Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis log


  • This topic is locked This topic is locked
9 replies to this topic

#1 frisbee212

frisbee212

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 21 November 2010 - 01:28 PM

Hello! Thanks for a great site! This site was recommended to me by a trusted friend. While helping me analyze my computer problems, he had me run HijackThis and had one item to "fix", and he saw some other suspicious items so he told me to run combofix, then run HijackThis again and post the log here. (I hope this is the correct forum, my apologizes if it isn't).

So, I have Windows XP and what was happening was Firefox wouldn't load any websites except for Yahoo, Facebook, and Hulu, and even then I had to stop loading and hit reload 3 or 4 times.

Things seem to be working now, after running Combofix, except that Firefox: [c]The proxy server is refusing connections




Firefox is configured to use a proxy server that is refusing connections.


* Check the proxy settings to make sure that they are correct.

* Contact your network administrator to make sure the proxy server is
working. [/c]

(I'm useing Google chrome without any problems atm.)

Anyway, here is latest HT scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:42:47 AM, on 11/21/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:50370
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\josh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6710 bytes


If anyone may look this over and see if there are any other items that should be fixed, I would appreciate it!

And, perhaps help me clear-up my problem with Firefox, too!

Thanks!

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:04:18 AM

Posted 30 November 2010 - 02:10 PM

Hello frisbee212

Welcome to BleepingComputer :)
Combofix should not be run without a trained helper asking you to.
Please post the Combofix log.
==========================
  • Download OTL to your desktop.
  • Double click on OTL to run it.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#3 frisbee212

frisbee212
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 30 November 2010 - 02:44 PM

Here is the requested ComboFix log:



ComboFix 10-11-20.07 - josh 11/21/2010 11:31:23.13.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.529 [GMT -6:00]
Running from: c:\documents and settings\josh\My Documents\Downloads\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\josh\Application Data\Microsoft\stor.cfg
c:\documents and settings\josh\Application Data\Microsoft\svchost.exe
c:\documents and settings\josh\Application Data\Microsoft\Windows\shell.exe
c:\program files\driver
c:\windows\XSxS

.
((((((((((((((((((((((((( Files Created from 2010-10-21 to 2010-11-21 )))))))))))))))))))))))))))))))
.

2010-11-06 17:37 . 2010-11-06 17:37 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-18 21:58 . 2007-10-18 21:57 85979568 ----a-w- c:\program files\fs2008.exe
.

