Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection Vundo and BHO


  • This topic is locked This topic is locked
14 replies to this topic

#1 Lindaneedshelp

Lindaneedshelp

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 05 July 2010 - 03:30 PM

I'm so glad I finally found a site that can help!

I noticed suspicious activity on my computer a few months back when my banking site asked me for a lot of personal info (mother's maiden name, social security #, etc.). I called my bank and they changed my account info. My virus software never caught any virus so I downloaded Norton which did catch both Vundo and BHO and said that they were removed. I've still had come problems with my computer so I just downloaded Malwarebytes Anti-Virus and ran a scan which found BHO and Deepdive and removed them (Norton did not detect these). I'm concerned that not all the virus info has been removed from my computer and there are some lingering malicious files/programs. I would greatly appreciate if someone could take a look at my logs and see if there is anything to be concerned about.

Thank you!



DDS (Ver_10-03-17.01) - FAT32x86
Run by Lori at 14:20:06.56 on Mon 07/05/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1475 [GMT -5:00]

AV: Norton Security Suite *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Lori\Local Settings\Temporary Internet Files\Content.IE5\0F7Q0BKP\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://yahoo.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\4.2.0.12\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\4.2.0.12\IPSBHO.DLL
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\4.2.0.12\coIEPlg.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256520248531
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: text/html - {fa344a76-c2bf-46b5-a8b0-ac2c20b48529} -
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\lori\applic~1\mozilla\firefox\profiles\qqj0jybw.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://yahoo.com/
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\coffplgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0402000.00c\symds.sys [2010-6-1 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0402000.00c\symefa.sys [2010-6-1 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20100619.001\BHDrvx86.sys [2010-6-22 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0402000.00c\cchpx86.sys [2010-6-1 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0402000.00c\ironx86.sys [2010-6-1 116784]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\4.2.0.12\ccsvchst.exe [2010-6-1 126392]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor;c:\program files\lenovo\onekey app\system repair\UpdateMonitor.exe [2009-3-22 430080]
R2 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2009-3-22 48192]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2009-3-22 9472]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-29 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20100702.001\IDSXpx86.sys [2010-7-2 331640]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [2009-3-22 157696]
S1 {78C8AFFA-6C7E-496A-98E7-B86A98489B2C};{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};c:\windows\system32\drivers\{78C8AFFA-6C7E-496A-98E7-B86A98489B2C}.sys [2010-1-26 0]
S1 Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};c:\windows\system32\drivers\Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C}.sys [2010-1-26 0]
S1 Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE};Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE};c:\windows\system32\drivers\Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE}.sys [2010-1-27 0]
S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-3-22 1684736]
S3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20100704.002\NAVENG.SYS [2010-7-4 85552]
S3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20100704.002\NAVEX15.SYS [2010-7-4 1347504]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2009-3-22 81192]

=============== Created Last 30 ================

2010-07-05 17:25:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-05 17:25:07 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-05 14:14:36 0 d-----w- c:\temp\listdlls
2010-07-04 14:32:24 0 d-sh--w- C:\FOUND.002
2010-07-01 19:43:18 0 d-sh--w- C:\FOUND.001
2010-06-27 22:29:31 0 d-----w- c:\program files\Shared
2010-06-14 13:21:52 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll

==================== Find3M ====================

2010-05-29 16:25:26 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-05-29 16:25:26 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-05-29 16:25:26 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-05-29 16:25:26 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-05-05 14:30:58 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2010-05-02 06:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-05-02 06:22:50 1851264 ------w- c:\windows\system32\dllcache\win32k.sys
2010-04-20 06:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-20 06:30:08 285696 ------w- c:\windows\system32\dllcache\atmfd.dll
2010-04-08 18:20:02 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 18:20:02 107808 ----a-w- c:\windows\system32\dns-sd.exe
2009-08-18 03:55:22 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009081720090818\index.dat
2009-03-23 01:48:30 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat

============= FINISH: 14:20:55.18 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Lindaneedshelp

Lindaneedshelp
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 07 July 2010 - 10:46 AM

So today Malwares ran a scan and found 5 infections. Norton is running real time protection and didn't catch any of them. Now that the infections have been removed, I'm not able to access the internet at all. Firefox says that the proxy server is refusing connections. Here's a summary of what Malwares found. I can't paste the log as I'm typing on my cell phone.

Memory processes infected: 1- trojan.downloader
Registry keys infected: 4- trojan.fraudpack; rogue.antivirussuite
Registry values infected; 2- trojan.downloader
Files infected; 2- trojan.downloader

Help please!

#3 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:32 AM

Posted 07 July 2010 - 08:30 PM

Hello Lindaneedshelp

Welcome to BleepingComputer smile.gif
==========================

Download TDSSKiller and save it to your Desktop.
  • Right click on the file and choose extract all extract the file to your desktop then run it.
  • If prompted to restart the computer type in Y then it will restart.
  • Or if you are prompted with a hidden service warning do go ahead and delete it.
  • Once completed it will create a log in your C:\ drive
  • Please post the contents of that log
========

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#4 Lindaneedshelp

Lindaneedshelp
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 07 July 2010 - 09:02 PM

Hi Kadah,

I ran the TDSKiller. Below is the log.

When I ran Combofix, the first link didn't work for me so I clicked the second link which worked but it didn't give me an option to save it to a particular place (desktop). This second link named itself combofix2 in the Firefox download window. Then it gave me an error message that I needed to rename the file but it wouldn't allow me to rename it?

Thanks.
Linda

20:35:19:703 4028 TDSS rootkit removing tool 2.3.2.2 Jun 30 2010 17:23:49
20:35:19:703 4028 ================================================================================
20:35:19:703 4028 SystemInfo:

20:35:19:703 4028 OS Version: 5.1.2600 ServicePack: 3.0
20:35:19:703 4028 Product type: Workstation
20:35:19:703 4028 ComputerName: LENOVO-4903350B
20:35:19:703 4028 UserName: Lori
20:35:19:703 4028 Windows directory: C:\WINDOWS
20:35:19:703 4028 System windows directory: C:\WINDOWS
20:35:19:703 4028 Processor architecture: Intel x86
20:35:19:703 4028 Number of processors: 2
20:35:19:703 4028 Page size: 0x1000
20:35:19:703 4028 Boot type: Normal boot
20:35:19:703 4028 ================================================================================
20:35:21:765 4028 Initialize success
20:35:21:765 4028
20:35:21:765 4028 Scanning Services ...
20:35:22:562 4028 Raw services enum returned 347 services
20:35:22:609 4028
20:35:22:609 4028 Scanning Drivers ...
20:35:24:562 4028 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:35:24:625 4028 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:35:24:734 4028 ACPIVPC (5508e9f55799c6551d54dfbc4a068b68) C:\WINDOWS\system32\DRIVERS\AcpiVpc.sys
20:35:25:125 4028 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:35:25:281 4028 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
20:35:26:562 4028 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
20:35:27:109 4028 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:35:28:140 4028 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:35:28:234 4028 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:35:28:734 4028 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:35:28:890 4028 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:35:29:031 4028 b57w2k (5175e788bcd1cb7345ab21f3e14369d2) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
20:35:29:218 4028 BCM43XX (cc03987ee5d0f956706b40d2f91f9e4f) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:35:29:312 4028 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:35:29:765 4028 BHDrvx86 (87c00decc19bd995217a4a5fdd4d638c) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100619.001\BHDrvx86.sys
20:35:30:281 4028 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:35:30:531 4028 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:35:30:765 4028 ccHP (e941e709847fa00e0dd6d58d2b8fb5e1) C:\WINDOWS\system32\drivers\N360\0402000.00C\ccHPx86.sys
20:35:31:140 4028 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:35:31:375 4028 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:35:31:625 4028 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:35:32:140 4028 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:35:32:640 4028 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:35:33:609 4028 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:35:33:859 4028 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
20:35:34:109 4028 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
20:35:34:203 4028 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:35:34:343 4028 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:35:34:718 4028 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:35:34:890 4028 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:35:34:984 4028 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:35:35:250 4028 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:35:35:468 4028 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:35:35:687 4028 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
20:35:35:906 4028 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:35:36:312 4028 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:35:36:343 4028 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:35:36:406 4028 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:35:36:515 4028 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:35:36:750 4028 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:35:37:046 4028 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:35:37:281 4028 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:35:37:671 4028 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:35:38:421 4028 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:35:38:828 4028 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:35:39:156 4028 IDSxpx86 (231c3f6d5c520e99924e1e37401a90c4) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100706.003\IDSxpx86.sys
20:35:39:453 4028 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:35:40:062 4028 IntcAzAudAddService (42d9da46b6d1c40daab37947d8a4490b) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:35:40:703 4028 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:35:40:984 4028 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:35:41:046 4028 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:35:41:281 4028 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:35:41:531 4028 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:35:41:750 4028 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:35:41:968 4028 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:35:42:093 4028 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:35:42:281 4028 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:35:42:437 4028 klmd23 (316353165feba3d0538eaa9c2f60c5b7) C:\WINDOWS\system32\drivers\klmd.sys
20:35:42:562 4028 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:35:42:703 4028 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:35:43:031 4028 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:35:43:234 4028 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
20:35:43:421 4028 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
20:35:43:671 4028 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:35:43:828 4028 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:35:44:578 4028 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:35:45:281 4028 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:35:45:406 4028 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:35:45:609 4028 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:35:45:796 4028 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:35:45:984 4028 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:35:46:203 4028 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:35:46:484 4028 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:35:46:718 4028 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:35:46:984 4028 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
20:35:47:281 4028 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:35:47:531 4028 NAVENG (83518e6cc82bdc3c3db0c12d1c9a2275) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100707.025\NAVENG.SYS
20:35:47:734 4028 NAVEX15 (85cf37740fe06c7a2eaa7f6c81f0819c) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100707.025\NAVEX15.SYS
20:35:48:000 4028 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:35:48:187 4028 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:35:48:406 4028 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:35:48:609 4028 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:35:48:796 4028 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:35:49:000 4028 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
20:35:49:187 4028 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:35:49:375 4028 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:35:49:593 4028 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:35:49:921 4028 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:35:50:281 4028 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:35:50:328 4028 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:35:50:406 4028 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:35:50:500 4028 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:35:50:828 4028 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:35:51:000 4028 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
20:35:51:203 4028 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:35:51:234 4028 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:35:51:343 4028 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
20:35:51:703 4028 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:35:51:906 4028 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:35:53:906 4028 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:35:54:109 4028 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:35:54:187 4028 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:35:55:640 4028 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:35:55:828 4028 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:35:56:015 4028 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:35:56:078 4028 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:35:56:265 4028 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:35:56:296 4028 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:35:56:500 4028 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
20:35:56:687 4028 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:35:56:843 4028 RSUSBSTOR (4290417463801d31b7c6d1adb0f8bb4c) C:\WINDOWS\system32\Drivers\RTS5121.sys
20:35:57:000 4028 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:35:57:531 4028 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:35:57:718 4028 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:35:57:906 4028 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
20:35:58:078 4028 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
20:35:58:562 4028 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:35:59:125 4028 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:35:59:328 4028 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
20:35:59:562 4028 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\WINDOWS\System32\Drivers\N360\0402000.00C\SRTSP.SYS
20:35:59:765 4028 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\WINDOWS\system32\drivers\N360\0402000.00C\SRTSPX.SYS
20:35:59:937 4028 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys
20:36:00:109 4028 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:36:00:312 4028 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:36:00:437 4028 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:36:01:171 4028 SymDS (56890bf9d9204b93042089d4b45ae671) C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMDS.SYS
20:36:01:375 4028 SymEFA (1c91df5188150510a6f0cf78f7d94b69) C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMEFA.SYS
20:36:01:546 4028 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
20:36:02:234 4028 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\WINDOWS\system32\drivers\N360\0402000.00C\Ironx86.SYS
20:36:02:437 4028 SYMTDI (41aad61f87ca8e3b5d0f7fe7fba0797d) C:\WINDOWS\System32\Drivers\N360\0402000.00C\SYMTDI.SYS
20:36:03:140 4028 SynTP (6bd4fd6c3ee76c247ecaf484cb590b72) C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:36:03:296 4028 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:36:03:484 4028 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:36:03:625 4028 !dthrs6
20:36:03:734 4028 !dthrs6
20:36:03:890 4028 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:36:04:062 4028 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:36:04:234 4028 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:36:04:625 4028 tvtumon (3385d48304443d0ee42af5dbf89634b6) C:\WINDOWS\system32\DRIVERS\tvtumon.sys
20:36:04:812 4028 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:36:05:234 4028 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:36:05:609 4028 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:36:05:703 4028 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:36:05:859 4028 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:36:06:031 4028 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:36:06:140 4028 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:36:06:390 4028 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
20:36:06:562 4028 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:36:07:015 4028 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
20:36:07:156 4028 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:36:07:531 4028 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:36:07:671 4028 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\WINDOWS\system32\DRIVERS\wimfltr.sys
20:36:07:859 4028 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:36:08:015 4028 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:36:08:156 4028 WSVD (5d0a08ebf9660e07865907fb1ab022b5) C:\WINDOWS\system32\drivers\WSVD.sys
20:36:08:328 4028 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:36:08:484 4028 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:36:08:640 4028 !dthrs6
20:36:08:640 4028
20:36:08:640 4028 Completed
20:36:08:640 4028
20:36:08:640 4028 Results:
20:36:08:640 4028 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
20:36:08:640 4028 File objects infected / cured / cured on reboot: 0 / 0 / 0
20:36:08:640 4028
20:36:08:781 4028 KLMD(ARK) unloaded successfully


#5 Lindaneedshelp

Lindaneedshelp
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 07 July 2010 - 09:33 PM

That last attempt at running combofix was still running in the background of my computer and froze it. After rebooting, I was able to successfully run it again. Here's the combofix log:

ComboFix 10-07-06.05 - Lori 07/07/2010 21:19:20.3.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1587 [GMT -5:00]
Running from: c:\documents and settings\Lori\Desktop\ComboFix.exe
AV: Norton Security Suite *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Shared

.
((((((((((((((((((((((((( Files Created from 2010-06-08 to 2010-07-08 )))))))))))))))))))))))))))))))
.

