05:15 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-07-12 05:19 . 2009-07-12 05:19 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-07-12 05:14 . 2009-07-12 05:14 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2009-07-12 05:18 . 2009-07-12 05:18 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-07-12 05:06 . 2009-06-01 16:51 23635392 c:\windows\system32\MRT.exe
+ 2009-03-08 11:39 . 2009-04-30 21:22 11064832 c:\windows\system32\ieframe.dll
+ 2009-07-08 12:30 . 2009-07-08 12:30 68206856 c:\windows\McAfee.com\FreeScan\scan.DAT
+ 2008-02-25 06:11 . 2008-02-25 06:11 11395584 c:\windows\Installer\525990ec.msp
+ 2008-02-25 06:12 . 2008-02-25 06:12 20783104 c:\windows\Installer\525990eb.msp
+ 2007-06-15 10:29 . 2007-06-15 10:29 37983232 c:\windows\Installer\3b225.msp
+ 2008-02-23 22:46 . 2008-02-23 22:46 10476544 c:\windows\Installer\3b224.msi
+ 2008-07-30 15:50 . 2008-07-30 15:50 12506112 c:\windows\Installer\2442283e.msp
+ 2008-06-04 20:29 . 2008-06-04 20:29 16905728 c:\windows\Installer\244227fc.msp
+ 2008-01-14 22:24 . 2008-01-14 22:24 10721280 c:\windows\Installer\244227a1.msp
+ 2008-12-13 17:21 . 2008-12-13 17:21 10473472 c:\windows\Installer\136ce65.msp
+ 2009-07-12 05:09 . 2009-03-08 11:39 11063808 c:\windows\ie8updates\KB969897-IE8\ieframe.dll
+ 2006-12-19 01:53 . 2006-12-19 01:53 11129856 c:\windows\Downloaded Installations\{526DEA13-3565-48BD-BD60-F2F936C4DCB8}\URGE.msi
+ 2009-07-12 05:21 . 2009-07-12 05:21 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
+ 2009-07-12 05:51 . 2009-07-12 05:51 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2009-07-12 05:23 . 2009-07-12 05:23 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
+ 2009-07-10 06:11 . 2009-07-10 06:11 18071552 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\350903c091629396c08742c996c1caba\System.ServiceModel.ni.dll
+ 2009-07-12 05:21 . 2009-07-12 05:21 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll
+ 2009-07-12 05:20 . 2009-07-12 05:20 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll
+ 2009-07-10 05:33 . 2009-07-10 05:33 15036416 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\60421dda88800b14dc101ed9dca422fe\PresentationFramework.ni.dll
+ 2009-07-12 05:20 . 2009-07-12 05:20 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll
+ 2009-07-10 05:33 . 2009-07-10 05:33 12570624 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\011f8e31d197b4ccb6a61c2267a38e5c\PresentationCore.ni.dll
+ 2009-07-12 05:19 . 2009-07-12 05:19 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
+ 2007-07-27 16:03 . 2007-07-27 16:03 119977472 c:\windows\Installer\ba87666.msp
+ 2009-06-12 20:18 . 2009-06-12 20:18 130077184 c:\windows\Installer\116f5f.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"TCOYFReminder"="c:\progra~1\TCOYF\tcoyftray.exe" [2006-09-19 155648]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-02-19 949376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-21 177472]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2004-10-27 61952]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-7 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[BU]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\WINDOWS\\system32\\lxcgcoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxcgpswx.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\xampplite\\apache\\bin\\apache.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Games\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\NeverwinterNights\\NWN\\nwmain.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
"c:\\Program Files\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"c:\\Program Files\\Neverwinter Nights 2\\nwupdate.exe"=
"c:\\Program Files\\Neverwinter Nights 2\\nwn2server.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Games\\Worms Armageddon - New Edition\\WA.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\My Games\\Sacred Underworld\\sacred.exe"=
"c:\\My Games\\Sacred Underworld\\gameserver.exe"=
"c:\\Games\\Sacred 2 - Fallen Angel\\system\\s2gs.exe"=
"c:\\Games\\Sacred 2 - Fallen Angel\\system\\sacred2.exe"=
"c:\\Program Files\\Games\\Titan Quest Immortal Throne\\Tqit.exe"=
"c:\\Games\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Games\\Vampire\\vampire.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"5900:TCP"= 5900:TCP:VNC
"57432:TCP"= 57432:TCP:Pando Media Booster
"57432:UDP"= 57432:UDP:Pando Media Booster