((((((((((((((((((((((((((((( SnapShot_2009-07-30_22.56.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 08:19 . 2007-11-07 08:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 12:07 . 2008-07-29 12:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 12:07 . 2008-07-29 12:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2010-11-21 17:20 . 2010-11-21 17:20 16384 c:\windows\Temp\Perflib_Perfdata_344.dat
+ 2010-11-21 17:19 . 2010-11-21 17:19 16384 c:\windows\Temp\Perflib_Perfdata_1ec.dat
+ 2005-05-26 09:16 . 2009-08-07 00:24 44768 c:\windows\system32\wups2.dll
+ 2006-04-23 01:56 . 2009-08-07 00:24 35552 c:\windows\system32\wups.dll
+ 2006-04-22 05:07 . 2009-08-07 00:24 53472 c:\windows\system32\wuauclt.exe
+ 2001-08-23 12:00 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2007-01-29 08:58 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
+ 2001-08-23 12:00 . 2009-06-12 12:31 80896 c:\windows\system32\tlntsess.exe
+ 2001-08-23 12:00 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe
+ 2006-04-23 01:56 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll
- 2006-04-23 01:56 . 2008-04-14 00:12 75776 c:\windows\system32\strmfilt.dll
+ 2006-04-22 23:03 . 2007-07-27 15:41 26488 c:\windows\system32\spupdsvc.exe
- 2006-04-22 23:03 . 2008-07-09 07:38 26488 c:\windows\system32\spupdsvc.exe
+ 2008-06-10 23:19 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
- 2008-06-10 23:19 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2009-10-06 04:49 . 2009-08-07 00:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-06 04:49 . 2009-08-07 00:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2001-08-23 12:00 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
- 2001-08-23 12:00 . 2009-02-03 19:59 56832 c:\windows\system32\secur32.dll
+ 2009-09-27 12:29 . 2008-08-01 16:36 54784 c:\windows\system32\ReinstallBackups\0015\DriverFiles\nvefdxp.sys
+ 2009-09-27 12:25 . 2006-07-21 08:14 86016 c:\windows\system32\ReinstallBackups\0014\DriverFiles\SOUNDMAN.EXE
+ 2009-09-27 12:25 . 2008-04-14 00:12 23552 c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\wdmaud.drv
+ 2009-09-27 12:25 . 2008-04-13 18:45 49408 c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\stream.sys
+ 2009-09-27 12:25 . 2008-04-13 18:45 60160 c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\drmk.sys
+ 2009-09-27 12:25 . 2005-05-03 10:43 69632 c:\windows\system32\ReinstallBackups\0014\DriverFiles\ALCMTR.EXE
+ 2009-09-27 12:23 . 2008-04-13 18:31 35840 c:\windows\system32\ReinstallBackups\0013\DriverFiles\i386\processr.sys
- 2001-08-23 12:00 . 2008-04-14 00:12 79872 c:\windows\system32\raschap.dll
+ 2001-08-23 12:00 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 44544 c:\windows\system32\pngfilt.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 44544 c:\windows\system32\pngfilt.dll
+ 2001-08-23 12:00 . 2010-11-09 23:38 55228 c:\windows\system32\perfc009.dat
+ 2006-10-31 19:35 . 2006-10-31 19:35 81920 c:\windows\system32\nvwddi.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 13856 c:\windows\system32\NvRCoZht.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 13856 c:\windows\system32\NvRCoZhc.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoTr.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 15904 c:\windows\system32\NvRCoTh.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoSv.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoSl.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoSk.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoRu.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16928 c:\windows\system32\NvRCoPtb.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16928 c:\windows\system32\NvRCoPt.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoPl.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoNo.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoNl.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 14368 c:\windows\system32\NvRCoKo.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 14880 c:\windows\system32\NvRCoJa.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16928 c:\windows\system32\NvRCoIt.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoHu.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 15392 c:\windows\system32\NvRCoHe.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16928 c:\windows\system32\NvRCoFr.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoFi.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16928 c:\windows\system32\NvRCoEsm.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16928 c:\windows\system32\NvRCoEs.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 15904 c:\windows\system32\NvRCoENU.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 15904 c:\windows\system32\NvRCoEng.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16928 c:\windows\system32\NvRCoEl.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoDe.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 16416 c:\windows\system32\NvRCoDa.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 15904 c:\windows\system32\NvRCoCs.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 15904 c:\windows\system32\NvRCoAr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 86016 c:\windows\system32\nvmctray.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 45056 c:\windows\system32\nvmccsrs.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 35840 c:\windows\system32\nvcodins.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 35840 c:\windows\system32\nvcod.dll
+ 2007-08-14 00:54 . 2009-10-29 07:46 52224 c:\windows\system32\msfeedsbs.dll
- 2007-08-14 00:54 . 2009-06-29 16:12 52224 c:\windows\system32\msfeedsbs.dll
+ 2001-08-23 12:00 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 27648 c:\windows\system32\jsproxy.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 27648 c:\windows\system32\jsproxy.dll
+ 2007-08-14 00:39 . 2009-10-28 14:36 13824 c:\windows\system32\ieudinit.exe
- 2007-08-14 00:39 . 2009-06-29 11:07 13824 c:\windows\system32\ieudinit.exe
+ 2001-08-23 12:00 . 2009-10-29 07:46 44544 c:\windows\system32\iernonce.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 44544 c:\windows\system32\iernonce.dll
+ 2006-04-23 01:56 . 2009-10-29 07:46 78336 c:\windows\system32\ieencode.dll
- 2006-04-23 01:56 . 2009-06-29 16:12 78336 c:\windows\system32\ieencode.dll
- 2001-08-23 12:00 . 2009-06-29 11:07 70656 c:\windows\system32\ie4uinit.exe
+ 2001-08-23 12:00 . 2009-10-28 14:36 70656 c:\windows\system32\ie4uinit.exe
- 2007-08-14 00:36 . 2009-06-29 16:12 63488 c:\windows\system32\icardie.dll
+ 2007-08-14 00:36 . 2009-10-29 07:46 63488 c:\windows\system32\icardie.dll
+ 2006-04-23 01:56 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll
+ 2009-09-27 12:23 . 2007-04-16 21:46 44544 c:\windows\system32\DRVSTORE\amdppm_C66586B319F61C772BA2DAB141D0FE08F299F411\AmdPPM64.sys
+ 2009-09-27 12:23 . 2007-04-16 21:46 33792 c:\windows\system32\DRVSTORE\amdppm_C66586B319F61C772BA2DAB141D0FE08F299F411\AmdPPM.sys
+ 2009-09-27 12:23 . 2006-07-02 03:39 36864 c:\windows\system32\DRVSTORE\amdk8_C074F64CC74B03BC354BB5DC973CCF768D5A7194\AmdK8.sys
- 2001-08-17 14:01 . 2008-04-13 18:45 49408 c:\windows\system32\drivers\stream.sys
+ 2001-08-17 14:01 . 2008-04-13 18:45 49408 c:\windows\system32\drivers\stream.sys
+ 2008-08-01 16:36 . 2008-08-01 16:36 22016 c:\windows\system32\drivers\nvnetbus.sys
+ 2008-08-01 16:36 . 2008-08-01 16:36 54784 c:\windows\system32\drivers\NVENETFD.sys
- 2009-01-11 18:40 . 2009-03-25 16:06 40552 c:\windows\system32\drivers\mfesmfk.sys
+ 2009-01-11 18:40 . 2009-09-16 15:22 40552 c:\windows\system32\drivers\mfesmfk.sys
+ 2009-01-11 18:40 . 2009-09-16 15:22 34248 c:\windows\system32\drivers\mferkdk.sys
+ 2009-01-11 18:40 . 2009-09-16 15:22 35272 c:\windows\system32\drivers\mfebopk.sys
- 2009-01-11 18:40 . 2009-03-25 16:06 35272 c:\windows\system32\drivers\mfebopk.sys
+ 2009-01-11 18:40 . 2009-09-16 15:22 79816 c:\windows\system32\drivers\mfeavfk.sys
+ 2010-01-03 22:33 . 2009-12-30 20:55 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2010-01-03 22:33 . 2009-12-30 20:54 19160 c:\windows\system32\drivers\mbam.sys
+ 2001-08-23 12:00 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2009-09-27 12:03 . 2005-03-16 06:23 13696 c:\windows\system32\drivers\BIOS.sys
+ 2009-09-27 12:23 . 2006-07-02 03:39 36864 c:\windows\system32\drivers\AmdK8.sys
+ 2006-04-23 01:56 . 2009-08-07 00:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2006-04-22 05:07 . 2009-08-07 00:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2009-06-12 12:31 . 2009-06-12 12:31 80896 c:\windows\system32\dllcache\tlntsess.exe
+ 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
+ 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2001-08-17 14:01 . 2008-04-13 18:45 49408 c:\windows\system32\dllcache\stream.sys
+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
- 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
- 2006-05-10 05:23 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-05-10 05:23 . 2009-10-29 07:46 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2007-12-02 13:54 . 2009-06-29 16:12 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-12-02 13:54 . 2009-10-29 07:46 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2006-05-10 05:22 . 2009-10-29 07:46 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2006-05-10 05:22 . 2009-06-29 16:12 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-12-02 13:54 . 2009-10-28 14:36 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2007-12-02 13:54 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2007-08-14 00:39 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2007-08-14 00:39 . 2009-10-29 07:46 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2009-02-20 18:09 . 2009-10-29 07:46 78336 c:\windows\system32\dllcache\ieencode.dll
- 2009-02-20 18:09 . 2009-06-29 16:12 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-14 00:39 . 2009-10-28 14:36 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-14 00:39 . 2009-06-29 11:07 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-12-02 13:54 . 2009-06-29 16:12 63488 c:\windows\system32\dllcache\icardie.dll
+ 2007-12-02 13:54 . 2009-10-29 07:46 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2005-01-01 03:37 . 2008-04-13 18:45 60160 c:\windows\system32\dllcache\drmk.sys
- 2009-06-29 16:12 . 2009-06-29 16:12 17408 c:\windows\system32\dllcache\corpol.dll
+ 2009-06-29 16:12 . 2009-10-29 07:46 17408 c:\windows\system32\dllcache\corpol.dll
+ 2001-08-23 12:00 . 2009-08-07 00:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2009-07-25 18:02 . 2008-10-16 20:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-08-02 16:52 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\cache\wscntfy.exe
+ 2009-07-25 18:02 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-07-25 18:02 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-07-25 18:02 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-07-25 18:02 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-07-25 18:02 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\cache\rasauto.dll
+ 2009-07-25 18:02 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-07-25 18:02 . 2008-04-14 00:11 33792 c:\windows\system32\dllcache\cache\msgsvc.dll
+ 2009-07-25 18:02 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-07-25 18:02 . 2008-04-14 00:11 22016 c:\windows\system32\dllcache\cache\lpk.dll
+ 2009-07-25 18:02 . 2008-04-13 18:39 24576 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-07-25 18:02 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-07-25 18:02 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2009-08-02 16:52 . 2008-04-13 18:57 14336 c:\windows\system32\dllcache\cache\asyncmac.sys
+ 2009-07-25 18:02 . 2001-08-23 12:00 11648 c:\windows\system32\dllcache\cache\acpiec.sys
+ 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 17408 c:\windows\system32\corpol.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 17408 c:\windows\system32\corpol.dll
+ 2009-09-27 13:32 . 2010-11-21 16:07 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2006-04-22 05:16 . 2009-07-29 23:09 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2006-04-22 05:16 . 2010-11-21 16:07 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-04-22 05:16 . 2009-07-29 23:09 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2006-04-22 05:16 . 2010-11-21 16:07 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2001-08-23 12:00 . 2009-08-07 00:24 96480 c:\windows\system32\cdm.dll
+ 2001-08-23 12:00 . 2009-06-10 14:13 84992 c:\windows\system32\avifil32.dll
- 2001-08-23 12:00 . 2008-04-14 00:11 84992 c:\windows\system32\avifil32.dll
- 2001-08-23 12:00 . 2008-04-14 00:11 58880 c:\windows\system32\atl.dll
+ 2001-08-23 12:00 . 2009-07-17 19:01 58880 c:\windows\system32\atl.dll
+ 2010-08-28 01:59 . 2010-08-28 01:59 87717 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2010-08-18 06:13 . 2010-08-18 06:13 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
- 2008-11-26 09:33 . 2008-11-04 16:14 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2010-08-18 06:02 . 2010-08-18 06:02 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2010-08-18 06:22 . 2010-08-18 06:22 65816 c:\windows\system32\Adobe\Director\SWDNLD.EXE
+ 2007-09-30 12:19 . 2008-08-19 18:26 77824 c:\windows\SOUNDMAN.EXE
+ 2009-06-25 00:56 . 2009-06-25 00:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-14 01:58 . 2007-04-14 01:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-28 05:49 . 2008-05-28 05:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-14 01:57 . 2007-04-14 01:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-28 05:49 . 2008-05-28 05:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-14 01:57 . 2007-04-14 01:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-28 05:49 . 2008-05-28 05:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-14 02:30 . 2007-04-14 02:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-05-28 06:30 . 2008-05-28 06:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-10-17 14:23 . 2010-10-17 14:23 21504 c:\windows\Installer\7a98dca.msi
+ 2010-02-14 19:10 . 2010-02-14 19:10 49664 c:\windows\Installer\3c2334af.msi
+ 2010-05-19 08:19 . 2010-05-19 08:19 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-11-25 09:05 . 2009-11-25 09:05 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2010-01-06 23:17 . 2010-01-06 23:17 25214 c:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-01-06 08:03 . 2010-01-06 08:03 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-09-22 06:27 . 2010-09-22 06:27 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-09-22 06:27 . 2010-09-22 06:27 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-09-22 06:27 . 2010-09-22 06:27 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-09-22 06:27 . 2010-09-22 06:27 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-09-22 06:27 . 2010-09-22 06:27 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-09-22 06:27 . 2010-09-22 06:27 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-09-22 06:27 . 2010-09-22 06:27 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\ARPPRODUCTICON.exe
+ 2010-02-03 23:11 . 2010-02-03 23:11 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-04-10 21:20 . 2010-04-10 21:20 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-12-09 09:11 . 2009-08-29 07:36 44544 c:\windows\ie7updates\KB976325-IE7\pngfilt.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 52224 c:\windows\ie7updates\KB976325-IE7\msfeedsbs.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 27648 c:\windows\ie7updates\KB976325-IE7\jsproxy.dll
+ 2009-12-09 09:11 . 2009-08-28 10:28 13824 c:\windows\ie7updates\KB976325-IE7\ieudinit.exe
+ 2009-12-09 09:11 . 2009-08-29 07:36 44544 c:\windows\ie7updates\KB976325-IE7\iernonce.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 78336 c:\windows\ie7updates\KB976325-IE7\ieencode.dll
+ 2009-12-09 09:11 . 2009-08-28 10:28 70656 c:\windows\ie7updates\KB976325-IE7\ie4uinit.exe
+ 2009-12-09 09:11 . 2009-08-29 07:36 63488 c:\windows\ie7updates\KB976325-IE7\icardie.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 17408 c:\windows\ie7updates\KB976325-IE7\corpol.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB974455-IE7\pngfilt.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 52224 c:\windows\ie7updates\KB974455-IE7\msfeedsbs.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 27648 c:\windows\ie7updates\KB974455-IE7\jsproxy.dll
+ 2009-10-15 08:04 . 2009-06-29 11:07 13824 c:\windows\ie7updates\KB974455-IE7\ieudinit.exe
+ 2009-10-15 08:04 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB974455-IE7\iernonce.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 78336 c:\windows\ie7updates\KB974455-IE7\ieencode.dll
+ 2009-10-15 08:04 . 2009-06-29 11:07 70656 c:\windows\ie7updates\KB974455-IE7\ie4uinit.exe
+ 2009-10-15 08:04 . 2009-06-29 16:12 63488 c:\windows\ie7updates\KB974455-IE7\icardie.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 17408 c:\windows\ie7updates\KB974455-IE7\corpol.dll
+ 2009-10-15 08:03 . 2009-10-15 08:03 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_29a95591\System.Drawing.Design.dll
+ 2009-10-15 08:03 . 2009-10-15 08:03 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_bb2bed5d\CustomMarshalers.dll
+ 2007-09-30 12:18 . 2008-06-19 21:20 57344 c:\windows\ALCMTR.EXE
+ 2009-11-25 09:27 . 2009-07-14 11:03 46080 c:\windows\$NtUninstallKB976098-v2$\tzchange.exe
+ 2009-11-25 09:27 . 2009-10-29 02:03 16896 c:\windows\$NtUninstallKB976098-v2$\spuninst\tzchange.dll
+ 2009-10-15 08:03 . 2008-04-14 00:11 57344 c:\windows\$NtUninstallKB974571$\msasn1.dll
+ 2009-12-09 09:12 . 2008-04-14 00:12 79872 c:\windows\$NtUninstallKB974318$\raschap.dll
+ 2009-09-28 08:02 . 2008-04-14 00:11 58880 c:\windows\$NtUninstallKB973507$\atl.dll
+ 2009-09-28 08:02 . 2008-04-14 00:11 84992 c:\windows\$NtUninstallKB971557$\avifil32.dll
+ 2009-09-28 08:00 . 2008-04-14 00:12 60416 c:\windows\$NtUninstallKB970653-v3$\tzchange.exe
+ 2009-09-28 08:00 . 2009-07-16 04:14 14336 c:\windows\$NtUninstallKB970653-v3$\spuninst\tzchange.dll
+ 2009-12-09 09:12 . 2008-04-14 00:12 75776 c:\windows\$NtUninstallKB970430$\strmfilt.dll