2010-07-07 14:47 . 2010-07-07 14:47 -------- d-----w- c:\documents and settings\Lori\Local Settings\Application Data\dmfkodisq
2010-07-06 13:51 . 2010-07-06 13:51 -------- d-----w- C:\FOUND.003
2010-07-05 17:25 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-05 17:25 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-05 14:14 . 2010-07-05 14:14 -------- d-----w- c:\temp\listdlls
2010-07-04 14:32 . 2010-07-04 14:32 -------- d-----w- C:\FOUND.002
2010-07-01 19:43 . 2010-07-01 19:43 -------- d-----w- C:\FOUND.001
2010-06-14 13:21 . 2010-05-06 11:41 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-29 16:25 . 2010-05-29 16:25 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-05-29 16:25 . 2010-05-29 16:25 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-05-29 16:25 . 2010-05-29 16:25 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-05-29 16:25 . 2010-05-29 16:25 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-05-29 16:25 . 2010-05-29 16:25 -------- d-----w- c:\program files\Symantec
2010-05-29 16:24 . 2010-05-29 16:24 -------- d-----w- c:\program files\Windows Sidebar
2010-05-29 16:24 . 2010-05-29 16:24 -------- d-----w- c:\program files\Norton Security Suite
2010-05-29 16:24 . 2010-05-29 16:24 -------- d-----w- c:\program files\NortonInstaller
2010-05-29 16:24 . 2010-05-29 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-05-29 16:15 . 2010-05-29 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-05-29 14:53 . 2010-05-29 14:53 -------- d-----w- c:\program files\Windows Live Safety Center
2010-05-27 23:01 . 2010-05-27 23:01 348160 ----a-w- c:\documents and settings\Lori\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-6e8fccae-n\msvcr71.dll
2010-05-27 23:01 . 2010-05-27 23:01 503808 ----a-w- c:\documents and settings\Lori\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-6e8fccae-n\msvcp71.dll
2010-05-27 23:01 . 2010-05-27 23:01 499712 ----a-w- c:\documents and settings\Lori\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-6e8fccae-n\jmc.dll
2010-05-22 21:26 . 2009-08-18 03:57 21952 ----a-w- c:\documents and settings\Lori\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-06 11:41 . 2004-08-04 17:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 06:22 . 2004-08-05 00:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-27 21:07 . 2010-04-27 21:07 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.1.11\SetupAdmin.exe
2010-04-20 06:30 . 2004-08-04 17:00 285696 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-10-27_03.33.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-14 14:29 . 2009-11-14 14:29 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2010-07-08 02:02 . 2010-07-08 02:02 16384 c:\windows\temp\Perflib_Perfdata_ac.dat
+ 2009-03-23 01:19 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
- 2009-03-23 01:19 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2009-08-19 01:57 . 2009-01-07 23:20 16928 c:\windows\system32\spmsg.dll
+ 2010-02-06 16:06 . 2008-02-15 18:12 57344 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igxprd32.dll
+ 2010-02-06 16:06 . 2008-02-15 17:46 48128 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxsrvc.dll
+ 2010-02-06 16:06 . 2008-02-15 17:46 24576 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxexps.dll
+ 2010-02-06 16:06 . 2008-02-15 18:12 57344 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igxprd32.dll
+ 2010-02-06 16:06 . 2008-02-15 17:46 48128 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxsrvc.dll
+ 2010-02-06 16:06 . 2008-02-15 17:46 24576 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxexps.dll
+ 2010-03-31 05:16 . 2010-03-31 05:16 99176 c:\windows\system32\PresentationHostProxy.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2010-03-30 16:35 . 2010-03-30 16:35 22648 c:\windows\system32\mlfcache.dat
+ 2010-01-16 16:58 . 2010-01-16 16:58 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-10-29 02:39 . 2010-01-10 21:51 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2009-03-23 01:29 . 2008-02-28 19:56 61440 c:\windows\system32\Lang\HDMI\ENU\HDMIENU.dll
+ 2009-03-23 01:29 . 2008-03-07 17:56 61440 c:\windows\system32\Lang\HDMI\ENU\HDMIENU.dll
+ 2009-03-23 01:29 . 2008-02-15 17:46 24576 c:\windows\system32\igfxexps.dll
- 2009-03-23 01:29 . 2008-02-15 17:46 24576 c:\windows\system32\igfxexps.dll
+ 2010-04-27 21:15 . 2010-04-16 13:33 41472 c:\windows\system32\DRVSTORE\usbaapl_E0F497D6C8B1C59AEB6422181BF0AFABD8356D47\usbaapl.sys
- 2009-03-23 01:29 . 2008-02-15 18:12 57344 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxprd32.dll
+ 2009-03-23 01:29 . 2008-02-15 18:12 57344 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxprd32.dll
- 2009-03-23 01:29 . 2008-02-15 17:46 48128 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxsrvc.dll
+ 2009-03-23 01:29 . 2008-02-15 17:46 48128 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxsrvc.dll
+ 2009-03-23 01:29 . 2008-02-15 17:46 24576 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxexps.dll
- 2009-03-23 01:29 . 2008-02-15 17:46 24576 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxexps.dll
+ 2010-02-17 20:03 . 2009-05-18 22:17 26600 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
+ 2009-11-24 23:09 . 2008-04-14 05:17 25856 c:\windows\system32\drivers\usbprint.sys
+ 2010-06-01 20:56 . 2010-04-22 02:29 43696 c:\windows\system32\drivers\N360\0402000.00C\srtspx.sys
+ 2009-08-19 03:01 . 2009-05-18 22:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2010-04-08 18:20 . 2010-04-08 18:20 91424 c:\windows\system32\dnssd.dll
+ 2010-01-27 20:59 . 2010-05-06 11:41 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-11-24 23:09 . 2008-04-14 05:17 25856 c:\windows\system32\dllcache\usbprint.sys
+ 2009-10-21 04:38 . 2009-10-21 04:38 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2009-10-12 12:38 . 2009-10-12 12:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2009-11-27 16:11 . 2009-11-27 16:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2009-11-27 15:07 . 2009-11-27 15:07 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2009-06-29 16:12 . 2010-05-06 11:41 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-11-27 15:07 . 2009-11-27 15:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2009-06-29 11:07 . 2009-12-31 14:33 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2009-06-29 11:07 . 2009-08-28 10:29 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2010-01-27 20:59 . 2009-12-11 07:38 69120 c:\windows\system32\dllcache\iecompat.dll
+ 2009-06-29 16:12 . 2009-03-08 09:31 59904 c:\windows\system32\dllcache\icardie.dll
+ 2009-10-21 04:38 . 2009-10-21 04:38 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2009-07-29 04:37 . 2009-10-15 15:28 81920 c:\windows\system32\dllcache\fontsub.dll
- 2009-07-29 04:37 . 2009-07-29 04:37 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-12-14 06:08 . 2009-12-14 06:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-01-13 14:01 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
- 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2009-06-10 14:13 . 2009-11-27 15:07 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2010-03-05 15:37 . 2010-03-05 15:37 65536 c:\windows\system32\dllcache\asycfilt.dll
- 2008-07-30 00:16 . 2008-07-30 00:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-08 04:48 . 2010-04-08 04:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2010-03-23 10:31 . 2010-03-23 10:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-07 06:07 . 2009-11-07 06:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2009-11-11 00:38 . 2009-11-11 00:38 48128 c:\windows\Installer\8828e.msi
+ 2009-11-25 03:48 . 2009-11-25 03:48 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2009-11-11 00:42 . 2009-11-11 00:42 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-11-11 00:42 . 2009-11-11 00:42 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-11-11 00:42 . 2009-11-11 00:42 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-11-15 04:41 . 2009-11-15 04:41 32768 c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2009-11-14 14:29 . 2009-11-14 14:29 32768 c:\windows\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\icon.exe
+ 2010-06-18 04:19 . 2010-02-25 05:24 12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-06-18 04:19 . 2010-02-25 06:24 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-06-18 04:19 . 2010-02-25 06:24 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 12800 c:\windows\ie8updates\KB980182-IE8\xpshims.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 55296 c:\windows\ie8updates\KB980182-IE8\msfeedsbs.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 25600 c:\windows\ie8updates\KB980182-IE8\jsproxy.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 12800 c:\windows\ie8updates\KB978207-IE8\xpshims.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 55296 c:\windows\ie8updates\KB978207-IE8\msfeedsbs.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 25600 c:\windows\ie8updates\KB978207-IE8\jsproxy.dll
+ 2010-01-27 20:59 . 2009-03-08 09:33 12288 c:\windows\ie8updates\KB976325-IE8\xpshims.dll
+ 2010-01-27 20:59 . 2009-03-08 09:31 55296 c:\windows\ie8updates\KB976325-IE8\msfeedsbs.dll
+ 2010-01-27 20:59 . 2009-03-08 09:33 25600 c:\windows\ie8updates\KB976325-IE8\jsproxy.dll
+ 2010-01-27 20:58 . 2009-03-08 19:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 44544 c:\windows\ie8\pngfilt.dll
+ 2010-01-27 20:56 . 2007-08-13 23:01 48128 c:\windows\ie8\mshtmler.dll
+ 2010-01-27 20:56 . 2007-08-13 23:32 45568 c:\windows\ie8\mshta.exe
+ 2010-01-27 20:56 . 2007-08-13 23:36 12288 c:\windows\ie8\msfeedssync.exe
+ 2010-01-27 20:56 . 2010-01-05 09:00 52224 c:\windows\ie8\msfeedsbs.dll
+ 2010-01-27 20:56 . 2007-08-13 23:44 40960 c:\windows\ie8\licmgr10.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 27648 c:\windows\ie8\jsproxy.dll
+ 2010-01-27 20:56 . 2007-08-13 23:39 92672 c:\windows\ie8\inseng.dll
+ 2010-01-27 20:56 . 2007-08-13 23:36 36352 c:\windows\ie8\imgutil.dll
+ 2010-01-27 20:56 . 2007-08-13 23:39 55296 c:\windows\ie8\iesetup.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 44544 c:\windows\ie8\iernonce.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 78336 c:\windows\ie8\ieencode.dll
+ 2010-01-27 20:56 . 2009-12-31 14:33 70656 c:\windows\ie8\ie4uinit.exe
+ 2010-01-27 20:56 . 2010-01-05 09:00 63488 c:\windows\ie8\icardie.dll
+ 2010-01-27 20:56 . 2007-08-13 23:18 60416 c:\windows\ie8\hmmapi.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 17408 c:\windows\ie8\corpol.dll
+ 2010-01-27 20:56 . 2007-08-13 23:39 71680 c:\windows\ie8\admparse.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 44544 c:\windows\ie7updates\KB978207-IE7\pngfilt.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 52224 c:\windows\ie7updates\KB978207-IE7\msfeedsbs.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 27648 c:\windows\ie7updates\KB978207-IE7\jsproxy.dll
+ 2010-01-22 05:17 . 2009-10-28 13:36 13824 c:\windows\ie7updates\KB978207-IE7\ieudinit.exe
+ 2010-01-22 05:17 . 2009-10-29 06:46 44544 c:\windows\ie7updates\KB978207-IE7\iernonce.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 78336 c:\windows\ie7updates\KB978207-IE7\ieencode.dll
+ 2010-01-22 05:17 . 2009-10-28 13:36 70656 c:\windows\ie7updates\KB978207-IE7\ie4uinit.exe
+ 2010-01-22 05:17 . 2009-10-29 06:46 63488 c:\windows\ie7updates\KB978207-IE7\icardie.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 17408 c:\windows\ie7updates\KB978207-IE7\corpol.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 44544 c:\windows\ie7updates\KB976325-IE7\pngfilt.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 52224 c:\windows\ie7updates\KB976325-IE7\msfeedsbs.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 27648 c:\windows\ie7updates\KB976325-IE7\jsproxy.dll
+ 2009-12-10 04:04 . 2009-08-28 10:29 13824 c:\windows\ie7updates\KB976325-IE7\ieudinit.exe
+ 2009-12-10 04:04 . 2009-08-29 07:36 44544 c:\windows\ie7updates\KB976325-IE7\iernonce.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 78336 c:\windows\ie7updates\KB976325-IE7\ieencode.dll
+ 2009-12-10 04:04 . 2009-08-28 10:29 70656 c:\windows\ie7updates\KB976325-IE7\ie4uinit.exe
+ 2009-12-10 04:04 . 2009-08-29 07:36 63488 c:\windows\ie7updates\KB976325-IE7\icardie.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 17408 c:\windows\ie7updates\KB976325-IE7\corpol.dll
+ 2009-11-27 16:11 . 2009-11-27 16:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 15:07 . 2009-11-27 15:07 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-06-26 14:16 . 2010-06-26 14:16 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ea1b4fbde0e772748c6ac42d627cf684\UIAutomationProvider.ni.dll
+ 2010-06-26 15:09 . 2010-06-26 15:09 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\f46915dfc57bc7e49c5402e9b8f7ec18\System.Windows.Presentation.ni.dll
+ 2010-06-18 15:04 . 2010-06-18 15:04 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\1c1629f536fa9874ef08d09fb19ab0f0\System.Windows.Presentation.ni.dll
+ 2010-06-18 15:04 . 2010-06-18 15:04 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1464c662c302ea6372a885161b983732\System.Web.DynamicData.Design.ni.dll
+ 2010-06-18 15:01 . 2010-06-18 15:01 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-06-18 04:16 . 2010-06-18 04:16 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\e67992626a30603458b0df22841c2423\PresentationFontCache.ni.exe
+ 2010-06-26 14:16 . 2010-06-26 14:16 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe
+ 2010-06-18 04:12 . 2010-06-18 04:12 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\6be27d744e6e2bfc4b0e25bd2998ef7c\PresentationCFFRasterizer.ni.dll
+ 2010-06-26 14:15 . 2010-06-26 14:15 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\0375dfa28e2f6ef7e89df9edede4b83d\PresentationCFFRasterizer.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\4a52287444c36c89310856b38ff52fe0\Microsoft.Vsa.ni.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-19 01:46 . 2009-08-19 01:46 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-06-18 04:11 . 2010-06-18 04:11 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 16384 c:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 11544 c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 12080 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 12096 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2010-04-07 14:51 . 2010-04-07 14:52 12096 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 64288 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 13312 c:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2009-11-11 00:41 . 2009-11-11 00:41 80696 c:\windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2010-05-29 14:30 . 2010-01-23 07:11 46080 c:\windows\$NtUninstallKB981793$\tzchange.exe
+ 2010-05-29 14:30 . 2010-04-22 22:21 16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll
+ 2010-04-16 04:17 . 2008-04-14 10:41 84480 c:\windows\$NtUninstallKB979309$\cabview.dll
+ 2010-02-26 03:08 . 2009-10-28 14:07 46080 c:\windows\$NtUninstallKB979306$\tzchange.exe
+ 2010-02-26 03:08 . 2010-01-23 09:40 16896 c:\windows\$NtUninstallKB979306$\spuninst\tzchange.dll
+ 2010-02-13 04:43 . 2008-04-14 10:41 32256 c:\windows\$NtUninstallKB978037$\csrsrv.dll
+ 2010-02-13 04:43 . 2004-08-04 17:00 25600 c:\windows\$NtUninstallKB977914$\msvidc32.dll
+ 2010-02-13 04:43 . 2008-04-14 10:42 11264 c:\windows\$NtUninstallKB977914$\msrle32.dll
+ 2010-02-13 04:43 . 2008-04-14 10:41 47616 c:\windows\$NtUninstallKB977914$\iyuv_32.dll
+ 2010-02-13 04:43 . 2009-06-10 14:13 84992 c:\windows\$NtUninstallKB977914$\avifil32.dll
+ 2009-11-25 03:48 . 2009-07-14 11:03 46080 c:\windows\$NtUninstallKB976098-v2$\tzchange.exe
+ 2009-11-25 03:48 . 2009-10-29 01:03 16896 c:\windows\$NtUninstallKB976098-v2$\spuninst\tzchange.dll
+ 2010-02-13 04:43 . 2008-04-14 10:42 16896 c:\windows\$NtUninstallKB975560$\msyuv.dll
+ 2009-12-10 04:04 . 2008-04-14 10:42 79872 c:\windows\$NtUninstallKB974318$\raschap.dll
+ 2010-01-14 04:49 . 2009-07-29 04:37 81920 c:\windows\$NtUninstallKB972270$\fontsub.dll
+ 2009-12-10 04:04 . 2008-04-14 10:42 75776 c:\windows\$NtUninstallKB970430$\strmfilt.dll
+ 2009-12-10 04:04 . 2008-04-14 10:41 24576 c:\windows\$NtUninstallKB970430$\httpapi.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981332-IE8\update\spcustom.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981332-IE8\spmsg.dll
+ 2010-04-16 04:19 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB980232\update\spcustom.dll
+ 2010-04-16 04:19 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB980232\spmsg.dll
+ 2010-03-31 16:41 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980182-IE8\update\spcustom.dll
+ 2010-03-31 16:41 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980182-IE8\spmsg.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 12800 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\xpshims.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 55296 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\msfeedsbs.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 25600 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\jsproxy.dll
+ 2010-04-16 04:19 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979683\update\spcustom.dll
+ 2010-04-14 13:26 . 2010-03-05 14:54 16896 c:\windows\$hf_mig$\KB979683\update\mpsyschk.dll
+ 2010-04-16 04:19 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB979683\spmsg.dll
+ 2010-04-16 04:17 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB979309\update\spcustom.dll
+ 2010-04-16 04:17 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB979309\spmsg.dll
+ 2010-01-13 13:48 . 2010-01-13 13:48 86016 c:\windows\$hf_mig$\KB979309\SP3QFE\cabview.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB978706\update\spcustom.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB978706\spmsg.dll
+ 2010-04-16 04:17 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB978601\update\spcustom.dll
+ 2010-04-16 04:17 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB978601\spmsg.dll
+ 2010-05-17 05:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-05-17 05:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978542\spmsg.dll
+ 2010-01-27 20:59 . 2008-07-08 12:02 26488 c:\windows\$hf_mig$\KB978506-IE8\update\spcustom.dll
+ 2010-01-27 20:59 . 2008-07-08 12:02 17272 c:\windows\$hf_mig$\KB978506-IE8\spmsg.dll
+ 2010-01-27 20:59 . 2009-12-11 06:37 69120 c:\windows\$hf_mig$\KB978506-IE8\SP3QFE\iecompat.dll