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2/18/2008 5:54 PM 15424]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [5/10/2009 9:35 PM 120320]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [11/12/2008 2:54 PM 37376]
S3 PCD65X2;PCD65X2;\??\c:\docume~1\JC305B~1.YOU\LOCALS~1\Temp\PCD65X2.sys --> c:\docume~1\JC305B~1.YOU\LOCALS~1\Temp\PCD65X2.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-07-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 20:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
TCP: {60BF12F5-A44A-4287-8FD5-BE00F1156114} = 192.168.1.254
FF - ProfilePath - c:\documents and settings\J.C.YOUNG\Application Data\Mozilla\Firefox\Profiles\c1x8jt7d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca
FF - plugin: c:\documents and settings\All Users\Application Data\RealArcade\npraclient.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\np32dsw.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npgcplug.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npLegitCheckPlugin.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npmozax.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npnul32.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\NPOFFICE.DLL
FF - plugin: c:\progra~1\MOZILL~1\plugins\npPandoWebInst.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\nppdf32.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin2.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin3.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin4.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin5.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin6.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin7.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npraclient.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npracplug.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npstrlnk.dll
FF - plugin: c:\progra~1\MOZILL~1\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npraclient.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npstrlnk.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDCE08D86A-A41A-410A-943C-13BABB7DC474", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA9EDC9ED-603A-4F3F-BBEA-59C8853A3236", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID90D10942-D952-4863-9DD6-A2BDBBAD456E", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0ECEE744-7B69-4912-AB91-AE76D61ECB04", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF25635B2-1AB9-47B5-88D1-8877B22C86DE", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID27B7F812-4159-45B9-A389-B7A118A58DE4", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF849DF29-393B-4F8B-99D1-117A70D66FC7", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDBF1E9C3D-637C-4171-BD12-28A7360B879A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDDE1C0601-7947-4D7F-A6E5-E68BF6BA1E37", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4EA0DCCE-4D98-4876-9C6A-E5C563D0820A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID446462BA-2AAD-4C88-BC63-5210E2F31465", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0862E368-A40E-4E55-83EB-FBC5571BABA4", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDD2A96E3C-FFB3-4D38-9AC3-B127527BEA35", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4B05B39A-9DDC-4650-A7F8-D5B134E5FFE5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDC8E2574A-7BCE-4B93-A22E-61831DFD6DB8", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID659796C0-8B5D-48D7-A4EB-7E6874E26274", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID78071AB5-E729-414E-8D02-9C1D034F82E7", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDCC3F71E1-17F3-4C5B-997D-44CA56943197", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE67D5C78-B2D4-4BA0-8D69-1C7AF4BB08B5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFC5F3D7A-D321-412C-8A5D-9AD0C8041941", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID6EC5CD16-81BC-4515-9EDD-9265C906F56E", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID67CFB2C5-E491-4395-977B-CD45E4124655", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID73600569-52E6-4760-8BAB-B68202937D98", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB02EBD42-6885-401A-9389-E089F7DDC872", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDBAE5CB8C-4075-4743-B2E4-78DA8D8CDC64", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID28B07B04-DA99-4FD3-BF27-4972F2B8142B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0D53448F-D12B-4102-8CE2-697DAE8D6643", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE3266A47-A141-47B8-AAA8-5F16FB4F8CCD", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB33AB7AF-76D7-4B1C-B709-5D6BF9E7B1C7", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID153B7451-0BB5-4B37-95C0-44D89E2F1F2B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID3BBE8E21-0D3D-4BAA-AC6F-C7BCEF750849", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID9B5B4F2D-A7D9-4329-B0FE-92B301A8CAAD", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA5C42921-8CD0-4924-97C3-01B5B0610BC6", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID06969252-F90F-4CF2-9074-33772EB64859", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFBF37655-1236-4C0D-96C5-F94E1724841B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDC1A3F035-B68F-4B2B-9FD5-E36DAAAF26DD", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID368F3685-543E-4812-9FDE-96E097E453FC", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID43969873-56AA-4113-84CB-4AB2AEB9AA31", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA205DD80-63D4-4E41-B785-26EC3D90B97B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID068D43E7-7551-4A2F-AE96-4A38A9AD1953", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF443E9CB-9EEC-456E-8AE7-F3102D5CD47D", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE36A7B16-645D-4261-BFF8-3A7E69C5F7A5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID379805E3-E0E2-40DC-B51B-6DC1AE5802AA", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF6240D69-A06D-44A1-8003-8496CCEF2C53", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID26C3113D-5A71-4F1B-A2CB-BE59E1279DDA", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID92B97F2B-7565-4CE9-9AC7-0598DFD731F8", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID2AA5E7CF-9696-42F0-B76A-8655296EADF2", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0AAACE0B-ACEF-4781-83F4-BFB52EEC995A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0D56FF58-A39D-4E8C-A40B-2E3711251772", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID946121C2-11F1-49DD-A7E3-CF793DE827A4", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB853303D-1BAB-43F3-9D7D-101D0DA8E7A5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID9E578247-FE29-4F8C-8202-A24A5688CF2A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID6D065A8F-FFC0-4A0F-B863-1D724B8C786B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4451D291-6940-42CE-9D3C-CA1D4C96549C", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID064B722D-079D-4EBB-B3CF-9FCBF64FFF5D", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID38F8AB0F-5DFB-43D9-889E-8717CC4AB59B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4EC68CD1-0EF1-4CB9-9EF1-3D64AB266149", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID44F96B27-CFAD-41E1-83A1-6B28040C3BDE", "AllAccess");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-22 11:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\mysql]
"ImagePath"="c:\xampplite\mysql\bin\mysqld-nt --defaults-file=c:\xampplite\mysql\bin\my.cnf mysql"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-343818398-813497703-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:4b,40,22,81,c9,89,d8,6f,98,a9,60,90,82,40,32,bb,db,80,e6,f6,23,
e4,c3,34,77,52,76,02,10,f9,35,b1,70,8f,31,ca,f1,3a,b0,e8,89,04,d0,19,1f,82,\
"rkeysecu"=hex:43,f3,aa,9f,21,6c,4b,dd,45,a2,00,f9,87,61,78,b2

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,16,e7,ca,45,52,
e4,5c,20,e2,63,26,f1,3f,c8,ff,68,54,08,7b,1b,18,b0,9a,1f,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,a7,34,ac,ca,57,
52,21,11,6a,9c,d6,61,af,45,84,18,e5,8b,9a,30,4a,a3,2b,d4,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,18,30,9a,bf,06,
ae,d7,3f,ff,7c,85,e0,43,d4,0e,fe,d8,02,3a,fd,59,4a,97,d2,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,59,20,ba,c6,78,
56,1d,7c,86,8c,21,01,be,91,eb,e7,62,7e,54,81,ab,22,42,4d,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,80,16,81,83,2a,
41,95,87,f5,1d,4d,73,a8,13,5c,05,70,53,50,24,a4,9d,3a,34,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,0f,bb,52,93,82,
1f,12,e0,df,20,58,62,78,6b,cf,c8,ad,81,3f,5e,77,4a,27,39,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,62,75,85,6e,d1,
32,cd,61,fb,a7,78,e6,12,2f,9a,ea,43,8a,1c,67,d1,28,8a,ac,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,bf,4d,0d,6d,9b,
09,22,2b,01,3a,48,fc,e8,04,4a,f1,2a,38,de,d4,a0,55,08,1c,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,63,87,04,4a,f9,
c5,bd,a8,f6,0f,4e,58,98,5b,89,c9,ab,b6,f7,45,72,83,c7,e8,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,15,c1,d6,ec,cb,
d0,e1,18,3d,ce,ea,26,2d,45,aa,78,c9,df,be,80,4f,83,02,3e,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:f8,31,0f,a9,5f,a0,ec,fb,0c,1f,32,f9,43,
47,bc,8d,2a,b7,cc,b5,b9,7f,41,e7,74,d8,fc,0d,4c,27,c6,e0,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,af,43,63,ac,db,
d1,3d,51,6c,43,2d,1e,aa,22,2f,9c,01,22,e1,67,4f,d9,aa,21,6c,43,2d,1e,aa,22,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(708)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\igfxdev.dll
.
Completion time: 2009-07-22 11:33
ComboFix-quarantined-files.txt 2009-07-22 18:33
ComboFix2.txt 2009-06-23 02:14
ComboFix3.txt 2009-06-23 02:03

Pre-Run: 13,888,032,768 bytes free
Post-Run: 14,119,260,160 bytes free

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
1556 --- E O F --- 2009-07-19 21:15






Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP Home Edition (5.1.2600) Service Pack 3
[32_bits] - x86 Family 6 Model 15 Stepping 6, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Enabled
.
Internet Explorer 8.0.6001.18702
Mozilla Firefox 3.0.11 (en-US)
.
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:186 Go - Free:13 Go )
D:\ [CD_Rom]
E:\ [CD_Rom]
F:\ [Removable]
H:\ [CD_Rom]
.
Scan : 11:35.55
Path : C:\Documents and Settings\J.C.YOUNG\Desktop\Rooter.exe
User : J.C.YOUNG ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (420)
______ \??\C:\WINDOWS\system32\csrss.exe (676)
______ \??\C:\WINDOWS\system32\winlogon.exe (708)
______ C:\WINDOWS\system32\services.exe (752)
______ C:\WINDOWS\system32\lsass.exe (764)
______ C:\WINDOWS\system32\Ati2evxx.exe (948)
______ C:\WINDOWS\system32\svchost.exe (968)
______ C:\WINDOWS\system32\svchost.exe (1036)
______ C:\WINDOWS\System32\svchost.exe (1144)
______ C:\WINDOWS\system32\svchost.exe (1184)
______ C:\WINDOWS\system32\svchost.exe (1244)
______ C:\WINDOWS\system32\svchost.exe (1336)
______ C:\WINDOWS\system32\Ati2evxx.exe (1436)
______ C:\WINDOWS\system32\spoolsv.exe (1492)
______ C:\WINDOWS\system32\netdde.exe (388)
______ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (1168)
______ C:\Program Files\iTunes\iTunesHelper.exe (1192)
______ C:\Program Files\DAEMON Tools Lite\daemon.exe (1280)
______ C:\WINDOWS\system32\ctfmon.exe (1332)
______ C:\xampplite\apache\bin\apache.exe (1532)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (1636)
______ C:\Program Files\Bonjour\mDNSResponder.exe (1672)
______ C:\WINDOWS\system32\clipsrv.exe (1708)
______ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (816)
______ C:\xampplite\mysql\bin\mysqld-nt.exe (304)
______ C:\xampplite\apache\bin\apache.exe (508)
______ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe (1412)
______ C:\Program Files\Eset\nod32krn.exe (2836)
______ C:\WINDOWS\system32\HPZipm12.exe (2856)
______ C:\WINDOWS\system32\svchost.exe (2896)
______ C:\Program Files\iPod\bin\iPodService.exe (3672)
______ C:\WINDOWS\System32\alg.exe (3856)
______ C:\WINDOWS\System32\svchost.exe (2936)
______ C:\Program Files\Outlook Express\msimn.exe (3796)
______ C:\WINDOWS\system32\wuauclt.exe (4092)
______ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (3452)
______ C:\WINDOWS\explorer.exe (600)
______ C:\WINDOWS\system32\igfxsrvc.exe (3548)
______ C:\Program Files\ESET\nod32kui.exe (3352)
______ C:\Documents and Settings\J.C.YOUNG\Desktop\Rooter.exe (4056)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:200038777344)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 11:35.58
.
C:\Rooter$\Rooter_1.txt - (22/07/2009 | 11:35.58)