+ 2009-12-09 09:12 . 2008-04-14 00:11 24576 c:\windows\$NtUninstallKB970430$\httpapi.dll
+ 2009-10-15 08:01 . 2008-04-14 00:12 49152 c:\windows\$NtUninstallKB968389$\wdigest.dll
+ 2009-10-15 08:01 . 2009-02-03 19:59 56832 c:\windows\$NtUninstallKB968389$\secur32.dll
+ 2009-10-15 08:01 . 2008-04-13 18:31 92288 c:\windows\$NtUninstallKB968389$\ksecdd.sys
+ 2009-09-28 08:05 . 2008-04-14 00:12 78336 c:\windows\$NtUninstallKB960859$\tlntsess.exe
+ 2009-09-28 08:05 . 2008-04-14 00:12 75776 c:\windows\$NtUninstallKB960859$\telnet.exe
+ 2009-11-04 09:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB976749-IE7\update\spcustom.dll
+ 2009-11-04 09:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB976749-IE7\spmsg.dll
+ 2009-12-09 09:11 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB976325-IE7\update\spcustom.dll
+ 2009-12-09 09:11 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB976325-IE7\spmsg.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 44544 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\pngfilt.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 52224 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\msfeedsbs.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 27648 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\jsproxy.dll
+ 2009-10-28 14:05 . 2009-10-28 14:05 13824 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieudinit.exe
+ 2009-10-29 07:45 . 2009-10-29 07:45 44544 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iernonce.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 78336 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieencode.dll
+ 2009-10-28 14:05 . 2009-10-28 14:05 70656 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ie4uinit.exe
+ 2009-10-29 07:45 . 2009-10-29 07:45 63488 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\icardie.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 17408 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\corpol.dll
+ 2009-10-15 08:01 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975467\update\spcustom.dll
+ 2009-10-15 08:01 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975467\spmsg.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975025\update\spcustom.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975025\spmsg.dll
+ 2009-10-15 08:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974571\update\spcustom.dll
+ 2009-10-15 08:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974571\spmsg.dll
+ 2009-09-04 20:57 . 2009-09-04 20:57 58880 c:\windows\$hf_mig$\KB974571\SP3QFE\msasn1.dll
+ 2009-10-15 08:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974455-IE7\update\spcustom.dll
+ 2009-10-15 08:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974455-IE7\spmsg.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 44544 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\pngfilt.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 52224 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\msfeedsbs.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 27648 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\jsproxy.dll
+ 2009-08-28 10:01 . 2009-08-28 10:01 13824 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieudinit.exe
+ 2009-08-29 07:31 . 2009-08-29 07:31 44544 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\iernonce.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 78336 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieencode.dll
+ 2009-08-28 10:01 . 2009-08-28 10:01 70656 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ie4uinit.exe
+ 2009-08-29 07:31 . 2009-08-29 07:31 63488 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\icardie.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 17408 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\corpol.dll
+ 2009-12-09 09:10 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974392\update\spcustom.dll
+ 2009-12-09 09:10 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974392\spmsg.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974318\update\spcustom.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974318\spmsg.dll
+ 2009-10-12 13:28 . 2009-10-12 13:28 79872 c:\windows\$hf_mig$\KB974318\SP3QFE\raschap.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974112\update\spcustom.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974112\spmsg.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973904\update\spcustom.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973904\spmsg.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973869\update\spcustom.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973869\spmsg.dll
+ 2009-09-28 08:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973815\update\spcustom.dll
+ 2009-09-28 08:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973815\spmsg.dll
+ 2009-11-25 09:22 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973687\update\spcustom.dll
+ 2009-11-25 09:22 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973687\spmsg.dll
+ 2009-10-15 08:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973525\update\spcustom.dll
+ 2009-10-15 08:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973525\spmsg.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973507\update\spcustom.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973507\spmsg.dll
+ 2009-07-17 19:25 . 2009-07-17 19:25 58880 c:\windows\$hf_mig$\KB973507\SP3QFE\atl.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973354\update\spcustom.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973354\spmsg.dll
+ 2009-09-28 08:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB971961\update\spcustom.dll
+ 2009-09-28 08:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB971961\spmsg.dll
+ 2009-12-09 09:10 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971737\update\spcustom.dll
+ 2009-12-09 09:10 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971737\spmsg.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971657\update\spcustom.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971657\spmsg.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971557\update\spcustom.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971557\spmsg.dll
+ 2009-06-10 14:01 . 2009-06-10 14:01 84992 c:\windows\$hf_mig$\KB971557\SP3QFE\avifil32.dll
+ 2009-10-15 08:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB971486\update\spcustom.dll
+ 2009-10-15 08:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB971486\spmsg.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB970430\update\spcustom.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB970430\spmsg.dll
+ 2009-10-21 05:40 . 2009-10-21 05:40 75776 c:\windows\$hf_mig$\KB970430\SP3QFE\strmfilt.dll
+ 2009-10-21 05:40 . 2009-10-21 05:40 25088 c:\windows\$hf_mig$\KB970430\SP3QFE\httpapi.dll
+ 2009-11-11 09:01 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB969947\update\spcustom.dll
+ 2009-11-11 09:01 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB969947\spmsg.dll
+ 2009-10-15 08:05 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB969059\update\spcustom.dll
+ 2009-10-15 08:05 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB969059\spmsg.dll
+ 2009-10-15 08:01 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB968389\update\spcustom.dll
+ 2009-10-15 08:01 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB968389\spmsg.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 54272 c:\windows\$hf_mig$\KB968389\SP3QFE\wdigest.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 56832 c:\windows\$hf_mig$\KB968389\SP3QFE\secur32.dll
+ 2009-06-24 10:28 . 2009-06-24 10:28 92928 c:\windows\$hf_mig$\KB968389\SP3QFE\ksecdd.sys
+ 2009-09-28 08:05 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB960859\update\spcustom.dll
+ 2009-09-28 08:05 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB960859\spmsg.dll
+ 2009-06-12 12:03 . 2009-06-12 12:03 80896 c:\windows\$hf_mig$\KB960859\SP3QFE\tlntsess.exe
+ 2009-06-12 12:03 . 2009-06-12 12:03 76288 c:\windows\$hf_mig$\KB960859\SP3QFE\telnet.exe
+ 2009-09-28 08:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB956844\update\spcustom.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB956844\spmsg.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB956744\update\spcustom.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB956744\spmsg.dll
+ 2009-09-27 12:25 . 2008-04-14 00:11 4096 c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\ksuser.dll
+ 2009-09-27 12:27 . 2008-07-08 06:45 4984 c:\windows\system32\drivers\nvphy.bin
+ 2005-01-01 03:37 . 2008-04-14 00:11 4096 c:\windows\system32\dllcache\ksuser.dll
+ 2009-07-25 18:02 . 2008-04-14 00:12 5120 c:\windows\system32\dllcache\cache\sfc.dll
+ 2009-07-25 18:02 . 2001-08-23 12:00 2944 c:\windows\system32\dllcache\cache\null.sys
+ 2009-07-25 18:02 . 2001-08-23 12:00 4224 c:\windows\system32\dllcache\cache\beep.sys
+ 2007-09-30 12:16 . 2008-08-01 16:34 9216 c:\windows\system32\bdco1ins.dll
+ 2008-08-01 16:34 . 2008-08-01 16:34 9216 c:\windows\system32\bdco1.dll
+ 2010-08-18 06:14 . 2010-08-18 06:14 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
- 2008-11-26 09:33 . 2008-11-04 16:16 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 09:54 . 2008-07-29 09:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2006-04-23 01:56 . 2009-08-07 00:24 209632 c:\windows\system32\wuweb.dll
+ 2006-04-23 01:56 . 2009-08-07 00:24 327896 c:\windows\system32\wucltui.dll
+ 2006-04-23 01:56 . 2009-08-07 00:23 575704 c:\windows\system32\wuapi.dll
+ 2006-04-23 01:56 . 2009-04-02 04:02 604160 c:\windows\system32\wmspdmod.dll
+ 2006-04-23 01:56 . 2009-07-14 04:43 286208 c:\windows\system32\wmpdxm.dll
+ 2001-08-23 12:00 . 2009-06-10 06:14 132096 c:\windows\system32\wkssvc.dll
- 2001-08-23 12:00 . 2008-04-14 00:12 132096 c:\windows\system32\wkssvc.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 832512 c:\windows\system32\wininet.dll
+ 2006-04-23 01:56 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 233472 c:\windows\system32\webcheck.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 233472 c:\windows\system32\webcheck.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 105984 c:\windows\system32\url.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 105984 c:\windows\system32\url.dll
- 2001-08-23 12:00 . 2008-10-03 10:02 247326 c:\windows\system32\strmdll.dll
+ 2001-08-23 12:00 . 2009-08-26 08:00 247326 c:\windows\system32\strmdll.dll
+ 2001-08-23 12:00 . 2009-06-25 08:25 147456 c:\windows\system32\schannel.dll
+ 2007-09-30 12:19 . 2008-03-26 23:50 131072 c:\windows\system32\RTCOM\RTLCPAPI.dll
+ 2007-09-30 12:18 . 2008-06-10 19:39 266240 c:\windows\system32\RTCOM\RTCOMDLL.dll
+ 2009-09-27 12:29 . 2008-08-01 16:35 200704 c:\windows\system32\ReinstallBackups\0015\DriverFiles\fdco1.dll
+ 2009-09-27 12:25 . 2006-11-29 00:31 151552 c:\windows\system32\ReinstallBackups\0014\DriverFiles\RTLCPAPI.dll
+ 2009-09-27 12:25 . 2006-08-17 06:03 270336 c:\windows\system32\ReinstallBackups\0014\DriverFiles\RTCOMDLL.dll
+ 2009-09-27 12:25 . 2008-04-13 19:19 146048 c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\portcls.sys
+ 2009-09-27 12:25 . 2008-04-13 19:16 141056 c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\ks.sys
+ 2001-08-23 12:00 . 2009-10-12 13:38 149504 c:\windows\system32\rastls.dll
+ 2001-08-23 12:00 . 2010-11-09 23:38 385132 c:\windows\system32\perfh009.dat
- 2001-08-23 12:00 . 2009-06-29 16:12 102912 c:\windows\system32\occache.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 102912 c:\windows\system32\occache.dll
- 2001-08-23 12:00 . 2008-04-14 00:12 270336 c:\windows\system32\oakley.dll
+ 2001-08-23 12:00 . 2009-10-13 10:30 270336 c:\windows\system32\oakley.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 167936 c:\windows\system32\nvwrszht.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 163840 c:\windows\system32\nvwrszhc.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 303104 c:\windows\system32\nvwrstr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 294912 c:\windows\system32\nvwrssv.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 303104 c:\windows\system32\nvwrssl.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 299008 c:\windows\system32\nvwrssk.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 315392 c:\windows\system32\nvwrsru.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 319488 c:\windows\system32\nvwrsptb.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 323584 c:\windows\system32\nvwrspt.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 294912 c:\windows\system32\nvwrspl.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 299008 c:\windows\system32\nvwrsno.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 319488 c:\windows\system32\nvwrsnl.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 196608 c:\windows\system32\nvwrsko.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 212992 c:\windows\system32\nvwrsja.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 323584 c:\windows\system32\nvwrsit.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 315392 c:\windows\system32\nvwrshu.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 278528 c:\windows\system32\nvwrshe.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 327680 c:\windows\system32\nvwrsfr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 303104 c:\windows\system32\nvwrsfi.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 327680 c:\windows\system32\nvwrsesm.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 335872 c:\windows\system32\nvwrses.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 286720 c:\windows\system32\nvwrseng.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 335872 c:\windows\system32\nvwrsel.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 311296 c:\windows\system32\nvwrsde.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 294912 c:\windows\system32\nvwrsda.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 286720 c:\windows\system32\nvwrscs.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 282624 c:\windows\system32\nvwrsar.dll
+ 2008-08-20 23:35 . 2008-08-20 23:35 453152 c:\windows\system32\nvusmb.exe
+ 2009-09-27 12:27 . 2008-07-29 18:33 446464 c:\windows\system32\nvunrm.exe
+ 2009-09-27 12:14 . 2008-08-27 18:58 453152 c:\windows\system32\NVUNINST.EXE
+ 2009-09-27 12:17 . 2006-10-31 19:35 208896 c:\windows\system32\nvudisp.exe
+ 2006-10-31 19:35 . 2006-10-31 19:35 155715 c:\windows\system32\nvsvc32.exe
+ 2006-10-31 19:35 . 2006-10-31 19:35 466944 c:\windows\system32\nvshell.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 118784 c:\windows\system32\nvrszht.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 221184 c:\windows\system32\nvrszhc.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 249856 c:\windows\system32\nvrstr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 245760 c:\windows\system32\nvrssv.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 249856 c:\windows\system32\nvrssl.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 249856 c:\windows\system32\nvrssk.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 262144 c:\windows\system32\nvrsru.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 262144 c:\windows\system32\nvrsptb.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 266240 c:\windows\system32\nvrspt.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 249856 c:\windows\system32\nvrspl.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 249856 c:\windows\system32\nvrsno.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 266240 c:\windows\system32\nvrsnl.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 258048 c:\windows\system32\nvrsko.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 262144 c:\windows\system32\nvrsja.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 274432 c:\windows\system32\nvrsit.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 253952 c:\windows\system32\nvrshu.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 323584 c:\windows\system32\nvrshe.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 278528 c:\windows\system32\nvrsfr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 241664 c:\windows\system32\nvrsfi.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 266240 c:\windows\system32\nvrsesm.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 274432 c:\windows\system32\nvrses.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 241664 c:\windows\system32\nvrseng.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 274432 c:\windows\system32\nvrsel.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 270336 c:\windows\system32\nvrsde.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 245760 c:\windows\system32\nvrsda.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 241664 c:\windows\system32\nvrscs.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 323584 c:\windows\system32\nvrsar.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 372256 c:\windows\system32\nvraiins.dll
+ 2008-08-18 23:54 . 2008-08-18 23:54 372256 c:\windows\system32\nvraidco.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 286720 c:\windows\system32\nvnt4cpl.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 888832 c:\windows\system32\nvmobls.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 458752 c:\windows\system32\nvmccssr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 188416 c:\windows\system32\nvmccss.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 229376 c:\windows\system32\nvmccs.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 581632 c:\windows\system32\nvhwvid.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 311296 c:\windows\system32\nvexpbar.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 794624 c:\windows\system32\nvcplui.exe
+ 2008-08-20 23:35 . 2008-08-20 23:35 122880 c:\windows\system32\NVCOSMB.DLL
+ 2008-07-29 18:33 . 2008-07-29 18:33 122880 c:\windows\system32\nvconrm.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 147456 c:\windows\system32\nvcolor.exe
+ 2006-10-31 19:35 . 2006-10-31 19:35 442368 c:\windows\system32\nvappbar.exe
+ 2006-10-31 19:35 . 2006-10-31 19:35 196608 c:\windows\system32\nvapi.dll