+ 2010-04-16 04:18 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978338\update\spcustom.dll
+ 2010-04-16 04:18 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978338\spmsg.dll
+ 2010-02-13 04:44 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB978262\update\spcustom.dll
+ 2010-02-13 04:44 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB978262\spmsg.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB978251\update\spcustom.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB978251\spmsg.dll
+ 2010-01-27 20:59 . 2008-07-08 12:02 26488 c:\windows\$hf_mig$\KB978207-IE8\update\spcustom.dll
+ 2010-01-27 20:59 . 2008-07-08 12:02 17272 c:\windows\$hf_mig$\KB978207-IE8\spmsg.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 12800 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\xpshims.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 55296 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\msfeedsbs.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 25600 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\jsproxy.dll
+ 2010-01-22 05:17 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB978207-IE7\update\spcustom.dll
+ 2010-01-22 05:17 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB978207-IE7\spmsg.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 44544 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\pngfilt.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 52224 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msfeedsbs.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 27648 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\jsproxy.dll
+ 2010-01-01 05:55 . 2010-01-01 05:55 13824 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieudinit.exe
+ 2010-01-05 08:57 . 2010-01-05 08:57 44544 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iernonce.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 78336 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieencode.dll
+ 2010-01-01 05:55 . 2010-01-01 05:55 70656 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ie4uinit.exe
+ 2010-01-05 08:57 . 2010-01-05 08:57 63488 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\icardie.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 17408 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\corpol.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB978037\update\spcustom.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB978037\spmsg.dll
+ 2009-12-14 06:10 . 2009-12-14 06:10 33280 c:\windows\$hf_mig$\KB978037\SP3QFE\csrsrv.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB977914\update\spcustom.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB977914\spmsg.dll
+ 2009-11-27 15:28 . 2009-11-27 15:28 28672 c:\windows\$hf_mig$\KB977914\SP3QFE\msvidc32.dll
+ 2009-11-27 15:28 . 2009-11-27 15:28 11264 c:\windows\$hf_mig$\KB977914\SP3QFE\msrle32.dll
+ 2009-11-27 15:28 . 2009-11-27 15:28 48128 c:\windows\$hf_mig$\KB977914\SP3QFE\iyuv_32.dll
+ 2009-11-27 15:28 . 2009-11-27 15:28 84992 c:\windows\$hf_mig$\KB977914\SP3QFE\avifil32.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977816\update\spcustom.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB977816\spmsg.dll
+ 2010-02-13 04:42 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB977165\update\spcustom.dll
+ 2010-02-13 04:42 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB977165\spmsg.dll
+ 2009-11-05 03:21 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB976749-IE7\update\spcustom.dll
+ 2009-11-05 03:21 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB976749-IE7\spmsg.dll
+ 2010-02-26 03:08 . 2008-07-08 12:02 26488 c:\windows\$hf_mig$\KB976662-IE8\update\spcustom.dll
+ 2010-02-26 03:08 . 2008-07-08 12:02 17272 c:\windows\$hf_mig$\KB976662-IE8\spmsg.dll
+ 2010-01-27 20:59 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB976325-IE8\update\spcustom.dll
+ 2010-01-27 20:59 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB976325-IE8\spmsg.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 12800 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\xpshims.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 55296 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\msfeedsbs.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 25600 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\jsproxy.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB976325-IE7\update\spcustom.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB976325-IE7\spmsg.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 44544 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\pngfilt.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 52224 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\msfeedsbs.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 27648 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\jsproxy.dll
+ 2009-10-28 13:05 . 2009-10-28 13:05 13824 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieudinit.exe
+ 2009-10-29 06:45 . 2009-10-29 06:45 44544 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iernonce.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 78336 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieencode.dll
+ 2009-10-28 13:05 . 2009-10-28 13:05 70656 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ie4uinit.exe
+ 2009-10-29 06:45 . 2009-10-29 06:45 63488 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\icardie.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 17408 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\corpol.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB975713\update\spcustom.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB975713\spmsg.dll
+ 2010-03-12 04:03 . 2008-07-08 12:02 26488 c:\windows\$hf_mig$\KB975561\update\spcustom.dll
+ 2010-03-12 04:03 . 2008-07-08 12:02 17272 c:\windows\$hf_mig$\KB975561\spmsg.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB975560\update\spcustom.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB975560\spmsg.dll
+ 2009-11-27 16:23 . 2009-11-27 16:23 17920 c:\windows\$hf_mig$\KB975560\SP3QFE\msyuv.dll
+ 2009-12-10 04:03 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB974392\update\spcustom.dll
+ 2009-12-10 04:03 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB974392\spmsg.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB974318\update\spcustom.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB974318\spmsg.dll
+ 2009-10-12 12:28 . 2009-10-12 12:28 79872 c:\windows\$hf_mig$\KB974318\SP3QFE\raschap.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB973904\update\spcustom.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB973904\spmsg.dll
+ 2009-11-25 03:48 . 2008-07-08 12:02 26488 c:\windows\$hf_mig$\KB973687\update\spcustom.dll
+ 2009-11-25 03:48 . 2008-07-08 12:02 17272 c:\windows\$hf_mig$\KB973687\spmsg.dll
+ 2010-01-14 04:49 . 2008-07-08 12:02 26488 c:\windows\$hf_mig$\KB972270\update\spcustom.dll
+ 2010-01-14 04:49 . 2008-07-08 12:02 17272 c:\windows\$hf_mig$\KB972270\spmsg.dll
+ 2010-01-13 14:17 . 2009-10-15 15:39 81920 c:\windows\$hf_mig$\KB972270\SP3QFE\fontsub.dll
+ 2010-01-29 04:13 . 2008-07-08 12:02 26488 c:\windows\$hf_mig$\KB971961-IE8\update\spcustom.dll
+ 2010-01-29 04:13 . 2008-07-08 12:02 17272 c:\windows\$hf_mig$\KB971961-IE8\spmsg.dll
+ 2009-12-10 04:03 . 2008-07-08 12:02 26488 c:\windows\$hf_mig$\KB971737\update\spcustom.dll
+ 2009-12-10 04:03 . 2008-07-08 12:02 17272 c:\windows\$hf_mig$\KB971737\spmsg.dll
+ 2010-02-13 04:44 . 2008-07-08 12:02 26488 c:\windows\$hf_mig$\KB971468\update\spcustom.dll
+ 2010-02-13 04:44 . 2008-07-08 12:02 17272 c:\windows\$hf_mig$\KB971468\spmsg.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB970430\update\spcustom.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB970430\spmsg.dll
+ 2009-10-21 04:40 . 2009-10-21 04:40 75776 c:\windows\$hf_mig$\KB970430\SP3QFE\strmfilt.dll
+ 2009-10-21 04:40 . 2009-10-21 04:40 25088 c:\windows\$hf_mig$\KB970430\SP3QFE\httpapi.dll
+ 2009-11-11 04:01 . 2008-07-08 12:02 26488 c:\windows\$hf_mig$\KB969947\update\spcustom.dll
+ 2009-11-11 04:01 . 2008-07-08 12:02 17272 c:\windows\$hf_mig$\KB969947\spmsg.dll
+ 2010-01-14 04:49 . 2009-05-26 10:40 26488 c:\windows\$hf_mig$\KB955759\update\spcustom.dll
+ 2010-01-14 04:49 . 2009-05-26 10:40 17272 c:\windows\$hf_mig$\KB955759\spmsg.dll
+ 2009-11-27 15:07 . 2009-11-27 15:07 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2010-01-27 20:59 . 2009-03-08 09:35 2048 c:\windows\ie8updates\KB978506-IE8\iecompat.dll
+ 2009-11-27 15:07 . 2009-11-27 15:07 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 4096 c:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 4608 c:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2010-02-13 04:43 . 2004-08-04 17:00 8192 c:\windows\$NtUninstallKB977914$\tsbyuv.dll
+ 2009-11-27 15:28 . 2009-11-27 15:28 8704 c:\windows\$hf_mig$\KB977914\SP3QFE\tsbyuv.dll
+ 2009-03-23 01:19 . 2009-01-07 23:21 121856 c:\windows\system32\xmllite.dll
- 2009-03-23 01:19 . 2008-04-14 10:42 121856 c:\windows\system32\xmllite.dll
+ 2009-11-24 23:27 . 2002-11-05 17:34 188416 c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
+ 2010-02-06 16:06 . 2008-02-15 18:12 151040 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igxpgd32.dll
+ 2010-02-06 16:06 . 2008-02-15 18:21 147456 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igxpco32.dll
+ 2010-02-06 16:06 . 2008-02-15 18:01 294912 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igldev32.dll
+ 2010-02-06 16:06 . 2008-02-15 17:45 163840 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxzoom.exe
+ 2010-02-06 16:06 . 2008-02-15 17:46 135168 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxtray.exe
+ 2010-02-06 16:06 . 2008-02-28 20:00 256536 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxsrvc.exe
+ 2010-02-06 16:06 . 2008-02-15 17:46 204800 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxpph.dll
+ 2010-02-06 16:06 . 2008-02-28 20:00 137752 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxpers.exe
+ 2010-02-06 16:06 . 2008-02-15 17:46 163840 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxext.exe
+ 2010-02-06 16:06 . 2008-02-15 17:46 135168 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxdo.dll
+ 2010-02-06 16:06 . 2008-02-15 17:45 208896 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxdev.dll
+ 2010-02-06 16:06 . 2008-02-15 17:48 524288 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxcfg.exe
+ 2010-02-06 16:06 . 2008-02-28 20:00 166424 c:\windows\system32\ReinstallBackups\0018\DriverFiles\hkcmd.exe
+ 2010-02-06 16:06 . 2008-02-15 17:45 102400 c:\windows\system32\ReinstallBackups\0018\DriverFiles\hccutils.dll
+ 2010-02-06 16:06 . 2008-02-15 18:12 151040 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igxpgd32.dll
+ 2010-02-06 16:06 . 2008-02-15 18:21 147456 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igxpco32.dll
+ 2010-02-06 16:06 . 2008-02-15 18:01 294912 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igldev32.dll
+ 2010-02-06 16:06 . 2008-02-28 20:00 170520 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxzoom.exe
+ 2010-02-06 16:06 . 2008-02-28 20:00 141848 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxtray.exe
+ 2010-02-06 16:06 . 2008-02-28 20:00 256536 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxsrvc.exe
+ 2010-02-06 16:06 . 2008-02-15 17:46 204800 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxpph.dll
+ 2010-02-06 16:06 . 2008-02-28 20:00 137752 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxpers.exe
+ 2010-02-06 16:06 . 2008-02-28 20:00 170520 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxext.exe
+ 2010-02-06 16:06 . 2008-02-15 17:46 135168 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxdo.dll
+ 2010-02-06 16:06 . 2008-02-15 17:45 208896 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxdev.dll
+ 2010-02-06 16:06 . 2008-02-28 20:00 530968 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxcfg.exe
+ 2010-02-06 16:06 . 2008-02-28 20:00 166424 c:\windows\system32\ReinstallBackups\0017\DriverFiles\hkcmd.exe
+ 2010-02-06 16:06 . 2008-02-15 17:45 102400 c:\windows\system32\ReinstallBackups\0017\DriverFiles\hccutils.dll
+ 2010-03-31 05:10 . 2010-03-31 05:10 295264 c:\windows\system32\PresentationHost.exe
+ 2009-11-07 06:07 . 2009-11-07 06:07 297808 c:\windows\system32\mscoree.dll
+ 2009-10-27 03:59 . 2010-01-14 16:12 181120 c:\windows\system32\MpSigStub.exe
+ 2009-10-28 02:40 . 2009-10-28 02:40 257440 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-11-02 23:24 . 2009-11-02 23:24 257440 c:\windows\system32\Macromed\Flash\FlashUtil10d.exe
+ 2010-01-16 14:47 . 2009-10-11 09:17 149280 c:\windows\system32\javaws.exe
- 2009-08-22 01:37 . 2009-08-22 01:36 149280 c:\windows\system32\javaws.exe
+ 2010-01-16 14:47 . 2009-10-11 09:17 145184 c:\windows\system32\javaw.exe
- 2009-08-22 01:37 . 2009-08-22 01:36 145184 c:\windows\system32\javaw.exe
+ 2010-01-16 14:47 . 2009-10-11 09:17 145184 c:\windows\system32\java.exe
- 2009-08-22 01:37 . 2009-08-22 01:36 145184 c:\windows\system32\java.exe
+ 2009-03-23 01:29 . 2008-03-07 17:56 920088 c:\windows\system32\igxpun.exe
- 2009-03-23 01:29 . 2008-02-28 20:00 920088 c:\windows\system32\igxpun.exe
- 2009-03-23 01:29 . 2008-02-15 18:01 294912 c:\windows\system32\igldev32.dll
+ 2009-03-23 01:29 . 2008-02-15 18:01 294912 c:\windows\system32\igldev32.dll
+ 2009-03-23 01:29 . 2008-02-15 17:45 163840 c:\windows\system32\igfxzoom.exe
+ 2009-03-23 01:29 . 2008-02-15 17:46 135168 c:\windows\system32\igfxtray.exe
+ 2009-03-23 01:29 . 2008-02-15 17:46 249856 c:\windows\system32\igfxsrvc.exe
+ 2010-02-06 16:08 . 2008-02-15 17:45 172032 c:\windows\system32\igfxres.dll
- 2009-03-23 01:30 . 2008-02-15 17:45 172032 c:\windows\system32\igfxres.dll
+ 2009-03-23 01:29 . 2008-02-15 17:46 131072 c:\windows\system32\igfxpers.exe
+ 2009-03-23 01:29 . 2008-02-15 17:46 163840 c:\windows\system32\igfxext.exe
- 2009-03-23 01:29 . 2008-02-15 17:46 135168 c:\windows\system32\igfxdo.dll
+ 2009-03-23 01:29 . 2008-02-15 17:46 135168 c:\windows\system32\igfxdo.dll
+ 2009-03-23 01:29 . 2008-02-15 17:48 524288 c:\windows\system32\igfxcfg.exe
+ 2009-03-23 01:29 . 2008-02-15 17:46 159744 c:\windows\system32\hkcmd.exe
- 2009-08-19 03:01 . 2008-04-17 17:12 107368 c:\windows\system32\GEARAspi.dll
+ 2009-08-19 03:01 . 2008-04-17 21:12 107368 c:\windows\system32\GEARAspi.dll
+ 2009-03-23 01:29 . 2008-02-15 18:12 151040 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxpgd32.dll
- 2009-03-23 01:29 . 2008-02-15 18:12 151040 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxpgd32.dll
- 2009-03-23 01:29 . 2008-02-15 18:21 147456 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxpco32.dll
+ 2009-03-23 01:29 . 2008-02-15 18:21 147456 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxpco32.dll
+ 2009-03-23 01:29 . 2008-02-15 18:11 104636 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igmedcompkrn.dll
- 2009-03-23 01:29 . 2008-02-15 18:11 104636 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igmedcompkrn.dll
- 2009-03-23 01:29 . 2008-02-15 18:01 294912 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igldev32.dll
+ 2009-03-23 01:29 . 2008-02-15 18:01 294912 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igldev32.dll
+ 2009-03-23 01:29 . 2008-02-15 17:45 163840 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxzoom.exe
+ 2009-03-23 01:29 . 2008-02-15 17:46 135168 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxtray.exe
+ 2009-03-23 01:29 . 2008-02-15 17:46 249856 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxsrvc.exe
+ 2009-03-23 01:29 . 2008-02-15 17:46 204800 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxpph.dll
- 2009-03-23 01:29 . 2008-02-15 17:46 204800 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxpph.dll
+ 2009-03-23 01:29 . 2008-02-15 17:46 131072 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxpers.exe
+ 2009-03-23 01:29 . 2008-02-15 17:46 163840 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxext.exe
- 2009-03-23 01:29 . 2008-02-15 17:46 135168 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxdo.dll
+ 2009-03-23 01:29 . 2008-02-15 17:46 135168 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxdo.dll
+ 2009-03-23 01:29 . 2008-02-15 17:45 208896 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxdev.dll
- 2009-03-23 01:29 . 2008-02-15 17:45 208896 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxdev.dll
+ 2009-03-23 01:29 . 2008-02-15 17:48 524288 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxcfg.exe
+ 2009-03-23 01:29 . 2008-02-15 17:46 159744 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\hkcmd.exe
- 2009-03-23 01:29 . 2008-02-15 17:45 102400 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\hccutils.dll
+ 2009-03-23 01:29 . 2008-02-15 17:45 102400 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\hccutils.dll
+ 2010-02-17 20:03 . 2008-04-17 21:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspi.dll
+ 2010-06-01 20:56 . 2010-05-06 04:02 339504 c:\windows\system32\drivers\N360\0402000.00C\symtdiv.sys
+ 2010-06-01 20:56 . 2010-05-06 04:02 361904 c:\windows\system32\drivers\N360\0402000.00C\symtdi.sys
+ 2010-06-01 20:56 . 2010-04-22 03:02 173104 c:\windows\system32\drivers\N360\0402000.00C\symefa.sys
+ 2010-06-01 20:56 . 2009-10-15 03:50 328752 c:\windows\system32\drivers\N360\0402000.00C\symds.sys
+ 2010-06-01 20:56 . 2010-04-22 02:29 325680 c:\windows\system32\drivers\N360\0402000.00C\srtsp.sys
+ 2010-06-01 20:56 . 2010-04-29 05:03 116784 c:\windows\system32\drivers\N360\0402000.00C\ironx86.sys
+ 2010-06-01 20:56 . 2010-02-26 00:22 501888 c:\windows\system32\drivers\N360\0402000.00C\cchpx86.sys
+ 2010-04-08 18:20 . 2010-04-08 18:20 107808 c:\windows\system32\dns-sd.exe
+ 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
- 2009-07-29 04:37 . 2009-07-29 04:37 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-07-29 04:37 . 2009-10-15 15:28 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-08-26 01:23 . 2009-12-31 15:50 353792 c:\windows\system32\dllcache\srv.sys
+ 2009-10-12 12:38 . 2009-10-12 12:38 149504 c:\windows\system32\dllcache\rastls.dll
+ 2009-10-13 09:30 . 2009-10-13 09:30 270336 c:\windows\system32\dllcache\oakley.dll
+ 2009-12-16 17:43 . 2009-12-16 17:43 343040 c:\windows\system32\dllcache\mspaint.exe
+ 2009-06-29 16:12 . 2010-05-06 11:41 599040 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-08-26 01:23 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys
+ 2009-08-26 01:23 . 2010-01-29 15:01 691712 c:\windows\system32\dllcache\inetcomm.dll
- 2009-08-26 01:23 . 2008-04-11 19:04 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2010-01-27 20:59 . 2010-05-06 11:41 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-06-29 16:12 . 2009-03-08 09:11 445952 c:\windows\system32\dllcache\ieapfltr.dll
+ 2009-10-20 15:20 . 2009-10-20 15:20 265728 c:\windows\system32\dllcache\http.sys
+ 2010-04-20 06:30 . 2010-04-20 06:30 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2010-01-13 14:17 . 2009-11-21 14:51 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2010-02-12 04:33 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2009-03-23 01:29 . 2006-11-10 13:25 319456 c:\windows\system32\difxapi.dll
- 2009-03-23 01:29 . 2006-11-10 13:25 319456 c:\windows\system32\difxapi.dll
+ 2009-08-22 01:37 . 2009-10-11 09:17 411368 c:\windows\system32\deploytk.dll
- 2009-08-22 01:37 . 2009-08-22 01:36 411368 c:\windows\system32\deploytk.dll
+ 2010-03-31 05:16 . 2010-03-31 05:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-08 04:48 . 2010-04-08 04:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-30 00:16 . 2008-07-30 00:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-08 04:48 . 2010-04-08 04:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-03-23 10:31 . 2010-03-23 10:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 17:22 . 2010-02-09 17:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2009-11-11 00:39 . 2009-11-11 00:39 501248 c:\windows\Installer\882be.msi
+ 2009-11-11 00:39 . 2009-11-11 00:39 501248 c:\windows\Installer\882a6.msi
+ 2009-11-11 00:39 . 2009-11-11 00:39 506880 c:\windows\Installer\882a0.msi
+ 2009-11-11 00:39 . 2009-11-11 00:39 516608 c:\windows\Installer\8829a.msi
+ 2009-11-11 00:39 . 2009-11-11 00:39 513024 c:\windows\Installer\88294.msi
+ 2009-11-11 00:38 . 2009-11-11 00:38 501248 c:\windows\Installer\88273.msi
+ 2009-11-14 14:30 . 2009-11-14 14:30 199168 c:\windows\Installer\4c538e.msi
+ 2009-11-14 14:29 . 2009-11-14 14:29 213504 c:\windows\Installer\4c5388.msi
+ 2009-11-14 14:29 . 2009-11-14 14:29 390656 c:\windows\Installer\4c5382.msi
+ 2009-11-15 04:41 . 2009-11-15 04:41 432640 c:\windows\Installer\3586a74.msi
+ 2009-11-25 03:48 . 2009-11-25 03:48 429568 c:\windows\Installer\2318116.msi
+ 2010-04-27 21:13 . 2010-04-27 21:14 791552 c:\windows\Installer\1e29297.msi
+ 2009-11-24 23:24 . 2009-11-24 23:24 786432 c:\windows\Installer\13fcdf5.msi
+ 2010-02-25 05:14 . 2010-02-25 05:14 543232 c:\windows\Installer\12d19a70.msp
+ 2010-07-07 16:51 . 2010-07-07 16:51 295606 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
+ 2009-11-11 00:42 . 2009-11-11 00:42 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-11-11 00:42 . 2009-11-11 00:42 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-11-11 00:42 . 2009-11-11 00:42 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-11-11 00:42 . 2009-11-11 00:42 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-11-11 00:42 . 2009-11-11 00:42 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
+ 2009-11-11 00:37 . 2009-11-11 00:37 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2010-04-27 21:21 . 2010-04-27 21:21 372736 c:\windows\Installer\{4FB120F8-622C-4260-AB49-0F43A59CCF2A}\iTunesIco.exe
+ 2010-06-18 04:19 . 2010-02-25 05:24 916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-06-18 04:19 . 2010-02-22 15:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-06-18 04:19 . 2008-07-08 14:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-06-18 04:19 . 2010-02-25 06:24 206848 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-06-18 04:19 . 2010-02-25 06:24 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-06-18 04:19 . 2010-02-25 06:24 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-06-18 04:19 . 2010-02-25 05:24 247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-06-18 04:19 . 2010-02-25 05:24 184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-06-18 04:19 . 2009-03-08 09:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-06-18 04:19 . 2010-02-25 06:24 387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-06-18 04:19 . 2010-02-24 09:54 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-04-16 04:17 . 2009-03-08 09:33 420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2010-03-31 16:41 . 2009-12-21 18:14 916480 c:\windows\ie8updates\KB980182-IE8\wininet.dll
+ 2010-03-31 16:41 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB980182-IE8\spuninst\updspapi.dll
+ 2010-03-31 16:41 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB980182-IE8\spuninst\spuninst.exe
+ 2010-03-31 16:41 . 2009-12-21 18:14 206848 c:\windows\ie8updates\KB980182-IE8\occache.dll
+ 2010-03-31 16:41 . 2009-03-08 09:32 611840 c:\windows\ie8updates\KB980182-IE8\mstime.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 594432 c:\windows\ie8updates\KB980182-IE8\msfeeds.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 246272 c:\windows\ie8updates\KB980182-IE8\ieproxy.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 184320 c:\windows\ie8updates\KB980182-IE8\iepeers.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 387584 c:\windows\ie8updates\KB980182-IE8\iedkcs32.dll
+ 2010-03-31 16:41 . 2009-12-21 12:19 173056 c:\windows\ie8updates\KB980182-IE8\ie4uinit.exe
+ 2010-01-27 20:59 . 2008-07-08 12:02 382840 c:\windows\ie8updates\KB978506-IE8\spuninst\updspapi.dll
+ 2010-01-27 20:59 . 2008-07-08 12:02 231288 c:\windows\ie8updates\KB978506-IE8\spuninst\spuninst.exe
+ 2010-01-27 20:59 . 2009-10-29 06:45 916480 c:\windows\ie8updates\KB978207-IE8\wininet.dll
+ 2010-01-27 20:59 . 2009-05-26 10:40 382840 c:\windows\ie8updates\KB978207-IE8\spuninst\updspapi.dll
+ 2010-01-27 20:59 . 2008-07-08 12:02 231288 c:\windows\ie8updates\KB978207-IE8\spuninst\spuninst.exe
+ 2010-01-27 20:59 . 2009-10-29 06:45 206848 c:\windows\ie8updates\KB978207-IE8\occache.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 594432 c:\windows\ie8updates\KB978207-IE8\msfeeds.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 246272 c:\windows\ie8updates\KB978207-IE8\ieproxy.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 184320 c:\windows\ie8updates\KB978207-IE8\iepeers.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 387584 c:\windows\ie8updates\KB978207-IE8\iedkcs32.dll
+ 2010-01-27 20:59 . 2009-10-28 13:40 173056 c:\windows\ie8updates\KB978207-IE8\ie4uinit.exe
+ 2010-02-26 03:08 . 2008-07-08 12:02 382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-02-26 03:08 . 2008-07-08 12:02 231288 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-02-26 03:08 . 2009-06-22 05:44 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2010-01-27 20:59 . 2009-03-08 09:34 914944 c:\windows\ie8updates\KB976325-IE8\wininet.dll
+ 2010-01-27 20:59 . 2009-05-26 10:40 382840 c:\windows\ie8updates\KB976325-IE8\spuninst\updspapi.dll
+ 2010-01-27 20:59 . 2009-05-26 10:40 231288 c:\windows\ie8updates\KB976325-IE8\spuninst\spuninst.exe
+ 2010-01-27 20:59 . 2009-03-08 09:34 109568 c:\windows\ie8updates\KB976325-IE8\occache.dll
+ 2010-01-27 20:59 . 2009-03-08 09:32 594432 c:\windows\ie8updates\KB976325-IE8\msfeeds.dll
+ 2010-01-27 20:59 . 2009-03-08 09:33 246784 c:\windows\ie8updates\KB976325-IE8\ieproxy.dll
+ 2010-01-27 20:59 . 2009-03-08 09:31 183808 c:\windows\ie8updates\KB976325-IE8\iepeers.dll
+ 2010-01-27 20:59 . 2009-03-08 19:09 391536 c:\windows\ie8updates\KB976325-IE8\iedkcs32.dll
+ 2010-01-27 20:59 . 2009-03-08 09:32 173056 c:\windows\ie8updates\KB976325-IE8\ie4uinit.exe
+ 2010-01-29 04:13 . 2008-07-08 12:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2010-01-29 04:13 . 2008-07-08 12:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2010-01-29 04:13 . 2009-03-08 09:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 832512 c:\windows\ie8\wininet.dll
+ 2010-01-27 20:56 . 2007-08-13 23:45 206336 c:\windows\ie8\winfxdocobj.exe
+ 2010-01-27 20:56 . 2010-01-05 09:00 233472 c:\windows\ie8\webcheck.dll
+ 2010-01-27 20:56 . 2008-05-27 17:23 765952 c:\windows\ie8\vgx.dll
+ 2010-01-27 20:56 . 2008-05-09 10:53 430080 c:\windows\ie8\vbscript.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 105984 c:\windows\ie8\url.dll
+ 2010-01-27 20:58 . 2009-01-07 23:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2010-01-27 20:58 . 2009-01-07 23:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2010-01-27 20:56 . 2006-09-06 22:43 213216 c:\windows\ie8\spuninst.exe
+ 2010-01-27 20:56 . 2010-01-05 09:00 102912 c:\windows\ie8\occache.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 671232 c:\windows\ie8\mstime.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 193024 c:\windows\ie8\msrating.dll
+ 2010-01-27 20:56 . 2007-08-13 23:54 156160 c:\windows\ie8\msls31.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 477696 c:\windows\ie8\mshtmled.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 459264 c:\windows\ie8\msfeeds.dll
+ 2010-01-27 20:56 . 2009-08-13 15:16 512000 c:\windows\ie8\jscript.dll
+ 2010-01-27 20:56 . 2009-12-18 12:05 634648 c:\windows\ie8\iexplore.exe
+ 2010-01-27 20:56 . 2007-08-13 23:54 180736 c:\windows\ie8\ieui.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 268288 c:\windows\ie8\iertutil.dll
+ 2010-01-27 20:56 . 2007-08-13 23:54 287744 c:\windows\ie8\ieproxy.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 192512 c:\windows\ie8\iepeers.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 385024 c:\windows\ie8\iedkcs32.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 380928 c:\windows\ie8\ieapfltr.dll
+ 2010-01-27 20:56 . 2009-12-18 12:04 161792 c:\windows\ie8\ieakui.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 230400 c:\windows\ie8\ieaksie.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 153088 c:\windows\ie8\ieakeng.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 214528 c:\windows\ie8\dxtrans.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 347136 c:\windows\ie8\dxtmsft.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 124928 c:\windows\ie8\advpack.dll
+ 2010-01-22 05:17 . 2009-10-29 06:47 832512 c:\windows\ie7updates\KB978207-IE7\wininet.dll
+ 2010-01-22 05:17 . 2009-10-29 06:47 233472 c:\windows\ie7updates\KB978207-IE7\webcheck.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 105984 c:\windows\ie7updates\KB978207-IE7\url.dll
+ 2010-01-22 05:17 . 2009-05-26 10:40 382840 c:\windows\ie7updates\KB978207-IE7\spuninst\updspapi.dll
+ 2010-01-22 05:17 . 2009-05-26 10:40 231288 c:\windows\ie7updates\KB978207-IE7\spuninst\spuninst.exe
+ 2010-01-22 05:17 . 2009-10-29 06:46 102912 c:\windows\ie7updates\KB978207-IE7\occache.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 671232 c:\windows\ie7updates\KB978207-IE7\mstime.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 193024 c:\windows\ie7updates\KB978207-IE7\msrating.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 477696 c:\windows\ie7updates\KB978207-IE7\mshtmled.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 459264 c:\windows\ie7updates\KB978207-IE7\msfeeds.dll
+ 2010-01-22 05:17 . 2009-10-28 05:54 634632 c:\windows\ie7updates\KB978207-IE7\iexplore.exe
+ 2010-01-22 05:17 . 2009-10-29 06:46 268288 c:\windows\ie7updates\KB978207-IE7\iertutil.dll
+ 2010-01-22 05:17 . 2007-08-13 23:54 191488 c:\windows\ie7updates\KB978207-IE7\iepeers.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 385024 c:\windows\ie7updates\KB978207-IE7\iedkcs32.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 380928 c:\windows\ie7updates\KB978207-IE7\ieapfltr.dll
+ 2010-01-22 05:17 . 2009-10-28 05:52 161792 c:\windows\ie7updates\KB978207-IE7\ieakui.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 230400 c:\windows\ie7updates\KB978207-IE7\ieaksie.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 153088 c:\windows\ie7updates\KB978207-IE7\ieakeng.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 133120 c:\windows\ie7updates\KB978207-IE7\extmgr.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 214528 c:\windows\ie7updates\KB978207-IE7\dxtrans.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 347136 c:\windows\ie7updates\KB978207-IE7\dxtmsft.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 124928 c:\windows\ie7updates\KB978207-IE7\advpack.dll
+ 2009-11-05 03:21 . 2009-05-26 10:40 382840 c:\windows\ie7updates\KB976749-IE7\spuninst\updspapi.dll
+ 2009-11-05 03:21 . 2009-05-26 10:40 231288 c:\windows\ie7updates\KB976749-IE7\spuninst\spuninst.exe
+ 2009-12-10 04:04 . 2009-08-29 07:36 832512 c:\windows\ie7updates\KB976325-IE7\wininet.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 233472 c:\windows\ie7updates\KB976325-IE7\webcheck.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 105984 c:\windows\ie7updates\KB976325-IE7\url.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 382840 c:\windows\ie7updates\KB976325-IE7\spuninst\updspapi.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 231288 c:\windows\ie7updates\KB976325-IE7\spuninst\spuninst.exe
+ 2009-12-10 04:04 . 2009-08-29 07:36 102912 c:\windows\ie7updates\KB976325-IE7\occache.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 671232 c:\windows\ie7updates\KB976325-IE7\mstime.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 193024 c:\windows\ie7updates\KB976325-IE7\msrating.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 477696 c:\windows\ie7updates\KB976325-IE7\mshtmled.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 459264 c:\windows\ie7updates\KB976325-IE7\msfeeds.dll
+ 2009-12-10 04:04 . 2009-08-27 05:18 634648 c:\windows\ie7updates\KB976325-IE7\iexplore.exe
+ 2009-12-10 04:04 . 2009-08-29 07:36 268288 c:\windows\ie7updates\KB976325-IE7\iertutil.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 385024 c:\windows\ie7updates\KB976325-IE7\iedkcs32.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 380928 c:\windows\ie7updates\KB976325-IE7\ieapfltr.dll
+ 2009-12-10 04:04 . 2009-08-27 05:18 161792 c:\windows\ie7updates\KB976325-IE7\ieakui.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 230400 c:\windows\ie7updates\KB976325-IE7\ieaksie.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 153088 c:\windows\ie7updates\KB976325-IE7\ieakeng.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 133120 c:\windows\ie7updates\KB976325-IE7\extmgr.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 214528 c:\windows\ie7updates\KB976325-IE7\dxtrans.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 347136 c:\windows\ie7updates\KB976325-IE7\dxtmsft.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 124928 c:\windows\ie7updates\KB976325-IE7\advpack.dll
+ 2009-08-26 01:23 . 2010-02-24 13:11 455680 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-10-20 15:20 . 2009-10-20 15:20 265728 c:\windows\Driver Cache\i386\http.sys
+ 2010-02-06 01:52 . 2010-02-06 01:52 464272 c:\windows\Downloaded Program Files\wlscBase.dll
+ 2009-04-03 15:26 . 2009-04-03 15:26 354608 c:\windows\Downloaded Program Files\sysreqlab_nvd.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe
+ 2010-06-26 14:19 . 2010-06-26 14:19 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b3a9fac9aea3ad913781fafbdcbb0cae\WindowsFormsIntegration.ni.dll
+ 2010-06-18 13:06 . 2010-06-18 13:06 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a7c702f75d47bf841b9587e582c2d0b2\WindowsFormsIntegration.ni.dll
+ 2010-06-26 14:19 . 2010-06-26 14:19 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\4131a3627fec69291dbaed236f30dc65\UIAutomationClient.ni.dll
+ 2010-06-18 13:06 . 2010-06-18 13:06 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\3a78043c85333d5af49a0d958912ae4a\UIAutomationClient.ni.dll
+ 2010-06-18 15:05 . 2010-06-18 15:05 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\747e84d81d1de2041661f0f71b04734a\System.Xml.Linq.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll
+ 2010-06-18 13:05 . 2010-06-18 13:05 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll
+ 2010-06-18 15:04 . 2010-06-18 15:04 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e8ef769b3e899e62b26daadee50b97ed\System.Web.Extensions.Design.ni.dll
+ 2010-06-18 15:04 . 2010-06-18 15:04 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll
+ 2010-06-18 15:04 . 2010-06-18 15:04 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ad04fe1182e55e7c01066b62a4bee6b5\System.Web.Entity.Design.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:04 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll
+ 2010-06-18 04:19 . 2010-06-18 04:19 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll
+ 2010-06-18 13:05 . 2010-06-18 13:05 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
+ 2010-06-18 04:12 . 2010-06-18 04:12 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll
+ 2010-06-18 04:16 . 2010-06-18 04:16 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-06-18 04:19 . 2010-06-18 04:19 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2077ce69bd24a095dd54683ae26454d4\System.Runtime.Remoting.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\f90965b9d9a6a6604c9a66f57c37c026\System.Net.ni.dll
+ 2010-06-18 15:05 . 2010-06-18 15:05 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\07da2b0e44d62f3c65d6516f4e2f94bb\System.Messaging.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e6bd59fec415e273c173170c6508180a\System.Management.Instrumentation.ni.dll
+ 2010-06-18 14:58 . 2010-06-18 14:58 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e3eb86170cba4c80e6e22ca33c63c218\System.IO.Log.ni.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cfa48936affc9a5fb89f0bf66cc52a47\System.IdentityModel.Selectors.ni.dll
+ 2010-06-18 04:19 . 2010-06-18 04:19 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.Wrapper.dll
+ 2010-06-18 04:19 . 2010-06-18 04:19 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.ni.dll
+ 2010-06-18 13:05 . 2010-06-18 13:05 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\aeba6820f20655dec7fe0fe05aaeb818\System.Drawing.Design.ni.dll
+ 2010-06-18 13:05 . 2010-06-18 13:05 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9ef70079beca3a9982a3aa76ebc0ddd8\System.DirectoryServices.Protocols.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\277619716d9136216065bea970365c65\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\90b67e13866b176ae6cbdb23144f724d\System.Data.Services.Client.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\131a477d41a8669b15696128b94c2636\System.Data.Services.Design.ni.dll