#7 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:02:09 PM

Posted 23 July 2009 - 05:45 AM

Why did you run combofix again, that is not what I said to do : :thumbup2:

Post the contents of this combofix log in your next reply.

C:\Qoobox\ComboFix3.txt

is now experiencing Firefox browser redirects to MANY different websites. The latest of the redirects has been to Shopica.


Are you still getting these redirects?

unite.jpg


#8 Jfurtado

Jfurtado
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 23 July 2009 - 01:33 PM

Sorry for running it again, I misunderstood what you were asking me to do :thumbup2:

Here are the contents of Combofix3.txt you wanted to see:

ComboFix 09-06-22.04 - J.C.YOUNG 06/22/2009 18:58.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1519 [GMT -7:00]
Running from: c:\documents and settings\J.C.YOUNG\Desktop\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\ATIODCLI.exe
c:\windows\system32\ATIODE.exe
c:\documents and settings\J.C.YOUNG\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Antivirus Pro.lnk
C:\Winvdrvr.dll

.
((((((((((((((((((((((((( Files Created from 2009-05-23 to 2009-06-23 )))))))))))))))))))))))))))))))
.

2009-06-23 01:44 . 2008-10-10 11:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-06-23 01:44 . 2008-10-10 11:52 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-06-23 01:44 . 2008-10-10 11:52 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-06-23 01:44 . 2008-10-27 17:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2009-06-23 01:44 . 2008-10-27 17:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2009-06-23 01:44 . 2008-10-27 17:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2009-06-23 01:44 . 2008-10-27 17:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2009-06-23 01:33 . 2009-06-23 01:33 -------- d-----w- c:\program files\Activision
2009-06-23 00:09 . 2009-06-23 01:44 -------- d-----w- c:\windows\LastGood
2009-06-21 01:20 . 2009-06-21 01:20 2349384 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-06-21 01:20 . 2009-06-21 01:20 627536 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-06-21 01:20 . 2009-06-21 01:20 518488 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-06-21 01:20 . 2009-06-21 01:20 1003344 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-06-21 01:17 . 2009-06-21 01:17 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-06-21 01:17 . 2009-03-12 08:17 2902048 -c--a-w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-06-21 01:17 . 2009-06-21 01:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-06-21 01:17 . 2009-06-21 01:17 -------- d-----w- c:\program files\Lavasoft
2009-06-18 05:02 . 2009-06-18 05:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-06-18 04:57 . 2009-05-16 04:05 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-06-18 04:45 . 2009-06-18 04:58 -------- d-----w- c:\program files\ATI Technologies
2009-06-18 03:57 . 2009-06-18 06:57 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2009-06-17 08:53 . 2009-06-17 08:53 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\IObit
2009-06-17 08:53 . 2009-06-17 08:53 -------- d-----w- c:\program files\IObit
2009-06-13 07:36 . 2009-06-13 07:36 -------- d-----w- c:\documents and settings\J.C.YOUNG\Local Settings\Application Data\Ascaron Entertainment
2009-06-13 07:36 . 2009-06-13 07:36 -------- d--h--r- c:\documents and settings\J.C.YOUNG\Application Data\SecuROM
2009-06-12 20:19 . 2008-03-05 22:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2009-06-12 20:19 . 2008-02-06 06:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2009-06-12 20:19 . 2008-03-05 22:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2009-06-12 20:19 . 2007-10-22 10:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2009-06-12 20:19 . 2007-10-12 22:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2009-06-12 20:19 . 2007-10-02 16:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2009-06-12 20:19 . 2007-10-12 22:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2009-06-12 20:19 . 2007-07-20 07:57 267112 ----a-w- c:\windows\system32\xactengine2_9.dll
2009-06-12 20:19 . 2007-07-20 01:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2009-06-12 20:19 . 2007-07-20 01:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2009-06-12 20:19 . 2007-07-20 01:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2009-06-12 20:18 . 2009-06-12 20:18 -------- d-----w- c:\windows\Logs
2009-06-12 20:18 . 2009-06-12 20:18 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-06-12 20:18 . 2009-06-12 20:18 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-06-12 19:48 . 2009-06-12 19:48 -------- d-----w- c:\program files\Defraggler
2009-06-12 19:33 . 2009-06-12 19:33 -------- d-----w- c:\windows\system32\AGEIA
2009-06-12 19:33 . 2009-06-12 19:33 -------- d-----w- c:\program files\AGEIA Technologies
2009-06-12 19:27 . 2009-06-12 19:27 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\Malwarebytes
2009-06-12 19:06 . 2009-06-12 19:06 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-06-12 19:06 . 2009-06-12 19:06 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-06-12 19:05 . 2009-06-14 18:48 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-06-12 19:02 . 2009-06-12 19:13 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\DAEMON Tools Lite
2009-06-10 22:52 . 2009-06-21 23:58 -------- d-----w- c:\program files\Hormonal Forecaster
2009-06-10 22:51 . 2009-06-10 22:51 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-06-10 22:51 . 2009-06-10 22:51 286720 ------w- c:\windows\Setup1.exe
2009-06-09 17:52 . 2009-06-19 16:14 -------- d-----w- c:\documents and settings\J.C.YOUNG\.rainlendar2
2009-06-09 17:52 . 2009-06-09 17:52 -------- d-----w- c:\program files\Rainlendar2
2009-06-02 00:24 . 2009-06-02 00:25 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\HuruBeachParty

