Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

things closing automatically


  • This topic is locked This topic is locked
13 replies to this topic

#1 fscguy

fscguy

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 30 August 2010 - 12:06 PM

things are closing automatically on me. i opened a file in paint and it immediately closed. also something was causing me not to be able to type in firefox. here is my hjs log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:04:21 PM, on 8/30/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\OpenSA\Apache2\bin\Apache.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\OpenSA\Apache2\bin\Apache.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\LVComsX.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\WINDOWS\system32\calc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\jam\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080610
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R320 Series on MAIN] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P43 "Auto EPSON Stylus Photo R320 Series on MAIN" /O13 "\\MAIN\EPSON1" /M "Stylus Photo R320"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\jam\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: check-ip-changed.bat
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all by NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm
O8 - Extra context menu item: Download by NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Extract Flash Video with Bytescout... - {F7DC590B-B6AD-4F7D-A778-7954A6D15B7F} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload\hidownload.exe (HKCU)
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab
O16 - DPF: {7E9522CF-6B95-46D6-8E2F-7638F507313F} (BLS_SpeedOP.systemcheck) - http://www.fastaccess.drivers.bellsouth.ne...bls_speedop.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apache2 - Apache Software Foundation - C:\OpenSA\Apache2\bin\Apache.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DellAMBrokerService - Unknown owner - C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 14917 bytes


BC AdBot (Login to Remove)

 


#2 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:03:28 PM

Posted 05 September 2010 - 03:14 PM

Hello fscguy, My name is Syler and I will be helping you to solve your malware issues. Sorry for the delay
in replying, we are very busy at the moment.

Please note because we are very busy, if I don't hear from you within 5 days the topic will be closed, If you
have since resolved your issues I would appreciate if you would let me no so I can close this topic.


Please download Malwarebytes' Anti-Malware from Here

Note: If you already have Malwarebytes' Anti-Malware, just update then run it.
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan (the scan may take some time to finish, so please be patient).
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and Paste the entire report in your next reply .
Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



Scan With RKUnHooker
  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check all of the boxes. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"




We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
    Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %SYSTEMDRIVE%\*.exe
    netsvcs
    msconfig
    drivers32
    CREATERESTOREPOINT

  5. Push the button.
  6. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized


Then please post back here with the following logs:
  • MBAM log
  • RKUnHooker report
  • OTL.txt
  • Extra.txt

Thanks

unite.jpg


#3 fscguy

fscguy
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 05 September 2010 - 07:29 PM

it doesnt seem like RKUnHooker is working. it seems to freeze during scan.

#4 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:03:28 PM

Posted 06 September 2010 - 06:17 AM

Please go ahead and post the other logs then.

unite.jpg


#5 fscguy

fscguy
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 06 September 2010 - 09:37 AM

otl didnt create an extra log

#6 fscguy

fscguy
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 06 September 2010 - 09:45 AM

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4495

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

9/5/2010 5:36:23 PM
mbam-log-2010-09-05 (17-36-23).txt

Scan type: Full scan (C:\|E:\|)
Objects scanned: 297555
Time elapsed: 1 hour(s), 20 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTL logfile created on: 9/6/2010 10:21:43 AM - Run 3
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\jam\My Documents\fetish
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 53.00% Memory free
5.00 Gb Paging File | 3.00 Gb Available in Paging File | 66.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.25 Gb Total Space | 183.72 Gb Free Space | 39.74% Space Free | Partition Type: NTFS
Drive D: | 2.29 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 111.76 Gb Total Space | 26.14 Gb Free Space | 23.39% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JAMESDELL
Current User Name: jam
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/06 10:20:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jam\My Documents\fetish\OTL.exe
PRC - [2010/08/04 07:09:09 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/08/04 07:09:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/07/21 09:19:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/07/04 10:39:53 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/07/04 10:39:53 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/04 10:39:51 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/04 10:39:50 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/07/04 10:39:39 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/07/04 10:39:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/06/15 14:44:07 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/06/11 16:21:16 | 000,083,440 | ---- | M] (Google) -- C:\Documents and Settings\jam\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2010/06/01 10:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/03/31 06:57:28 | 002,012,912 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/03/17 23:28:24 | 001,230,128 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QuickTimePlayer.exe
PRC - [2010/03/08 17:04:49 | 003,972,440 | ---- | M] (AOL Inc.) -- C:\Program Files\AIM\aim.exe
PRC - [2010/03/01 10:50:02 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/03/01 10:50:01 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/02/18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/10/17 06:59:35 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/31 03:45:14 | 003,399,727 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files\Free Download Manager\fdm.exe
PRC - [2008/06/12 21:29:18 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/17 17:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2007/04/10 17:46:48 | 000,709,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX3000.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
PRC - [2005/07/19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005/06/02 15:54:34 | 000,086,606 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2003/02/10 16:45:22 | 000,020,480 | ---- | M] (Apache Software Foundation) -- C:\OpenSA\Apache2\bin\Apache.exe


========== Modules (SafeList) ==========

MOD - [2010/09/06 10:20:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jam\My Documents\fetish\OTL.exe
MOD - [2008/04/13 20:11:58 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008/04/13 20:11:48 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/07/21 09:19:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/04 10:39:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/01 10:50:01 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Disabled | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/06/09 22:54:48 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2007/10/11 10:49:46 | 000,076,016 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe -- (DellAMBrokerService)
SRV - [2007/05/17 17:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2007/01/25 13:31:34 | 000,093,048 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2005/06/02 15:54:34 | 000,086,606 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2003/02/10 16:45:22 | 000,020,480 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\OpenSA\Apache2\bin\Apache.exe -- (Apache2)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\StudioPro.sys -- (StudioPro)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\jam\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/07/06 22:27:52 | 005,069,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/07/04 10:40:42 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/04 10:40:35 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/07/04 10:40:33 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/21 14:41:10 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/03/21 14:41:10 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/03/21 14:41:09 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/04/26 09:49:51 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008/12/26 18:51:48 | 000,013,824 | ---- | M] (LoteSoft Co.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\splitcam.sys -- (SPLITCAM)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/01 14:38:56 | 004,620,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/08/23 19:29:10 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\datunidr.sys -- (datunidr)
DRV - [2007/07/19 23:10:10 | 000,254,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2007/07/19 19:26:24 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/07/19 13:00:00 | 000,235,616 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM05Vid.sys -- (OEM05Vid)
DRV - [2007/06/07 13:00:02 | 000,141,376 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM05Afx.sys -- (OEM05Afx)
DRV - [2007/04/22 19:27:48 | 000,038,784 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) StudioPro audio (WDM)
DRV - [2007/04/10 17:46:48 | 001,966,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
DRV - [2007/03/05 06:45:04 | 000,007,424 | R--- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM05Vfx.sys -- (OEM05Vfx)
DRV - [2007/01/25 13:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/01/15 18:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys -- (PTproct)
DRV - [2006/06/20 15:00:38 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2006/06/20 15:00:28 | 000,021,312 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2006/06/20 15:00:18 | 000,039,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/27 09:32:52 | 001,317,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005/05/27 09:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/10/06 10:39:14 | 000,283,904 | ---- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\A5AGU.sys -- (A5AGU)
DRV - [2004/10/04 06:28:38 | 000,043,392 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Athfmwdl.sys -- (ATHFMWDL)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/27 11:20:46 | 000,028,205 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2004/03/23 22:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5)
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080610
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080610


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080610
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080610
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



IE - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&cl...amp;ibd=5080610
IE - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: performeroptimum@livejasmin.com:3.1.5.5
FF - prefs.js..extensions.enabledItems: {D591A8AF-267A-4626-AB5E-B37F643B7046}:1.0
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845


FF - HKLM\software\mozilla\Firefox\Extensions\\{5D909F89-B86E-478C-91DE-A55134BFB854}: C:\Documents and Settings\jam\Local Settings\Application Data\{5D909F89-B86E-478C-91DE-A55134BFB854}
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/05 23:40:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/07/21 09:21:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/04 07:09:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/04 07:09:20 | 000,000,000 | ---D | M]

[2009/06/21 13:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jam\Application Data\Mozilla\Extensions
[2009/06/21 13:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jam\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/31 10:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jam\Application Data\Mozilla\Firefox\Profiles\k9j8fmj0.default\extensions
[2009/08/14 07:14:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\jam\Application Data\Mozilla\Firefox\Profiles\k9j8fmj0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/21 16:19:58 | 000,000,000 | ---D | M] (jDownFF) -- C:\Documents and Settings\jam\Application Data\Mozilla\Firefox\Profiles\k9j8fmj0.default\extensions\{a3b24d40-bac4-11dc-95ff-0800200c9a66}
[2009/11/21 16:41:25 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\jam\Application Data\Mozilla\Firefox\Profiles\k9j8fmj0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/11/01 21:25:10 | 000,000,000 | ---D | M] (Sothink SWF Catcher) -- C:\Documents and Settings\jam\Application Data\Mozilla\Firefox\Profiles\k9j8fmj0.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
[2010/08/31 10:43:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/22 18:26:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/01/30 07:11:11 | 000,000,000 | ---D | M] (TabQuery) -- C:\Program Files\Mozilla Firefox\extensions\{D591A8AF-267A-4626-AB5E-B37F643B7046}
[2009/07/01 18:14:43 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\performeroptimum@livejasmin.com
[2008/11/22 18:19:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
[2008/10/14 12:48:28 | 000,062,872 | ---- | M] (WebEx Comminucations, Inc) -- C:\Program Files\Mozilla Firefox\plugins\ateccli.dll
[2008/10/14 12:48:01 | 000,027,976 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcdec.dll
[2008/10/14 12:48:01 | 000,125,848 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcext.dll
[2008/10/14 12:48:28 | 000,098,712 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\ieatgpc.dll
[2008/10/14 12:47:48 | 000,060,824 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll
[2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2007/11/18 15:36:00 | 000,077,824 | ---- | M] (Sobonito Investment LTD) -- C:\Program Files\Mozilla Firefox\plugins\npCID.dll
[2010/06/22 18:26:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2005/12/05 23:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2010/01/17 11:54:15 | 000,002,388 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\tabquery115.xml
[2010/01/30 07:11:11 | 000,002,391 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\tabquery119.xml
[2010/03/03 08:05:39 | 000,002,388 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\tabquery121.xml