+ 2010-06-18 15:02 . 2010-06-18 15:02 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\d4990681ce373d81a52b231ee4c4afea\System.Data.Entity.Design.ni.dll
+ 2010-06-18 15:01 . 2010-06-18 15:01 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\9e9d66a3a0e16fceead505c25af569eb\System.Data.DataSetExtensions.ni.dll
+ 2010-06-18 04:11 . 2010-06-18 04:11 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
+ 2010-06-18 13:05 . 2010-06-18 13:05 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\39e4f9a276fb12125d8a1444d8b65a84\System.Configuration.Install.ni.dll
+ 2010-06-18 15:01 . 2010-06-18 15:01 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\849916c5cb3ff7763d15a3976766c2f6\System.AddIn.ni.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\f38a426b90e6c526dcb2c435c7380450\SMSvcHost.ni.exe
+ 2010-06-18 14:59 . 2010-06-18 15:00 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6cabc7d1700c224e8b41ff2f96a3087c\SMDiagnostics.ni.dll
+ 2010-06-18 14:59 . 2010-06-18 14:59 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5c8f5ca36498f43980d64820d8186c8a\ServiceModelReg.ni.exe
+ 2010-06-18 13:06 . 2010-06-18 13:06 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ae733e4062edba3a33bb0a632bef66bf\PresentationFramework.Royale.ni.dll
+ 2010-06-26 14:18 . 2010-06-26 14:18 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a10c2c7e38291c3ada631ad13e762818\PresentationFramework.Aero.ni.dll
+ 2010-06-26 14:18 . 2010-06-26 14:18 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7579c76fa81eb309d3170b62467be58d\PresentationFramework.Luna.ni.dll
+ 2010-06-18 13:05 . 2010-06-18 13:05 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3ffad524016f0aba7b11a8aa33301a65\PresentationFramework.Aero.ni.dll
+ 2010-06-26 14:18 . 2010-06-26 14:18 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bef0992fb684e71dbfab5c0a99316af\PresentationFramework.Classic.ni.dll
+ 2010-06-26 14:18 . 2010-06-26 14:18 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2f6687d394813d760496f60acf046384\PresentationFramework.Royale.ni.dll
+ 2010-06-18 13:05 . 2010-06-18 13:05 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\201968d038a23a4688310fed1eeaddaa\PresentationFramework.Classic.ni.dll
+ 2010-06-18 13:05 . 2010-06-18 13:06 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ead87ca8eb84c595c77c70e3b2df88d\PresentationFramework.Luna.ni.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7700963610c1af364aa934c3c824b7b4\MSBuild.ni.exe
+ 2010-06-18 14:59 . 2010-06-18 14:59 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c74d4c69c49992dfb23ba512081dc3de\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-06-18 04:12 . 2010-06-18 04:12 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a6a9f24b1a8984eaafbabb1ee968e359\Microsoft.Build.Utilities.ni.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\2fa81d363cb1496be2427d848a867409\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c4c360df9c1024ebc3f0de77f5cf8b1c\Microsoft.Build.Engine.ni.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c9386dcd89c2518a74115f3bfd861830\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-06-18 14:59 . 2010-06-18 14:59 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\abb62e3ed74c974f0282bc7ea5d3f1c1\ComSvcConfig.ni.exe
+ 2010-06-18 15:00 . 2010-06-18 15:00 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\6d34f00b6a782d15bec70d6cdb00b5e8\AspNetMMCExt.ni.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-18 04:11 . 2010-06-18 04:11 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-06-18 04:11 . 2010-06-18 04:11 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-06-26 14:10 . 2010-06-26 14:10 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-06-26 14:10 . 2010-06-26 14:10 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-06-18 04:11 . 2010-06-18 04:11 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-08-19 01:46 . 2009-08-19 01:46 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 416544 c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2009-11-11 00:42 . 2009-11-11 00:42 229376 c:\windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
+ 2009-11-11 00:42 . 2009-11-11 00:42 781104 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 110592 c:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2010-05-29 14:30 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB981793$\spuninst\updspapi.dll
+ 2010-05-29 14:30 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB981793$\spuninst\spuninst.exe
+ 2010-04-16 04:19 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB980232$\spuninst\updspapi.dll
+ 2010-04-16 04:19 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB980232$\spuninst\spuninst.exe
+ 2010-04-16 04:19 . 2009-12-04 17:22 455424 c:\windows\$NtUninstallKB980232$\mrxsmb.sys
+ 2010-04-16 04:19 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979683$\spuninst\updspapi.dll
+ 2010-04-16 04:19 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB979683$\spuninst\spuninst.exe
+ 2010-04-16 04:17 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979309$\spuninst\updspapi.dll
+ 2010-04-16 04:17 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB979309$\spuninst\spuninst.exe
+ 2010-02-26 03:08 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB979306$\spuninst\updspapi.dll
+ 2010-02-26 03:08 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB979306$\spuninst\spuninst.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB978706$\spuninst\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB978706$\spuninst\spuninst.exe
+ 2010-02-13 04:43 . 2008-04-14 10:42 343040 c:\windows\$NtUninstallKB978706$\mspaint.exe
+ 2010-04-16 04:17 . 2008-04-14 10:42 176640 c:\windows\$NtUninstallKB978601$\wintrust.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978601$\spuninst\updspapi.dll
+ 2010-04-16 04:17 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB978601$\spuninst\spuninst.exe
+ 2010-05-17 05:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978542$\spuninst\updspapi.dll
+ 2010-05-17 05:03 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978542$\spuninst\spuninst.exe
+ 2010-05-17 05:03 . 2008-04-11 19:04 691712 c:\windows\$NtUninstallKB978542$\inetcomm.dll
+ 2010-04-16 04:18 . 2008-06-20 11:08 225856 c:\windows\$NtUninstallKB978338$\tcpip6.sys
+ 2010-04-16 04:18 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978338$\spuninst\updspapi.dll
+ 2010-04-16 04:18 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978338$\spuninst\spuninst.exe
+ 2010-04-16 04:18 . 2008-04-14 10:41 100352 c:\windows\$NtUninstallKB978338$\6to4svc.dll
+ 2010-02-13 04:44 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB978262$\spuninst\updspapi.dll
+ 2010-02-13 04:44 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB978262$\spuninst\spuninst.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB978251$\spuninst\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB978251$\spuninst\spuninst.exe
+ 2010-02-13 04:43 . 2008-10-24 11:21 455296 c:\windows\$NtUninstallKB978251$\mrxsmb.sys
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB978037$\spuninst\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB978037$\spuninst\spuninst.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB977914$\spuninst\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB977914$\spuninst\spuninst.exe
+ 2010-04-16 04:17 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB977816$\spuninst\updspapi.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB977816$\spuninst\spuninst.exe
+ 2010-02-13 04:42 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB977165$\spuninst\updspapi.dll
+ 2010-02-13 04:42 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB977165$\spuninst\spuninst.exe
+ 2009-11-25 03:48 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB976098-v2$\spuninst\updspapi.dll
+ 2009-11-25 03:48 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB976098-v2$\spuninst\spuninst.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB975713$\spuninst\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB975713$\spuninst\spuninst.exe
+ 2010-02-13 04:43 . 2008-04-14 10:42 474112 c:\windows\$NtUninstallKB975713$\shlwapi.dll
+ 2010-03-12 04:03 . 2009-05-26 22:10 382840 c:\windows\$NtUninstallKB975561$\spuninst\updspapi.dll
+ 2010-03-12 04:03 . 2008-07-08 12:02 231288 c:\windows\$NtUninstallKB975561$\spuninst\spuninst.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB975560$\spuninst\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB975560$\spuninst\spuninst.exe
+ 2009-12-10 04:03 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB974392$\spuninst\updspapi.dll
+ 2009-12-10 04:03 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB974392$\spuninst\spuninst.exe
+ 2009-12-10 04:03 . 2008-04-14 10:42 270336 c:\windows\$NtUninstallKB974392$\oakley.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB974318$\spuninst\updspapi.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB974318$\spuninst\spuninst.exe
+ 2009-12-10 04:04 . 2008-04-14 10:42 150016 c:\windows\$NtUninstallKB974318$\rastls.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB973904$\spuninst\updspapi.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB973904$\spuninst\spuninst.exe
+ 2009-12-10 04:04 . 2004-08-05 01:00 116288 c:\windows\$NtUninstallKB973904$\msconv97.dll
+ 2009-11-25 03:48 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB973687$\spuninst\updspapi.dll
+ 2009-11-25 03:48 . 2008-07-08 12:02 231288 c:\windows\$NtUninstallKB973687$\spuninst\spuninst.exe
+ 2010-01-14 04:49 . 2009-07-29 04:37 119808 c:\windows\$NtUninstallKB972270$\t2embed.dll
+ 2010-01-14 04:49 . 2008-07-08 12:02 382840 c:\windows\$NtUninstallKB972270$\spuninst\updspapi.dll
+ 2010-01-14 04:49 . 2008-07-08 12:02 231288 c:\windows\$NtUninstallKB972270$\spuninst\spuninst.exe
+ 2009-12-10 04:03 . 2008-12-16 12:30 354304 c:\windows\$NtUninstallKB971737$\winhttp.dll
+ 2009-12-10 04:03 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB971737$\spuninst\updspapi.dll
+ 2009-12-10 04:03 . 2008-07-08 12:02 231288 c:\windows\$NtUninstallKB971737$\spuninst\spuninst.exe
+ 2010-02-13 04:44 . 2008-12-11 10:57 333952 c:\windows\$NtUninstallKB971468$\srv.sys
+ 2010-02-13 04:44 . 2008-07-08 12:02 382840 c:\windows\$NtUninstallKB971468$\spuninst\updspapi.dll
+ 2010-02-13 04:44 . 2008-07-08 12:02 231288 c:\windows\$NtUninstallKB971468$\spuninst\spuninst.exe
+ 2009-12-10 04:04 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB970430$\spuninst\updspapi.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB970430$\spuninst\spuninst.exe
+ 2009-12-10 04:04 . 2008-04-14 05:23 264832 c:\windows\$NtUninstallKB970430$\http.sys
+ 2009-11-11 04:01 . 2009-05-26 10:40 382840 c:\windows\$NtUninstallKB969947$\spuninst\updspapi.dll
+ 2009-11-11 04:01 . 2008-07-08 12:02 231288 c:\windows\$NtUninstallKB969947$\spuninst\spuninst.exe
+ 2010-01-14 04:49 . 2009-05-26 22:10 382840 c:\windows\$NtUninstallKB955759$\spuninst\updspapi.dll
+ 2010-01-14 04:49 . 2009-05-26 10:40 231288 c:\windows\$NtUninstallKB955759$\spuninst\spuninst.exe
+ 2010-01-14 04:49 . 2008-04-14 10:41 451072 c:\windows\$NtUninstallKB955759$\aclayers.dll
+ 2010-03-20 05:06 . 2005-06-28 15:23 371424 c:\windows\$NtUninstallKB939209$\spuninst\updspapi.dll
+ 2010-03-20 05:06 . 2005-06-28 15:23 213216 c:\windows\$NtUninstallKB939209$\spuninst\spuninst.exe
+ 2010-03-20 05:06 . 2006-10-19 02:47 211456 c:\windows\$NtUninstallKB939209$\qasf.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981332-IE8\update\updspapi.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981332-IE8\update\update.exe
+ 2010-04-16 04:17 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981332-IE8\spuninst.exe
+ 2010-04-14 13:25 . 2010-03-10 06:18 420352 c:\windows\$hf_mig$\KB981332-IE8\SP3QFE\vbscript.dll
+ 2010-04-16 04:19 . 2009-05-26 09:01 382840 c:\windows\$hf_mig$\KB980232\update\updspapi.dll
+ 2010-04-16 04:19 . 2009-05-26 09:01 755576 c:\windows\$hf_mig$\KB980232\update\update.exe
+ 2010-04-16 04:19 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB980232\spuninst.exe
+ 2010-04-14 13:26 . 2010-02-24 11:57 457216 c:\windows\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys
+ 2010-03-31 16:41 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980182-IE8\update\updspapi.dll
+ 2010-03-31 16:41 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980182-IE8\update\update.exe
+ 2010-03-31 16:41 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB980182-IE8\spuninst.exe
+ 2010-03-31 13:32 . 2010-02-25 06:19 919040 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 206848 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\occache.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 611840 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mstime.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 594432 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\msfeeds.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 247808 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\ieproxy.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 184320 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\iepeers.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 387584 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\iedkcs32.dll
+ 2010-03-31 13:32 . 2010-02-24 09:34 173056 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\ie4uinit.exe
+ 2010-04-16 04:19 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979683\update\updspapi.dll
+ 2010-04-16 04:19 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979683\update\update.exe
+ 2010-04-16 04:19 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB979683\spuninst.exe
+ 2010-04-16 04:17 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979309\update\updspapi.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979309\update\update.exe
+ 2010-04-16 04:17 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB979309\spuninst.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB978706\update\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB978706\update\update.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB978706\spuninst.exe
+ 2009-12-16 17:27 . 2009-12-16 17:27 343040 c:\windows\$hf_mig$\KB978706\SP3QFE\mspaint.exe
+ 2010-04-16 04:17 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978601\update\updspapi.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978601\update\update.exe
+ 2010-04-16 04:17 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB978601\spuninst.exe
+ 2009-12-24 06:42 . 2009-12-24 06:42 178176 c:\windows\$hf_mig$\KB978601\SP3QFE\wintrust.dll
+ 2010-05-17 05:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-05-17 05:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-05-17 05:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-01-29 14:53 . 2010-01-29 14:53 691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
+ 2010-01-27 20:59 . 2008-07-08 12:02 382840 c:\windows\$hf_mig$\KB978506-IE8\update\updspapi.dll
+ 2010-01-27 20:59 . 2008-07-08 12:02 755576 c:\windows\$hf_mig$\KB978506-IE8\update\update.exe
+ 2010-01-27 20:59 . 2008-07-08 12:02 231288 c:\windows\$hf_mig$\KB978506-IE8\spuninst.exe
+ 2010-04-16 04:18 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978338\update\updspapi.dll
+ 2010-04-16 04:18 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978338\update\update.exe
+ 2010-04-16 04:18 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978338\spuninst.exe
+ 2010-02-11 11:36 . 2010-02-11 11:36 226880 c:\windows\$hf_mig$\KB978338\SP3QFE\tcpip6.sys
+ 2010-02-12 04:27 . 2010-02-12 04:27 100864 c:\windows\$hf_mig$\KB978338\SP3QFE\6to4svc.dll
+ 2010-02-13 04:44 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB978262\update\updspapi.dll
+ 2010-02-13 04:44 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB978262\update\update.exe
+ 2010-02-13 04:44 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB978262\spuninst.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB978251\update\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB978251\update\update.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB978251\spuninst.exe
+ 2010-02-10 14:01 . 2009-12-04 16:25 456832 c:\windows\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys
+ 2010-01-27 20:59 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB978207-IE8\update\updspapi.dll
+ 2010-01-27 20:59 . 2008-07-08 12:02 755576 c:\windows\$hf_mig$\KB978207-IE8\update\update.exe
+ 2010-01-27 20:59 . 2008-07-08 12:02 231288 c:\windows\$hf_mig$\KB978207-IE8\spuninst.exe
+ 2010-01-27 20:59 . 2009-12-21 18:09 916480 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 206848 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\occache.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 594432 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\msfeeds.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 246272 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ieproxy.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 184320 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iepeers.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 387584 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iedkcs32.dll
+ 2010-01-27 20:59 . 2009-12-21 12:22 173056 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ie4uinit.exe
+ 2010-01-22 05:17 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB978207-IE7\update\updspapi.dll
+ 2010-01-22 05:17 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB978207-IE7\update\update.exe
+ 2010-01-22 05:17 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB978207-IE7\spuninst.exe
+ 2010-01-05 08:57 . 2010-01-05 08:57 841216 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 233472 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\webcheck.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 105984 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\url.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 102912 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\occache.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 671232 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mstime.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 193024 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msrating.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 477696 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtmled.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 459264 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msfeeds.dll