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-23 01:40 . 2006-12-07 01:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-22 15:39 . 2009-05-19 18:48 117760 ----a-w- c:\documents and settings\J.C.YOUNG\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-18 05:02 . 2006-12-07 02:38 83664 ----a-w- c:\documents and settings\J.C.YOUNG\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-13 08:33 . 2008-02-19 01:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-12 19:49 . 2008-04-14 04:23 -------- d-----w- c:\program files\CCleaner
2009-06-12 19:39 . 2006-12-08 03:09 -------- d-----w- c:\program files\Pinnacle
2009-06-12 19:33 . 2009-05-19 18:48 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-12 19:27 . 2009-05-15 05:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-12 19:25 . 2009-02-11 06:24 -------- d-----w- c:\program files\Forrest
2009-06-12 19:24 . 2009-02-11 06:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Outspark
2009-06-12 19:15 . 2009-03-23 05:42 -------- d-----w- c:\program files\Graboid
2009-06-12 19:02 . 2008-02-23 22:20 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-12 16:40 . 2007-01-06 00:05 123064 ----a-w- c:\windows\HPHins11.dat
2009-06-11 06:10 . 2008-08-24 23:46 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\uTorrent
2009-06-02 21:07 . 2006-12-08 02:03 -------- d-----w- c:\program files\Lx_cats
2009-06-02 21:05 . 2007-01-07 02:11 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\Image Zone Express
2009-05-28 05:24 . 2008-01-09 08:25 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-05-27 02:53 . 2009-05-19 18:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-05-22 03:02 . 2009-05-22 03:02 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-05-22 03:00 . 2006-12-07 02:07 -------- d-----w- c:\program files\Microsoft Works
2009-05-20 21:22 . 2008-01-28 05:26 -------- d-----w- c:\program files\RealArcade
2009-05-20 17:53 . 2007-02-02 20:38 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\PlayFirst
2009-05-20 17:53 . 2007-02-02 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2009-05-19 23:46 . 2006-12-17 01:20 -------- d-----w- c:\program files\Napster
2009-05-19 23:42 . 2009-04-18 06:06 -------- d-----w- c:\program files\Google
2009-05-19 19:46 . 2009-05-14 03:07 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\ptidle
2009-05-19 18:54 . 2008-04-22 03:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-19 18:48 . 2009-05-19 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-19 18:48 . 2009-05-19 18:48 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\SUPERAntiSpyware.com
2009-05-19 18:23 . 2009-05-15 05:34 -------- d-----w- c:\program files\Registry Easy
2009-05-19 01:39 . 2009-05-19 01:39 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ahead
2009-05-19 01:37 . 2008-02-23 23:09 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-05-16 03:58 . 2006-03-17 09:24 4069888 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-05-16 03:39 . 2009-05-16 03:39 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-05-16 03:38 . 2006-03-17 09:24 335872 ----a-w- c:\windows\system32\ati2dvag.dll
2009-05-16 03:18 . 2009-05-16 03:18 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-05-16 03:17 . 2009-05-16 03:17 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-05-16 03:17 . 2009-05-16 03:17 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-05-16 03:17 . 2009-05-16 03:17 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-05-16 03:17 . 2009-05-16 03:17 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-05-16 03:15 . 2009-05-16 03:15 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-05-16 03:14 . 2009-05-16 03:14 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-05-16 03:07 . 2006-03-17 09:10 2987136 ----a-w- c:\windows\system32\ati3duag.dll
2009-05-16 02:55 . 2009-05-16 02:55 11423744 ----a-w- c:\windows\system32\atioglxx.dll
2009-05-16 02:54 . 2006-03-17 09:05 2122624 ----a-w- c:\windows\system32\ativvaxx.dll
2009-05-16 02:54 . 2009-05-16 02:54 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-05-16 02:54 . 2009-05-16 02:54 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-05-16 02:51 . 2009-05-16 02:51 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-05-16 02:38 . 2009-05-16 02:38 49664 ----a-w- c:\windows\system32\atimpc32.dll
2009-05-16 02:38 . 2009-05-16 02:38 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-05-16 02:33 . 2009-05-16 02:33 479232 ----a-w- c:\windows\system32\atikvmag.dll
2009-05-16 02:31 . 2009-05-16 02:31 139264 ----a-w- c:\windows\system32\atiadlxx.dll
2009-05-16 02:31 . 2009-05-16 02:31 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-05-16 02:30 . 2009-05-16 02:30 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-05-16 02:26 . 2009-05-16 02:26 376832 ----a-w- c:\windows\system32\atiok3x2.dll
2009-05-16 02:24 . 2006-03-17 08:47 651264 ----a-w- c:\windows\system32\ati2cqag.dll
2009-05-16 01:35 . 2009-05-16 01:35 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-05-16 01:34 . 2009-05-16 01:34 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-05-16 01:33 . 2009-05-16 01:33 3158016 ----a-w- c:\windows\system32\aticaldd.dll
2009-05-11 04:35 . 2009-05-11 04:35 120320 ----a-w- c:\windows\system32\drivers\SSHDRV65.sys
2009-05-08 03:55 . 2008-12-29 08:22 -------- d-----w- c:\documents and settings\J.C.YOUNG\Application Data\Apple Computer
2009-05-07 15:32 . 2006-02-28 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-05-05 19:33 . 2009-05-05 19:33 118784 ----a-w- c:\windows\system32\atibtmon.exe
2009-05-04 02:50 . 2008-05-13 00:11 -------- d-----w- c:\program files\Neverwinter Nights 2
2009-04-30 07:44 . 2009-04-11 03:23 -------- d-----w- c:\program files\Ice Cream Craze Tycoon Takeover
2009-04-29 04:46 . 2006-02-28 12:00 666624 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:46 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-04-23 19:04 . 2009-04-23 19:04 189051 ----a-w- c:\windows\system32\atiicdxx.dat
2009-04-17 12:26 . 2006-02-28 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2006-02-28 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-03-31 00:13 . 2009-04-18 06:07 98304 ----a-w- c:\documents and settings\All Users\Application Data\RealArcade\npraclient.dll
2009-03-26 04:01 . 2009-03-26 04:01 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\SetupAdmin.exe
2008-12-31 11:47 . 2008-12-31 10:49 2087005 ----a-w- c:\program files\Common Files\InternetAntivirusPro.exe
.

------- Sigcheck -------

[7] 2006-02-28 12:00 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\$NtServicePackUninstall$\svchost.exe
[7] 2008-04-14 00:12 14336 27C6D03BCDB8CFEB96B716F3D8BE3E18 c:\windows\ServicePackFiles\i386\svchost.exe
[7] 2008-04-14 00:12 14336 27C6D03BCDB8CFEB96B716F3D8BE3E18 c:\windows\system32\svchost.exe

[-] 2005-03-02 18:19 577024 1800F293BCCC8EDE8A70E12B88D80036 c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2007-03-08 15:48 578048 7AA4F6C00405DFC4B70ED4214E7D687B c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 15:36 577536 B409909F6E2E8A7067076ED748ABF1E7 c:\windows\$NtServicePackUninstall$\user32.dll
[7] 2006-02-28 12:00 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2005-03-02 18:09 577024 DE2DB164BBB35DB061AF0997E4499054 c:\windows\$NtUninstallKB925902$\user32.dll
[7] 2008-04-14 00:12 578560 B26B135FF1B9F60C9388B4A7D16F600B c:\windows\ServicePackFiles\i386\user32.dll
[7] 2008-04-14 00:12 578560 B26B135FF1B9F60C9388B4A7D16F600B c:\windows\system32\user32.dll

[7] 2006-02-28 12:00 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\$NtServicePackUninstall$\ws2_32.dll
[7] 2008-04-14 00:12 82432 2CCC474EB85CEAA3E1FA1726580A3E5A c:\windows\ServicePackFiles\i386\ws2_32.dll
[7] 2008-04-14 00:12 82432 2CCC474EB85CEAA3E1FA1726580A3E5A c:\windows\system32\ws2_32.dll