O1 HOSTS File: ([2010/07/10 08:43:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (IeCatch5 Class) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\Jccatch.dll (FlashGet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (gFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll ()
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (NetXfer) - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll (Xi)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Auto EPSON Stylus Photo R320 Series on MAIN] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe File not found
O4 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005..\Run: [Eyeball Chat] C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe (Eyeball Networks Inc.)
O4 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\jam\Start Menu\Programs\Startup\check-ip-changed.bat ()
O4 - Startup: C:\Documents and Settings\jam\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\Launcher.exe (Webshots.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download all by NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html ()
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm ()
O8 - Extra context menu item: Download by NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Extract Flash Video with Bytescout... - {F7DC590B-B6AD-4F7D-A778-7954A6D15B7F} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} http://imlive.com/chatsource/ImlCID.cab (imlUCID Class)
O16 - DPF: {7E9522CF-6B95-46D6-8E2F-7638F507313F} http://www.fastaccess.drivers.bellsouth.ne...bls_speedop.cab (BLS_SpeedOP.systemcheck)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/10/17 09:56:50 | 000,000,036 | RH-- | M] () - E:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2002/10/28 13:03:12 | 000,000,000 | RH-D | M] - E:\autorun -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "stllssvr"
MsConfig - Services: "sprtsvc_dellsupportcenter"
MsConfig - Services: "ose"
MsConfig - Services: "odserv"
MsConfig - Services: "gusvc"
MsConfig - Services: "ATI Smart"
MsConfig - Services: "AOL ACS"
MsConfig - Services: "aawservice"
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe File not found
MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: ANIWZCS2Service - hkey= - key= - C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
MsConfig - StartUpReg: AOL Fast Start - hkey= - key= - C:\Program Files\AOL 9.1\AOL.EXE (AOL, LLC.)
MsConfig - StartUpReg: ATICCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: DELL Webcam Manager - hkey= - key= - C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
MsConfig - StartUpReg: DellAutomatedPCTuneUp - hkey= - key= - C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe (Gteko Ltd.)
MsConfig - StartUpReg: DellSupportCenter - hkey= - key= - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
MsConfig - StartUpReg: dscactivate - hkey= - key= - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
MsConfig - StartUpReg: ECenter - hkey= - key= - C:\dell\E-Center\EULALauncher.exe ( )
MsConfig - StartUpReg: HostManager - hkey= - key= - C:\Program Files\Common Files\AOL\1213745417\ee\aolsoftware.exe (AOL LLC)
MsConfig - StartUpReg: LogitechSoftwareUpdate - hkey= - key= - C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
MsConfig - StartUpReg: LogitechVideoRepair - hkey= - key= - C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
MsConfig - StartUpReg: LogitechVideoTray - hkey= - key= - C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
MsConfig - StartUpReg: LVCOMSX - hkey= - key= - File not found
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: OEM05Mon.exe - hkey= - key= - C:\WINDOWS\OEM05Mon.exe (Creative Technology Ltd.)
MsConfig - StartUpReg: PDVDDXSrv - hkey= - key= - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
MsConfig - StartUpReg: PMX Daemon - hkey= - key= - File not found
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Yahoo! Pager - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.MP42 - MPG4C32.dll File not found
Drivers32: vidc.MP43 - MPG4C32.dll File not found
Drivers32: vidc.MPG4 - MPG4C32.dll File not found
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (58560405907177472)

========== Files/Folders - Created Within 30 Days ==========

[2010/09/02 03:00:21 | 000,000,000 | ---D | C] -- C:\67b9d6e898781d99602b8ce392ff1485
[2010/08/25 18:46:45 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\jam\My Documents\ATF-Cleaner.exe
[2010/08/25 18:23:01 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\jam\My Documents\zztoy.exe
[2010/08/24 13:03:26 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010/08/24 13:03:26 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010/08/24 13:03:25 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010/08/24 13:03:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010/08/24 13:03:24 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010/08/24 13:03:24 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010/08/24 13:03:24 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010/08/24 13:03:23 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010/08/24 13:03:23 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010/08/24 13:03:23 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010/08/24 13:03:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010/08/24 13:03:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010/08/24 13:03:21 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010/08/24 13:03:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010/08/24 13:03:20 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010/08/24 13:03:20 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010/08/24 13:03:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010/08/24 13:03:19 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010/08/24 13:03:18 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010/08/24 13:03:18 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010/08/24 13:03:18 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010/08/24 13:03:17 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010/08/24 13:03:17 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010/08/24 13:03:17 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010/08/24 13:03:17 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010/08/24 13:03:16 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010/08/24 13:03:16 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010/08/24 13:03:16 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010/08/24 13:03:15 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010/08/24 13:03:14 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010/08/24 13:03:14 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010/08/24 13:03:14 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010/08/24 13:03:14 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010/08/24 13:03:13 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010/08/24 13:03:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010/08/24 13:03:13 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010/08/24 13:03:12 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010/08/24 13:03:12 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010/08/24 13:03:11 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010/08/24 12:58:54 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\jam\My Documents\dxwebsetup.exe
[2010/08/24 12:49:35 | 030,048,264 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Documents and Settings\jam\My Documents\10-7_xp32_dd.exe
[2010/08/23 22:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jam\virtualdeck
[2010/08/23 22:52:33 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDeck
[6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[261 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\jam\My Documents\*.tmp files -> C:\Documents and Settings\jam\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/06 10:29:02 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3258488223-1465139301-3237350382-1005UA.job
[2010/09/06 10:27:48 | 000,232,468 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\downloads.his.sav
[2010/09/06 10:27:48 | 000,010,585 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\downloads.del.sav
[2010/09/06 10:27:48 | 000,004,503 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\history.sav
[2010/09/06 10:27:48 | 000,001,993 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\schedules.sav
[2010/09/06 10:27:48 | 000,001,862 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\sites.sav
[2010/09/06 10:27:48 | 000,000,920 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\dlmgrsi.sav
[2010/09/06 10:27:48 | 000,000,032 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\mctasks.sav
[2010/09/06 10:27:48 | 000,000,024 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\spider.sav
[2010/09/06 10:27:48 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\uploads.1.sav
[2010/09/06 10:27:47 | 001,958,800 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\downloads.sav
[2010/09/06 10:27:47 | 000,000,387 | -H-- | M] () -- C:\Documents and Settings\jam\My Documents\groups.sav
[2010/09/06 10:16:21 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\ipresub.job
[2010/09/06 09:49:32 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/09/06 09:49:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/06 09:38:28 | 064,355,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/06 00:38:08 | 000,190,976 | ---- | M] () -- C:\Documents and Settings\jam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/05 14:49:00 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/05 13:29:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3258488223-1465139301-3237350382-1005Core.job
[2010/09/05 13:03:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/09/04 16:35:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/29 10:15:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/29 10:14:59 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/29 10:14:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/29 10:12:26 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\jam\ntuser.dat
[2010/08/29 10:12:26 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\jam\ntuser.ini
[2010/08/25 18:46:40 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\jam\My Documents\ATF-Cleaner.exe
[2010/08/25 18:23:14 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\jam\My Documents\zztoy.exe
[2010/08/25 18:22:08 | 000,007,523 | ---- | M] () -- C:\Documents and Settings\jam\My Documents\zztoy,exe.php
[2010/08/24 12:58:51 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\jam\My Documents\dxwebsetup.exe
[2010/08/24 12:51:03 | 030,048,264 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Documents and Settings\jam\My Documents\10-7_xp32_dd.exe
[2010/08/24 07:16:15 | 023,349,039 | ---- | M] () -- C:\Documents and Settings\jam\My Documents\Movie_0002.wmv
[2010/08/20 03:49:49 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/08/16 19:08:03 | 000,471,598 | ---- | M] () -- C:\Documents and Settings\jam\My Documents\ILoveTeasingMen.mp3
[2010/08/16 19:07:53 | 000,666,572 | ---- | M] () -- C:\Documents and Settings\jam\My Documents\CanYouHandleMe.mp3
[2010/08/15 21:07:19 | 001,157,369 | ---- | M] () -- C:\Documents and Settings\jam\My Documents\GuidedMasturbation.mp3
[2010/08/15 21:05:03 | 003,066,987 | ---- | M] () -- C:\Documents and Settings\jam\My Documents\Stroke4Me_Facesitting.mp3
[2010/08/15 20:20:20 | 000,520,479 | ---- | M] () -- C:\Documents and Settings\jam\My Documents\weakstrokers.mp3
[2010/08/15 04:14:52 | 000,921,624 | ---- | M] () -- C:\img2-001.raw
[2010/08/12 03:24:56 | 000,152,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/12 03:08:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/12 03:07:32 | 000,503,854 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/12 03:07:32 | 000,442,796 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/12 03:07:32 | 000,071,936 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/10 12:46:36 | 000,001,557 | ---- | M] () -- C:\Documents and Settings\jam\.recently-used.xbel
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[261 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\jam\My Documents\*.tmp files -> C:\Documents and Settings\jam\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\WINDOWS\System32\kerorufe
[2010/08/25 18:22:08 | 000,007,523 | ---- | C] () -- C:\Documents and Settings\jam\My Documents\zztoy,exe.php
[2010/08/24 07:04:02 | 023,349,039 | ---- | C] () -- C:\Documents and Settings\jam\My Documents\Movie_0002.wmv
[2010/08/16 19:08:02 | 000,471,598 | ---- | C] () -- C:\Documents and Settings\jam\My Documents\ILoveTeasingMen.mp3
[2010/08/16 19:07:52 | 000,666,572 | ---- | C] () -- C:\Documents and Settings\jam\My Documents\CanYouHandleMe.mp3
[2010/08/15 21:07:15 | 001,157,369 | ---- | C] () -- C:\Documents and Settings\jam\My Documents\GuidedMasturbation.mp3
[2010/08/15 21:04:50 | 003,066,987 | ---- | C] () -- C:\Documents and Settings\jam\My Documents\Stroke4Me_Facesitting.mp3
[2010/08/15 20:20:20 | 000,520,479 | ---- | C] () -- C:\Documents and Settings\jam\My Documents\weakstrokers.mp3
[2010/08/10 12:46:36 | 000,001,557 | ---- | C] () -- C:\Documents and Settings\jam\.recently-used.xbel
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/12/31 19:28:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008/12/29 21:54:22 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX3000.ini
[2008/12/28 17:12:31 | 000,002,395 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/12/18 19:55:17 | 000,000,099 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/12/12 19:26:23 | 000,000,000 | ---- | C] () -- C:\Program Files\jre-6u11-windows-i586-p.exe.bak
[2008/12/12 19:26:23 | 000,000,000 | ---- | C] () -- C:\Program Files\jre-6u11-windows-i586-p.exe
[2008/12/12 19:26:01 | 000,001,230 | ---- | C] () -- C:\Program Files\jre-6u11-windows-i586-p.exe.sdm
[2008/11/30 15:49:04 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2008/11/30 15:49:04 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2008/10/12 18:04:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2008/10/07 17:55:15 | 000,000,217 | ---- | C] () -- C:\WINDOWS\QScreenCapt.ini
[2008/07/30 17:52:42 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/06/20 20:53:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008/06/20 20:18:38 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/06/20 20:18:37 | 001,317,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2008/06/12 20:34:17 | 000,190,976 | ---- | C] () -- C:\Documents and Settings\jam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/12 19:08:47 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\jam\Local Settings\Application Data\fusioncache.dat
[2008/06/09 23:00:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/06/09 22:43:49 | 000,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\livecamv.sys
[2008/06/09 22:42:36 | 000,131,070 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2008/06/09 22:24:05 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2008/06/09 22:22:42 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/05/22 18:22:18 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/05/22 18:19:46 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/05/22 18:19:46 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/05/22 18:18:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/02/11 09:39:26 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll
[2008/02/11 09:39:18 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll
[2008/02/08 13:53:46 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll
[2007/11/18 15:22:28 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\imlCID.dll
[2007/07/27 14:49:02 | 000,225,355 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll
[2007/07/27 14:49:02 | 000,196,683 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll
[2007/01/25 13:31:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/12/05 19:25:22 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll
[2005/12/05 12:37:10 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll
[2005/09/22 13:12:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\sysinfo.dll
[2004/08/11 18:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 18:00:52 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf(2).dll
[2004/08/11 18:00:29 | 001,287,680 | ---- | C] () -- C:\WINDOWS\System32\quartz(3).dll
[2004/08/11 18:00:29 | 001,287,680 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll
[2004/08/11 18:00:21 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2003/02/10 16:30:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\libintl.dll
[2003/02/10 16:28:48 | 000,253,952 | ---- | C] () -- C:\WINDOWS\sablot.dll
[2003/02/10 16:28:24 | 000,114,688 | ---- | C] () -- C:\WINDOWS\libexpat.dll
[2003/02/10 16:21:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\localcharset.dll