+ 2009-12-18 06:00 . 2009-12-18 06:00 634632 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
+ 2010-01-05 08:57 . 2010-01-05 08:57 268288 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iertutil.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 193024 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iepeers.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 388608 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iedkcs32.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 380928 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieapfltr.dll
+ 2009-12-18 05:58 . 2009-12-18 05:58 161792 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieakui.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 230400 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieaksie.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 153088 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieakeng.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 132608 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\extmgr.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 214528 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\dxtrans.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 347136 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\dxtmsft.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 124928 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\advpack.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB978037\update\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB978037\update\update.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB978037\spuninst.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB977914\update\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB977914\update\update.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB977914\spuninst.exe
+ 2010-04-16 04:17 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB977816\update\updspapi.dll
+ 2010-04-16 04:17 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB977816\update\update.exe
+ 2010-04-16 04:17 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB977816\spuninst.exe
+ 2010-02-13 04:42 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB977165\update\updspapi.dll
+ 2010-02-13 04:42 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB977165\update\update.exe
+ 2010-02-13 04:42 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB977165\spuninst.exe
+ 2009-11-05 03:21 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB976749-IE7\update\updspapi.dll
+ 2009-11-05 03:21 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB976749-IE7\update\update.exe
+ 2009-11-05 03:21 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB976749-IE7\spuninst.exe
+ 2010-02-26 03:08 . 2008-07-08 12:02 382840 c:\windows\$hf_mig$\KB976662-IE8\update\updspapi.dll
+ 2010-02-26 03:08 . 2008-07-08 12:02 755576 c:\windows\$hf_mig$\KB976662-IE8\update\update.exe
+ 2010-02-26 03:08 . 2008-07-08 12:02 231288 c:\windows\$hf_mig$\KB976662-IE8\spuninst.exe
+ 2010-02-24 13:52 . 2009-12-09 04:51 726528 c:\windows\$hf_mig$\KB976662-IE8\SP3QFE\jscript.dll
+ 2010-01-27 20:59 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB976325-IE8\update\updspapi.dll
+ 2010-01-27 20:59 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB976325-IE8\update\update.exe
+ 2010-01-27 20:59 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB976325-IE8\spuninst.exe
+ 2010-01-27 20:59 . 2009-10-29 06:45 916480 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 206848 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\occache.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 594432 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\msfeeds.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 246272 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\ieproxy.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 184320 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\iepeers.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 387584 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\iedkcs32.dll
+ 2010-01-27 20:59 . 2009-10-28 13:10 173056 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\ie4uinit.exe
+ 2009-12-10 04:04 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB976325-IE7\update\updspapi.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB976325-IE7\update\update.exe
+ 2009-12-10 04:04 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB976325-IE7\spuninst.exe
+ 2009-10-29 06:45 . 2009-10-29 06:45 841216 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 233472 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\webcheck.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 105984 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\url.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 102912 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\occache.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 671232 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mstime.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 193024 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\msrating.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 477696 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtmled.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 459264 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\msfeeds.dll
+ 2009-10-28 05:54 . 2009-10-28 05:54 634632 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iexplore.exe
+ 2009-10-29 06:45 . 2009-10-29 06:45 268288 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iertutil.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 388608 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iedkcs32.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 380928 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieapfltr.dll
+ 2009-10-28 05:52 . 2009-10-28 05:52 161792 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieakui.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 230400 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieaksie.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 153088 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieakeng.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 132608 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\extmgr.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 214528 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\dxtrans.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 347136 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\dxtmsft.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 124928 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\advpack.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB975713\update\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB975713\update\update.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB975713\spuninst.exe
+ 2009-12-08 08:01 . 2009-12-08 08:01 474112 c:\windows\$hf_mig$\KB975713\SP3QFE\shlwapi.dll
+ 2010-03-12 04:03 . 2009-05-26 22:10 382840 c:\windows\$hf_mig$\KB975561\update\updspapi.dll
+ 2010-03-12 04:03 . 2008-07-08 12:02 755576 c:\windows\$hf_mig$\KB975561\update\update.exe
+ 2010-03-12 04:03 . 2008-07-08 12:02 231288 c:\windows\$hf_mig$\KB975561\spuninst.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
+ 2010-02-13 04:43 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB975560\update\update.exe
+ 2010-02-13 04:43 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB975560\spuninst.exe
+ 2009-12-10 04:03 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB974392\update\updspapi.dll
+ 2009-12-10 04:03 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB974392\update\update.exe
+ 2009-12-10 04:03 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB974392\spuninst.exe
+ 2009-10-13 09:38 . 2009-10-13 09:38 270336 c:\windows\$hf_mig$\KB974392\SP3QFE\oakley.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB974318\update\updspapi.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB974318\update\update.exe
+ 2009-12-10 04:04 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB974318\spuninst.exe
+ 2009-10-12 12:28 . 2009-10-12 12:28 150016 c:\windows\$hf_mig$\KB974318\SP3QFE\rastls.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB973904\update\updspapi.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB973904\update\update.exe
+ 2009-12-10 04:04 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB973904\spuninst.exe
+ 2009-12-09 13:20 . 2009-07-29 13:01 119648 c:\windows\$hf_mig$\KB973904\SP3QFE\msconv97.dll
+ 2009-11-25 03:48 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB973687\update\updspapi.dll
+ 2009-11-25 03:48 . 2008-07-08 12:02 755576 c:\windows\$hf_mig$\KB973687\update\update.exe
+ 2009-11-25 03:48 . 2008-07-08 12:02 231288 c:\windows\$hf_mig$\KB973687\spuninst.exe
+ 2010-01-14 04:49 . 2008-07-08 12:02 382840 c:\windows\$hf_mig$\KB972270\update\updspapi.dll
+ 2010-01-14 04:49 . 2008-07-08 12:02 755576 c:\windows\$hf_mig$\KB972270\update\update.exe
+ 2010-01-14 04:49 . 2008-07-08 12:02 231288 c:\windows\$hf_mig$\KB972270\spuninst.exe
+ 2010-01-13 14:17 . 2009-10-15 15:39 119808 c:\windows\$hf_mig$\KB972270\SP3QFE\t2embed.dll
+ 2010-01-29 04:13 . 2008-07-08 12:02 382840 c:\windows\$hf_mig$\KB971961-IE8\update\updspapi.dll
+ 2010-01-29 04:13 . 2008-07-08 12:02 755576 c:\windows\$hf_mig$\KB971961-IE8\update\update.exe
+ 2010-01-29 04:13 . 2008-07-08 12:02 231288 c:\windows\$hf_mig$\KB971961-IE8\spuninst.exe
+ 2010-01-28 13:38 . 2009-06-22 05:47 726528 c:\windows\$hf_mig$\KB971961-IE8\SP3QFE\jscript.dll
+ 2009-12-10 04:03 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB971737\update\updspapi.dll
+ 2009-12-10 04:03 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB971737\update\update.exe
+ 2009-12-10 04:03 . 2008-07-08 12:02 231288 c:\windows\$hf_mig$\KB971737\spuninst.exe
+ 2009-08-25 08:27 . 2009-08-25 08:27 354816 c:\windows\$hf_mig$\KB971737\SP3QFE\winhttp.dll
+ 2010-02-13 04:44 . 2008-07-08 12:02 382840 c:\windows\$hf_mig$\KB971468\update\updspapi.dll
+ 2010-02-13 04:44 . 2008-07-08 12:02 755576 c:\windows\$hf_mig$\KB971468\update\update.exe
+ 2010-02-13 04:44 . 2008-07-08 12:02 231288 c:\windows\$hf_mig$\KB971468\spuninst.exe
+ 2010-02-10 14:02 . 2010-01-01 06:58 353792 c:\windows\$hf_mig$\KB971468\SP3QFE\srv.sys
+ 2009-12-10 04:04 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB970430\update\updspapi.dll
+ 2009-12-10 04:04 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB970430\update\update.exe
+ 2009-12-10 04:04 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB970430\spuninst.exe
+ 2009-10-20 14:21 . 2009-10-20 14:21 265728 c:\windows\$hf_mig$\KB970430\SP3QFE\http.sys
+ 2009-11-11 04:01 . 2009-05-26 10:40 382840 c:\windows\$hf_mig$\KB969947\update\updspapi.dll
+ 2009-11-11 04:01 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB969947\update\update.exe
+ 2009-11-11 04:01 . 2008-07-08 12:02 231288 c:\windows\$hf_mig$\KB969947\spuninst.exe
+ 2010-01-14 04:49 . 2009-05-26 22:10 382840 c:\windows\$hf_mig$\KB955759\update\updspapi.dll
+ 2010-01-14 04:49 . 2009-05-26 10:40 755576 c:\windows\$hf_mig$\KB955759\update\update.exe
+ 2010-01-14 04:49 . 2009-05-26 10:40 231288 c:\windows\$hf_mig$\KB955759\spuninst.exe
+ 2010-01-13 14:17 . 2009-11-21 14:41 471552 c:\windows\$hf_mig$\KB955759\SP3QFE\aclayers.dll
+ 2009-07-21 05:03 . 2009-07-21 05:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2009-11-14 14:29 . 2009-11-14 14:29 1233920 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
+ 2010-03-04 17:58 . 2010-03-04 17:58 1184984 c:\windows\system32\wvc1dmod.dll
+ 2010-02-06 16:06 . 2008-02-15 18:12 5854752 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igxpmp32.sys
+ 2010-02-06 16:06 . 2008-02-15 18:12 2643968 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igxpdx32.dll
+ 2010-02-06 16:06 . 2008-02-15 18:12 1670144 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igxpdv32.dll
+ 2010-02-06 16:06 . 2008-02-15 18:00 2334720 c:\windows\system32\ReinstallBackups\0018\DriverFiles\iglicd32.dll
+ 2010-02-06 16:06 . 2008-02-15 17:45 3293184 c:\windows\system32\ReinstallBackups\0018\DriverFiles\igfxress.dll
+ 2010-02-06 16:06 . 2008-02-15 18:12 5854752 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igxpmp32.sys
+ 2010-02-06 16:06 . 2008-02-15 18:12 2643968 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igxpdx32.dll
+ 2010-02-06 16:06 . 2008-02-15 18:12 1670144 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igxpdv32.dll
+ 2010-02-06 16:06 . 2008-02-15 18:01 2334720 c:\windows\system32\ReinstallBackups\0017\DriverFiles\iglicd32.dll
+ 2010-02-06 16:06 . 2008-02-15 17:45 3293184 c:\windows\system32\ReinstallBackups\0017\DriverFiles\igfxress.dll
+ 2009-03-23 01:19 . 2009-07-31 15:05 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-21 05:05 . 2009-07-21 05:05 1348432 c:\windows\system32\msxml4.dll
+ 2009-10-28 02:40 . 2009-10-28 02:40 3885984 c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2009-03-23 01:29 . 2008-02-15 18:01 2334720 c:\windows\system32\iglicd32.dll
+ 2009-03-23 01:29 . 2008-02-15 18:00 2334720 c:\windows\system32\iglicd32.dll
+ 2010-04-27 21:15 . 2010-04-16 13:33 3003680 c:\windows\system32\DRVSTORE\usbaapl_E0F497D6C8B1C59AEB6422181BF0AFABD8356D47\usbaaplrc.dll
+ 2009-03-23 01:29 . 2008-02-15 18:12 5854752 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxpmp32.sys
- 2009-03-23 01:29 . 2008-02-15 18:12 5854752 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxpmp32.sys
- 2009-03-23 01:29 . 2008-02-15 18:12 2643968 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxpdx32.dll
+ 2009-03-23 01:29 . 2008-02-15 18:12 2643968 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxpdx32.dll
- 2009-03-23 01:29 . 2008-02-15 18:12 1670144 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxpdv32.dll
+ 2009-03-23 01:29 . 2008-02-15 18:12 1670144 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igxpdv32.dll
- 2009-03-23 01:29 . 2008-02-15 18:01 2334720 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\iglicd32.dll
+ 2009-03-23 01:29 . 2008-02-15 18:00 2334720 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\iglicd32.dll
- 2009-03-23 01:29 . 2008-02-15 18:11 1399880 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igklg450.dll
+ 2009-03-23 01:29 . 2008-02-15 18:11 1399880 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igklg450.dll
+ 2009-03-23 01:29 . 2008-02-15 18:11 1843784 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igklg400.dll
- 2009-03-23 01:29 . 2008-02-15 18:11 1843784 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igklg400.dll
+ 2009-03-23 01:29 . 2008-02-15 17:45 3293184 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxress.dll
- 2009-03-23 01:29 . 2008-02-15 17:45 3293184 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\igfxress.dll
+ 2009-03-23 01:29 . 2008-02-15 17:54 2412544 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\ig4icd32.dll
- 2009-03-23 01:29 . 2008-02-15 17:54 2412544 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\ig4icd32.dll
+ 2009-03-23 01:29 . 2008-02-15 17:54 1589248 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\ig4dev32.dll
- 2009-03-23 01:29 . 2008-02-15 17:54 1589248 c:\windows\system32\DRVSTORE\igxp32_28D4AE6A4B66DD890D24C65EE34E5B62AB7E0BB9\ig4dev32.dll
+ 2009-03-23 01:29 . 2008-02-15 18:12 5854752 c:\windows\system32\drivers\igxpmp32.sys
- 2009-03-23 01:29 . 2008-02-15 18:12 5854752 c:\windows\system32\drivers\igxpmp32.sys
+ 2009-04-17 12:26 . 2010-05-02 06:22 1851264 c:\windows\system32\dllcache\win32k.sys
+ 2009-06-03 19:09 . 2010-02-05 19:27 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2009-08-26 01:24 . 2010-02-17 14:10 2189952 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-08-26 01:24 . 2010-02-16 13:25 2024448 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-08-26 01:24 . 2010-02-16 14:08 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-03-23 01:19 . 2009-07-31 15:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2009-08-26 01:21 . 2009-07-31 03:35 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2009-08-26 01:23 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2009-08-26 01:23 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2010-03-10 13:58 . 2009-10-23 14:28 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2009-06-29 16:12 . 2010-05-06 11:41 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-06-29 08:33 . 2009-02-07 02:07 3698584 c:\windows\system32\dllcache\ieapfltr.dat
+ 2009-11-07 06:06 . 2009-11-07 06:06 1130824 c:\windows\system32\dfshim.dll
+ 2010-04-08 04:48 . 2010-04-08 04:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-11-25 09:59 . 2008-11-25 09:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 10:32 . 2010-03-23 10:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 10:32 . 2010-03-23 10:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2009-11-11 00:39 . 2009-11-11 00:39 1652736 c:\windows\Installer\882b8.msi
+ 2009-11-11 00:39 . 2009-11-11 00:39 1652736 c:\windows\Installer\882b2.msi
+ 2009-11-11 00:39 . 2009-11-11 00:39 1652736 c:\windows\Installer\882ac.msi
+ 2009-11-11 00:38 . 2009-11-11 00:38 1640960 c:\windows\Installer\88285.msi
+ 2009-11-11 00:38 . 2009-11-11 00:38 2022912 c:\windows\Installer\8827f.msi
+ 2009-11-11 00:38 . 2009-11-11 00:38 1713152 c:\windows\Installer\88279.msi
+ 2009-11-11 00:37 . 2009-11-11 00:37 2397184 c:\windows\Installer\8826d.msi
+ 2009-11-09 05:25 . 2009-11-09 05:25 1935360 c:\windows\Installer\1f210ca2.msp
+ 2010-04-27 21:21 . 2010-04-27 21:21 4795392 c:\windows\Installer\1e2a204.msi
+ 2010-04-27 21:18 . 2010-04-27 21:18 9472000 c:\windows\Installer\1e29a66.msi
+ 2010-04-27 21:15 . 2010-04-27 21:15 3168768 c:\windows\Installer\1e292e5.msi
+ 2010-04-27 21:15 . 2010-04-27 21:15 1984000 c:\windows\Installer\1e292aa.msi
+ 2010-07-07 16:51 . 2010-07-07 16:51 4192256 c:\windows\Installer\1d9186.msi
+ 2010-04-12 03:17 . 2010-04-12 03:17 2607104 c:\windows\Installer\12d19a7d.msp
+ 2010-04-12 03:17 . 2010-04-12 03:17 4210688 c:\windows\Installer\12d19a7c.msp