+ 2001-08-23 12:00 . 2009-08-05 09:01 204800 c:\windows\system32\mswebdvd.dll
+ 2001-08-23 12:00 . 2009-09-11 14:18 136192 c:\windows\system32\msv1_0.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 671232 c:\windows\system32\mstime.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 671232 c:\windows\system32\mstime.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 193024 c:\windows\system32\msrating.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 193024 c:\windows\system32\msrating.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 477696 c:\windows\system32\mshtmled.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 477696 c:\windows\system32\mshtmled.dll
+ 2007-08-14 00:54 . 2009-10-29 07:46 459264 c:\windows\system32\msfeeds.dll
- 2007-08-14 00:54 . 2009-06-29 16:12 459264 c:\windows\system32\msfeeds.dll
+ 2010-11-09 23:39 . 2010-11-09 23:39 233936 c:\windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe
+ 2001-08-23 12:00 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 425984 c:\windows\system32\keystone.exe
+ 2001-08-23 12:00 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
+ 2001-08-23 12:00 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
- 2001-08-23 12:00 . 2008-05-09 10:53 512000 c:\windows\system32\jscript.dll
+ 2009-10-21 20:27 . 2009-10-21 20:27 149280 c:\windows\system32\javaws.exe
+ 2009-10-21 20:27 . 2009-10-21 20:27 145184 c:\windows\system32\javaw.exe
+ 2009-10-21 20:27 . 2009-10-21 20:27 145184 c:\windows\system32\java.exe
+ 2007-08-14 00:34 . 2009-10-29 07:46 268288 c:\windows\system32\iertutil.dll
- 2007-08-14 00:34 . 2009-06-29 16:12 268288 c:\windows\system32\iertutil.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 385024 c:\windows\system32\iedkcs32.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 385024 c:\windows\system32\iedkcs32.dll
+ 2007-07-11 18:27 . 2009-10-29 07:46 380928 c:\windows\system32\ieapfltr.dll
- 2007-07-11 18:27 . 2009-06-29 16:12 380928 c:\windows\system32\ieapfltr.dll
- 2001-08-23 12:00 . 2009-06-29 08:33 161792 c:\windows\system32\ieakui.dll
+ 2001-08-23 12:00 . 2009-10-28 06:52 161792 c:\windows\system32\ieakui.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 230400 c:\windows\system32\ieaksie.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 230400 c:\windows\system32\ieaksie.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 153088 c:\windows\system32\ieakeng.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 153088 c:\windows\system32\ieakeng.dll
+ 2005-01-01 03:35 . 2009-11-11 09:09 111784 c:\windows\system32\FNTCACHE.DAT
- 2005-01-01 03:35 . 2009-06-11 20:59 111784 c:\windows\system32\FNTCACHE.DAT
+ 2007-09-30 12:16 . 2008-08-01 16:35 200704 c:\windows\system32\fdco1ins.dll
+ 2008-08-01 16:35 . 2008-08-01 16:35 200704 c:\windows\system32\fdco1.dll
- 2006-04-23 01:56 . 2009-06-29 16:12 133120 c:\windows\system32\extmgr.dll
+ 2006-04-23 01:56 . 2009-10-29 07:46 133120 c:\windows\system32\extmgr.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 214528 c:\windows\system32\dxtrans.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 214528 c:\windows\system32\dxtrans.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 347136 c:\windows\system32\dxtmsft.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 347136 c:\windows\system32\dxtmsft.dll
- 2005-01-01 03:37 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2005-01-01 03:37 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2008-08-01 16:35 . 2008-08-01 16:35 955520 c:\windows\system32\drivers\nvnrm.sys
+ 2008-08-18 23:54 . 2008-08-18 23:54 145952 c:\windows\system32\drivers\nvgts.sys
- 2009-01-11 18:40 . 2008-10-23 18:08 120136 c:\windows\system32\drivers\Mpfp.sys
+ 2009-01-11 18:40 . 2010-07-15 20:18 120136 c:\windows\system32\drivers\Mpfp.sys
+ 2009-01-11 18:40 . 2009-09-16 15:22 214664 c:\windows\system32\drivers\mfehidk.sys
+ 2006-04-23 01:56 . 2009-10-20 16:20 265728 c:\windows\system32\drivers\http.sys
+ 2006-04-23 01:56 . 2009-08-07 00:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2006-04-23 01:56 . 2009-08-07 00:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2006-04-23 01:56 . 2009-08-07 00:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2009-04-02 04:02 . 2009-04-02 04:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2009-07-14 04:43 . 2009-07-14 04:43 286208 c:\windows\system32\dllcache\wmpdxm.dll
+ 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2006-05-10 05:23 . 2009-10-29 07:46 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-12-16 12:30 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll
- 2007-08-14 00:54 . 2009-06-29 16:12 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-14 00:54 . 2009-10-29 07:46 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-14 00:44 . 2009-10-29 07:46 105984 c:\windows\system32\dllcache\url.dll
- 2007-08-14 00:44 . 2009-06-29 16:12 105984 c:\windows\system32\dllcache\url.dll
+ 2009-09-27 23:37 . 2009-06-21 21:44 153088 c:\windows\system32\dllcache\triedit.dll
- 2006-08-21 15:52 . 2008-10-03 10:02 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2006-08-21 15:52 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-12-05 06:54 . 2009-06-25 08:25 147456 c:\windows\system32\dllcache\schannel.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38 149504 c:\windows\system32\dllcache\rastls.dll
+ 2005-01-01 03:37 . 2008-04-13 19:19 146048 c:\windows\system32\dllcache\portcls.sys
+ 2007-08-14 00:44 . 2009-10-29 07:46 102912 c:\windows\system32\dllcache\occache.dll
- 2007-08-14 00:44 . 2009-06-29 16:12 102912 c:\windows\system32\dllcache\occache.dll
+ 2009-10-13 10:30 . 2009-10-13 10:30 270336 c:\windows\system32\dllcache\oakley.dll
+ 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:\windows\system32\dllcache\mswebdvd.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2006-05-10 05:23 . 2009-06-29 16:12 671232 c:\windows\system32\dllcache\mstime.dll
+ 2006-05-10 05:23 . 2009-10-29 07:46 671232 c:\windows\system32\dllcache\mstime.dll
- 2006-05-10 05:23 . 2009-06-29 16:12 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-05-10 05:23 . 2009-10-29 07:46 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-05-10 05:23 . 2009-10-29 07:46 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2006-05-10 05:23 . 2009-06-29 16:12 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-12-02 13:54 . 2009-10-29 07:46 459264 c:\windows\system32\dllcache\msfeeds.dll
- 2007-12-02 13:54 . 2009-06-29 16:12 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-04-15 02:15 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2001-08-17 22:24 . 2008-04-13 19:16 141056 c:\windows\system32\dllcache\ks.sys
+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 512000 c:\windows\system32\dllcache\jscript.dll
+ 2008-05-09 10:53 . 2009-08-13 15:16 512000 c:\windows\system32\dllcache\jscript.dll
- 2007-08-14 00:43 . 2009-06-29 08:35 634632 c:\windows\system32\dllcache\iexplore.exe
+ 2007-08-14 00:43 . 2009-10-28 06:54 634632 c:\windows\system32\dllcache\iexplore.exe
+ 2007-12-02 13:54 . 2009-10-29 07:46 268288 c:\windows\system32\dllcache\iertutil.dll
- 2007-12-02 13:54 . 2009-06-29 16:12 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2007-08-14 00:39 . 2009-10-29 07:46 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-08-14 00:39 . 2009-06-29 16:12 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-12-02 13:54 . 2009-06-29 16:12 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2007-12-02 13:54 . 2009-10-29 07:46 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2001-08-23 12:00 . 2009-10-28 06:52 161792 c:\windows\system32\dllcache\ieakui.dll
- 2001-08-23 12:00 . 2009-06-29 08:33 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2007-08-14 00:39 . 2009-10-29 07:46 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2007-08-14 00:39 . 2009-06-29 16:12 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2007-08-14 00:39 . 2009-10-29 07:46 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2007-08-14 00:39 . 2009-06-29 16:12 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2006-05-10 05:22 . 2009-10-29 07:46 133120 c:\windows\system32\dllcache\extmgr.dll
- 2006-05-10 05:22 . 2009-06-29 16:12 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2006-05-10 05:22 . 2009-10-29 07:46 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-05-10 05:22 . 2009-06-29 16:12 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-05-10 05:22 . 2009-06-29 16:12 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-05-10 05:22 . 2009-10-29 07:46 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2009-07-25 18:02 . 2008-04-14 00:12 507904 c:\windows\system32\dllcache\cache\winlogon.exe
+ 2009-07-25 18:02 . 2009-06-29 16:12 827392 c:\windows\system32\dllcache\cache\wininet.dll
+ 2009-07-25 18:02 . 2008-04-14 00:12 578560 c:\windows\system32\dllcache\cache\user32.dll
+ 2009-07-25 18:02 . 2008-04-14 00:12 295424 c:\windows\system32\dllcache\cache\termsrv.dll
+ 2009-07-25 18:02 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys
+ 2009-07-25 18:02 . 2008-04-14 00:12 171008 c:\windows\system32\dllcache\cache\srsvc.dll
+ 2009-07-25 18:02 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\cache\services.exe
+ 2009-07-25 18:02 . 2009-02-09 12:10 401408 c:\windows\system32\dllcache\cache\rpcss.dll
+ 2009-08-02 16:52 . 2008-04-14 00:12 409088 c:\windows\system32\dllcache\cache\qmgr.dll
+ 2009-07-25 18:02 . 2008-04-14 00:12 435200 c:\windows\system32\dllcache\cache\ntmssvc.dll
+ 2009-08-02 16:52 . 2008-04-13 19:15 574976 c:\windows\system32\dllcache\cache\ntfs.sys
+ 2009-07-25 18:02 . 2008-04-14 00:12 407040 c:\windows\system32\dllcache\cache\netlogon.dll
+ 2009-07-25 18:02 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys
+ 2009-07-25 18:02 . 2008-04-14 00:11 927504 c:\windows\system32\dllcache\cache\mfc40u.dll
+ 2009-07-25 18:02 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\cache\kernel32.dll
+ 2009-07-25 18:02 . 2008-04-14 00:11 110080 c:\windows\system32\dllcache\cache\imm32.dll
+ 2009-07-25 18:02 . 2008-04-14 00:11 792064 c:\windows\system32\dllcache\cache\comres.dll
+ 2009-07-25 18:02 . 2008-04-14 00:11 617472 c:\windows\system32\dllcache\cache\comctl32.dll
+ 2009-07-25 18:02 . 2008-04-14 00:11 167936 c:\windows\system32\dllcache\cache\appmgmts.dll
+ 2009-07-25 18:02 . 2008-04-13 16:39 142592 c:\windows\system32\dllcache\cache\aec.sys
+ 2007-08-14 00:39 . 2009-10-29 07:46 124928 c:\windows\system32\dllcache\advpack.dll
- 2007-08-14 00:39 . 2009-06-29 16:12 124928 c:\windows\system32\dllcache\advpack.dll
+ 2009-10-21 20:27 . 2009-10-21 20:27 411368 c:\windows\system32\deploytk.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 124928 c:\windows\system32\advpack.dll
- 2001-08-23 12:00 . 2009-06-29 16:12 124928 c:\windows\system32\advpack.dll
+ 2010-08-28 02:00 . 2010-08-28 02:00 292216 c:\windows\system32\Adobe\Shockwave 11\syminstallstub.exe
+ 2010-08-18 06:13 . 2010-08-18 06:13 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
- 2008-11-26 09:33 . 2008-11-04 16:14 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2010-08-18 06:22 . 2010-08-18 06:22 467224 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1158612.exe
+ 2010-08-18 06:02 . 2010-08-18 06:02 136568 c:\windows\system32\Adobe\Shockwave 11\SCC.dll
- 2008-11-26 09:33 . 2008-11-04 16:16 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2010-08-18 06:14 . 2010-08-18 06:14 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2010-08-18 06:13 . 2010-08-18 06:13 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2010-08-18 06:02 . 2010-08-18 06:02 790016 c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2010-08-18 06:13 . 2010-08-18 06:13 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2010-08-18 06:22 . 2010-08-18 06:22 213272 c:\windows\system32\Adobe\Director\SwDir.dll
+ 2010-08-18 06:14 . 2010-08-18 06:14 131072 c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2007-09-30 12:18 . 2008-08-25 21:17 528384 c:\windows\RtlExUpd.dll
+ 2010-01-03 22:05 . 2010-01-03 14:27 170912 c:\windows\PCHEALTH\HELPCTR\Config\Cache\Professional_32_1033.dat
+ 2008-05-28 05:49 . 2008-05-28 05:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-14 01:58 . 2007-04-14 01:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-28 05:48 . 2008-05-28 05:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 01:56 . 2007-04-14 01:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 02:30 . 2007-04-14 02:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-28 06:30 . 2008-05-28 06:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-10-21 20:27 . 2009-10-21 20:27 537600 c:\windows\Installer\93a45.msi
+ 2009-11-25 09:05 . 2009-11-25 09:05 429568 c:\windows\Installer\1fff761.msi
+ 2010-10-09 02:29 . 2010-10-09 02:29 700416 c:\windows\Installer\17cba.msi
+ 2009-12-27 07:18 . 2009-12-27 07:18 228352 c:\windows\Installer\12246eee.msi
+ 2010-10-09 02:28 . 2010-10-09 02:28 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-09-22 23:10 . 2010-09-22 23:10 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\nppdf32.dll
+ 2009-11-04 09:01 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB976749-IE7\spuninst\updspapi.dll
+ 2009-11-04 09:01 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB976749-IE7\spuninst\spuninst.exe
+ 2009-12-09 09:11 . 2009-08-29 07:36 832512 c:\windows\ie7updates\KB976325-IE7\wininet.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 233472 c:\windows\ie7updates\KB976325-IE7\webcheck.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 105984 c:\windows\ie7updates\KB976325-IE7\url.dll
+ 2009-12-09 09:11 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB976325-IE7\spuninst\updspapi.dll
+ 2009-12-09 09:11 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB976325-IE7\spuninst\spuninst.exe
+ 2009-12-09 09:11 . 2009-08-29 07:36 102912 c:\windows\ie7updates\KB976325-IE7\occache.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 671232 c:\windows\ie7updates\KB976325-IE7\mstime.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 193024 c:\windows\ie7updates\KB976325-IE7\msrating.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 477696 c:\windows\ie7updates\KB976325-IE7\mshtmled.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 459264 c:\windows\ie7updates\KB976325-IE7\msfeeds.dll
+ 2009-12-09 09:11 . 2009-08-27 05:18 634648 c:\windows\ie7updates\KB976325-IE7\iexplore.exe
+ 2009-12-09 09:11 . 2009-08-29 07:36 268288 c:\windows\ie7updates\KB976325-IE7\iertutil.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 385024 c:\windows\ie7updates\KB976325-IE7\iedkcs32.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 380928 c:\windows\ie7updates\KB976325-IE7\ieapfltr.dll
+ 2009-12-09 09:11 . 2009-08-27 05:18 161792 c:\windows\ie7updates\KB976325-IE7\ieakui.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 230400 c:\windows\ie7updates\KB976325-IE7\ieaksie.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 153088 c:\windows\ie7updates\KB976325-IE7\ieakeng.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 133120 c:\windows\ie7updates\KB976325-IE7\extmgr.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 214528 c:\windows\ie7updates\KB976325-IE7\dxtrans.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 347136 c:\windows\ie7updates\KB976325-IE7\dxtmsft.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 124928 c:\windows\ie7updates\KB976325-IE7\advpack.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 827392 c:\windows\ie7updates\KB974455-IE7\wininet.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 233472 c:\windows\ie7updates\KB974455-IE7\webcheck.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 105984 c:\windows\ie7updates\KB974455-IE7\url.dll
+ 2009-10-15 08:04 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB974455-IE7\spuninst\updspapi.dll
+ 2009-10-15 08:04 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB974455-IE7\spuninst\spuninst.exe
+ 2009-10-15 08:04 . 2009-06-29 16:12 102912 c:\windows\ie7updates\KB974455-IE7\occache.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 671232 c:\windows\ie7updates\KB974455-IE7\mstime.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 193024 c:\windows\ie7updates\KB974455-IE7\msrating.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 477696 c:\windows\ie7updates\KB974455-IE7\mshtmled.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 459264 c:\windows\ie7updates\KB974455-IE7\msfeeds.dll
+ 2009-10-15 08:04 . 2009-06-29 08:35 634632 c:\windows\ie7updates\KB974455-IE7\iexplore.exe
+ 2009-10-15 08:04 . 2009-06-29 16:12 268288 c:\windows\ie7updates\KB974455-IE7\iertutil.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 385024 c:\windows\ie7updates\KB974455-IE7\iedkcs32.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 380928 c:\windows\ie7updates\KB974455-IE7\ieapfltr.dll
+ 2009-10-15 08:04 . 2009-06-29 08:33 161792 c:\windows\ie7updates\KB974455-IE7\ieakui.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 230400 c:\windows\ie7updates\KB974455-IE7\ieaksie.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 153088 c:\windows\ie7updates\KB974455-IE7\ieakeng.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 133120 c:\windows\ie7updates\KB974455-IE7\extmgr.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 214528 c:\windows\ie7updates\KB974455-IE7\dxtrans.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 347136 c:\windows\ie7updates\KB974455-IE7\dxtmsft.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 124928 c:\windows\ie7updates\KB974455-IE7\advpack.dll
+ 2007-09-30 12:18 . 2009-09-27 12:25 319488 c:\windows\HideWin.exe
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\Driver Cache\i386\http.sys
+ 2009-10-15 08:04 . 2009-10-15 08:04 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b356b926\System.Drawing.dll
+ 2009-11-25 09:27 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB976098-v2$\spuninst\updspapi.dll
+ 2009-11-25 09:27 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB976098-v2$\spuninst\spuninst.exe
+ 2009-10-15 08:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975467$\spuninst\updspapi.dll
+ 2009-10-15 08:01 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe
+ 2009-10-15 08:01 . 2009-06-25 08:25 136192 c:\windows\$NtUninstallKB975467$\msv1_0.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975025$\spuninst\updspapi.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe
+ 2009-10-15 08:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB974571$\spuninst\updspapi.dll
+ 2009-10-15 08:03 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe
+ 2009-12-09 09:10 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB974392$\spuninst\updspapi.dll
+ 2009-12-09 09:10 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB974392$\spuninst\spuninst.exe
+ 2009-12-09 09:10 . 2008-04-14 00:12 270336 c:\windows\$NtUninstallKB974392$\oakley.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB974318$\spuninst\updspapi.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB974318$\spuninst\spuninst.exe
+ 2009-12-09 09:12 . 2008-04-14 00:12 150016 c:\windows\$NtUninstallKB974318$\rastls.dll
+ 2009-10-15 08:05 . 2008-10-03 10:02 247326 c:\windows\$NtUninstallKB974112$\strmdll.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB974112$\spuninst\updspapi.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe
+ 2009-12-09 09:12 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973904$\spuninst\updspapi.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973904$\spuninst\spuninst.exe
+ 2009-12-09 09:12 . 2004-07-17 17:42 116288 c:\windows\$NtUninstallKB973904$\msconv97.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB973869$\spuninst\updspapi.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB973869$\spuninst\spuninst.exe
+ 2009-09-28 08:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973815$\spuninst\updspapi.dll
+ 2009-09-28 08:01 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973815$\spuninst\spuninst.exe
+ 2009-09-28 08:01 . 2008-04-14 00:12 203776 c:\windows\$NtUninstallKB973815$\mswebdvd.dll
+ 2009-11-25 09:22 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973687$\spuninst\updspapi.dll
+ 2009-11-25 09:22 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB973687$\spuninst\spuninst.exe
+ 2009-09-28 08:01 . 2006-10-19 02:47 314880 c:\windows\$NtUninstallKB973540_WM9$\wmpdxm.dll
+ 2009-09-28 08:01 . 2007-07-27 15:41 382840 c:\windows\$NtUninstallKB973540_WM9$\spuninst\updspapi.dll
+ 2009-09-28 08:01 . 2007-07-27 15:41 231288 c:\windows\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe
+ 2009-10-15 08:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973525$\spuninst\updspapi.dll
+ 2009-10-15 08:01 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe
+ 2009-09-28 08:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973507$\spuninst\updspapi.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973507$\spuninst\spuninst.exe
+ 2009-09-28 08:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973354$\spuninst\updspapi.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973354$\spuninst\spuninst.exe
+ 2009-09-28 08:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971961$\spuninst\updspapi.dll
+ 2009-09-28 08:01 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB971961$\spuninst\spuninst.exe
+ 2009-09-28 08:01 . 2008-05-09 10:53 512000 c:\windows\$NtUninstallKB971961$\jscript.dll
+ 2009-12-09 09:10 . 2008-12-16 12:30 354304 c:\windows\$NtUninstallKB971737$\winhttp.dll
+ 2009-12-09 09:10 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971737$\spuninst\updspapi.dll
+ 2009-12-09 09:10 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971737$\spuninst\spuninst.exe
+ 2009-09-28 08:02 . 2008-04-14 00:12 132096 c:\windows\$NtUninstallKB971657$\wkssvc.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971657$\spuninst\updspapi.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971657$\spuninst\spuninst.exe
+ 2009-09-28 08:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971557$\spuninst\updspapi.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971557$\spuninst\spuninst.exe
+ 2009-10-15 08:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971486$\spuninst\updspapi.dll
+ 2009-10-15 08:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe
+ 2009-09-28 08:00 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB970653-v3$\spuninst\updspapi.dll
+ 2009-09-28 08:00 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB970653-v3$\spuninst\spuninst.exe
+ 2009-12-09 09:12 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB970430$\spuninst\updspapi.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB970430$\spuninst\spuninst.exe
+ 2009-12-09 09:12 . 2008-04-13 18:53 264832 c:\windows\$NtUninstallKB970430$\http.sys
+ 2009-11-11 09:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB969947$\spuninst\updspapi.dll
+ 2009-11-11 09:01 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB969947$\spuninst\spuninst.exe
+ 2009-10-15 08:05 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB969059$\spuninst\updspapi.dll
+ 2009-10-15 08:05 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe
+ 2009-09-28 08:02 . 2007-07-27 15:41 382840 c:\windows\$NtUninstallKB968816_WM9$\spuninst\updspapi.dll
+ 2009-09-28 08:02 . 2007-07-27 15:41 231288 c:\windows\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe
+ 2009-10-15 08:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB968389$\spuninst\updspapi.dll
+ 2009-10-15 08:01 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB968389$\spuninst\spuninst.exe
+ 2009-10-15 08:01 . 2008-12-05 06:54 144896 c:\windows\$NtUninstallKB968389$\schannel.dll
+ 2009-10-15 08:01 . 2008-04-14 00:12 132608 c:\windows\$NtUninstallKB968389$\msv1_0.dll
+ 2009-10-15 08:01 . 2009-02-09 12:10 729088 c:\windows\$NtUninstallKB968389$\lsasrv.dll
+ 2009-10-15 08:01 . 2008-04-14 00:11 299520 c:\windows\$NtUninstallKB968389$\kerberos.dll
+ 2009-09-28 08:05 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB960859$\spuninst\updspapi.dll
+ 2009-09-28 08:05 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB960859$\spuninst\spuninst.exe
+ 2009-10-15 08:08 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB958869$\spuninst\updspapi.dll
+ 2009-10-15 08:08 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe
+ 2009-09-28 08:02 . 2008-04-14 00:12 153088 c:\windows\$NtUninstallKB956844$\triedit.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB956844$\spuninst\updspapi.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe
+ 2009-09-28 08:02 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB956744$\spuninst\updspapi.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB956744$\spuninst\spuninst.exe
+ 2009-10-15 08:05 . 2006-10-19 02:47 603648 c:\windows\$NtUninstallKB954155_WM9$\wmspdmod.dll
+ 2009-10-15 08:05 . 2007-07-27 15:41 382840 c:\windows\$NtUninstallKB954155_WM9$\spuninst\updspapi.dll
+ 2009-10-15 08:05 . 2007-07-27 15:41 231288 c:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe
+ 2009-11-04 09:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB976749-IE7\update\updspapi.dll
+ 2009-11-04 09:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB976749-IE7\update\update.exe
+ 2009-11-04 09:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB976749-IE7\spuninst.exe
+ 2009-12-09 09:11 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB976325-IE7\update\updspapi.dll
+ 2009-12-09 09:11 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB976325-IE7\update\update.exe
+ 2009-12-09 09:11 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB976325-IE7\spuninst.exe
+ 2009-10-29 07:45 . 2009-10-29 07:45 841216 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 233472 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\webcheck.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 105984 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\url.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 102912 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\occache.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 671232 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mstime.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 193024 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\msrating.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 477696 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtmled.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 459264 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\msfeeds.dll
+ 2009-10-28 06:54 . 2009-10-28 06:54 634632 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iexplore.exe
+ 2009-10-29 07:45 . 2009-10-29 07:45 268288 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iertutil.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 388608 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iedkcs32.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 380928 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieapfltr.dll
+ 2009-10-28 06:52 . 2009-10-28 06:52 161792 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieakui.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 230400 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieaksie.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 153088 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieakeng.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 132608 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\extmgr.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 214528 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\dxtrans.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 347136 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\dxtmsft.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 124928 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\advpack.dll
+ 2009-10-15 08:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975467\update\updspapi.dll
+ 2009-10-15 08:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975467\update\update.exe
+ 2009-10-15 08:01 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975467\spuninst.exe
+ 2009-09-11 14:13 . 2009-09-11 14:13 136704 c:\windows\$hf_mig$\KB975467\SP3QFE\msv1_0.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975025\update\updspapi.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975025\update\update.exe
+ 2009-10-15 08:05 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975025\spuninst.exe
+ 2009-10-15 08:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974571\update\updspapi.dll
+ 2009-10-15 08:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974571\update\update.exe
+ 2009-10-15 08:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974571\spuninst.exe
+ 2009-10-15 08:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974455-IE7\update\updspapi.dll
+ 2009-10-15 08:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974455-IE7\update\update.exe
+ 2009-10-15 08:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974455-IE7\spuninst.exe
+ 2009-08-29 07:31 . 2009-08-29 07:31 840704 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 233472 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\webcheck.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 105984 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\url.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 102912 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\occache.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 671232 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mstime.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 193024 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\msrating.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 477696 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mshtmled.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 459264 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\msfeeds.dll
+ 2009-08-27 05:18 . 2009-08-27 05:18 634648 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\iexplore.exe
+ 2009-08-29 07:31 . 2009-08-29 07:31 268288 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\iertutil.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 388608 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\iedkcs32.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 380928 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieapfltr.dll
+ 2009-08-27 05:18 . 2009-08-27 05:18 161792 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieakui.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 230400 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieaksie.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 153088 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieakeng.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 132608 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\extmgr.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 214528 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\dxtrans.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 347136 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\dxtmsft.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 124928 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\advpack.dll
+ 2009-12-09 09:10 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974392\update\updspapi.dll
+ 2009-12-09 09:10 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974392\update\update.exe
+ 2009-12-09 09:10 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974392\spuninst.exe
+ 2009-10-13 10:38 . 2009-10-13 10:38 270336 c:\windows\$hf_mig$\KB974392\SP3QFE\oakley.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974318\update\updspapi.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974318\update\update.exe
+ 2009-12-09 09:12 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974318\spuninst.exe
+ 2009-10-12 13:28 . 2009-10-12 13:28 150016 c:\windows\$hf_mig$\KB974318\SP3QFE\rastls.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974112\update\updspapi.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974112\update\update.exe
+ 2009-10-15 08:05 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974112\spuninst.exe
+ 2009-08-26 08:03 . 2009-08-26 08:03 247326 c:\windows\$hf_mig$\KB974112\SP3QFE\strmdll.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973904\update\updspapi.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973904\update\update.exe
+ 2009-12-09 09:12 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973904\spuninst.exe
+ 2009-12-09 07:31 . 2009-07-29 14:01 119648 c:\windows\$hf_mig$\KB973904\SP3QFE\msconv97.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB973869\update\updspapi.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973869\update\update.exe
+ 2009-09-28 08:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973869\spuninst.exe
+ 2009-09-28 08:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973815\update\updspapi.dll
+ 2009-09-28 08:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973815\update\update.exe
+ 2009-09-28 08:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973815\spuninst.exe
+ 2009-08-05 08:52 . 2009-08-05 08:52 204800 c:\windows\$hf_mig$\KB973815\SP3QFE\mswebdvd.dll
+ 2009-11-25 09:22 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973687\update\updspapi.dll
+ 2009-11-25 09:22 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973687\update\update.exe
+ 2009-11-25 09:22 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973687\spuninst.exe
+ 2009-10-15 08:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973525\update\updspapi.dll
+ 2009-10-15 08:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973525\update\update.exe
+ 2009-10-15 08:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973525\spuninst.exe
+ 2009-09-28 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973507\update\updspapi.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973507\update\update.exe
+ 2009-09-28 08:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973507\spuninst.exe
+ 2009-09-28 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973354\update\updspapi.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973354\update\update.exe
+ 2009-09-28 08:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973354\spuninst.exe
+ 2009-09-28 08:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971961\update\updspapi.dll
+ 2009-09-28 08:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971961\update\update.exe
+ 2009-09-28 08:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB971961\spuninst.exe
+ 2009-09-27 23:34 . 2009-08-13 15:02 512000 c:\windows\$hf_mig$\KB971961\SP3QFE\jscript.dll
+ 2009-12-09 09:10 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971737\update\updspapi.dll
+ 2009-12-09 09:10 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971737\update\update.exe
+ 2009-12-09 09:10 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971737\spuninst.exe
+ 2009-08-25 09:27 . 2009-08-25 09:27 354816 c:\windows\$hf_mig$\KB971737\SP3QFE\winhttp.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971657\update\updspapi.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971657\update\update.exe
+ 2009-09-28 08:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971657\spuninst.exe
+ 2009-06-10 06:17 . 2009-06-10 06:17 134144 c:\windows\$hf_mig$\KB971657\SP3QFE\wkssvc.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971557\update\updspapi.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971557\update\update.exe
+ 2009-09-28 08:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971557\spuninst.exe
+ 2009-10-15 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971486\update\updspapi.dll
+ 2009-10-15 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971486\update\update.exe
+ 2009-10-15 08:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB971486\spuninst.exe
+ 2009-12-09 09:12 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB970430\update\updspapi.dll
+ 2009-12-09 09:12 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB970430\update\update.exe
+ 2009-12-09 09:12 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB970430\spuninst.exe
+ 2009-10-20 15:21 . 2009-10-20 15:21 265728 c:\windows\$hf_mig$\KB970430\SP3QFE\http.sys
+ 2009-11-11 09:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969947\update\updspapi.dll
+ 2009-11-11 09:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB969947\update\update.exe
+ 2009-11-11 09:01 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB969947\spuninst.exe