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/13 20:11:52 | 000,357,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2008/04/13 20:11:52 | 000,205,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[261 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/08/11 18:06:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/11 18:06:14 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/11 18:06:14 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\*. /mp /s >

< %SYSTEMDRIVE%\*.exe >
[2010/06/14 19:03:04 | 002,672,312 | ---- | M] () -- C:\esetsmartinstaller_enu.exe
[2010/06/14 19:01:15 | 000,077,312 | ---- | M] () -- C:\mbr.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E6F9610D
< End of report >


#7 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:03:28 PM

Posted 06 September 2010 - 11:50 AM

Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed, click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.

This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


If you need help, see this link:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

unite.jpg


#8 fscguy

fscguy
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 06 September 2010 - 12:34 PM

ComboFix 10-09-06.01 - jam 09/06/2010 13:23:24.10.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.1554 [GMT -4:00]
Running from: c:\documents and settings\jam\My Documents\fetish\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

E:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-08-06 to 2010-09-06 )))))))))))))))))))))))))))))))
.

2010-09-02 07:00 . 2010-09-02 07:00 -------- d-----w- C:\67b9d6e898781d99602b8ce392ff1485
2010-09-01 02:38 . 2010-07-09 14:26 475136 ----a-w- c:\documents and settings\All Users\Application Data\Dell\RMC\RMCCreationInfo.exe
2010-09-01 02:38 . 2010-07-02 14:25 1118208 ------w- c:\documents and settings\All Users\Application Data\Dell\RMC\Libxml2.dll
2010-09-01 02:38 . 2010-07-02 14:25 60416 ----a-w- c:\documents and settings\All Users\Application Data\Dell\RMC\ZLib1.dll
2010-09-01 02:37 . 2010-08-17 18:10 372736 ------w- c:\documents and settings\All Users\Application Data\Dell\DSL\DSLCheck.exe
2010-08-30 17:21 . 2010-08-30 17:21 452104 ----a-w- c:\documents and settings\jam\Application Data\Real\Update\setup3.12\setup.exe
2010-08-24 02:52 . 2010-08-24 02:52 -------- d-----w- c:\documents and settings\jam\virtualdeck
2010-08-24 02:52 . 2010-08-24 02:52 -------- d-----w- c:\program files\VirtualDeck
2010-08-08 17:30 . 2010-08-08 17:30 503808 ----a-w- c:\documents and settings\jam\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-21657f9c-n\msvcp71.dll
2010-08-08 17:30 . 2010-08-08 17:30 499712 ----a-w- c:\documents and settings\jam\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-21657f9c-n\jmc.dll
2010-08-08 17:30 . 2010-08-08 17:30 348160 ----a-w- c:\documents and settings\jam\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-21657f9c-n\msvcr71.dll
2010-08-08 17:30 . 2010-08-08 17:30 61440 ----a-w- c:\documents and settings\jam\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-2b2b2886-n\decora-sse.dll
2010-08-08 17:30 . 2010-08-08 17:30 12800 ----a-w- c:\documents and settings\jam\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-2b2b2886-n\decora-d3d.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 17:22 . 2009-06-21 17:43 -------- d-----w- c:\documents and settings\jam\Application Data\DNA
2010-09-06 17:16 . 2008-11-18 22:29 -------- d-----w- c:\documents and settings\jam\Application Data\Skype
2010-09-06 12:02 . 2008-11-18 22:30 -------- d-----w- c:\documents and settings\jam\Application Data\skypePM
2010-09-06 01:10 . 2008-12-30 03:23 -------- d-----w- c:\documents and settings\jam\Application Data\HPAppData
2010-09-03 22:29 . 2008-06-10 02:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Dell
2010-09-02 07:00 . 2008-08-24 18:36 -------- d-----w- c:\program files\Microsoft Silverlight
2010-08-29 14:15 . 2009-06-21 17:43 -------- d-----w- c:\program files\DNA
2010-08-28 21:14 . 2009-04-18 12:50 117760 ----a-w- c:\documents and settings\jam\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-08-25 22:31 . 2009-03-10 00:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-12 07:01 . 2008-06-10 02:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-08-10 16:46 . 2009-11-03 01:09 -------- d-----w- c:\documents and settings\jam\Application Data\gtk-2.0
2010-08-04 11:06 . 2010-08-01 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-08-01 19:48 . 2008-06-10 02:49 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-01 19:46 . 2009-10-15 21:25 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-08-01 19:45 . 2010-08-01 19:44 12124624 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\AdobeAIRInstaller.exe
2010-08-01 19:44 . 2010-08-01 19:44 77184 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2010-08-01 19:32 . 2008-06-20 22:46 -------- d-----w- c:\program files\QuickTime
2010-08-01 19:30 . 2008-07-09 23:09 -------- d-----w- c:\program files\Common Files\Apple
2010-08-01 19:22 . 2010-08-01 19:22 2568656 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2010-07-18 21:53 . 2008-06-10 02:49 -------- d-----w- c:\program files\Google
2010-07-18 19:02 . 2010-07-18 19:01 -------- d-----w- c:\program files\ATI
2010-07-18 19:01 . 2008-06-10 02:43 -------- d-----w- c:\program files\ATI Technologies
2010-07-17 14:57 . 2008-11-18 22:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-07-12 23:36 . 2010-07-12 23:36 27591840 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\msgup1000_1270_us_u2.exe
2010-07-10 01:04 . 2008-12-25 03:11 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-07 02:27 . 2008-06-10 02:24 5069312 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-07-07 01:58 . 2010-07-18 19:01 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-07-07 01:58 . 2010-07-18 19:01 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-07-07 01:57 . 2010-07-18 19:01 4337664 ----a-w- c:\windows\system32\aticaldd.dll
2010-07-07 01:53 . 2008-12-01 20:46 15499264 ----a-w- c:\windows\system32\atioglxx.dll
2010-07-07 01:50 . 2008-06-10 02:24 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-07-07 01:48 . 2008-06-10 02:24 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-07-07 01:47 . 2008-06-10 02:24 299520 ----a-w- c:\windows\system32\ati2dvag.dll
2010-07-07 01:41 . 2008-06-10 02:24 3869952 ----a-w- c:\windows\system32\ati3duag.dll
2010-07-07 01:33 . 2008-06-10 02:24 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-07-07 01:32 . 2008-06-10 02:24 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-07-07 01:32 . 2008-06-10 02:24 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-07-07 01:32 . 2008-06-10 02:24 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-07-07 01:32 . 2008-06-10 02:24 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-07-07 01:31 . 2008-06-10 02:24 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2010-07-07 01:29 . 2008-06-10 02:24 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-07-07 01:29 . 2010-07-18 19:01 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-07-07 01:28 . 2008-06-10 02:24 2273920 ----a-w- c:\windows\system32\ativvaxx.dll
2010-07-07 01:27 . 2008-06-10 02:24 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-07-07 01:27 . 2008-06-10 02:24 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-07-07 01:25 . 2008-06-10 02:24 573440 ----a-w- c:\windows\system32\atikvmag.dll
2010-07-07 01:24 . 2008-06-10 02:24 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-07-07 01:24 . 2008-12-01 19:52 184320 ----a-w- c:\windows\system32\atiadlxx.dll
2010-07-07 01:23 . 2008-06-10 02:24 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-07-07 01:19 . 2008-06-10 02:24 704512 ----a-w- c:\windows\system32\ati2cqag.dll
2010-07-07 01:15 . 2010-07-18 19:01 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-07-07 01:15 . 2008-12-01 19:57 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-07-07 01:15 . 2008-06-10 02:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-07-04 14:40 . 2010-07-04 14:40 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-04 14:40 . 2010-07-04 14:40 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-04 14:40 . 2010-07-04 14:40 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-04 14:40 . 2010-07-04 14:40 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-07-04 01:49 . 2010-07-04 01:49 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-06-30 12:31 . 2004-08-11 22:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-29 17:19 . 2010-04-12 17:18 439816 ----a-w- c:\documents and settings\jam\Application Data\Real\Update\setup3.10\setup.exe
2010-06-24 12:10 . 2004-08-11 22:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:10 . 2004-08-11 22:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-23 13:44 . 2004-08-11 22:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 22:25 . 2010-06-22 22:26 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-22 22:18 . 2008-06-10 02:59 29216 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-21 15:27 . 2004-08-11 22:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-11 22:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 23:03 . 2010-06-14 23:02 2672312 ----a-w- C:\esetsmartinstaller_enu.exe
2010-06-14 23:01 . 2010-06-14 23:01 77312 ----a-w- C:\mbr.exe
2010-06-14 14:31 . 2004-08-11 22:12 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2004-08-11 22:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-13 21:13 . 2004-08-04 04:00 42112 ----a-w- c:\windows\system32\drivers\imapi.sys
2010-06-11 20:51 . 2010-06-11 20:51 3055600 ----a-w- c:\documents and settings\jam\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
2010-06-11 20:36 . 2010-06-11 20:36 275952 ----a-w- c:\documents and settings\jam\Application Data\Mozilla\plugins\npgoogletalk.dll
2008-12-12 23:29 . 2008-12-12 23:26 0 ------w- c:\program files\jre-6u11-windows-i586-p.exe
2008-12-12 23:26 . 2008-12-12 23:26 0 ----a-w- c:\program files\jre-6u11-windows-i586-p.exe.bak
2008-12-12 23:26 . 2008-12-12 23:26 1230 ----a-w- c:\program files\jre-6u11-windows-i586-p.exe.sdm
2008-10-14 16:48 . 2008-10-14 16:48 62872 ----a-w- c:\program files\mozilla firefox\plugins\ateccli.dll
2008-10-14 16:48 . 2008-10-14 16:48 27976 ----a-w- c:\program files\mozilla firefox\plugins\atgpcdec.dll
2008-10-14 16:48 . 2008-10-14 16:48 125848 ----a-w- c:\program files\mozilla firefox\plugins\atgpcext.dll
2008-10-14 16:48 . 2008-10-14 16:48 98712 ----a-w- c:\program files\mozilla firefox\plugins\ieatgpc.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-07-10_15.19.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 04:02 . 2009-07-12 04:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-12 04:05 . 2009-07-12 04:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-12 04:05 . 2009-07-12 04:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2010-08-29 14:15 . 2010-08-29 14:15 16384 c:\windows\Temp\Perflib_Perfdata_88c.dat
+ 2010-08-24 17:03 . 2010-06-02 08:55 74072 c:\windows\system32\XAPOFX1_5.dll
+ 2010-08-24 17:03 . 2010-02-04 14:01 74072 c:\windows\system32\XAPOFX1_4.dll
+ 2010-08-24 17:03 . 2009-09-04 21:44 69464 c:\windows\system32\XAPOFX1_3.dll
+ 2010-08-24 17:03 . 2008-10-27 14:04 70992 c:\windows\system32\XAPOFX1_2.dll
+ 2010-08-24 17:03 . 2008-07-31 14:41 68616 c:\windows\system32\XAPOFX1_1.dll
+ 2010-08-24 17:03 . 2010-02-04 14:01 22360 c:\windows\system32\X3DAudio1_7.dll
+ 2010-08-24 17:03 . 2009-03-16 18:18 22360 c:\windows\system32\X3DAudio1_6.dll
+ 2010-08-24 17:03 . 2008-10-27 14:04 23376 c:\windows\system32\X3DAudio1_5.dll
- 2009-01-14 08:03 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2009-01-14 08:03 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
+ 2010-08-24 16:53 . 2001-11-09 15:01 24064 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ativcoxx.dll
+ 2010-08-24 16:53 . 2010-05-27 16:37 17408 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atitvo32.dll
+ 2010-08-24 16:53 . 2009-02-03 20:52 45056 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ATIODCLI.exe
+ 2010-08-24 16:53 . 2010-05-27 16:29 65536 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atimpc32.dll
+ 2010-08-24 16:53 . 2010-05-27 16:43 53248 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ATIDDC.DLL
+ 2010-08-24 16:53 . 2010-05-27 17:12 45056 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\aticalrt.dll
+ 2010-08-24 16:53 . 2010-05-27 17:12 45056 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\aticalcl.dll
+ 2010-08-24 16:53 . 2010-05-27 16:45 26112 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\Ati2mdxx.exe
+ 2010-08-24 16:53 . 2010-05-27 16:28 53248 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ati2erec.dll
+ 2010-08-24 16:53 . 2010-05-27 16:45 43520 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ati2edxx.dll
- 2004-08-11 22:00 . 2010-07-09 03:30 71936 c:\windows\system32\perfc009.dat
+ 2004-08-11 22:00 . 2010-08-12 07:07 71936 c:\windows\system32\perfc009.dat
+ 2010-08-24 16:53 . 2010-07-07 01:32 81083 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\oemdspif.dll
+ 2010-08-24 16:53 . 2001-11-09 15:01 12614 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ativcoxx.dll
+ 2010-08-24 16:53 . 2009-02-18 17:55 81447 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atiode.exe
+ 2010-08-24 16:53 . 2009-02-03 20:52 25093 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atiodcli.exe
+ 2010-08-24 16:53 . 2010-07-07 01:15 41477 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atimpc32.dll
+ 2010-08-24 16:53 . 2010-07-07 01:29 28700 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atiddc.dll
+ 2010-08-24 16:53 . 2010-07-07 01:58 29394 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\aticalrt.dll
+ 2010-08-24 16:53 . 2010-07-07 01:58 28972 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\aticalcl.dll
+ 2010-08-24 16:53 . 2009-05-11 21:35 71662 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atibtmon.exe
+ 2010-08-24 16:53 . 2010-07-07 01:29 54492 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atiapfxx.exe
+ 2010-08-24 16:53 . 2010-07-07 01:32 16309 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ati2mdxx.exe
+ 2010-08-24 16:53 . 2010-07-07 01:32 80978 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ati2evxx.dll
+ 2010-08-24 16:53 . 2010-07-07 01:15 13650 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ati2erec.dll
+ 2010-08-24 16:53 . 2010-07-07 01:32 28844 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ati2edxx.dll
+ 2010-07-18 19:01 . 2010-05-27 16:46 81084 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\oemdspif.dll
+ 2010-07-18 19:01 . 2001-11-09 15:01 12614 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ativcoxx.dll
+ 2010-07-18 19:01 . 2009-02-18 17:55 81447 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atiode.exe
+ 2010-07-18 19:01 . 2009-02-03 20:52 25093 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atiodcli.exe
+ 2010-07-18 19:01 . 2010-05-27 16:29 41674 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atimpc32.dll
+ 2010-07-18 19:01 . 2010-05-27 16:43 28700 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atiddc.dll
+ 2010-07-18 19:01 . 2010-05-27 17:12 23096 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\aticalrt.dll
+ 2010-07-18 19:01 . 2010-05-27 17:12 22690 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\aticalcl.dll
+ 2010-07-18 19:01 . 2009-05-11 21:35 71662 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atibtmon.exe
+ 2010-07-18 19:01 . 2010-05-27 16:42 54491 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atiapfxx.exe
+ 2010-07-18 19:01 . 2010-05-27 16:45 16309 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ati2mdxx.exe
+ 2010-07-18 19:01 . 2010-05-27 16:45 80978 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ati2evxx.dll
+ 2010-07-18 19:01 . 2010-05-27 16:28 13650 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ati2erec.dll
+ 2010-07-18 19:01 . 2010-05-27 16:45 28843 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ati2edxx.dll
+ 2009-02-20 08:30 . 2010-06-24 12:10 81920 c:\windows\system32\dllcache\ieencode.dll
- 2009-02-20 08:30 . 2010-04-16 16:09 81920 c:\windows\system32\dllcache\ieencode.dll
