Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

2 PC's and a Mac laptop in need of redirect fixing


  • This topic is locked This topic is locked
15 replies to this topic

#1 dubbleii

dubbleii

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:07 AM

Posted 09 December 2010 - 09:19 PM

I have a pc regular computer and there is also a pc laptop that both need attention when it comes to redirecting issues. The Mac laptop computer also has experienced it's own redirect issues.
I would need someone who knows both PC's and Macs, or at least the PC's can be fixed by one and the Mac resolved in another topic.

Please, we need help...

Thanks in advance.
:cold:

BC AdBot (Login to Remove)

 


#2 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:07 PM

Posted 17 December 2010 - 08:20 PM

Hello and welcome to Bleeping Computer :welcome:

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log




Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#3 dubbleii

dubbleii
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:07 AM

Posted 21 December 2010 - 11:35 PM

Hello,
Here are my DDS log results and the gmer scan log should be attached.
This is the log for computer #1. It's the heavy traffic computer. I do have another pc that's experiencing redirecting as I mentioned.
I can provide the same info using the same programs in a new topic for you to look at after we work on this one.

Thanks


DDS (Ver_10-12-12.02) - NTFSx86
Run by Don at 22:19:20.60 on Tue 12/21/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1325 [GMT -5:00]

AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIENA.EXE
svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Program Files\Exterminate It!\ExterminateIt.exe
C:\Documents and Settings\Don\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Don\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Don\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Don\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80015
mCustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80015
uURLSearchHooks: H - No File
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.8.0.41\IPSBHO.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E3215F20-3212-11D6-9F8B-00D0B743919D} - No File
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.8.0.41\coIEPlg.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
uRun: [cdloader] "c:\documents and settings\don\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [Google Update] "c:\documents and settings\don\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [EPSON Artisan 700 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiena.exe /fu "c:\docume~1\don\locals~1\temp\E_S154.tmp" /EF "HKCU"
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [OSSelectorReinstall] c:\program files\common files\acronis\acronis disk director\oss_reinstall.exe
mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [PCTools FGuard] c:\program files\pc tools security\bdt\FGuard.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211590681207
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211659632218
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.8.0.41\CoIEPlg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1008000.029\SymEFA.sys [2010-1-28 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1008000.029\BHDrvx86.sys [2010-1-28 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1008000.029\cchpx86.sys [2010-1-28 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20101221.002\IDSXpx86.sys [2010-12-21 341944]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\pc tools security\bdt\BDTUpdateService.exe [2010-9-14 235472]
R2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.8.0.41\ccSvcHst.exe [2010-1-28 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-12-8 102448]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20101221.020\NAVENG.SYS [2010-12-21 86008]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20101221.020\NAVEX15.SYS [2010-12-21 1360760]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-4 135664]

=============== Created Last 30 ================

2010-12-19 21:32:01 18504 ----a-w- c:\windows\system32\drivers\nuidfltr.sys
2010-12-19 21:32:01 1421384 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2010-12-19 21:24:18 31048 ----a-w- c:\windows\system32\drivers\point32.sys
2010-12-19 21:23:49 -------- d-----w- c:\program files\Microsoft IntelliPoint
2010-12-16 14:26:35 -------- dc-h--w- c:\windows\ie8
2010-12-15 23:58:05 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-09 04:32:08 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-12-09 04:32:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-08 15:45:58 -------- d-sh--w- C:\found.001

==================== Find3M ====================

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ------w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 22:19:52.64 ===============

Attached Files

  • Attached File  ark.txt   6.81KB   4 downloads

Edited by dubbleii, 21 December 2010 - 11:48 PM.


#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:07 AM

Posted 24 December 2010 - 11:30 AM

Hello dubbleii,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • Finally, please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.

1.
  • Download the file TDSSKiller.zip and extract it into a folder on the infected computer.
  • Double-click the file TDSSKiller.exe.
  • Wait for the scan and disinfection process to be over. You do not have to reboot the PC after the disinfection is over.
  • If nothing has been detected, the utility will conduct a search for hidden services. If such a service is detected, the utility will report its name with a prompt to remove it. Type delete to remove a service.
  • If malicious services or files have been detected, the utility will prompt to reboot the PC in order to complete the disinfection procedure. After reboot, the driver will delete malicious registry keys and files as well as remove itself from the services list.

2.
Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

3.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Does you machine run off 1 router? The same router? If so follow the Directions for resetting the Router.

Do this also to each machine:
  • Go to Start -> Control Panel -> Network and Internet Connection ->Network Connections.
  • Right-click your default connection, usually Local Area Connection or Dial-up Connection (if you are using dial-up), and left-click on the Properties option.
  • Double-click on the Internet Protocol (TCP/IP) item and select the radio button that says "Obtain DNS servers automatically".
  • Click OK twice.
    spacer.gif
  • Go to Start -> Run...
  • In the Open: field type cmd and click OK or hit Enter.
    This will open a Command Prompt.
  • At the DOS prompt screen, type in ipconfig /flushdns and then press Enter (notice the space between "ipconfig" and "/flushdns").
  • Exit the Command Prompt.
  • Reboot your PC and try to open any website.