[-] 2006-09-14 08:31 664576 D207370287CF769AEBEBF03837784963 c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll
[-] 2006-10-23 15:34 664576 231EF4179ACABE486376B5CA893F1076 c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll
[-] 2007-01-04 14:05 665088 3FFA1573FC274E5AA7467D03941C45EE c:\windows\$hf_mig$\KB928090\SP2QFE\wininet.dll
[-] 2007-02-20 09:52 665600 B258C922D22DEEC880B60720531D7627 c:\windows\$hf_mig$\KB931768\SP2QFE\wininet.dll
[-] 2007-04-18 12:46 665600 4261BA03AFD659DE04F0A17DFBDD454D c:\windows\$hf_mig$\KB933566\SP2QFE\wininet.dll
[-] 2007-06-26 14:35 665600 E1A3DD68B5380B360A7310A64D9BB188 c:\windows\$hf_mig$\KB937143\SP2QFE\wininet.dll
[-] 2007-08-22 12:55 665600 A1BC17EB3758D73C3938B2318820F5B4 c:\windows\$hf_mig$\KB939653\SP2QFE\wininet.dll
[-] 2007-10-11 05:57 666112 80D660A49E0D118144423099B2A9F5DA c:\windows\$hf_mig$\KB942615\SP2QFE\wininet.dll
[-] 2007-12-07 00:44 666112 085A7C37F9C6EDE1BA870B7DBEC06399 c:\windows\$hf_mig$\KB944533\SP2QFE\wininet.dll
[-] 2008-02-16 09:32 666112 BB1EACD6AB47E78EBCA02EB781550D55 c:\windows\$hf_mig$\KB947864\SP2QFE\wininet.dll
[7] 2008-04-21 06:56 666624 2E7DE1BF9418B071799EB53DE8CC22F5 c:\windows\$hf_mig$\KB950759\SP2QFE\wininet.dll
[7] 2008-04-21 06:44 666112 2B0C24AA747A93A28987B6D65A4A74BC c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll
[7] 2008-04-21 06:24 666624 26F240C250E5B4B395CB4B178BA75437 c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll
[7] 2008-06-23 16:12 667136 611ACE3F4201E9610AF8452F7C268995 c:\windows\$hf_mig$\KB953838\SP2QFE\wininet.dll
[7] 2008-06-23 15:09 666112 F12FBB673DE9CC802C5DC518FE99AA2F c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll
[7] 2008-06-23 14:54 666624 972299B7241EC325D8C7E5638C884925 c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll
[7] 2008-08-20 05:33 667648 C91E3A6EF094202F6B5CA8960DFCF243 c:\windows\$hf_mig$\KB956390\SP2QFE\wininet.dll
[7] 2008-08-20 05:30 666112 9AF5F25124FBDC36E2B510729CBA2674 c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll
[7] 2008-08-20 04:58 666624 94418F53D2612C26DBADC04DAFBC197C c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll
[7] 2008-10-16 10:20 667648 93C9D0A216498EE14EB9B26119BB95EE c:\windows\$hf_mig$\KB958215\SP2QFE\wininet.dll
[7] 2008-10-16 01:00 666112 1576318BF08D28CC61D1278114AD8D5B c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
[7] 2008-10-16 01:04 667136 E8FCE58A470999350F64C591557F9E42 c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[7] 2009-02-20 07:50 667648 711FEABED387B29FF7ED61BC6806A06C c:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll
[7] 2009-04-29 04:21 668160 04BCB4F87B35502568F6CF33433543A5 c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll
[7] 2008-10-16 10:37 659456 6F1E4BFD78C4E0D05FF3725D59B72925 c:\windows\$NtServicePackUninstall$\wininet.dll
[7] 2006-02-28 12:00 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\$NtUninstallKB922760$\wininet.dll
[-] 2006-09-14 08:39 658944 621AF3F6174A3F60677F5230E28BCC07 c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2006-10-23 15:17 658944 6B2735ADFF5A5D3B9130CA4A794722F0 c:\windows\$NtUninstallKB928090$\wininet.dll
[-] 2007-01-04 13:37 658944 8C393DF5234CBCBFF1EE31902D6B40AE c:\windows\$NtUninstallKB931768$\wininet.dll
[-] 2007-02-20 09:48 658944 30D1C47E40EFBB792FF8D3C3B51CE507 c:\windows\$NtUninstallKB933566$\wininet.dll
[-] 2007-04-18 12:31 658944 B7156CD97E739F3014BC4D61758F868A c:\windows\$NtUninstallKB937143$\wininet.dll
[-] 2007-06-26 14:09 658944 184E47C8F7B331025E6DC92740DB188F c:\windows\$NtUninstallKB939653$\wininet.dll
[-] 2007-08-22 13:12 658944 1901AD51DA8BE9F8B38D5D526E5D1788 c:\windows\$NtUninstallKB942615$\wininet.dll
[-] 2007-10-11 06:13 659456 2005AD86A22AEE68E21EE59F9CCB77F2 c:\windows\$NtUninstallKB944533$\wininet.dll
[-] 2007-12-07 01:07 659456 57D1B5150CF6331FAC6B3E04C1FCB966 c:\windows\$NtUninstallKB947864$\wininet.dll
[7] 2008-04-14 00:12 666112 7A4F775ABB2F1C97DEF3E73AFA2FAEDD c:\windows\$NtUninstallKB950759$\wininet.dll
[-] 2008-02-16 08:59 659456 0C690E77C0E924C45B4D7045B182FFF1 c:\windows\$NtUninstallKB950759_0$\wininet.dll
[7] 2008-04-21 06:44 666112 2B0C24AA747A93A28987B6D65A4A74BC c:\windows\$NtUninstallKB953838$\wininet.dll
[7] 2008-04-21 07:04 659456 1EFB8A3EA8454AEC1BB8A240A2845598 c:\windows\$NtUninstallKB953838_0$\wininet.dll
[7] 2008-06-23 15:09 666112 F12FBB673DE9CC802C5DC518FE99AA2F c:\windows\$NtUninstallKB956390$\wininet.dll
[7] 2008-06-23 15:38 659456 9EEA04BC4C3FA521D256D89940FAB4DB c:\windows\$NtUninstallKB956390_0$\wininet.dll
[7] 2008-08-20 05:30 666112 9AF5F25124FBDC36E2B510729CBA2674 c:\windows\$NtUninstallKB958215$\wininet.dll
[7] 2008-08-20 05:38 659456 87E694D09893978F22024FEEEDF35342 c:\windows\$NtUninstallKB958215_0$\wininet.dll
[7] 2008-10-16 01:00 666112 1576318BF08D28CC61D1278114AD8D5B c:\windows\$NtUninstallKB963027$\wininet.dll
[7] 2009-02-20 08:10 666112 5B6A3EB7BB2F338BC2CB9F2FA4AAEA9E c:\windows\$NtUninstallKB969897$\wininet.dll
[7] 2008-04-14 00:12 666112 7A4F775ABB2F1C97DEF3E73AFA2FAEDD c:\windows\ServicePackFiles\i386\wininet.dll
[7] 2009-04-29 04:46 666624 6002073519FA478BF89977369CDFD156 c:\windows\SoftwareDistribution\Download\a9c8e00397fe4457a25305c397dc3358\sp3gdr\wininet.dll
[7] 2009-04-29 04:21 668160 04BCB4F87B35502568F6CF33433543A5 c:\windows\SoftwareDistribution\Download\a9c8e00397fe4457a25305c397dc3358\sp3qfe\wininet.dll
[7] 2009-04-29 04:46 666624 6002073519FA478BF89977369CDFD156 c:\windows\system32\wininet.dll
[7] 2009-04-29 04:46 666624 6002073519FA478BF89977369CDFD156 c:\windows\system32\dllcache\wininet.dll

[-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2006-02-28 12:00 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB941644$\tcpip.sys
[7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\drivers\tcpip.sys