- 2009-05-06 00:31 . 2010-07-04 21:01 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-06 00:31 . 2010-07-18 06:17 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-06-12 23:01 . 2010-07-18 06:17 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-06-12 23:01 . 2010-07-04 21:01 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2010-07-18 06:17 . 2010-07-18 06:17 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-06-10 02:24 . 2001-11-09 15:01 24064 c:\windows\system32\ativcoxx.dll
- 2008-06-10 02:24 . 2007-08-28 01:51 24064 c:\windows\system32\ativcoxx.dll
- 2008-06-10 02:24 . 2008-10-21 17:40 45056 c:\windows\system32\ATIODCLI.exe
+ 2008-06-10 02:24 . 2009-02-03 20:52 45056 c:\windows\system32\ATIODCLI.exe
+ 2010-08-01 19:46 . 2010-08-01 19:46 28160 c:\windows\Installer\4830449a.msi
+ 2010-07-18 21:53 . 2010-07-18 21:53 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-07-18 21:53 . 2010-07-18 21:53 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-07-18 21:53 . 2010-07-18 21:53 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-07-18 21:53 . 2010-07-18 21:53 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-07-18 21:53 . 2010-07-18 21:53 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-07-18 21:53 . 2010-07-18 21:53 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-07-18 21:53 . 2010-07-18 21:53 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\ARPPRODUCTICON.exe
+ 2010-08-24 16:53 . 2010-08-24 16:53 77542 c:\windows\Installer\{C2274248-9536-B9E2-0886-84BF1F292219}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-08-24 16:53 . 2010-08-24 16:53 77542 c:\windows\Installer\{C2274248-9536-B9E2-0886-84BF1F292219}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-08-24 16:53 . 2010-08-24 16:53 77542 c:\windows\Installer\{C2274248-9536-B9E2-0886-84BF1F292219}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-08-24 16:53 . 2010-08-24 16:53 77542 c:\windows\Installer\{C2274248-9536-B9E2-0886-84BF1F292219}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-08-24 16:53 . 2010-08-24 16:53 77542 c:\windows\Installer\{C2274248-9536-B9E2-0886-84BF1F292219}\ARPPRODUCTICON.exe
+ 2008-06-10 02:48 . 2010-08-12 07:01 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-06-10 02:48 . 2010-06-14 07:13 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-06-10 02:48 . 2010-06-14 07:13 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-06-10 02:48 . 2010-08-12 07:01 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-06-10 02:48 . 2010-08-12 07:01 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-06-10 02:48 . 2010-06-14 07:13 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-06-04 07:00 . 2010-06-04 07:00 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-04 07:00 . 2010-09-02 07:00 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-07-18 19:01 . 2010-07-18 19:01 77542 c:\windows\Installer\{0928B2C5-0B16-C2FB-7BAE-A25901414687}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-07-18 19:01 . 2010-07-18 19:01 77542 c:\windows\Installer\{0928B2C5-0B16-C2FB-7BAE-A25901414687}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-07-18 19:01 . 2010-07-18 19:01 77542 c:\windows\Installer\{0928B2C5-0B16-C2FB-7BAE-A25901414687}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-07-18 19:01 . 2010-07-18 19:01 77542 c:\windows\Installer\{0928B2C5-0B16-C2FB-7BAE-A25901414687}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2009-12-22 00:09 . 2009-12-22 00:09 16832 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\ViewerPS.dll
+ 2009-12-22 05:57 . 2009-12-22 05:57 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\reader_sl.exe
+ 2009-12-22 00:02 . 2009-12-22 00:02 79280 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFPrevHndlr.dll
+ 2009-12-22 03:21 . 2009-12-22 03:21 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\eula.exe
+ 2009-12-11 19:57 . 2009-12-11 19:57 70584 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\adobeextractfiles.dll
+ 2009-12-22 03:37 . 2009-12-22 03:37 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acrotextextractor.exe
+ 2009-12-21 22:39 . 2009-12-21 22:39 15288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRd32Info.exe
+ 2009-12-21 22:27 . 2009-12-21 22:27 75200 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acroiehelpershim.dll
+ 2009-12-21 22:27 . 2009-12-21 22:27 61888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroIEHelper.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\aada360296a42e0413579a19c771ec2d\System.Web.DynamicData.Design.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-08-12 07:08 . 2010-08-12 07:08 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-08-12 07:08 . 2010-08-12 07:08 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\272d51526813ea113970b8e890c92ee2\Microsoft.VisualC.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-08-12 07:11 . 2010-08-12 07:11 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-08-04 07:01 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll
+ 2010-08-04 07:01 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2286198\spmsg.dll
+ 2010-07-14 07:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-07-14 07:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2229593\spmsg.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-08-24 16:53 . 2010-07-07 01:23 8348 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atitvo32.dll
+ 2010-07-18 19:01 . 2010-05-27 16:37 8348 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atitvo32.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-06-23 07:02 . 2010-06-23 07:02 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-06-23 07:02 . 2010-06-23 07:02 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-12 04:05 . 2009-07-12 04:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2010-08-24 17:03 . 2010-06-02 08:55 527192 c:\windows\system32\XAudio2_7.dll
+ 2010-08-24 17:03 . 2010-02-04 14:01 528216 c:\windows\system32\XAudio2_6.dll
+ 2010-08-24 17:03 . 2009-09-04 21:44 515416 c:\windows\system32\XAudio2_5.dll
+ 2010-08-24 17:03 . 2009-03-16 18:18 517448 c:\windows\system32\XAudio2_4.dll
+ 2010-08-24 17:03 . 2008-10-27 14:04 514384 c:\windows\system32\XAudio2_3.dll
+ 2010-08-24 17:03 . 2008-07-31 14:40 509448 c:\windows\system32\XAudio2_2.dll
+ 2010-08-24 17:03 . 2010-06-02 08:55 239960 c:\windows\system32\xactengine3_7.dll
+ 2010-08-24 17:03 . 2010-02-04 14:01 238936 c:\windows\system32\xactengine3_6.dll
+ 2010-08-24 17:03 . 2009-09-04 21:44 238936 c:\windows\system32\xactengine3_5.dll
+ 2010-08-24 17:03 . 2009-03-16 18:18 235352 c:\windows\system32\xactengine3_4.dll
+ 2010-08-24 17:03 . 2008-10-27 14:04 235856 c:\windows\system32\xactengine3_3.dll
+ 2010-08-24 17:03 . 2008-07-31 14:41 238088 c:\windows\system32\xactengine3_2.dll
- 2004-08-11 22:00 . 2010-04-16 16:09 627712 c:\windows\system32\urlmon.dll
+ 2004-08-11 22:00 . 2010-06-24 12:10 627712 c:\windows\system32\urlmon.dll
+ 2010-08-24 16:53 . 2010-05-27 16:46 155648 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\Oemdspif.dll
+ 2010-08-24 16:53 . 2010-05-27 16:41 887724 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ativva6x.dat
+ 2010-08-24 16:53 . 2010-05-27 16:46 208896 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atipdlxx.dll
+ 2010-08-24 16:53 . 2010-05-27 16:35 393216 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atiok3x2.dll
+ 2010-08-24 16:53 . 2009-02-18 17:55 294912 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ATIODE.exe
+ 2010-08-24 16:53 . 2010-05-27 16:39 573440 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atikvmag.dll
+ 2010-08-24 16:53 . 2010-05-27 17:02 311296 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atiiiexx.dll
+ 2010-08-24 16:53 . 2010-04-06 17:54 203336 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atiicdxx.dat
+ 2010-08-24 16:53 . 2010-05-27 16:59 446464 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ATIDEMGX.dll
+ 2010-08-24 16:53 . 2009-05-11 21:35 118784 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atibtmon.exe
+ 2010-08-24 16:53 . 2010-05-27 16:42 143360 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atiapfxx.exe
+ 2010-08-24 16:53 . 2010-05-27 16:38 184320 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atiadlxx.dll
+ 2010-08-24 16:53 . 2010-05-27 16:44 602112 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ati2evxx.exe
+ 2010-08-24 16:53 . 2010-05-27 16:45 159744 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ati2evxx.dll
+ 2010-08-24 16:53 . 2010-05-27 16:58 299520 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ati2dvag.dll
+ 2010-08-24 16:53 . 2010-05-27 16:33 692224 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ati2cqag.dll
+ 2004-08-11 22:00 . 2010-08-12 07:07 442796 c:\windows\system32\perfh009.dat
- 2004-08-11 22:00 . 2010-07-09 03:30 442796 c:\windows\system32\perfh009.dat
+ 2010-09-06 01:09 . 2010-09-06 01:09 232912 c:\windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
+ 2010-09-06 01:09 . 2010-09-06 01:09 311760 c:\windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.dll
+ 2010-08-01 19:30 . 2010-08-01 19:30 231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe
- 2004-08-11 22:00 . 2010-04-16 16:09 251904 c:\windows\system32\iepeers.dll
+ 2004-08-11 22:00 . 2010-06-24 12:10 251904 c:\windows\system32\iepeers.dll
- 2004-08-11 22:06 . 2010-06-22 22:15 152384 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-11 22:06 . 2010-08-12 07:24 152384 c:\windows\system32\FNTCACHE.DAT
+ 2010-08-24 16:53 . 2010-07-07 01:27 887724 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ativva6x.dat
+ 2010-08-24 16:53 . 2010-07-07 01:33 109092 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atipdlxx.dll
+ 2010-08-24 16:53 . 2010-07-07 01:24 194349 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atiok3x2.dll
+ 2010-08-24 16:53 . 2010-07-07 01:25 306873 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atikvmag.dll
+ 2010-08-24 16:53 . 2010-07-07 01:50 311296 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atiiiexx.dll
+ 2010-08-24 16:53 . 2010-05-11 20:42 205156 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atiicdxx.dat
+ 2010-08-24 16:53 . 2010-07-07 01:48 446464 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atidemgx.dll
+ 2010-08-24 16:53 . 2010-07-07 01:24 101570 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atiadlxx.dll
+ 2010-08-24 16:53 . 2010-07-07 01:31 317754 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ati2evxx.exe
+ 2010-08-24 16:53 . 2010-07-07 01:47 188030 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ati2dvag.dll
+ 2010-08-24 16:53 . 2010-07-07 01:19 362057 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ati2cqag.dll
+ 2010-07-18 19:01 . 2010-05-27 16:41 887724 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ativva6x.dat
+ 2010-07-18 19:01 . 2010-05-27 16:46 109093 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atipdlxx.dll
+ 2010-07-18 19:01 . 2010-05-27 16:35 194463 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atiok3x2.dll
+ 2010-07-18 19:01 . 2010-05-27 16:39 306874 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atikvmag.dll
+ 2010-07-18 19:01 . 2010-05-27 17:02 311296 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atiiiexx.dll
+ 2010-07-18 19:01 . 2010-04-06 17:54 203336 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atiicdxx.dat
+ 2010-07-18 19:01 . 2010-05-27 16:59 446464 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atidemgx.dll
+ 2010-07-18 19:01 . 2010-05-27 16:38 101409 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atiadlxx.dll
+ 2010-07-18 19:01 . 2010-05-27 16:44 317726 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ati2evxx.exe
+ 2010-07-18 19:01 . 2010-05-27 16:58 188076 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ati2dvag.dll
+ 2010-07-18 19:01 . 2010-05-27 16:33 355609 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ati2cqag.dll
+ 2008-04-21 06:44 . 2010-06-24 12:10 667136 c:\windows\system32\dllcache\wininet.dll
- 2008-04-21 06:44 . 2010-04-16 16:09 667136 c:\windows\system32\dllcache\wininet.dll
- 2008-06-26 08:15 . 2010-04-16 16:09 627712 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-26 08:15 . 2010-06-24 12:10 627712 c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-15 00:51 . 2010-06-21 15:27 354304 c:\windows\system32\dllcache\srv.sys
+ 2008-12-05 06:54 . 2010-06-30 12:31 149504 c:\windows\system32\dllcache\schannel.dll
- 2010-02-26 05:43 . 2010-04-16 16:09 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2010-02-26 05:43 . 2010-06-24 12:10 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2010-07-14 00:07 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2010-08-24 17:03 . 2010-05-26 15:41 248672 c:\windows\system32\d3dx11_43.dll
+ 2010-08-24 17:03 . 2009-09-04 21:29 235344 c:\windows\system32\d3dx11_42.dll
+ 2010-08-24 17:03 . 2010-05-26 15:41 470880 c:\windows\system32\d3dx10_43.dll
+ 2010-08-24 17:03 . 2009-09-04 21:29 453456 c:\windows\system32\d3dx10_42.dll
+ 2010-08-24 17:03 . 2009-03-09 19:27 453456 c:\windows\system32\d3dx10_41.dll
+ 2010-08-24 17:03 . 2008-10-10 08:52 452440 c:\windows\system32\d3dx10_40.dll
+ 2010-08-24 17:03 . 2008-07-10 15:01 467984 c:\windows\system32\d3dx10_39.dll
+ 2008-06-10 02:24 . 2009-02-18 17:55 294912 c:\windows\system32\ATIODE.exe
+ 2008-06-10 02:24 . 2010-05-11 20:42 205156 c:\windows\system32\atiicdxx.dat
+ 2010-07-18 19:01 . 2009-05-11 21:35 118784 c:\windows\system32\atibtmon.exe
+ 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2009-08-08 03:51 . 2009-08-08 03:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-07-18 19:02 . 2010-07-18 19:02 718336 c:\windows\Installer\4be78f7.msi
+ 2010-07-18 19:01 . 2010-07-18 19:01 219648 c:\windows\Installer\4be78ec.msi
+ 2010-08-01 19:30 . 2010-08-01 19:30 791552 c:\windows\Installer\48303f11.msi
+ 2008-06-10 02:48 . 2010-08-12 07:01 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-06-10 02:48 . 2010-06-14 07:13 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-06-10 02:48 . 2010-06-14 07:13 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-06-10 02:48 . 2010-08-12 07:01 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-06-10 02:48 . 2010-08-12 07:01 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
- 2008-06-10 02:48 . 2010-06-14 07:13 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
- 2008-06-10 02:48 . 2010-06-14 07:12 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-06-10 02:48 . 2010-08-12 07:01 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-07-18 19:02 . 2010-07-18 19:02 238223 c:\windows\Installer\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}\ARPPRODUCTICON.exe
+ 2009-12-11 19:57 . 2009-12-11 19:57 326056 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\readerupdater.exe
+ 2009-12-21 22:35 . 2009-12-21 22:35 378264 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\pdfshell.dll
+ 2009-12-22 00:05 . 2009-12-22 00:05 116168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFPrevHndlrShim.exe
+ 2009-12-21 22:34 . 2009-12-21 22:34 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\nppdf32.dll
+ 2009-11-09 23:18 . 2009-11-09 23:18 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\JP2KLib.dll
+ 2009-12-22 00:02 . 2009-12-22 00:02 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AdobeCollabSync.exe
+ 2009-12-11 19:57 . 2009-12-11 19:57 948672 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\adobearm.exe
+ 2009-12-21 22:43 . 2009-12-21 22:43 120240 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRdIF.dll
+ 2009-12-22 05:57 . 2009-12-22 05:57 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRd32.exe
+ 2009-12-21 22:15 . 2009-12-21 22:15 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroPDF.dll
+ 2009-12-21 23:32 . 2009-12-21 23:32 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acrobroker.exe
+ 2009-12-11 19:57 . 2009-12-11 19:57 326056 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acrobatupdater.exe
+ 2009-12-21 23:15 . 2009-12-21 23:15 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\a3dutility.exe