+ 2009-11-11 00:42 . 2009-11-11 00:42 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-11-11 00:42 . 2009-11-11 00:42 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-06-18 04:19 . 2010-02-25 05:24 1209344 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2010-06-18 04:19 . 2010-02-25 06:24 5944832 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2010-06-18 04:19 . 2010-02-25 05:24 1985536 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 1208832 c:\windows\ie8updates\KB980182-IE8\urlmon.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 5942784 c:\windows\ie8updates\KB980182-IE8\mshtml.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 1985536 c:\windows\ie8updates\KB980182-IE8\iertutil.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 1208832 c:\windows\ie8updates\KB978207-IE8\urlmon.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 5940736 c:\windows\ie8updates\KB978207-IE8\mshtml.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 1985536 c:\windows\ie8updates\KB978207-IE8\iertutil.dll
+ 2010-01-27 20:59 . 2009-03-08 09:34 1206784 c:\windows\ie8updates\KB976325-IE8\urlmon.dll
+ 2010-01-27 20:59 . 2009-03-08 09:41 5937152 c:\windows\ie8updates\KB976325-IE8\mshtml.dll
+ 2010-01-27 20:59 . 2009-03-08 09:32 1985024 c:\windows\ie8updates\KB976325-IE8\iertutil.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 1168384 c:\windows\ie8\urlmon.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 3599360 c:\windows\ie8\mshtml.dll
+ 2010-01-27 20:56 . 2010-01-05 09:00 6067200 c:\windows\ie8\ieframe.dll
+ 2010-01-27 20:56 . 2009-06-29 08:33 2452872 c:\windows\ie8\ieapfltr.dat
+ 2010-01-22 05:17 . 2009-10-29 06:46 1168384 c:\windows\ie7updates\KB978207-IE7\urlmon.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 3598336 c:\windows\ie7updates\KB978207-IE7\mshtml.dll
+ 2010-01-22 05:17 . 2009-10-29 06:46 6067200 c:\windows\ie7updates\KB978207-IE7\ieframe.dll
+ 2009-11-05 03:21 . 2009-08-29 07:36 3598336 c:\windows\ie7updates\KB976749-IE7\mshtml.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 1168384 c:\windows\ie7updates\KB976325-IE7\urlmon.dll
+ 2009-12-10 04:04 . 2009-10-21 03:08 3598336 c:\windows\ie7updates\KB976325-IE7\mshtml.dll
+ 2009-12-10 04:04 . 2009-08-29 07:36 6067200 c:\windows\ie7updates\KB976325-IE7\ieframe.dll
+ 2009-08-26 01:24 . 2010-02-17 14:10 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-08-26 01:24 . 2010-02-16 13:25 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-08-26 01:24 . 2010-02-16 14:08 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-09-18 22:28 . 2009-09-18 22:28 3170072 c:\windows\Downloaded Program Files\EPUWALcontrol.dll
+ 2009-11-24 23:24 . 2009-11-24 23:24 1407488 c:\windows\Downloaded Installations\{EDE9D264-7633-4D24-937C-3EF34A7FA1D8}\HP Driver Diagnostics.msi
+ 2010-03-20 05:05 . 2010-03-20 05:05 1896960 c:\windows\Downloaded Installations\{E23329EE-4ED4-404B-ABF5-A9A79411CD87}\Amazon Unbox Video.msi
+ 2009-08-26 04:06 . 2009-08-26 04:06 5283840 c:\windows\assembly\temp\KX8IS3CMU4\PresentationFramework.dll
+ 2009-08-19 01:46 . 2009-08-19 01:46 4210688 c:\windows\assembly\temp\BPZ9JT2CMV\PresentationCore.dll
+ 2009-08-19 01:46 . 2009-08-19 01:46 1245184 c:\windows\assembly\temp\9MX6FPY7GR\WindowsBase.dll
+ 2010-06-18 04:13 . 2010-06-18 04:13 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\f231461883859922a040002dddfb7b12\WindowsBase.ni.dll
+ 2010-06-26 14:15 . 2010-06-26 14:15 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d63164ac4ed5adabc6a1b0fdf07eee05\WindowsBase.ni.dll
+ 2010-06-26 14:19 . 2010-06-26 14:19 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\d8549ce90b26cdc3071224ab6f020189\UIAutomationClientsideProviders.ni.dll
+ 2010-06-18 13:06 . 2010-06-18 13:06 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\48b66876f72f472db62de48ae4369406\UIAutomationClientsideProviders.ni.dll
+ 2010-06-18 04:10 . 2010-06-18 04:11 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
+ 2010-06-18 04:12 . 2010-06-18 04:12 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
+ 2010-06-18 15:05 . 2010-06-18 15:05 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\016b75f60a18535c8d6b3e5d861ab559\System.WorkflowServices.ni.dll
+ 2010-06-18 15:05 . 2010-06-18 15:05 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6dacae37d337004345518976fb57099e\System.Workflow.Runtime.ni.dll
+ 2010-06-18 15:04 . 2010-06-18 15:04 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c7b832bbc5bb11c6c7f128c801ce90d7\System.Workflow.ComponentModel.ni.dll
+ 2010-06-18 15:04 . 2010-06-18 15:04 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\b9ea6ea910293cd6f13f765775867ebd\System.Workflow.Activities.ni.dll
+ 2010-06-18 04:20 . 2010-06-18 04:20 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8ef8d556899a4a10b7f288a80925489f\System.Web.Services.ni.dll
+ 2010-06-18 15:04 . 2010-06-18 15:04 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\5dfda43f1991ee6ba345d62b2be4801c\System.Web.Mobile.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f08b3b8cdf548e3dfe61f342536175eb\System.Web.Extensions.ni.dll
+ 2010-06-18 13:06 . 2010-06-18 13:06 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2d6a5dbee4506bf643b853e41668afa3\System.Speech.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\169fe0ad9d59982a2a6b89779c09885b\System.ServiceModel.Web.ni.dll
+ 2010-06-18 14:58 . 2010-06-18 14:58 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll
+ 2010-06-26 14:18 . 2010-06-26 14:18 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\af217ef58e5558991f331d482c2bdba6\System.Printing.ni.dll
+ 2010-06-18 04:18 . 2010-06-18 04:18 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\161b423dc4e86e569af019e838d39de5\System.Printing.ni.dll
+ 2010-06-18 14:58 . 2010-06-18 14:58 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\ad4fb86064d7a1ebcb9ee997e7208ac1\System.IdentityModel.ni.dll
+ 2010-06-18 04:15 . 2010-06-18 04:15 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
+ 2010-06-18 04:18 . 2010-06-18 04:18 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7deab2494d53763cd83c567e71e0d8e0\System.DirectoryServices.ni.dll
+ 2010-06-18 04:15 . 2010-06-18 04:15 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\b81efadfee7702624b713c6d86f7e369\System.Deployment.ni.dll
+ 2010-06-18 04:19 . 2010-06-18 04:19 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll
+ 2010-06-18 04:12 . 2010-06-18 04:12 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f71abf392c5ca05a4e46a5d1c4c72856\System.Data.SqlXml.ni.dll
+ 2010-06-18 15:02 . 2010-06-18 15:03 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\5e6311aff5ada83d0f854922fa62faf6\System.Data.Services.ni.dll
+ 2010-06-18 13:05 . 2010-06-18 13:05 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\f249a2dbc8dcb91860d0997c163c73ff\System.Data.OracleClient.ni.dll
+ 2010-06-18 13:06 . 2010-06-18 13:06 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3ba3367d03779ad6e76c5d4cdfe572a\System.Data.Linq.ni.dll
+ 2010-06-18 15:02 . 2010-06-18 15:02 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6abf820d8ec57a0561c3367727d274df\System.Data.Entity.ni.dll
+ 2010-06-18 13:06 . 2010-06-18 13:06 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e98726349766935ec0e9b980f19a046a\System.Core.ni.dll
+ 2010-06-18 04:18 . 2010-06-18 04:18 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\fc373f0a8dbd173c63b6b95551b1c673\ReachFramework.ni.dll
+ 2010-06-26 14:18 . 2010-06-26 14:18 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\57abb757c1f38586390dcc63bf056322\ReachFramework.ni.dll
+ 2010-06-18 04:18 . 2010-06-18 04:18 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\ead93b6a4f0101cb99d09f3e3fc6491c\PresentationUI.ni.dll
+ 2010-06-26 14:18 . 2010-06-26 14:18 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\0095ba60255d4addaf5b8ebee697a027\PresentationUI.ni.dll
+ 2010-06-18 04:11 . 2010-06-18 04:11 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\20ef773b20f6ce721ae60e5c2c2e8f80\PresentationBuildTasks.ni.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\935b855860088a86bb65d37a19f059cc\Microsoft.VisualBasic.ni.dll
+ 2010-06-18 14:59 . 2010-06-18 14:59 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\7a266de493d30eed21cb60ebe300be53\Microsoft.Transactions.Bridge.ni.dll
+ 2010-06-18 15:03 . 2010-06-18 15:03 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\9db8f9f7fe63ca4451bb5316a3ebb009\Microsoft.JScript.ni.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\c96be82d6cb00367db4e3553272165ef\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3815de5b052187b5d9375681a6784255\Microsoft.Build.Tasks.ni.dll
+ 2010-06-18 15:00 . 2010-06-18 15:00 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\43fc6723d08e9ce88701c29653efd224\Microsoft.Build.Engine.ni.dll
+ 2010-06-26 14:14 . 2010-06-26 14:14 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-06-26 14:10 . 2010-06-26 14:10 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-06-26 14:10 . 2010-06-26 14:10 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-06-18 04:11 . 2010-06-18 04:11 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-06-26 14:14 . 2010-06-26 14:14 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-06-26 14:09 . 2010-06-26 14:10 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-08-19 01:46 . 2009-08-19 01:46 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-06-26 14:14 . 2010-06-26 14:14 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-06-26 14:09 . 2010-06-26 14:09 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-10-17 05:07 . 2009-10-17 05:07 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-04-07 14:52 . 2010-04-07 14:52 1276720 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 8007680 c:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2010-04-16 04:19 . 2009-12-08 18:26 2145280 c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
+ 2010-04-16 04:19 . 2009-12-08 17:43 2023936 c:\windows\$NtUninstallKB979683$\ntkrpamp.exe
+ 2010-04-16 04:19 . 2009-12-08 17:43 2023936 c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
+ 2010-04-16 04:19 . 2009-12-08 18:26 2145280 c:\windows\$NtUninstallKB979683$\ntkrnlmp.exe
+ 2010-05-17 05:03 . 2009-07-10 13:27 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-02-13 04:42 . 2009-08-04 15:13 2145280 c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
+ 2010-02-13 04:42 . 2009-08-04 14:20 2023936 c:\windows\$NtUninstallKB977165$\ntkrpamp.exe
+ 2010-02-13 04:42 . 2009-08-04 14:20 2023936 c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
+ 2010-02-13 04:42 . 2009-08-04 15:13 2145280 c:\windows\$NtUninstallKB977165$\ntkrnlmp.exe
+ 2010-03-12 04:03 . 2008-04-14 10:42 3558912 c:\windows\$NtUninstallKB975561$\moviemk.exe
+ 2010-02-13 04:43 . 2009-06-03 19:09 1291264 c:\windows\$NtUninstallKB975560$\quartz.dll
+ 2009-11-25 03:48 . 2008-09-10 01:14 1307648 c:\windows\$NtUninstallKB973687$\msxml6.dll
+ 2009-11-25 03:48 . 2008-09-04 17:15 1106944 c:\windows\$NtUninstallKB973687$\msxml3.dll
+ 2009-11-11 04:01 . 2009-04-17 12:26 1847168 c:\windows\$NtUninstallKB969947$\win32k.sys
+ 2010-03-31 13:32 . 2010-02-25 06:19 1209856 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\urlmon.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 5946880 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 1986048 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\iertutil.dll
+ 2010-04-14 13:26 . 2010-02-16 12:52 2190080 c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
+ 2010-04-14 13:26 . 2010-02-16 12:12 2024448 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrpamp.exe
+ 2010-04-14 13:26 . 2010-02-16 12:12 2066944 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
+ 2010-04-14 13:26 . 2010-02-16 12:50 2146304 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlmp.exe
+ 2010-01-29 14:53 . 2010-01-29 14:53 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 1209344 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\urlmon.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 5945856 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
+ 2010-01-27 20:59 . 2009-12-21 18:09 1986048 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iertutil.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 1170944 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\urlmon.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 3602944 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
+ 2010-01-05 08:57 . 2010-01-05 08:57 6071296 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieframe.dll
+ 2010-01-21 18:38 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieapfltr.dat
+ 2009-12-09 04:52 . 2009-12-09 04:52 2189312 c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
+ 2010-02-10 14:01 . 2009-12-08 16:40 2023936 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrpamp.exe
+ 2009-12-09 04:10 . 2009-12-09 04:10 2066176 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
+ 2010-02-10 14:01 . 2009-12-08 17:20 2145280 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlmp.exe
+ 2009-10-21 02:59 . 2009-10-21 02:59 3602432 c:\windows\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 1209344 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\urlmon.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 5944320 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 1986048 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\iertutil.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 1170944 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\urlmon.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 3602432 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll
+ 2009-10-29 06:45 . 2009-10-29 06:45 6070784 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieframe.dll
+ 2009-12-09 13:21 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieapfltr.dat
+ 2010-03-10 13:58 . 2009-10-23 13:53 3558912 c:\windows\$hf_mig$\KB975561\SP3QFE\moviemk.exe
+ 2009-11-27 16:23 . 2009-11-27 16:23 1291776 c:\windows\$hf_mig$\KB975560\SP3QFE\quartz.dll
+ 2009-11-24 21:10 . 2009-07-31 03:24 1447424 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml6.dll
+ 2009-11-24 21:10 . 2009-07-31 03:24 1172480 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml3.dll
+ 2009-08-14 11:19 . 2009-08-14 11:19 1859712 c:\windows\$hf_mig$\KB969947\SP3QFE\win32k.sys
+ 2010-01-04 19:13 . 2010-05-28 17:37 32472008 c:\windows\system32\MRT.exe
+ 2009-07-19 13:32 . 2010-05-06 11:41 11076096 c:\windows\system32\dllcache\ieframe.dll
+ 2009-11-11 00:42 . 2009-11-11 00:42 12836352 c:\windows\Installer\882c8.msi
+ 2010-03-31 06:23 . 2010-03-31 06:23 15638528 c:\windows\Installer\1f210caf.msp
+ 2010-04-12 03:17 . 2010-04-12 03:17 14599680 c:\windows\Installer\12d19a8c.msp
+ 2010-06-18 04:19 . 2010-02-25 15:54 11070976 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2010-03-31 16:41 . 2009-12-21 18:14 11070464 c:\windows\ie8updates\KB980182-IE8\ieframe.dll
+ 2010-01-27 20:59 . 2009-10-29 06:45 11069952 c:\windows\ie8updates\KB978207-IE8\ieframe.dll
+ 2010-01-27 20:59 . 2009-03-08 09:39 11063808 c:\windows\ie8updates\KB976325-IE8\ieframe.dll
+ 2010-06-18 04:16 . 2010-06-18 04:16 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
+ 2010-06-18 04:20 . 2010-06-18 04:20 11797504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
+ 2010-06-18 14:59 . 2010-06-18 14:59 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll
+ 2010-06-18 13:04 . 2010-06-18 13:04 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f352c5cb50bee105e4c873ca050f9f46\System.Design.ni.dll
+ 2010-06-18 04:18 . 2010-06-18 04:18 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ca898d942e4d85af4c3d5f14a77c359a\PresentationFramework.ni.dll
+ 2010-06-26 14:17 . 2010-06-26 14:18 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\560662ada034afb6ec78a152bd9a47b5\PresentationFramework.ni.dll
+ 2010-06-18 04:15 . 2010-06-18 04:15 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ba8f917fd89d7afa8885c2a326379f03\PresentationCore.ni.dll
+ 2010-06-26 14:16 . 2010-06-26 14:16 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f5dff344ac6ac923b5ade8ba1ab9382\PresentationCore.ni.dll
+ 2010-03-31 13:32 . 2010-02-25 06:19 11073024 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\ieframe.dll
+ 2010-01-27 20:59 . 2009-12-22 19:09 11070976 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ieframe.dll
+ 2010-01-27 20:59 . 2009-10-29 18:15 11070464 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-04-17 95536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-17 17508864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-05-23 1146880]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2008-07-09 4456448]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2008-08-28 1283984]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0402000.00C\symds.sys [6/1/2010 3:56 PM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0402000.00C\symefa.sys [6/1/2010 3:56 PM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100619.001\BHDrvx86.sys [6/22/2010 7:13 PM 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0402000.00C\cchpx86.sys [6/1/2010 3:56 PM 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0402000.00C\ironx86.sys [6/1/2010 3:56 PM 116784]
R2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe [6/1/2010 3:55 PM 126392]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor;c:\program files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [3/22/2009 9:06 PM 430080]
R2 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [3/22/2009 9:06 PM 48192]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [3/22/2009 9:33 PM 9472]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/29/2010 12:14 PM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100706.003\IDSXpx86.sys [7/7/2010 8:25 AM 331640]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [3/22/2009 8:33 PM 157696]
S1 {78C8AFFA-6C7E-496A-98E7-B86A98489B2C};{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};c:\windows\system32\drivers\{78C8AFFA-6C7E-496A-98E7-B86A98489B2C}.sys [1/26/2010 5:11 PM 0]
S1 Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};c:\windows\system32\drivers\Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C}.sys [1/26/2010 4:02 PM 0]
S1 Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE};Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE};c:\windows\system32\drivers\Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE}.sys [1/27/2010 4:26 PM 0]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3/22/2009 8:30 PM 1684736]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [3/22/2009 9:05 PM 81192]
.
Contents of the 'Scheduled Tasks' folder