+ 2009-10-15 08:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969059\update\updspapi.dll
+ 2009-10-15 08:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB969059\update\update.exe
+ 2009-10-15 08:05 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB969059\spuninst.exe
+ 2009-10-15 08:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB968389\update\updspapi.dll
+ 2009-10-15 08:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB968389\update\update.exe
+ 2009-10-15 08:01 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB968389\spuninst.exe
+ 2009-06-25 08:41 . 2009-06-25 08:41 147456 c:\windows\$hf_mig$\KB968389\SP3QFE\schannel.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 136704 c:\windows\$hf_mig$\KB968389\SP3QFE\msv1_0.dll
+ 2009-06-26 09:41 . 2009-06-26 09:41 730112 c:\windows\$hf_mig$\KB968389\SP3QFE\lsasrv.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 301568 c:\windows\$hf_mig$\KB968389\SP3QFE\kerberos.dll
+ 2009-09-28 08:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB960859\update\updspapi.dll
+ 2009-09-28 08:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB960859\update\update.exe
+ 2009-09-28 08:05 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB960859\spuninst.exe
+ 2009-09-28 08:02 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956844\update\updspapi.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB956844\update\update.exe
+ 2009-09-28 08:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956844\spuninst.exe
+ 2009-09-27 23:37 . 2009-06-21 21:49 153088 c:\windows\$hf_mig$\KB956844\SP3QFE\triedit.dll
+ 2009-09-28 08:02 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956744\update\updspapi.dll
+ 2009-09-28 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB956744\update\update.exe
+ 2009-09-28 08:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956744\spuninst.exe
+ 2009-10-14 20:52 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2009-07-21 06:03 . 2009-07-21 06:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2006-04-22 05:07 . 2009-08-07 00:23 1929952 c:\windows\system32\wuaueng.dll
+ 2001-08-23 12:00 . 2009-05-20 09:56 2458112 c:\windows\system32\WMVCore.dll
- 2001-08-23 12:00 . 2008-06-18 11:03 2458112 c:\windows\system32\WMVCore.dll
+ 2001-08-23 12:00 . 2009-08-14 13:21 1850624 c:\windows\system32\win32k.sys
+ 2001-08-23 12:00 . 2009-10-29 07:46 1168384 c:\windows\system32\urlmon.dll
+ 2006-04-23 02:25 . 2009-08-04 23:08 6631012 c:\windows\system32\Restore\rstrlog.dat
+ 2009-09-27 12:25 . 2006-05-16 10:04 2879488 c:\windows\system32\ReinstallBackups\0014\DriverFiles\SkyTel.exe
+ 2009-09-27 12:26 . 2006-12-16 05:10 1191936 c:\windows\system32\ReinstallBackups\0014\DriverFiles\RtlUpd.exe
+ 2009-09-27 12:25 . 2006-05-04 08:35 9709568 c:\windows\system32\ReinstallBackups\0014\DriverFiles\RTLCPL.EXE
+ 2009-09-27 12:25 . 2006-12-21 08:26 4405248 c:\windows\system32\ReinstallBackups\0014\DriverFiles\RtkHDAud.sys
+ 2009-09-27 12:25 . 2006-10-11 09:42 2157568 c:\windows\system32\ReinstallBackups\0014\DriverFiles\MicCal.exe
+ 2009-09-27 12:25 . 2006-05-04 08:26 2808832 c:\windows\system32\ReinstallBackups\0014\DriverFiles\ALCWZRD.EXE
+ 2001-08-23 12:00 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
- 2001-08-23 12:00 . 2008-04-14 00:12 1435648 c:\windows\system32\query.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 1622016 c:\windows\system32\nwiz.exe
+ 2006-10-31 19:35 . 2006-10-31 19:35 1732608 c:\windows\system32\nvwssr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 1236992 c:\windows\system32\nvwss.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 1019904 c:\windows\system32\nvwimg.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 1662976 c:\windows\system32\nvwdmcpl.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 2969600 c:\windows\system32\nvvitvsr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 2920448 c:\windows\system32\nvvitvs.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 5636096 c:\windows\system32\nvoglnt.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 2859008 c:\windows\system32\nvmoblsr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 1470464 c:\windows\system32\nview.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 2932736 c:\windows\system32\nvgamesr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 3047424 c:\windows\system32\nvgames.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 1339392 c:\windows\system32\nvdspsch.exe
+ 2006-10-31 19:35 . 2006-10-31 19:35 5255168 c:\windows\system32\nvdispsr.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 5619712 c:\windows\system32\nvdisps.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 1011712 c:\windows\system32\nvcpluir.dll
+ 2006-10-31 19:35 . 2006-10-31 19:35 7634944 c:\windows\system32\nvcpl.dll
+ 2008-08-26 04:58 . 2006-10-31 19:35 4493952 c:\windows\system32\nv4_disp.dll
+ 2001-08-23 12:00 . 2009-08-04 15:13 2145280 c:\windows\system32\ntoskrnl.exe
- 2001-08-23 12:00 . 2009-02-06 11:06 2145280 c:\windows\system32\ntoskrnl.exe
- 2001-08-17 13:48 . 2009-02-06 10:32 2023936 c:\windows\system32\ntkrnlpa.exe
+ 2001-08-17 13:48 . 2009-08-04 14:20 2023936 c:\windows\system32\ntkrnlpa.exe
+ 2008-08-26 04:58 . 2009-07-31 16:05 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-21 06:05 . 2009-07-21 06:05 1348432 c:\windows\system32\msxml4.dll
+ 2001-08-23 12:00 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll
+ 2006-04-22 05:07 . 2009-06-10 14:19 2066432 c:\windows\system32\mstscax.dll
+ 2001-08-23 12:00 . 2009-10-29 07:46 3598336 c:\windows\system32\mshtml.dll
+ 2010-01-27 01:07 . 2010-11-09 23:39 5971408 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2007-08-14 00:54 . 2009-10-29 07:46 6067200 c:\windows\system32\ieframe.dll
- 2007-08-14 00:54 . 2009-07-19 13:32 6067200 c:\windows\system32\ieframe.dll
+ 2007-09-30 12:18 . 2008-09-24 22:32 4818432 c:\windows\system32\drivers\RtkHDAud.sys
+ 2008-08-26 04:58 . 2006-10-31 19:35 3964256 c:\windows\system32\drivers\nv4_mini.sys
+ 2009-09-27 12:25 . 2006-01-04 20:41 1389056 c:\windows\system32\drivers\Monfilt.sys
+ 2009-09-27 12:25 . 2008-08-06 01:10 1684736 c:\windows\system32\drivers\Ambfilt.sys
+ 2006-04-22 05:07 . 2009-08-07 00:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2006-12-07 23:02 . 2009-05-20 09:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
- 2006-12-07 23:02 . 2008-06-18 11:03 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-14 20:15 . 2009-08-14 13:21 1850624 c:\windows\system32\dllcache\win32k.sys
+ 2006-05-10 05:23 . 2009-10-29 07:46 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2008-08-26 04:58 . 2006-10-31 19:35 3964256 c:\windows\system32\dllcache\nv4_mini.sys
+ 2008-08-26 04:58 . 2006-10-31 19:35 4493952 c:\windows\system32\dllcache\nv4_disp.dll
+ 2008-10-14 20:15 . 2009-08-05 01:44 2189184 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-14 20:15 . 2009-08-04 14:20 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-10-14 20:15 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-14 20:15 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-10-14 20:15 . 2009-02-08 00:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-10-14 20:15 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-10-14 20:15 . 2009-08-04 15:13 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-26 04:58 . 2009-07-31 16:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2006-09-13 05:01 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-06-10 14:19 . 2009-06-10 14:19 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2009-09-27 23:36 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2006-05-19 15:08 . 2009-10-29 07:46 3598336 c:\windows\system32\dllcache\mshtml.dll
+ 2007-12-02 13:54 . 2009-10-29 07:46 6067200 c:\windows\system32\dllcache\ieframe.dll
- 2007-12-02 13:54 . 2009-07-19 13:32 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2009-07-25 18:02 . 2008-04-14 00:12 1614848 c:\windows\system32\dllcache\cache\sfcfiles.dll
+ 2009-07-25 18:02 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\cache\ntoskrnl.exe
+ 2009-07-25 18:02 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\cache\ntkrnlpa.exe
+ 2009-08-01 00:23 . 2009-07-19 13:33 3597824 c:\windows\system32\dllcache\cache\mshtml.dll
+ 2009-07-25 18:02 . 2008-04-14 00:12 1033728 c:\windows\system32\dllcache\cache\explorer.exe
+ 2010-08-18 06:05 . 2010-08-18 06:05 1011712 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2010-08-18 06:02 . 2010-08-18 06:02 2224816 c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2010-08-18 06:07 . 2010-08-18 06:07 1802240 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2007-09-30 12:19 . 2007-11-20 23:15 1826816 c:\windows\SkyTel.exe
+ 2007-09-30 12:19 . 2008-09-19 22:48 1200128 c:\windows\RtlUpd.exe
+ 2007-09-30 12:18 . 2008-06-19 21:27 9715200 c:\windows\RTLCPL.EXE
+ 2008-05-28 06:35 . 2008-05-28 06:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 02:35 . 2007-04-14 02:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-28 06:35 . 2008-05-28 06:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-14 02:35 . 2007-04-14 02:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-28 05:48 . 2008-05-28 05:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-14 01:57 . 2007-04-14 01:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-28 05:48 . 2008-05-28 05:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-14 01:57 . 2007-04-14 01:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-14 01:50 . 2007-04-14 01:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-05-28 05:43 . 2008-05-28 05:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-09-30 12:18 . 2008-09-18 20:17 2166272 c:\windows\MicCal.exe
+ 2010-09-22 06:27 . 2010-09-22 06:27 1223680 c:\windows\Installer\7e5c2e9.msi
+ 2010-10-15 21:24 . 2010-10-15 21:24 3940864 c:\windows\Installer\5487bc3.msi
+ 2010-11-08 07:14 . 2010-11-08 07:14 3402752 c:\windows\Installer\1fd87.msp
+ 2010-10-09 02:28 . 2010-10-09 02:28 1575936 c:\windows\Installer\17cb3.msi
+ 2010-09-16 08:08 . 2010-09-16 08:08 6210560 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\authplay.dll
+ 2009-11-04 09:01 . 2009-08-29 07:36 3598336 c:\windows\ie7updates\KB976749-IE7\mshtml.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 1168384 c:\windows\ie7updates\KB976325-IE7\urlmon.dll
+ 2009-12-09 09:11 . 2009-10-21 04:08 3598336 c:\windows\ie7updates\KB976325-IE7\mshtml.dll
+ 2009-12-09 09:11 . 2009-08-29 07:36 6067200 c:\windows\ie7updates\KB976325-IE7\ieframe.dll
+ 2009-10-15 08:04 . 2009-06-29 16:12 1159680 c:\windows\ie7updates\KB974455-IE7\urlmon.dll
+ 2009-10-15 08:04 . 2009-07-19 13:33 3597824 c:\windows\ie7updates\KB974455-IE7\mshtml.dll
+ 2009-10-15 08:04 . 2009-07-19 13:32 6067200 c:\windows\ie7updates\KB974455-IE7\ieframe.dll
+ 2008-10-14 20:15 . 2009-08-05 01:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-14 20:15 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-10-14 20:15 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-10-14 20:15 . 2009-02-08 00:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-14 20:15 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-14 20:15 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2008-10-14 20:15 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-15 08:03 . 2009-10-15 08:03 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_fe269e59\System.dll
+ 2009-10-15 08:04 . 2009-10-15 08:04 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_fe22d1cc\System.Xml.dll
+ 2009-10-15 08:03 . 2009-10-15 08:03 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_cc98a960\System.Windows.Forms.dll
+ 2009-10-15 08:04 . 2009-10-15 08:04 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f893526d\System.Design.dll
+ 2009-10-15 08:04 . 2009-10-15 08:04 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a4e4a194\mscorlib.dll
- 2007-10-01 08:01 . 2007-10-01 08:01 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-10-15 08:03 . 2009-10-15 08:03 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2007-10-01 08:01 . 2007-10-01 08:01 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-15 08:03 . 2009-10-15 08:03 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2007-09-30 12:18 . 2008-06-19 21:42 2808832 c:\windows\ALCWZRD.EXE
- 2007-09-30 12:18 . 2006-05-04 08:26 2808832 c:\windows\alcwzrd.exe
+ 2009-11-25 09:22 . 2008-09-10 01:14 1307648 c:\windows\$NtUninstallKB973687$\msxml6.dll
+ 2009-11-25 09:22 . 2008-09-04 17:15 1106944 c:\windows\$NtUninstallKB973687$\msxml3.dll
+ 2009-09-28 08:02 . 2008-04-14 00:12 1314816 c:\windows\$NtUninstallKB973354$\msoe.dll
+ 2009-10-15 08:02 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
+ 2009-10-15 08:02 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrpamp.exe
+ 2009-10-15 08:02 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
+ 2009-10-15 08:02 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntkrnlmp.exe
+ 2009-11-11 09:01 . 2009-04-17 12:26 1847168 c:\windows\$NtUninstallKB969947$\win32k.sys
+ 2009-10-15 08:05 . 2008-04-14 00:12 1435648 c:\windows\$NtUninstallKB969059$\query.dll
+ 2009-09-28 08:02 . 2008-06-18 11:03 2458112 c:\windows\$NtUninstallKB968816_WM9$\wmvcore.dll
+ 2009-09-28 08:02 . 2008-04-14 00:11 2061824 c:\windows\$NtUninstallKB956744$\mstscax.dll
+ 2009-10-21 03:59 . 2009-10-21 03:59 3602432 c:\windows\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 1170944 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\urlmon.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 3602432 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll
+ 2009-10-29 07:45 . 2009-10-29 07:45 6070784 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieframe.dll
+ 2009-12-09 07:32 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\ieapfltr.dat
+ 2009-08-29 07:31 . 2009-08-29 07:31 1170944 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\urlmon.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 3600384 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mshtml.dll
+ 2009-08-29 07:31 . 2009-08-29 07:31 6070784 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieframe.dll
+ 2009-10-14 20:53 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\ieapfltr.dat
+ 2009-11-24 23:47 . 2009-07-31 04:24 1447424 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml6.dll
+ 2009-11-24 23:47 . 2009-07-31 04:24 1172480 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml3.dll
+ 2009-07-10 23:54 . 2009-07-10 23:54 1315328 c:\windows\$hf_mig$\KB973354\SP3QFE\msoe.dll
+ 2009-10-14 20:52 . 2009-08-04 13:56 2189312 c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
+ 2009-10-14 20:52 . 2009-08-04 13:17 2023936 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrpamp.exe
+ 2009-08-04 23:47 . 2009-08-04 23:47 2066176 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
+ 2009-10-14 20:52 . 2009-08-04 13:54 2145280 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlmp.exe
+ 2009-08-14 12:19 . 2009-08-14 12:19 1859712 c:\windows\$hf_mig$\KB969947\SP3QFE\win32k.sys
+ 2009-07-17 16:01 . 2009-07-17 16:01 1435648 c:\windows\$hf_mig$\KB969059\SP3QFE\query.dll
+ 2009-09-27 23:36 . 2009-06-09 15:21 2067968 c:\windows\$hf_mig$\KB956744\SP3QFE\lhmstscx.dll
+ 2006-04-23 01:56 . 2009-07-14 04:43 10841088 c:\windows\system32\wmp.dll
+ 2009-09-27 12:25 . 2006-12-19 03:12 16062464 c:\windows\system32\ReinstallBackups\0014\DriverFiles\RTHDCPL.EXE
+ 2009-04-15 08:01 . 2009-12-01 20:06 25966024 c:\windows\system32\MRT.exe
+ 2009-07-14 04:43 . 2009-07-14 04:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2007-09-30 12:18 . 2008-09-24 21:05 16859648 c:\windows\RTHDCPL.EXE
+ 2009-08-11 02:08 . 2009-08-11 02:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2010-03-21 19:31 . 2010-03-21 19:31 15710720 c:\windows\Installer\6fe60f42.msp
+ 2009-08-10 19:09 . 2009-08-10 19:09 17254912 c:\windows\Installer\5048f082.msp
+ 2010-02-14 19:10 . 2010-02-14 19:10 15709696 c:\windows\Installer\3c2334b5.msp
+ 2009-09-28 08:01 . 2008-11-11 23:34 10838016 c:\windows\$NtUninstallKB973540_WM9$\wmp.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-12 68856]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-09-02 13351304]
"Google Update"="c:\documents and settings\josh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-06-15 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^josh^Start Menu^Programs^Startup^Kuma_Tray.lnk]
path=c:\documents and settings\josh\Start Menu\Programs\Startup\Kuma_Tray.lnk
backup=c:\windows\pss\Kuma_Tray.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 09:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 21:20 57344 ----a-w- c:\windows\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
2009-10-29 12:54 1218008 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-31 19:35 7634944 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-31 19:35 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-31 19:35 1622016 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-09-24 21:05 16859648 ----a-w- c:\windows\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-21 20:27 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-10-12 12:25 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Turbine\\Dungeons & Dragons Online - Stormreach\\dndclient.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\drivers\\svchost.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McProxy\\McProxy.exe"=
"c:\\Program Files\\McAfee\\SiteAdvisor\\McSACore.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Palm\\Hotsync.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [9/27/2009 6:03 AM 13696]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/23/2001 6:00 AM 14336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [1/12/2009 12:42 PM 88176]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/6/2010 2:00 AM 135664]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 6:49 AM 227232]
S3 pohci13F;pohci13F;\??\c:\docume~1\josh\LOCALS~1\Temp\pohci13F.sys --> c:\docume~1\josh\LOCALS~1\Temp\pohci13F.sys [?]
S3 SS1020;Siemens SpeedStream PCI 10/100 Win2000 Driver;c:\windows\system32\drivers\SS1020N5.sys [9/4/2001 4:10 AM 36356]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2010-11-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-12 08:48]