+ 2010-08-12 07:12 . 2010-08-12 07:12 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-08-12 07:09 . 2010-08-12 07:09 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\5e16c279496a553c988c6199f0cee8aa\System.Web.Routing.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\720b28d81e987b889180b291ea19b821\System.Web.Extensions.Design.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\da36fd678161cd3444ef547c894e3f35\System.Web.Entity.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\49ae7c73fac8827123d5db1714c22599\System.Web.Entity.Design.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ce3aa27d3c4c052845ac5abb1374defa\System.Web.DynamicData.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\95fab896ef2af14876e3e1524379773b\System.Web.Abstractions.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3de39eb60b9d32af46f32f6c7a88fc7f\System.Runtime.Remoting.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\488c4017d45e861644a34fae557aa80f\System.Data.Entity.Design.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-08-12 07:12 . 2010-08-12 07:12 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5aeb40ff7128df2881fb03c01d070b20\ServiceModelReg.ni.exe
+ 2010-08-12 07:09 . 2010-08-12 07:09 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-08-12 07:12 . 2010-08-12 07:12 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 472064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\e489793fb494ff9d467cb8620ce9e2b7\Microsoft.MapPoint.Rendering3D.Utility.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 840192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\deba555b5d848944c70d4c8ae297956e\Microsoft.MapPoint.Geometry.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 411648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\cc134b6f9a83b4fb2346869ffd99f613\Microsoft.MapPoint.Network.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 766976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\bfbb5a8378b21da0caf990708b6fc735\Microsoft.MapPoint.Data.VirtualEarthTileDataSource.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 340992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\9d666637bf64e132f3393db423707208\Microsoft.MapPoint.UtilityPartialTrust.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 438272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\73c82b0697aff6093ecb5a90713b8b36\Microsoft.MapPoint.MapControl3D.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 344064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\5813d9c981877fe41945bf3df4ae1b34\Microsoft.MapPoint.Utility.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 434176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\09579af13e9e1c226fba0a4e1291d59a\Microsoft.MapPoint.Data.CompactMapFile.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-08-12 07:11 . 2010-08-12 07:11 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\56aec0938ef1bbdeca65b07a5fe8cd39\AspNetMMCExt.ni.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-08-04 07:01 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2286198$\spuninst\updspapi.dll
+ 2010-08-04 07:01 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2286198$\spuninst\spuninst.exe
+ 2010-07-14 07:04 . 2010-02-22 23:53 382840 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll
+ 2010-07-14 07:04 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe
+ 2010-07-14 07:04 . 2008-04-14 00:12 744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe
+ 2010-08-04 07:01 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2286198\update\updspapi.dll
+ 2010-08-04 07:01 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2286198\update\update.exe
+ 2010-08-04 07:01 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2286198\spuninst.exe
+ 2010-07-14 07:04 . 2010-02-22 23:53 382840 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
+ 2010-07-14 07:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2229593\update\update.exe
+ 2010-07-14 07:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2229593\spuninst.exe
+ 2010-07-14 00:07 . 2010-06-14 14:38 744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe
+ 2009-07-12 04:02 . 2009-07-12 04:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2004-08-11 22:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
- 2004-08-11 22:00 . 2010-04-16 16:09 1509888 c:\windows\system32\shdocvw.dll
+ 2004-08-11 22:00 . 2010-06-24 12:10 1509888 c:\windows\system32\shdocvw.dll
+ 2010-08-24 16:53 . 2010-05-27 16:41 2256512 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ativvaxx.dll
+ 2010-08-24 16:53 . 2010-05-27 17:10 4071424 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\aticaldd.dll
+ 2010-08-24 16:53 . 2010-05-27 16:54 3699936 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ati3duag.dll
+ 2010-08-24 16:53 . 2010-05-27 17:37 4830720 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\ati2mtag.sys
+ 2004-08-11 22:00 . 2010-04-27 13:59 2146304 c:\windows\system32\ntoskrnl.exe
- 2004-08-11 22:00 . 2010-02-16 14:08 2146304 c:\windows\system32\ntoskrnl.exe
- 2004-08-04 03:59 . 2010-02-16 13:25 2024448 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-04 03:59 . 2010-04-27 13:05 2024448 c:\windows\system32\ntkrnlpa.exe
- 2004-08-11 22:00 . 2010-04-16 16:09 3073024 c:\windows\system32\mshtml.dll
+ 2004-08-11 22:00 . 2010-06-24 12:10 3073024 c:\windows\system32\mshtml.dll
+ 2009-02-03 02:15 . 2010-08-01 19:30 5612496 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-08-24 16:53 . 2010-07-07 01:28 1104942 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ativvaxx.dll
+ 2010-08-24 16:53 . 2010-07-07 01:53 6723831 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\atioglxx.dll
+ 2010-08-24 16:53 . 2010-07-07 01:57 2055374 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\aticaldd.dll
+ 2010-08-24 16:53 . 2010-07-07 01:41 2043007 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ati3duag.dll
+ 2010-08-24 16:53 . 2010-07-07 02:27 3379320 c:\windows\system32\DRVSTORE\CX102491_447EBC2BF3945AA24FFCBAC34BDAEA08E20EA545\B102427\ati2mtag.sys
+ 2010-07-18 19:01 . 2010-05-27 16:41 1099316 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ativvaxx.dll
+ 2010-07-18 19:01 . 2010-05-27 17:05 6618486 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\atioglxx.dll
+ 2010-07-18 19:01 . 2010-05-27 17:10 1960742 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\aticaldd.dll
+ 2010-07-18 19:01 . 2010-05-27 16:54 1989001 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ati3duag.dll
+ 2010-07-18 19:01 . 2010-05-27 17:37 3248418 c:\windows\system32\DRVSTORE\CX100944_94C9E6E390E04C7ACFB49BA063CF410EECDB4591\B100667\ati2mtag.sys
+ 2008-10-15 00:51 . 2010-06-23 13:44 1851904 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2008-06-26 08:15 . 2010-06-24 12:10 1509888 c:\windows\system32\dllcache\shdocvw.dll
- 2008-06-26 08:15 . 2010-04-16 16:09 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2009-04-17 01:51 . 2010-04-28 02:25 2189952 c:\windows\system32\dllcache\ntoskrnl.exe
- 2009-04-17 01:51 . 2010-02-17 13:10 2189952 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-04-17 01:51 . 2010-04-27 13:05 2024448 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-04-17 01:51 . 2010-02-16 13:25 2024448 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-02-07 23:02 . 2010-02-16 13:25 2066816 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-02-07 23:02 . 2010-04-27 13:05 2066816 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-04-17 01:51 . 2010-04-27 13:59 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2009-04-17 01:51 . 2010-02-16 14:08 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-06-10 02:37 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2008-06-10 02:37 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2008-04-21 06:44 . 2010-04-16 16:09 3073024 c:\windows\system32\dllcache\mshtml.dll
+ 2008-04-21 06:44 . 2010-06-24 12:10 3073024 c:\windows\system32\dllcache\mshtml.dll
+ 2010-03-10 11:48 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2010-03-10 11:48 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2010-03-10 04:33 . 2010-04-16 16:09 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2010-03-10 04:33 . 2010-06-24 12:10 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2008-06-10 02:24 . 2010-07-07 02:27 5069312 c:\windows\system32\dllcache\ati2mtag.sys
+ 2010-08-24 17:03 . 2010-05-26 15:41 1998168 c:\windows\system32\D3DX9_43.dll
+ 2010-08-24 17:03 . 2009-09-04 21:29 1892184 c:\windows\system32\D3DX9_42.dll
+ 2010-08-24 17:03 . 2009-03-09 19:27 4178264 c:\windows\system32\D3DX9_41.dll
+ 2010-08-24 17:03 . 2008-10-10 08:52 4379984 c:\windows\system32\D3DX9_40.dll
+ 2010-08-24 17:03 . 2008-07-10 15:00 3851784 c:\windows\system32\D3DX9_39.dll
+ 2010-08-24 17:03 . 2010-05-26 15:41 1868128 c:\windows\system32\d3dcsx_43.dll
+ 2010-08-24 17:03 . 2009-09-04 21:29 5501792 c:\windows\system32\d3dcsx_42.dll
+ 2010-08-24 17:03 . 2010-05-26 15:41 2106216 c:\windows\system32\D3DCompiler_43.dll
+ 2010-08-24 17:03 . 2009-09-04 21:29 1974616 c:\windows\system32\D3DCompiler_42.dll
+ 2010-08-24 17:03 . 2009-03-09 19:27 1846632 c:\windows\system32\D3DCompiler_41.dll
+ 2010-08-24 17:03 . 2008-10-10 08:52 2036576 c:\windows\system32\D3DCompiler_40.dll
+ 2010-08-24 17:03 . 2008-07-10 15:00 1493528 c:\windows\system32\D3DCompiler_39.dll
- 2004-08-11 22:00 . 2010-04-16 16:09 1025024 c:\windows\system32\browseui.dll
+ 2004-08-11 22:00 . 2010-06-24 12:10 1025024 c:\windows\system32\browseui.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2009-08-08 03:51 . 2009-08-08 03:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-07-18 21:53 . 2010-07-18 21:53 1219584 c:\windows\Installer\98b474.msi
+ 2010-06-20 08:01 . 2010-06-20 08:01 8040960 c:\windows\Installer\48304586.msp
+ 2010-08-01 19:49 . 2010-08-01 19:49 3940352 c:\windows\Installer\48304585.msi
+ 2010-08-01 19:32 . 2010-08-01 19:32 9472000 c:\windows\Installer\4830419a.msi
+ 2010-08-24 16:53 . 2010-08-24 16:53 1597440 c:\windows\Installer\3fd4619a.msi
+ 2010-07-11 00:14 . 2010-07-11 00:14 2850816 c:\windows\Installer\292357df.msp
+ 2008-06-10 02:48 . 2010-08-12 07:01 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-06-10 02:48 . 2010-06-14 07:12 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-12-21 22:29 . 2009-12-21 22:29 2409880 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\rt3d.dll
+ 2009-12-21 23:00 . 2009-12-21 23:00 1298996 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\JSByteCodeWin.bin
+ 2009-12-22 03:31 . 2009-12-22 03:31 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AGM.dll
- 2009-04-17 01:51 . 2010-02-17 13:10 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-04-17 01:51 . 2010-04-28 02:25 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-04-17 01:51 . 2010-04-27 13:05 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-04-17 01:51 . 2010-02-16 13:25 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-07 23:02 . 2010-02-16 13:25 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-07 23:02 . 2010-04-27 13:05 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-04-17 01:51 . 2010-04-27 13:59 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2009-04-17 01:51 . 2010-02-16 14:08 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-07-28 04:17 . 2010-07-28 04:17 2826192 c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2010-08-12 07:08 . 2010-08-12 07:08 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-08-12 07:08 . 2010-08-12 07:08 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\60b3c9a63b2065a6952d16256545c25d\System.WorkflowServices.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5cc2a23ce8ac371c7a97b5e542ee27ed\System.Workflow.Runtime.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c0aabf67e7ef98dc10c3e174c136731b\System.Workflow.ComponentModel.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\66682c8a064608ba4ffd0463cf09aef9\System.Workflow.Activities.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2d662564b8d9c57a34c588cc2970902b\System.Web.Services.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\9b455702c9b7b02c5708406f87986751\System.Web.Mobile.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\49c7a1c78ed9502ba97c11e6bd993f63\System.Web.Extensions.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\f5790a1b7b41e7b8d05f01b549c80f39\System.ServiceModel.Web.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\0885f31c21b796465fde6297dba20981\System.IdentityModel.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\23cf0498f2ebe4c8ffa5cc79efca2dc5\System.Data.Services.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\58202ed61096113d08815c0a78313b66\System.Data.OracleClient.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-08-12 07:08 . 2010-08-12 07:08 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\9732a7c993055f82040642966db07ccf\Microsoft.VisualBasic.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 2766336 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\fe7296468a17db9cb46bed85ae931b0e\Microsoft.MapPoint.Graphics3D.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 1949184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\ecf4a3607505d76357ddf05f0191bd09\Microsoft.MapPoint.Modeling.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 4094976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\9db9b5f60b3ab9adbb155e2719fb622f\Microsoft.MapPoint.Rendering3D.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 1217024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\47857e354d635fd46499bd0d9c547b7b\Microsoft.MapPoint.Data.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 1524224 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\1eeb37443afc3f5f60df69faf20b1895\Microsoft.MapPoint.GraphicsAPI.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 1524736 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\14b6f742980ace494855bc8db32417d5\Microsoft.MapPoint.Rendering3D.WorldMemoryDataSource.ni.dll
+ 2010-08-12 07:13 . 2010-08-12 07:13 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-06-23 07:01 . 2010-06-23 07:01 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-06-23 07:02 . 2010-06-23 07:02 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-08-04 07:01 . 2008-06-17 19:02 8461312 c:\windows\$NtUninstallKB2286198$\shell32.dll
+ 2010-07-27 06:28 . 2010-07-27 06:28 8463360 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll
+ 2010-08-24 16:53 . 2010-05-27 17:05 15208448 c:\windows\system32\ReinstallBackups\0001\DriverFiles\B100667\atioglxx.dll
+ 2009-03-14 07:00 . 2010-08-03 18:09 35962312 c:\windows\system32\MRT.exe
+ 2010-04-04 06:54 . 2010-04-04 06:54 11850240 c:\windows\Installer\48304587.msp
+ 2010-05-19 17:08 . 2010-05-19 17:08 11408896 c:\windows\Installer\292357e9.msp
+ 2010-07-11 00:06 . 2010-07-11 00:06 10120192 c:\windows\Installer\292357ce.msp
+ 2010-09-02 07:00 . 2010-09-02 07:00 20303872 c:\windows\Installer\130bf120.msp
+ 2009-12-22 03:21 . 2009-12-22 03:21 20436408 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRd32.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 11798016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\411a627d6f5cb83509332253406988e5\System.Web.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f523a69e7c93ee4f245c996eac4b3a57\System.ServiceModel.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\b307acf63075b997d02a97a7492d0d9c\System.Design.ni.dll
+ 2010-08-12 07:09 . 2010-08-12 07:09 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2010-08-12 07:08 . 2010-08-12 07:08 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
+ 2010-08-12 07:07 . 2010-08-12 07:07 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eyeball Chat"="c:\program files\Eyeball\Eyeball Chat\EyeballChat.exe" [2002-10-11 2863176]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2009-04-16 24264488]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-10-17 323392]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-03-31 2012912]
"Aim"="c:\program files\AIM\aim.exe" [2010-03-08 3972440]
"Google Update"="c:\documents and settings\jam\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-03-18 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-06-13 185896]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-06-02 267048]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552]
"Auto EPSON Stylus Photo R320 Series on MAIN"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE" [2004-04-26 98304]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-01 524632]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-04 2065760]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