[7] 2006-02-28 12:00 502272 01C3346C241652F43AED8E2149881BFE c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2008-04-14 00:12 507904 ED0EF0A136DEC83DF69F04118870003E c:\windows\ServicePackFiles\i386\winlogon.exe
[7] 2008-04-14 00:12 507904 ED0EF0A136DEC83DF69F04118870003E c:\windows\system32\winlogon.exe

[7] 2006-02-28 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\$NtServicePackUninstall$\ndis.sys
[7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\ServicePackFiles\i386\ndis.sys
[7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\drivers\ndis.sys

[7] 2006-02-28 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
[7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\ServicePackFiles\i386\ip6fw.sys
[7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\drivers\ip6fw.sys

[-] 2005-03-02 00:36 2056832 D8ABA3EAB509627E707A3B14F00FBB6B c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2006-10-30 10:27 2059264 972DF9BC435B2F077B02C5E8A09ACF83 c:\windows\$hf_mig$\KB896256\SP2QFE\ntkrnlpa.exe
[-] 2006-12-19 16:12 2059392 BA4B97C00A437C1CC3DA365D93EE1E9D c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 09:15 2059392 4D3DBDCCBF97F5BA1E74F322B155C3BA c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[7] 2009-02-06 10:30 2066176 607352B9CB3D708C67F6039097801B5A c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-08-14 09:18 2062976 63EC865DFF6CCFC7BEF94B5C50297CAD c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
[7] 2008-08-14 09:33 2066048 4AC58F03EB94A72809949D757FC39D80 c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
[7] 2008-08-14 22:39 2066048 A25E9B86EFFB2AF33BF51E676B68BFB0 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[7] 2008-08-14 09:22 2015744 DC097A896A03B8277457D228FD12D4E6 c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2006-02-28 12:00 2015232 FB142B7007CA2EEA76966C6C5CC12150 c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe
[-] 2005-03-02 00:34 2015232 3CD941E472DDF3534E53038535719771 c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe
[-] 2006-12-19 12:55 2015744 BBB2322EB14AD9AD55B1024FFD4D88BF c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[7] 2008-08-14 09:33 2023936 8206B5F94A6A9450E934029420C1693F c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2008-04-13 18:31 2023936 7F653A89F6E89E3AE0D49830EECE35D4 c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2007-02-28 08:38 2015744 A58AC1C6199EF34228ABEE7FC057AE09 c:\windows\$NtUninstallKB956841_0$\ntkrnlpa.exe
[7] 2009-02-08 02:02 2066048 5BA7F2141BC6DB06100D0E5A732C617A c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2008-04-13 18:31 2065792 109F8E3E3C82E337BB71B6BC9B895D61 c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[7] 2009-02-06 10:32 2023936 65D4220799E6FC2CB079070A6393CC0E c:\windows\system32\ntkrnlpa.exe
[7] 2009-02-08 02:02 2066048 5BA7F2141BC6DB06100D0E5A732C617A c:\windows\system32\dllcache\ntkrnlpa.exe

[-] 2005-03-02 01:04 2179456 28187802B7C368C0D3AEF7D4C382AABB c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2006-10-30 12:13 2182016 29664B5A66F187790006014F87ADCCDF c:\windows\$hf_mig$\KB896256\SP2QFE\ntoskrnl.exe
[-] 2006-12-19 16:51 2182016 CEF243F6DEFD20BE4ADDE26C7ECACB54 c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 09:55 2182144 5A5C8DB4AA962C714C8371FBDF189FC9 c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[7] 2009-02-08 02:35 2189184 EFE8EACE83EAAD5849A7A548FB75B584 c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2008-08-14 09:57 2185984 CE69DBD54221F2D40E49FF6DB77C6507 c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
[7] 2008-08-14 10:11 2189184 EEAF32F8E15A24F62BECB1BD403BB5C5 c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[7] 2008-08-14 23:11 2189184 31914172342BFF330063F343AC6958FE c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[7] 2008-08-14 09:58 2136064 DD31AB4B91C2605601A3C108AF57A0C9 c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2006-02-28 12:00 2148352 626309040459C3915997EF98EC1C8D40 c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
[-] 2005-03-02 00:57 2135552 48B3E89AF7074CEE0314A3E0C7FAFFDB c:\windows\$NtUninstallKB929338$\ntoskrnl.exe
[-] 2006-12-19 14:15 2136064 8318ED54797F3E513FD5817A1D4BBD18 c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[7] 2008-08-14 10:09 2145280 F6F8245B3A2E9CA834DD318E7AE0C6D0 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[7] 2008-04-13 19:24 2145280 40F8880122A030A7E9E1FEDEA833B33D c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2007-02-28 09:08 2136064 1220FAF071DEA8653EE21DE7DCDA8BFD c:\windows\$NtUninstallKB956841_0$\ntoskrnl.exe
[7] 2009-02-06 11:08 2189056 7A95B10A73737EBF24139AAA63F5212B c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2008-04-13 19:27 2188928 0C89243C7C3EE199B96FCC16990E0679 c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[7] 2009-02-06 11:06 2145280 0CBA44D0938D57F334C0862424148B70 c:\windows\system32\ntoskrnl.exe
[7] 2009-02-06 11:08 2189056 7A95B10A73737EBF24139AAA63F5212B c:\windows\system32\dllcache\ntoskrnl.exe

[7] 2008-04-14 00:12 1033728 12896823FB95BFB3DC9B46BCAEDC9923 c:\windows\explorer.exe
[-] 2007-06-13 11:26 1033216 7712DF0CDDE3A5AC89843E61CD5B3658 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 10:23 1033216 97BD6515465659FF8F3B7BE375B2EA87 c:\windows\$NtServicePackUninstall$\explorer.exe
[7] 2006-02-28 12:00 1032192 A0732187050030AE399B241436565E64 c:\windows\$NtUninstallKB938828$\explorer.exe
[7] 2008-04-14 00:12 1033728 12896823FB95BFB3DC9B46BCAEDC9923 c:\windows\ServicePackFiles\i386\explorer.exe

[7] 2009-02-06 11:06 110592 020CEAAEDC8EB655B6506B8C70D53BB6 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2006-02-28 12:00 108032 C6CE6EEC82F187615D1002BB3BB50ED4 c:\windows\$NtServicePackUninstall$\services.exe
[7] 2008-04-14 00:12 108544 0E776ED5F7CC9F94299E70461B7B8185 c:\windows\$NtUninstallKB956572$\services.exe
[7] 2008-04-14 00:12 108544 0E776ED5F7CC9F94299E70461B7B8185 c:\windows\ServicePackFiles\i386\services.exe
[7] 2009-02-06 11:11 110592 65DF52F5B8B6E9BBD183505225C37315 c:\windows\system32\services.exe
[7] 2009-02-06 11:11 110592 65DF52F5B8B6E9BBD183505225C37315 c:\windows\system32\dllcache\services.exe

[7] 2006-02-28 12:00 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\$NtServicePackUninstall$\lsass.exe
[7] 2008-04-14 00:12 13312 BF2466B3E18E970D8A976FB95FC1CA85 c:\windows\ServicePackFiles\i386\lsass.exe
[7] 2008-04-14 00:12 13312 BF2466B3E18E970D8A976FB95FC1CA85 c:\windows\system32\lsass.exe

[7] 2006-02-28 12:00 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\$NtServicePackUninstall$\ctfmon.exe
[7] 2008-04-14 00:12 15360 5F1D5F88303D4A4DBC8E5F97BA967CC3 c:\windows\ServicePackFiles\i386\ctfmon.exe
[7] 2008-04-14 00:12 15360 5F1D5F88303D4A4DBC8E5F97BA967CC3 c:\windows\system32\ctfmon.exe