2010-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 08:00]

2010-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 08:00]

2010-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-725345543-1801674531-1003Core.job
- c:\documents and settings\josh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-06 04:16]

2010-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-725345543-1801674531-1003UA.job
- c:\documents and settings\josh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-06 04:16]

2010-11-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-11 17:22]

2010-11-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-11 17:22]

2010-11-21 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-30 03:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://my.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = http=127.0.0.1:50370
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-Desktop Defender 2010 - c:\program files\Desktop Defender 2010\Desktop Defender 2010.exe
MSConfigStartUp-rujnjemuel8s - c:\windows\system32\rujnjeluelos.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\documents and settings\josh\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-21 11:36
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-11-21 11:39:28
ComboFix-quarantined-files.txt 2010-11-21 17:39
ComboFix2.txt 2009-08-04 22:18
ComboFix3.txt 2009-08-02 17:19
ComboFix4.txt 2009-08-02 16:53
ComboFix5.txt 2010-11-21 17:28

Pre-Run: 42,629,582,848 bytes free
Post-Run: 43,598,643,200 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 089958A9277EB8E0A0C80DFAF71C33ED

#4 frisbee212

frisbee212
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 30 November 2010 - 02:47 PM

The Extras.Txt log:



OTL Extras logfile created on: 11/30/2010 1:36:40 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\josh\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.00 Mb Total Physical Memory | 455.00 Mb Available Physical Memory | 51.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 35.29 Gb Free Space | 31.57% Space Free | Partition Type: NTFS

Computer Name: GARYCOMPUTER | User Name: josh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"1701:TCP" = 1701:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Turbine\Dungeons & Dragons Online - Stormreach\dndclient.exe" = C:\Program Files\Turbine\Dungeons & Dragons Online - Stormreach\dndclient.exe:*:Enabled:dndclient -- (Turbine, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Disabled:iTunes -- (Apple Inc.)
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found
"C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe" = C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe:*:Enabled:mcproxy -- (McAfee, Inc.)
"C:\Program Files\McAfee\SiteAdvisor\McSACore.exe" = C:\Program Files\McAfee\SiteAdvisor\McSACore.exe:*:Enabled:McSACore -- (McAfee, Inc.)
"C:\Program Files\Palm\Hotsync.exe" = C:\Program Files\Palm\Hotsync.exe:*:Enabled:HotSync Manager -- (PalmSource, Inc)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 15
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{481E9852-DA0C-403B-ADA4-05D86C8BF9A9}" = Google Photos Screensaver
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98F2555F-6749-49BA-949F-FC887831A524}" = Palm Desktop by ACCESS
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}" = 2Wire Wireless Client
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E3FEE4E7-4488-4A3F-A6BD-13745936EADB}" = iTunes
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"15b35190-c6f9-11d9-9669-0800200c9a66_is1" = Dungeons & Dragons Online™: Stormreach™ v04.01.33.0131
"2Wire SetupWiz" = AT&T Yahoo! High Speed Internet Home Networking Installer
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner (remove only)
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"LHTTSSPE" = L&H TTS3000 Espańol
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Reader Rabbit® Playtime For Baby & Toddler" = Reader Rabbit® Playtime For Baby & Toddler
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/9/2010 9:18:08 AM | Computer Name = GARYCOMPUTER | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3951, faulting
module xul.dll, version 1.9.2.3951, fault address 0x007226cd.

Error - 11/20/2010 10:00:01 PM | Computer Name = GARYCOMPUTER | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3951, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b.

Error - 11/20/2010 10:29:53 PM | Computer Name = GARYCOMPUTER | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 252 (0xfc) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.0.0.435
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\World
of Warcraft\WoW-3.2.0-enUS-patch.exe by C:\WINDOWS\system32\rundll32.exe 4(0)(0)

4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)

Error - 11/20/2010 11:08:58 PM | Computer Name = GARYCOMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16945, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/22/2010 8:46:52 PM | Computer Name = GARYCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The server name or address could not be resolved

Error - 11/22/2010 8:46:52 PM | Computer Name = GARYCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 11/29/2010 4:14:32 PM | Computer Name = GARYCOMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5145, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/29/2010 4:21:51 PM | Computer Name = GARYCOMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5145, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/29/2010 4:23:46 PM | Computer Name = GARYCOMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5145, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/30/2010 1:02:16 PM | Computer Name = GARYCOMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5145, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 11/20/2010 11:29:38 PM | Computer Name = GARYCOMPUTER | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.100.11
on the Network Card with network address 0030671EE282.

Error - 11/21/2010 11:22:51 AM | Computer Name = GARYCOMPUTER | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 11/21/2010 12:02:05 PM | Computer Name = GARYCOMPUTER | Source = Service Control Manager | ID = 7031
Description = The McAfee Real-time Scanner service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.

Error - 11/21/2010 12:06:08 PM | Computer Name = GARYCOMPUTER | Source = Dhcp | ID = 1002
Description = The IP address lease 24.27.93.53 for the Network Card with network
address 0030671EE282 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 11/21/2010 12:06:30 PM | Computer Name = GARYCOMPUTER | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.100.11
on the Network Card with network address 0030671EE282.

Error - 11/21/2010 1:27:46 PM | Computer Name = GARYCOMPUTER | Source = Service Control Manager | ID = 7031
Description = The McAfee Real-time Scanner service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.

Error - 11/21/2010 10:51:25 PM | Computer Name = GARYCOMPUTER | Source = Dhcp | ID = 1002
Description = The IP address lease 24.27.93.53 for the Network Card with network
address 0030671EE282 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 11/21/2010 10:51:47 PM | Computer Name = GARYCOMPUTER | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.100.11
on the Network Card with network address 0030671EE282.

Error - 11/30/2010 2:07:05 PM | Computer Name = GARYCOMPUTER | Source = Dhcp | ID = 1002
Description = The IP address lease 24.27.95.209 for the Network Card with network
address 0030671EE282 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 11/30/2010 2:07:39 PM | Computer Name = GARYCOMPUTER | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.100.11
on the Network Card with network address 0030671EE282.