c:\documents and settings\jam\Start Menu\Programs\Startup\
check-ip-changed.bat [2010-5-17 58]
Webshots.lnk - c:\program files\Webshots\Launcher.exe [2008-11-30 157000]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-01-17 15:57 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-04 14:40 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-06-10 02:54 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 22:43 69632 ----a-w- c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
2004-10-14 14:17 45056 ----a-w- c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
2008-06-03 05:35 50528 ----a-w- c:\program files\AOL 9.1\aol.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-09-25 14:12 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DELL Webcam Manager]
2007-07-27 20:43 118784 ------w- c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellAutomatedPCTuneUp]
2007-10-11 14:49 465136 ----a-w- c:\program files\DellAutomatedPCTuneUp\PTAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 15:13 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2008-03-11 17:44 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2008-02-28 18:18 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2007-05-25 17:16 42032 ----a-w- c:\program files\Common Files\AOL\1213745417\ee\aolsoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
2005-06-08 18:44 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2005-06-08 19:24 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2005-06-08 19:14 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
2005-07-19 21:32 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM05Mon.exe]
2007-05-08 17:00 36864 ----a-r- c:\windows\OEM05Mon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2007-09-17 16:56 124200 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMX Daemon]
2006-11-08 20:01 49152 ----a-w- c:\windows\system32\ico.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-10-25 15:57 16855552 ----a-w- c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-06-13 01:29 185896 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"stllssvr"=3 (0x3)
"sprtsvc_dellsupportcenter"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"gusvc"=2 (0x2)
"ATI Smart"=2 (0x2)
"AOL ACS"=2 (0x2)
"aawservice"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1213745417\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.1\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Xi\\NetXfer\\NetTransport.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\WINDOWS\\system32\\wbem\\unsecapp.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"%windir%\\system32\\drivers\\svchost.exe"=
"c:\\OpenSA\\Apache2\\bin\\Apache.exe"=
"c:\\Perl\\bin\\perl.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\jam\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Imprudence\\imprudence.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundRouterRequest"= 1 (0x1)