[-] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\$NtServicePackUninstall$\spoolsv.exe
[7] 2006-02-28 12:00 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\$NtUninstallKB896423$\spoolsv.exe
[7] 2008-04-14 00:12 57856 D8E14A61ACC1D4A6CD0D38AEBAC7FA3B c:\windows\ServicePackFiles\i386\spoolsv.exe
[7] 2008-04-14 00:12 57856 D8E14A61ACC1D4A6CD0D38AEBAC7FA3B c:\windows\system32\spoolsv.exe

[7] 2008-04-14 00:12 111104 ED7262E52C31CF1625B65039102BC16C c:\windows\ServicePackFiles\i386\wuauclt.exe
[7] 2008-10-16 22:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\wuauclt.exe
[7] 2008-10-16 22:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\dllcache\wuauclt.exe

[7] 2006-02-28 12:00 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\$NtServicePackUninstall$\userinit.exe
[7] 2008-04-14 00:12 26112 A93AEE1928A9D7CE3E16D24EC7380F89 c:\windows\ServicePackFiles\i386\userinit.exe
[7] 2008-04-14 00:12 26112 A93AEE1928A9D7CE3E16D24EC7380F89 c:\windows\system32\userinit.exe
[7] 2008-04-14 00:12 26112 A93AEE1928A9D7CE3E16D24EC7380F89 c:\windows\system32\dllcache\userinit.exe

[7] 2006-02-28 12:00 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\$NtServicePackUninstall$\termsrv.dll
[7] 2008-04-14 00:12 295424 FF3477C03BE7201C294C35F684B3479F c:\windows\ServicePackFiles\i386\termsrv.dll
[7] 2008-04-14 00:12 295424 FF3477C03BE7201C294C35F684B3479F c:\windows\system32\termsrv.dll

[-] 2006-07-05 10:57 985088 0FDD84928A5DDE2510761B7EC76CCEC9 c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2007-04-16 16:07 986112 09F7CB3687F86EDAA4CA081F7AB66C03 c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[7] 2009-03-21 13:59 991744 DA11D9D6ECBDF0F93436A4B7C13F7BEC c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2007-04-16 15:52 984576 A01F9CA902A88F7CED06884174D6419D c:\windows\$NtServicePackUninstall$\kernel32.dll
[7] 2006-02-28 12:00 983552 888190E31455FAD793312F8D087146EB c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2006-07-05 10:55 984064 D8DB5397DE07577C1CB50BA6D23B3AD4 c:\windows\$NtUninstallKB935839$\kernel32.dll
[7] 2008-04-14 00:11 989696 C24B983D211C34DA8FCC1AC38477971D c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 00:11 989696 C24B983D211C34DA8FCC1AC38477971D c:\windows\ServicePackFiles\i386\kernel32.dll
[7] 2009-03-21 14:06 989696 B921FB870C9AC0D509B2CCABBBBE95F3 c:\windows\system32\kernel32.dll
[7] 2009-03-21 14:06 989696 B921FB870C9AC0D509B2CCABBBBE95F3 c:\windows\system32\dllcache\kernel32.dll

[7] 2006-02-28 12:00 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\$NtServicePackUninstall$\powrprof.dll
[7] 2008-04-14 00:12 17408 50A166237A0FA771261275A405646CC0 c:\windows\ServicePackFiles\i386\powrprof.dll
[7] 2008-04-14 00:12 17408 50A166237A0FA771261275A405646CC0 c:\windows\system32\powrprof.dll

[7] 2006-02-28 12:00 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\$NtServicePackUninstall$\imm32.dll
[7] 2008-04-14 00:11 110080 0DA85218E92526972A821587E6A8BF8F c:\windows\ServicePackFiles\i386\imm32.dll
[7] 2008-04-14 00:11 110080 0DA85218E92526972A821587E6A8BF8F c:\windows\system32\imm32.dll

[7] 2006-02-28 12:00 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[7] 2008-04-14 00:12 1614848 9DD07AF82244867CA36681EA2D29CE79 c:\windows\ServicePackFiles\i386\sfcfiles.dll
[7] 2008-04-14 00:12 1614848 9DD07AF82244867CA36681EA2D29CE79 c:\windows\system32\sfcfiles.dll


[7] 2006-02-28 12:00 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\$NtServicePackUninstall$\kbdclass.sys
[7] 2008-04-13 18:39 24576 463C1EC80CD17420A542B7F36A36F128 c:\windows\ServicePackFiles\i386\kbdclass.sys
[7] 2008-04-13 18:39 24576 463C1EC80CD17420A542B7F36A36F128 c:\windows\system32\drivers\kbdclass.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"TCOYFReminder"="c:\progra~1\TCOYF\tcoyftray.exe" [2006-09-19 155648]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-06-07 1830128]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-02-19 949376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-06-21 518488]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2004-10-27 61952]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-7 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 19:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\WINDOWS\\system32\\lxcgcoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxcgpswx.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\xampplite\\apache\\bin\\apache.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Games\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\NeverwinterNights\\NWN\\nwmain.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
"c:\\Program Files\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"c:\\Program Files\\Neverwinter Nights 2\\nwupdate.exe"=
"c:\\Program Files\\Neverwinter Nights 2\\nwn2server.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Games\\Worms Armageddon - New Edition\\WA.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\My Games\\Sacred Underworld\\sacred.exe"=
"c:\\My Games\\Sacred Underworld\\gameserver.exe"=
"c:\\Games\\Sacred 2 - Fallen Angel\\system\\s2gs.exe"=
"c:\\Games\\Sacred 2 - Fallen Angel\\system\\sacred2.exe"=
"c:\\Program Files\\Activision\\Prototype\\prototypef.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"5900:TCP"= 5900:TCP:VNC
"57432:TCP"= 57432:TCP:Pando Media Booster
"57432:UDP"= 57432:UDP:Pando Media Booster

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2/18/2008 5:54 PM 15424]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [3/23/2009 2:07 PM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [3/23/2009 2:07 PM 72944]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [5/10/2009 9:35 PM 120320]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;c:\windows\system32\drivers\atl01_xp.sys [12/6/2006 6:36 PM 34048]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [3/23/2009 2:07 PM 7408]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 12:06 PM 1003344]
S3 PCD65X2;PCD65X2;\??\c:\docume~1\JC305B~1.YOU\LOCALS~1\Temp\PCD65X2.sys --> c:\docume~1\JC305B~1.YOU\LOCALS~1\Temp\PCD65X2.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2009-06-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 01:21]

2009-06-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 20:34]
.
- - - - ORPHANS REMOVED - - - -

Notify-WgaLogon - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
mStart Page = hxxp://home.ez-tracks.com/
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://www.gamehouse.com/realarcade-webgames/gamehouse/gamehouseplayer.cab
FF - ProfilePath -