2010-07-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 20:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5577
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Lori\Application Data\Mozilla\Firefox\Profiles\qqj0jybw.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
SafeBoot-610A2265H
SafeBoot-Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C}
SafeBoot-Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE}
SafeBoot-{78C8AFFA-6C7E-496A-98E7-B86A98489B2C}



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-07 21:26
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\4.2.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-325639462-820688131-1402948850-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1640)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-07-07 21:30:16
ComboFix-quarantined-files.txt 2010-07-08 02:30

Pre-Run: 98,462,924,800 bytes free
Post-Run: 98,606,612,480 bytes free

- - End Of File - - A7268C77EA8C21E802FE1FE73AFAFDA5


#6 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:32 AM

Posted 08 July 2010 - 06:16 AM

1. Please open Notepad
  • Click Start , then Run
  • type in notepad in the Run Box then hit ok.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

CODE
Folder::
c:\documents and settings\Lori\Local Settings\Application Data\dmfkodisq

DDS::
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5577



3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.




5. After reboot, (in case it asks to reboot), please post the following report/log into your next reply:
  • Combofix.txt
=============
Update Run Malwarebytes

Please update\run Malwarebytes' Anti-Malware.

Double Click the Malwarebytes Anti-Malware icon to run the application.
  • Click on the update tab then click on Check for updates.
  • If an update is found, it will download and install the latest version.
  • Once the update has loaded, go to the Scanner tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
=====
* Go here to run an online scannner from ESET.
  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Check next options: Remove found threats and Scan unwanted applications.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#7 Lindaneedshelp

Lindaneedshelp
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 08 July 2010 - 10:04 AM

I pasted the CFScript.txt into comboxfix and it started running. It said there was a new version available so I clicked "yes" to using that. Combofix has been on the blue autoscan screen saying that it's scanning for infected files for almost an hour. Do I just let it keep running or is somthing wrong? Many thanks.

#8 Lindaneedshelp

Lindaneedshelp
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 08 July 2010 - 12:12 PM

After 2 hours of Combofix sitting there with the blue screen and not making any progress, I rebooted the computer. I then started from the beginning of your instructions again and reran combofix. Below is the log. "Norton One Click" tried to open a window two times while running it though even though I supposedly have Norton disabled. I closed the Norton window as soon as it appeared.

I then updated/ran Malwarebytes. Below is the log.

I then tried to run eset. When it tried to download the virus definitions, I received the error message "unexpected error 2002". I tried to run it twice and received the same error message.



ComboFix 10-07-07.02 - Lori 07/08/2010 11:31:00.4.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1581 [GMT -5:00]
Running from: c:\documents and settings\Lori\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Lori\Desktop\cfscript.txt
AV: Norton Security Suite *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Lori\Local Settings\Application Data\dmfkodisq

.
((((((((((((((((((((((((( Files Created from 2010-06-08 to 2010-07-08 )))))))))))))))))))))))))))))))
.

2010-07-08 16:32 . 2010-07-08 16:32 -------- d-----w- c:\documents and settings\Lori\Application Data\Tific
2010-07-08 16:32 . 2010-07-08 16:32 -------- d-----w- c:\documents and settings\Lori\Local Settings\Application Data\Symantec
2010-07-08 03:01 . 2010-07-08 03:01 52432 ----a-w- c:\windows\system32\drivers\klmd.sys
2010-07-06 13:51 . 2010-07-06 13:51 -------- d-----w- C:\FOUND.003
2010-07-05 17:25 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-05 17:25 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-05 14:14 . 2010-07-05 14:14 -------- d-----w- c:\temp\listdlls
2010-07-04 14:32 . 2010-07-04 14:32 -------- d-----w- C:\FOUND.002
2010-07-01 19:43 . 2010-07-01 19:43 -------- d-----w- C:\FOUND.001
2010-06-14 13:21 . 2010-05-06 11:41 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-29 16:25 . 2010-05-29 16:25 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-05-29 16:25 . 2010-05-29 16:25 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-05-29 16:25 . 2010-05-29 16:25 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-05-29 16:25 . 2010-05-29 16:25 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-05-29 16:25 . 2010-05-29 16:25 -------- d-----w- c:\program files\Symantec
2010-05-29 16:24 . 2010-05-29 16:24 -------- d-----w- c:\program files\Windows Sidebar
2010-05-29 16:24 . 2010-05-29 16:24 -------- d-----w- c:\program files\Norton Security Suite
2010-05-29 16:24 . 2010-05-29 16:24 -------- d-----w- c:\program files\NortonInstaller
2010-05-29 16:24 . 2010-05-29 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-05-29 16:15 . 2010-05-29 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-05-29 14:53 . 2010-05-29 14:53 -------- d-----w- c:\program files\Windows Live Safety Center
2010-05-27 23:01 . 2010-05-27 23:01 348160 ----a-w- c:\documents and settings\Lori\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-6e8fccae-n\msvcr71.dll
2010-05-27 23:01 . 2010-05-27 23:01 503808 ----a-w- c:\documents and settings\Lori\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-6e8fccae-n\msvcp71.dll
2010-05-27 23:01 . 2010-05-27 23:01 499712 ----a-w- c:\documents and settings\Lori\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-6e8fccae-n\jmc.dll
2010-05-22 21:26 . 2009-08-18 03:57 21952 ----a-w- c:\documents and settings\Lori\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-06 11:41 . 2004-08-04 17:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-06 04:02 . 2010-06-01 20:56 361904 ----a-w- c:\windows\system32\drivers\symtdi.sys
2010-05-02 06:22 . 2004-08-05 00:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 05:03 . 2010-06-01 20:56 116784 ----a-w- c:\windows\system32\drivers\ironx86.sys
2010-04-27 21:07 . 2010-04-27 21:07 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.1.11\SetupAdmin.exe
2010-04-22 03:02 . 2010-06-01 20:56 173104 ----a-w- c:\windows\system32\drivers\symefa.sys
2010-04-22 02:29 . 2010-06-01 20:56 43696 ----a-w- c:\windows\system32\drivers\srtspx.sys
2010-04-20 06:30 . 2004-08-04 17:00 285696 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-04-17 95536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-17 17508864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-05-23 1146880]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2008-07-09 4456448]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2008-08-28 1283984]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe [6/1/2010 3:55 PM 126392]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor;c:\program files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [3/22/2009 9:06 PM 430080]
R2 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [3/22/2009 9:06 PM 48192]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [3/22/2009 9:33 PM 9472]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/29/2010 12:14 PM 102448]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [3/22/2009 8:33 PM 157696]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0402000.00C\SYMDS.SYS --> c:\windows\system32\drivers\N360\0402000.00C\SYMDS.SYS [?]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0402000.00C\SYMEFA.SYS --> c:\windows\system32\drivers\N360\0402000.00C\SYMEFA.SYS [?]
S1 {78C8AFFA-6C7E-496A-98E7-B86A98489B2C};{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};c:\windows\system32\drivers\{78C8AFFA-6C7E-496A-98E7-B86A98489B2C}.sys [1/26/2010 5:11 PM 0]
S1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100619.001\BHDrvx86.sys [6/22/2010 7:13 PM 691248]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0402000.00C\ccHPx86.sys --> c:\windows\system32\drivers\N360\0402000.00C\ccHPx86.sys [?]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0402000.00C\Ironx86.SYS --> c:\windows\system32\drivers\N360\0402000.00C\Ironx86.SYS [?]
S1 Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};c:\windows\system32\drivers\Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C}.sys [1/26/2010 4:02 PM 0]
S1 Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE};Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE};c:\windows\system32\drivers\Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE}.sys [1/27/2010 4:26 PM 0]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3/22/2009 8:30 PM 1684736]
S3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100706.003\IDSXpx86.sys [7/7/2010 8:25 AM 331640]
S3 klmd23;klmd23;c:\windows\system32\drivers\klmd.sys [7/7/2010 10:01 PM 52432]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [3/22/2009 9:05 PM 81192]
.
Contents of the 'Scheduled Tasks' folder

2010-07-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 20:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Lori\Application Data\Mozilla\Firefox\Profiles\qqj0jybw.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-klmd23.sys



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-08 11:36
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\4.2.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-325639462-820688131-1402948850-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3528)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-07-08 11:39:07
ComboFix-quarantined-files.txt 2010-07-08 16:39
ComboFix2.txt 2010-07-08 02:30

Pre-Run: 98,591,113,216 bytes free
Post-Run: 98,583,019,520 bytes free

- - End Of File - - EBB8416D3A6C9351893681FEA97B8C94



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4292

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/8/2010 11:45:47 AM
mbam-log-2010-07-08 (11-45-47).txt

Scan type: Quick scan
Objects scanned: 120034
Time elapsed: 5 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




#9 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:32 AM

Posted 09 July 2010 - 07:01 AM

Ok please try this one:
Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#10 Lindaneedshelp

Lindaneedshelp
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 09 July 2010 - 11:42 AM

Good morning Kahdah!

I ran Kaspersky and below is the log.

Also, a few related questions if you don't mind. Apologies in advance for any ignorant questions. I'm fairly computer illiterate.
-I had to turn off allowing proxy servers to get access to the internet when I started the debug process. I don't know what the original setting was (or should be). Do I want to keep this setting or have IE and Firefox automatically detect it? This is the only computer on my wireless network.

-I disabled Norton to run the various requested programs. When I tried to enable it, I received a bunch of error messages from Norton. Should I uninstall/reinstall the program?

-This is jumping ahead a bit but once my computer is clean, I want to avoid these issues in the future. Should I run live protection through Norton as well as Malwarebytes or is there some other program or combination of programs that you can suggest that would maximize my protection?

Thanks again for all your help!

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, July 9, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Friday, July 09, 2010 08:23:39
Records in database: 4243016
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Objects scanned: 45958
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 01:51:41

No threats found. Scanned area is clean.

Selected area has been scanned.


#11 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:32 AM

Posted 10 July 2010 - 08:09 AM

QUOTE
I had to turn off allowing proxy servers to get access to the internet when I started the debug process. I don't know what the original setting was (or should be). Do I want to keep this setting or have IE and Firefox automatically detect it? This is the only computer on my wireless network.

No this is something set by the malware it should be off,unless you use a proxy to connect.
QUOTE
I disabled Norton to run the various requested programs. When I tried to enable it, I received a bunch of error messages from Norton. Should I uninstall/reinstall the program?
Strange but yes reinstalling it will fix this issue.
QUOTE
This is jumping ahead a bit but once my computer is clean, I want to avoid these issues in the future. Should I run live protection through Norton as well as Malwarebytes or is there some other program or combination of programs that you can suggest that would maximize my protection?
Unfortunately there will never be a way to fully 100% stay away from getting infected.
Adding layers of protection will help and most times this will be enough but in todays malware fight there are so many new infections comiing out they are almost unstoppable.
Removing them is sometimes tricky and can damage software and windows internally patching files,etc...
QUOTE
Thanks again for all your help!
You are welcome smile.gif

How are things running?

Also please run DDS again and post it's DDS.txt that pops up.
Let me know of any remaining issues.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#12 Lindaneedshelp

Lindaneedshelp
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 10 July 2010 - 08:24 AM

Thanks for answering my questions. The computer is running fine but then again, I never noticed that anything was wrong when I was completely infected with a bunch of viruses.

Here's the latest DDS log:


DDS (Ver_10-03-17.01) - FAT32x86
Run by Lori at 8:17:23.14 on Sat 07/10/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1507 [GMT -5:00]

AV: Norton Security Suite *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Lori\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://yahoo.com/
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\4.2.0.12\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\4.2.0.12\IPSBHO.DLL
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\4.2.0.12\coIEPlg.dll
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256520248531
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\lori\applic~1\mozilla\firefox\profiles\qqj0jybw.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\4.2.0.12\ccsvchst.exe [2010-6-1 126392]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor;c:\program files\lenovo\onekey app\system repair\UpdateMonitor.exe [2009-3-22 430080]
R2 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2009-3-22 48192]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2009-3-22 9472]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-29 102448]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [2009-3-22 157696]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0402000.00c\symds.sys --> c:\windows\system32\drivers\n360\0402000.00c\SYMDS.SYS [?]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0402000.00c\symefa.sys --> c:\windows\system32\drivers\n360\0402000.00c\SYMEFA.SYS [?]
S1 {78C8AFFA-6C7E-496A-98E7-B86A98489B2C};{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};c:\windows\system32\drivers\{78C8AFFA-6C7E-496A-98E7-B86A98489B2C}.sys [2010-1-26 0]
S1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20100619.001\BHDrvx86.sys [2010-6-22 691248]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0402000.00c\cchpx86.sys --> c:\windows\system32\drivers\n360\0402000.00c\ccHPx86.sys [?]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0402000.00c\ironx86.sys --> c:\windows\system32\drivers\n360\0402000.00c\Ironx86.SYS [?]
S1 Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C};c:\windows\system32\drivers\Tcpip_{78C8AFFA-6C7E-496A-98E7-B86A98489B2C}.sys [2010-1-26 0]
S1 Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE};Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE};c:\windows\system32\drivers\Tcpip_{B7882D2B-F0C1-4078-8571-F7E89693EEDE}.sys [2010-1-27 0]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-3-22 1684736]
S3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20100708.004\IDSXpx86.sys [2010-7-8 331640]
S3 klmd23;klmd23;c:\windows\system32\drivers\klmd.sys [2010-7-7 52432]
S3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20100708.033\NAVENG.SYS [2010-7-8 85552]
S3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20100708.033\NAVEX15.SYS [2010-7-8 1347504]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2009-3-22 81192]

=============== Created Last 30 ================

2010-07-09 22:39:36 0 d-sh--w- C:\FOUND.004
2010-07-08 16:51:13 0 d-----w- c:\program files\ESET
2010-07-08 16:32:45 0 d-----w- c:\docume~1\lori\applic~1\Tific
2010-07-08 03:01:23 52432 ----a-w- c:\windows\system32\drivers\klmd.sys
2010-07-06 13:51:12 0 d-----w- C:\FOUND.003
2010-07-05 17:25:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-05 17:25:07 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-05 14:14:36 0 d-----w- c:\temp\listdlls
2010-07-04 14:32:24 0 d-----w- C:\FOUND.002
2010-07-01 19:43:18 0 d-----w- C:\FOUND.001
2010-06-14 13:21:52 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll

==================== Find3M ====================

2010-05-29 16:25:26 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-05-29 16:25:26 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-05-29 16:25:26 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-05-29 16:25:26 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-05-05 14:30:58 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2010-05-02 06:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-05-02 06:22:50 1851264 ------w- c:\windows\system32\dllcache\win32k.sys
2010-04-26 20:58:14 256512 ----a-w- c:\windows\PEV.exe
2010-04-20 06:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-20 06:30:08 285696 ------w- c:\windows\system32\dllcache\atmfd.dll
2009-08-18 03:55:22 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009081720090818\index.dat
2009-03-23 01:48:30 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat

============= FINISH: 8:17:54.68 ===============


#13 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:32 AM

Posted 10 July 2010 - 08:39 AM

Your logs are now clean please do the following to clean up what we used and get up to date with some software.
=======Cleanup=======
  • Click START then RUN
  • Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the Uninstall, it needs to be there.
===============Update Java===============

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java SE Runtime Environment (JRE) and save it to your desktop.
  • Scroll down to where it says "(JRE) then click on it
  • Click the "Download" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u20-windows-i586.exe to install the newest version.
======================Clear out infected System Restore points======================


Then we need to reset your System Restore points.
The link below shows how to do this.
How to Turn On and Turn Off System Restore in Windows XP
http://support.microsoft.com/kb/310405/en-us

If you are using Vista then see this link: http://www.bleepingcomputer.com/tutorials/...143.html#manual

Delete\uninstall anything else that we have used that is leftover.

=====================================
After that your all set.


The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance.

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Prevention article To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes.

If your computer is slow Is a tutorial on what you can do if your computer is slow.

File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent,Limewire etc...
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#14 Lindaneedshelp

Lindaneedshelp
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 10 July 2010 - 09:51 AM

All done. Thank you sooo much for all your help!

#15 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:32 AM

Posted 10 July 2010 - 09:55 AM

You are welcome smile.gif


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. smile.gif

If your the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users