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [3/8/2009 9:50 AM 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [7/4/2010 10:40 AM 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [7/4/2010 10:40 AM 243024]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/17/2009 11:43 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/17/2009 11:43 AM 66632]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [7/4/2010 10:39 AM 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7/4/2010 10:39 AM 308136]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 5:34 PM 1029456]
R3 OEM05Afx;Provides a software interface to control audio effects of OEM005 camera.;c:\windows\system32\drivers\OEM05Afx.sys [6/9/2008 10:24 PM 141376]
R3 OEM05Vfx;Creative Camera OEM005 Video VFX Driver;c:\windows\system32\drivers\OEM05Vfx.sys [6/9/2008 10:24 PM 7424]
R3 OEM05Vid;Creative Camera OEM005 Driver;c:\windows\system32\drivers\OEM05Vid.sys [6/9/2008 10:24 PM 235616]
R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\drivers\livecamv.sys [6/9/2008 10:43 PM 31616]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/17/2009 11:43 AM 12872]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/21/2009 9:23 PM 133104]
S2 StudioPro;StudioPro webcam;c:\windows\system32\DRIVERS\StudioPro.sys --> c:\windows\system32\DRIVERS\StudioPro.sys [?]
S3 A5AGU;D-Link USB Wireless Network Adapter Service;c:\windows\system32\drivers\A5AGU.sys [10/6/2004 10:39 AM 283904]
S3 ATHFMWDL;D-Link predator Bootloader driver;c:\windows\system32\drivers\Athfmwdl.sys [10/4/2004 6:28 AM 43392]
S3 EuMusDesignVirtualAudioCableWdm;StudioPro audio (WDM);c:\windows\system32\drivers\vrtaucbl.sys [6/22/2008 3:06 PM 38784]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1/25/2007 1:31 PM 42000]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - NORMANDY
*Deregistered* - MBAMSwissArmy
*Deregistered* - Normandy