< End of report >

The OTL.Txt log:




OTL logfile created on: 11/30/2010 1:36:40 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\josh\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.00 Mb Total Physical Memory | 455.00 Mb Available Physical Memory | 51.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 35.29 Gb Free Space | 31.57% Space Free | Partition Type: NTFS

Computer Name: GARYCOMPUTER | User Name: josh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/30 13:34:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\josh\My Documents\Downloads\OTL.exe
PRC - [2010/11/01 15:36:03 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Documents and Settings\josh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010/10/17 08:22:43 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/06/10 05:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2010/05/20 16:19:16 | 000,088,176 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/29 06:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/09/16 09:22:08 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/09/16 08:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/07/08 10:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 18:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/12 06:25:44 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe


========== Modules (SafeList) ==========

MOD - [2010/11/30 13:34:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\josh\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/11/29 14:33:05 | 003,020,376 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_5632d69.dll -- (Akamai)
SRV - [2010/06/10 05:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2010/05/20 16:19:16 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/16 10:23:32 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/09/16 09:22:08 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/09/16 08:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/07/08 10:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 18:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\josh\LOCALS~1\Temp\pohci13F.sys -- (pohci13F)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\josh\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/07/15 14:18:22 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009/09/16 09:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 09:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 09:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 09:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/09/24 16:32:18 | 004,818,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/18 17:54:24 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008/08/01 10:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/08/01 10:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/04/13 12:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 10:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/12/04 16:10:30 | 000,016,640 | R--- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/08/21 20:07:39 | 002,417,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/10/31 13:35:00 | 003,964,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/07/01 21:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/16 00:23:54 | 000,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS)
DRV - [2004/09/28 21:00:42 | 000,247,296 | R--- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2004/04/13 18:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/01/14 11:30:00 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDPNDIS5.sys -- (ZDPNDIS5)
DRV - [2002/12/12 04:27:28 | 000,159,744 | R--- | M] (Linksys Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WMPCI54G.SYS -- (BCM43XX)
DRV - [2001/09/04 04:10:10 | 000,036,356 | ---- | M] (Siemens) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SS1020N5.sys -- (SS1020)
DRV - [2001/08/17 14:02:50 | 000,002,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd)
DRV - [2001/08/17 13:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001/08/17 08:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2000/10/25 06:27:24 | 000,003,000 | R--- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:7171

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.2
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:0.7.1
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:4.0.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 50370
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/12/07 12:31:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/11/23 15:41:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/21 11:52:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/21 11:52:19 | 000,000,000 | ---D | M]

[2008/06/22 07:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Mozilla\Extensions
[2010/11/21 12:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Mozilla\Firefox\Profiles\ubs9tnpm.default\extensions
[2010/02/05 16:29:12 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\josh\Application Data\Mozilla\Firefox\Profiles\ubs9tnpm.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2007/11/05 16:53:44 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\josh\Application Data\Mozilla\Firefox\Profiles\ubs9tnpm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/04/14 01:13:13 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\josh\Application Data\Mozilla\Firefox\Profiles\ubs9tnpm.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/06/25 14:52:06 | 000,000,000 | ---D | M] (PitchDark) -- C:\Documents and Settings\josh\Application Data\Mozilla\Firefox\Profiles\ubs9tnpm.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009/10/03 11:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Mozilla\Firefox\Profiles\ubs9tnpm.default\extensions\en-US@dictionaries.addons.mozilla.org
[2009/03/22 22:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Mozilla\Firefox\Profiles\ubs9tnpm.default\extensions\moveplayer@movenetworks.com
[2008/06/25 14:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Mozilla\Firefox\Profiles\ubs9tnpm.default\extensions\nasanightlaunch@example.com
[2009/12/07 21:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Mozilla\Firefox\Profiles\ubs9tnpm.default\extensions\tineye@ideeinc.com
[2010/11/21 12:03:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/06 13:52:09 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2008/05/15 17:02:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
[2010/10/13 17:28:36 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2010/11/21 11:36:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\josh\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\josh\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/21 23:12:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/21 11:55:19 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/11/21 11:55:19 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/11/21 11:54:48 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/11/21 11:53:18 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/11/21 11:52:54 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/11/21 11:50:29 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/11/21 11:30:20 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/11/20 21:01:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\josh\Recent
[2007/10/18 15:57:53 | 085,979,568 | ---- | C] (F-Secure Corporation) -- C:\Program Files\fs2008.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/30 13:28:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/30 13:14:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-725345543-1801674531-1003UA.job
[2010/11/30 12:56:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/11/30 12:07:50 | 000,033,051 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2010/11/30 10:27:06 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/11/30 09:28:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/30 07:14:01 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-725345543-1801674531-1003Core.job
[2010/11/29 13:35:10 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/11/29 13:30:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/29 13:29:57 | 000,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/29 13:29:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/22 03:32:38 | 000,111,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/22 03:15:55 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/11/21 11:52:24 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\josh\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/21 11:52:24 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/11/21 11:50:29 | 000,385,132 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/21 11:50:29 | 000,055,228 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/21 11:42:47 | 000,006,711 | ---- | M] () -- C:\Documents and Settings\josh\Desktop\hijackthis211110_2
[2010/11/21 11:36:40 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/11/21 11:30:26 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2010/11/21 11:27:17 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\josh\Desktop\Shortcut to ComboFix.lnk
[2010/11/21 11:25:08 | 000,007,028 | ---- | M] () -- C:\Documents and Settings\josh\Desktop\hijackthis211110
[2010/11/21 09:11:40 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/21 02:17:51 | 000,007,699 | ---- | M] () -- C:\Documents and Settings\josh\Desktop\hijackthis112110
[2010/11/15 02:39:52 | 000,000,338 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/11/08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010/11/05 20:15:25 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\josh\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/05 20:15:24 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\josh\Desktop\Google Chrome.lnk
[2010/11/01 00:20:00 | 000,000,330 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,011,168 | -H-- | C] () -- C:\WINDOWS\System32\tujugute
[2010/11/21 11:52:24 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\josh\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/21 11:52:24 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/11/21 11:42:47 | 000,006,711 | ---- | C] () -- C:\Documents and Settings\josh\Desktop\hijackthis211110_2
[2010/11/21 11:28:08 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/11/21 11:27:17 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\josh\Desktop\Shortcut to ComboFix.lnk
[2010/11/21 11:25:08 | 000,007,028 | ---- | C] () -- C:\Documents and Settings\josh\Desktop\hijackthis211110
[2010/11/21 02:17:51 | 000,007,699 | ---- | C] () -- C:\Documents and Settings\josh\Desktop\hijackthis112110
[2010/11/20 21:22:11 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008/05/26 12:07:05 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\josh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/31 15:25:46 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\divx_xx0a.dll
[2008/03/21 14:30:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/03/21 14:28:20 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/02/09 17:47:28 | 000,000,986 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/02/08 21:06:21 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2007/12/31 16:17:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2007/09/30 23:51:51 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\josh\Local Settings\Application Data\fusioncache.dat
[2007/02/08 19:08:09 | 000,000,171 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2006/12/19 14:17:03 | 000,001,135 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2006/11/27 18:12:36 | 000,002,519 | ---- | C] () -- C:\WINDOWS\COLORBK.INI
[2006/11/11 13:12:15 | 000,000,131 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/10/31 13:35:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/31 13:35:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/31 13:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/31 13:35:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/31 13:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/31 13:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/31 13:35:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/10/14 11:32:49 | 000,000,094 | ---- | C] () -- C:\WINDOWS\CuriousP.INI
[2006/09/05 18:23:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2006/07/18 15:00:35 | 000,000,120 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2006/07/18 15:00:11 | 000,002,552 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2006/06/04 08:40:21 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2006/05/25 07:33:45 | 000,000,300 | ---- | C] () -- C:\WINDOWS\Disney.ini
[2006/05/07 13:27:54 | 000,000,181 | ---- | C] () -- C:\WINDOWS\ka.ini
[2006/04/26 19:27:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/04/22 20:23:26 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2006/04/22 20:12:34 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/04/22 16:50:04 | 000,003,000 | R--- | C] () -- C:\WINDOWS\System32\SetupNT.sys
[2004/12/31 21:36:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== LOP Check ==========

[2007/10/01 00:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Disney Interactive
[2007/11/20 07:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2007/10/18 15:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg
[2008/05/26 11:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2008/01/13 11:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/08/28 23:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/11/11 13:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Learning Company
[2007/11/03 10:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\F-Secure
[2010/04/05 20:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Facebook
[2008/05/26 11:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\HotSync
[2006/07/08 09:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\InterTrust
[2006/05/06 08:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Leadertech
[2008/04/12 22:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Meridian93
[2008/01/13 11:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\SpinTop
[2008/12/18 22:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\s_6002_fHx8fHx8fDEyNDIyOTExNzV8_
[2006/11/12 10:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\The Learning Company
[2010/01/31 00:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\josh\Application Data\Turbine
[2010/11/15 02:39:52 | 000,000,338 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2010/11/01 00:20:00 | 000,000,330 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2010/11/29 13:35:10 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2913008E
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57B4E612
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BAFDD950
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

#5 frisbee212

frisbee212
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 30 November 2010 - 02:54 PM

Thanks again for the help! B)

Edited by frisbee212, 30 November 2010 - 03:04 PM.


#6 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:04:18 AM

Posted 30 November 2010 - 06:34 PM

You are welcome :)
This script will remove the proxy settings on Internet Explorer and Firefox.


Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
    IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:7171
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 50370
    FF - prefs.js..network.proxy.type: 1
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
    [2099/01/01 12:00:00 | 000,011,168 | -H-- | C] () -- C:\WINDOWS\System32\tujugute
    
    
    :Commands
    [emptytemp]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.
================================Malwarebytes' Anti-Malware=================================
Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
================================Online scan=================================
* Go here to run an online scannner from ESET.
  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Check next options: Remove found threats and Scan unwanted applications.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#7 frisbee212

frisbee212
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 30 November 2010 - 07:36 PM

Here, from OTL, after reboot, is the Custom Scans/fixes Log:



All processes killed
========== OTL ==========
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 50370 removed from network.proxy.http_port
Prefs.js: 1 removed from network.proxy.type
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
C:\WINDOWS\system32\tujugute moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

User: josh
->Temp folder emptied: 1204872 bytes
->Temporary Internet Files folder emptied: 1651196 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49868260 bytes
->Google Chrome cache emptied: 365394442 bytes
->Flash cache emptied: 16833 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 111893 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 405 bytes

%systemdrive% .tmp files removed: 1217 bytes
%systemroot% .tmp files removed: 1379330 bytes
%systemroot%\System32 .tmp files removed: 2832919 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2522906 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 405.00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11302010_180014

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_b80.dat not found!

Registry entries deleted on Reboot...

#8 frisbee212

frisbee212
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 30 November 2010 - 07:58 PM

MBAM log:




Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5221

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

11/30/2010 6:55:50 PM
mbam-log-2010-11-30 (18-55-50).txt

Scan type: Quick scan
Objects scanned: 137644
Time elapsed: 5 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)








this is good, right? :P

#9 frisbee212

frisbee212
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 30 November 2010 - 08:26 PM

Since I never ever use IE, how important is it that I run the ESET online scanner?


Your help has been awesome, and I appreciate the kindness and altruistic nature of this website so I donated a few bucks for your time and to the cause!

Thanks so much!

#10 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:04:18 AM

Posted 01 December 2010 - 07:15 AM

Not entirely necessary so it does not absolutely need to b done.
Thank you for your donation.


======Next======
  • Double click on OTL to run it.
  • Click on the Cleanup button at the top.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
  • This will remove itself and other tools we may have used.
===============Update Java===============

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java SE Runtime Environment (JRE) and save it to your desktop.
  • Scroll down to where it says "(JRE) then click on it
  • Click the "Download" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u22-windows-i586.exe to install the newest version.
======================Clear out infected System Restore points======================
Then we need to reset your System Restore points.
The link below shows how to do this.
How to Turn On and Turn Off System Restore in Windows XP
http://support.microsoft.com/kb/310405/en-us

If you are using Vista then see this link: http://www.bleepingcomputer.com/tutorials/...143.html#manual

Delete\uninstall anything else that we have used that is leftover.


After that your all set.


===The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance===

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Prevention article Some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes.

How did I get infected in the first place? Also this one by Tony Klein.

If your computer is slow Things you can do if your computer is slow.

PC Safety and Security - What Do I Need? Security suggestions and general hints and tips for PC security.

File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent etc...



===Free antimalware tools used for on demand scanning and cleaning no real time unless purchased===

Malwarebytes Antimalware
superantispyware

===Free antivirus links===

This is antivirus and antispyware.
Microsoft Security Essentials
This is free antispyware protection and Antivirus protection.
AVG free
This is just antivirus protection.
Antivir
This is antivirus and antispyware protection.
Avast
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users