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDCE08D86A-A41A-410A-943C-13BABB7DC474", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA9EDC9ED-603A-4F3F-BBEA-59C8853A3236", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID90D10942-D952-4863-9DD6-A2BDBBAD456E", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0ECEE744-7B69-4912-AB91-AE76D61ECB04", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF25635B2-1AB9-47B5-88D1-8877B22C86DE", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID27B7F812-4159-45B9-A389-B7A118A58DE4", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF849DF29-393B-4F8B-99D1-117A70D66FC7", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDBF1E9C3D-637C-4171-BD12-28A7360B879A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDDE1C0601-7947-4D7F-A6E5-E68BF6BA1E37", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4EA0DCCE-4D98-4876-9C6A-E5C563D0820A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID446462BA-2AAD-4C88-BC63-5210E2F31465", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0862E368-A40E-4E55-83EB-FBC5571BABA4", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDD2A96E3C-FFB3-4D38-9AC3-B127527BEA35", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4B05B39A-9DDC-4650-A7F8-D5B134E5FFE5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDC8E2574A-7BCE-4B93-A22E-61831DFD6DB8", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID659796C0-8B5D-48D7-A4EB-7E6874E26274", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID78071AB5-E729-414E-8D02-9C1D034F82E7", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDCC3F71E1-17F3-4C5B-997D-44CA56943197", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE67D5C78-B2D4-4BA0-8D69-1C7AF4BB08B5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFC5F3D7A-D321-412C-8A5D-9AD0C8041941", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID6EC5CD16-81BC-4515-9EDD-9265C906F56E", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID67CFB2C5-E491-4395-977B-CD45E4124655", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID73600569-52E6-4760-8BAB-B68202937D98", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB02EBD42-6885-401A-9389-E089F7DDC872", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDBAE5CB8C-4075-4743-B2E4-78DA8D8CDC64", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID28B07B04-DA99-4FD3-BF27-4972F2B8142B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0D53448F-D12B-4102-8CE2-697DAE8D6643", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE3266A47-A141-47B8-AAA8-5F16FB4F8CCD", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB33AB7AF-76D7-4B1C-B709-5D6BF9E7B1C7", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID153B7451-0BB5-4B37-95C0-44D89E2F1F2B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID3BBE8E21-0D3D-4BAA-AC6F-C7BCEF750849", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID9B5B4F2D-A7D9-4329-B0FE-92B301A8CAAD", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA5C42921-8CD0-4924-97C3-01B5B0610BC6", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID06969252-F90F-4CF2-9074-33772EB64859", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFBF37655-1236-4C0D-96C5-F94E1724841B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDC1A3F035-B68F-4B2B-9FD5-E36DAAAF26DD", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID368F3685-543E-4812-9FDE-96E097E453FC", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID43969873-56AA-4113-84CB-4AB2AEB9AA31", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA205DD80-63D4-4E41-B785-26EC3D90B97B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID068D43E7-7551-4A2F-AE96-4A38A9AD1953", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF443E9CB-9EEC-456E-8AE7-F3102D5CD47D", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE36A7B16-645D-4261-BFF8-3A7E69C5F7A5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID379805E3-E0E2-40DC-B51B-6DC1AE5802AA", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF6240D69-A06D-44A1-8003-8496CCEF2C53", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID26C3113D-5A71-4F1B-A2CB-BE59E1279DDA", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID92B97F2B-7565-4CE9-9AC7-0598DFD731F8", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID2AA5E7CF-9696-42F0-B76A-8655296EADF2", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0AAACE0B-ACEF-4781-83F4-BFB52EEC995A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0D56FF58-A39D-4E8C-A40B-2E3711251772", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID946121C2-11F1-49DD-A7E3-CF793DE827A4", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB853303D-1BAB-43F3-9D7D-101D0DA8E7A5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID9E578247-FE29-4F8C-8202-A24A5688CF2A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID6D065A8F-FFC0-4A0F-B863-1D724B8C786B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4451D291-6940-42CE-9D3C-CA1D4C96549C", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID064B722D-079D-4EBB-B3CF-9FCBF64FFF5D", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID38F8AB0F-5DFB-43D9-889E-8717CC4AB59B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4EC68CD1-0EF1-4CB9-9EF1-3D64AB266149", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID44F96B27-CFAD-41E1-83A1-6B28040C3BDE", "AllAccess");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-22 19:01
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\mysql]
"ImagePath"="c:\xampplite\mysql\bin\mysqld-nt --defaults-file=c:\xampplite\mysql\bin\my.cnf mysql"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-343818398-813497703-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:d6,59,42,44,50,8a,76,ca,96,b5,d8,b3,02,3b,4c,9c,fd,1d,98,f4,a0,
af,76,5e,b0,d6,50,5a,75,75,83,59,33,e0,5b,66,b4,f5,2a,a7,de,4c,55,4d,cb,fa,\
"rkeysecu"=hex:43,f3,aa,9f,21,6c,4b,dd,45,a2,00,f9,87,61,78,b2

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,16,e7,ca,45,52,
e4,5c,20,e2,63,26,f1,3f,c8,ff,68,54,08,7b,1b,18,b0,9a,1f,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,a7,34,ac,ca,57,
52,21,11,6a,9c,d6,61,af,45,84,18,e5,8b,9a,30,4a,a3,2b,d4,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,18,30,9a,bf,06,
ae,d7,3f,ff,7c,85,e0,43,d4,0e,fe,d8,02,3a,fd,59,4a,97,d2,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,59,20,ba,c6,78,
56,1d,7c,86,8c,21,01,be,91,eb,e7,62,7e,54,81,ab,22,42,4d,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,80,16,81,83,2a,
41,95,87,f5,1d,4d,73,a8,13,5c,05,70,53,50,24,a4,9d,3a,34,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,0f,bb,52,93,82,
1f,12,e0,df,20,58,62,78,6b,cf,c8,ad,81,3f,5e,77,4a,27,39,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,62,75,85,6e,d1,
32,cd,61,fb,a7,78,e6,12,2f,9a,ea,43,8a,1c,67,d1,28,8a,ac,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,bf,4d,0d,6d,9b,
09,22,2b,01,3a,48,fc,e8,04,4a,f1,2a,38,de,d4,a0,55,08,1c,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,63,87,04,4a,f9,
c5,bd,a8,f6,0f,4e,58,98,5b,89,c9,ab,b6,f7,45,72,83,c7,e8,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,15,c1,d6,ec,cb,
d0,e1,18,3d,ce,ea,26,2d,45,aa,78,c9,df,be,80,4f,83,02,3e,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:f8,31,0f,a9,5f,a0,ec,fb,0c,1f,32,f9,43,
47,bc,8d,2a,b7,cc,b5,b9,7f,41,e7,74,d8,fc,0d,4c,27,c6,e0,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,af,43,63,ac,db,
d1,3d,51,6c,43,2d,1e,aa,22,2f,9c,01,22,e1,67,4f,d9,aa,21,6c,43,2d,1e,aa,22,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(680)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\documents and settings\J.C.YOUNG\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\igfxdev.dll
.
Completion time: 2009-06-23 19:03
ComboFix-quarantined-files.txt 2009-06-23 02:03

Pre-Run: 22,697,259,008 bytes free
Post-Run: 22,850,781,184 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
616 --- E O F --- 2009-06-14 07:13


And yes, it does appear that the redirects have stopped, at least for now, thank you!

#9 Jfurtado

Jfurtado
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 23 July 2009 - 01:35 PM

Double-post, oops

Edited by Jfurtado, 23 July 2009 - 01:36 PM.


#10 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:02:09 PM

Posted 23 July 2009 - 01:38 PM

Uninstall ComboFix
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
Posted Image

Next

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "Java Runtime Environment (JRE)" JRE 6 Update 14.
  • Click the Download button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u14-windows-i586-p.exe to install the newest version.
-- If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
-- The uninstaller incorporated in this release removes previous Updates 10 and above, but does not remove older versions, so they still need to be removed manually.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

Next

Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

unite.jpg


#11 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:02:09 PM

Posted 28 July 2009 - 03:36 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending me a PM
with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

unite.jpg





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users