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
.
Contents of the 'Scheduled Tasks' folder

2010-09-06 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 14:50]

2010-09-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-09-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-10 19:13]

2010-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-22 01:23]

2010-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-22 01:23]

2010-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3258488223-1465139301-3237350382-1005Core.job
- c:\documents and settings\jam\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-25 05:39]

2010-09-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3258488223-1465139301-3237350382-1005UA.job
- c:\documents and settings\jam\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-25 05:39]

2010-09-06 c:\windows\Tasks\ipresub.job
- c:\perl\bin\perl.exe [2004-02-03 04:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080610
mSearch Bar = about:blank
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080610
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all by NetXfer - c:\program files\Xi\NetXfer\NXAddList.html
IE: Download All Files by HiDownload - c:\program files\StreamingStar\HiDownload\HDGetAll.htm
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download by HiDownload - c:\program files\StreamingStar\HiDownload\HDGet.htm
IE: Download by NetXfer - c:\program files\Xi\NetXfer\NXAddLink.html
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{F7DC590B-B6AD-4F7D-A778-7954A6D15B7F} - c:\program files\Bytescout Movies Extractor Scout\flashextract_ie.html
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
FF - ProfilePath - c:\documents and settings\jam\Application Data\Mozilla\Firefox\Profiles\k9j8fmj0.default\
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff36\gears.dll
FF - plugin: c:\documents and settings\jam\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\jam\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\jam\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\extensions\performeroptimum@livejasmin.com\platform\WINNT_x86-msvc\plugins\npperformeroptimum.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCID.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - falsec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-AdobeUpdater - c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-06 13:29
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1020)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\Citrix\GoToAssist\514\G2AWinLogon.dll
.
Completion time: 2010-09-06 13:32:15
ComboFix-quarantined-files.txt 2010-09-06 17:31
ComboFix2.txt 2010-07-17 21:23
ComboFix3.txt 2010-07-10 15:20
ComboFix4.txt 2010-07-10 12:56

Pre-Run: 197,206,401,024 bytes free
Post-Run: 197,340,856,320 bytes free

- - End Of File - - AF6D6CAB6883C4EC7D5E6D2F59910D5A


#9 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:03:28 PM

Posted 06 September 2010 - 01:41 PM

I am not seeing much to worry about in your logs, can you tell me what problems you are currently having?

unite.jpg


#10 fscguy

fscguy
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 06 September 2010 - 04:03 PM

i was having problems with things closing on me...but i am not now.

#11 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:03:28 PM

Posted 06 September 2010 - 04:37 PM

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    CODE
    :OTL
    DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\StudioPro.sys -- (StudioPro)
    O4 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe File not found
    O9 - Extra Button: Extract Flash Video with Bytescout... - {F7DC590B-B6AD-4F7D-A778-7954A6D15B7F} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html File not found
    O37 - HKU\S-1-5-21-3258488223-1465139301-3237350382-1005\...exe [@ = exefile] -- Reg Error: Key error. File not found
    MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
    MsConfig - StartUpReg: LVCOMSX - hkey= - key= - File not found
    MsConfig - StartUpReg: PMX Daemon - hkey= - key= - File not found
    Drivers32: vidc.MP42 - MPG4C32.dll File not found
    Drivers32: vidc.MP43 - MPG4C32.dll File not found
    Drivers32: vidc.MPG4 - MPG4C32.dll File not found
    [1 C:\Documents and Settings\jam\My Documents\*.tmp files -> C:\Documents and Settings\jam\My Documents\*.tmp -> ]
    [6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
    [2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\WINDOWS\System32\kerorufe
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\system32\drivers\svchost.exe"=-
    :Commands
    [emptytemp]
    [emptyflash]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • You will get a log that shows the results of the fix. Please post it.
  • Then also run a new OTL scan by clicking Run Scan and post the new OTL log.



Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, Aclick on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.


Then please post back here with the following logs:
  • OTL results
  • New OTL log
  • Kaspersky report

Thanks

unite.jpg


#12 fscguy

fscguy
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 06 September 2010 - 04:59 PM

what is that going to do?

#13 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:03:28 PM

Posted 07 September 2010 - 10:33 AM

It will remove some malware entries, orphans and clean out temp files and directories, where more malware could be hiding.

unite.jpg


#14 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:03:28 PM

Posted 12 September 2010 - 01:17 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending me a PM
with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

unite.jpg





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users