Things to include in your next reply::
TdssKiller log
Combofix.txt
How is your machine running now.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 dubbleii

dubbleii
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:07 AM

Posted 27 December 2010 - 11:33 AM

I am still experiencing rerouting at this computer. At first it seemed a bit better, now it's the same again.
I have not gone through these steps with our other pc yet.
These are the logs:




This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 12/26/2010 at 22:41:57.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:

C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\Documents and Settings\Don\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Don\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Don\Local Settings\Application Data\Google\Chrome\Application\chrome.exe


Rkill completed on 12/26/2010 at 22:42:21.
2010/12/26 22:36:55.0593 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
2010/12/26 22:36:55.0593 ================================================================================
2010/12/26 22:36:55.0593 SystemInfo:
2010/12/26 22:36:55.0593
2010/12/26 22:36:55.0593 OS Version: 5.1.2600 ServicePack: 3.0
2010/12/26 22:36:55.0593 Product type: Workstation
2010/12/26 22:36:55.0593 ComputerName: DONSMACHINE
2010/12/26 22:36:55.0593 UserName: Don
2010/12/26 22:36:55.0593 Windows directory: C:\WINDOWS
2010/12/26 22:36:55.0593 System windows directory: C:\WINDOWS
2010/12/26 22:36:55.0593 Processor architecture: Intel x86
2010/12/26 22:36:55.0593 Number of processors: 1
2010/12/26 22:36:55.0593 Page size: 0x1000
2010/12/26 22:36:55.0593 Boot type: Normal boot
2010/12/26 22:36:55.0593 ================================================================================
2010/12/26 22:36:56.0109 Initialize success
2010/12/26 22:36:59.0359 ================================================================================
2010/12/26 22:36:59.0359 Scan started
2010/12/26 22:36:59.0359 Mode: Manual;
2010/12/26 22:36:59.0359 ================================================================================
2010/12/26 22:37:00.0265 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/12/26 22:37:00.0312 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2010/12/26 22:37:00.0359 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/12/26 22:37:00.0421 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/12/26 22:37:00.0593 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/12/26 22:37:00.0718 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/12/26 22:37:00.0750 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/12/26 22:37:00.0828 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/12/26 22:37:00.0937 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/12/26 22:37:01.0000 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/12/26 22:37:01.0078 BHDrvx86 (76154fa6a742c613b44bb636b1a7c057) C:\WINDOWS\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
2010/12/26 22:37:01.0359 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/12/26 22:37:01.0437 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/12/26 22:37:01.0546 ccHP (8973ff34b83572d867b5b928905ad5ac) C:\WINDOWS\System32\Drivers\NIS\1008000.029\ccHPx86.sys
2010/12/26 22:37:01.0640 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/12/26 22:37:01.0671 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/12/26 22:37:01.0734 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/12/26 22:37:01.0796 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2010/12/26 22:37:01.0875 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2010/12/26 22:37:02.0015 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/12/26 22:37:02.0078 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/12/26 22:37:02.0156 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/12/26 22:37:02.0234 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/12/26 22:37:02.0281 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/12/26 22:37:02.0328 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/12/26 22:37:02.0421 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2010/12/26 22:37:02.0468 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2010/12/26 22:37:02.0593 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/12/26 22:37:02.0671 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2010/12/26 22:37:02.0703 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/12/26 22:37:02.0734 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2010/12/26 22:37:02.0796 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/12/26 22:37:02.0843 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/12/26 22:37:02.0875 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/12/26 22:37:02.0953 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/12/26 22:37:03.0046 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
2010/12/26 22:37:03.0093 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/12/26 22:37:03.0156 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/12/26 22:37:03.0250 HSFHWAZL (14b15d0d803ef4ab9b525b7e2da303ef) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2010/12/26 22:37:03.0328 HSF_DPV (cbf6831420a97e8fbb91e5f52b707ef7) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2010/12/26 22:37:03.0406 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/12/26 22:37:03.0515 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/12/26 22:37:03.0750 IDSxpx86 (0308238c582a55d83d34feee39542793) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101224.001\IDSxpx86.sys
2010/12/26 22:37:03.0843 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/12/26 22:37:03.0953 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/12/26 22:37:04.0015 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/12/26 22:37:04.0062 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/12/26 22:37:04.0125 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/12/26 22:37:04.0218 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/12/26 22:37:04.0296 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/12/26 22:37:04.0328 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/12/26 22:37:04.0343 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2010/12/26 22:37:04.0375 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/12/26 22:37:04.0390 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/12/26 22:37:04.0421 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/12/26 22:37:04.0453 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/12/26 22:37:04.0484 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/12/26 22:37:04.0531 Ktp (475a6af6ba5e060981a9f9fe284f45ab) C:\WINDOWS\system32\DRIVERS\Ktp.sys
2010/12/26 22:37:04.0625 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2010/12/26 22:37:04.0671 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/12/26 22:37:04.0703 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/12/26 22:37:04.0750 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/12/26 22:37:04.0781 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/12/26 22:37:04.0796 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/12/26 22:37:04.0937 MREMPR5 (2bc9e43f55de8c30fc817ed56d0ee907) C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
2010/12/26 22:37:04.0968 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
2010/12/26 22:37:05.0031 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/12/26 22:37:05.0078 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/12/26 22:37:05.0234 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/12/26 22:37:05.0281 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/12/26 22:37:05.0343 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/12/26 22:37:05.0375 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/12/26 22:37:05.0421 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/12/26 22:37:05.0468 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/12/26 22:37:05.0515 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/12/26 22:37:05.0578 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/12/26 22:37:05.0796 NAVENG (c8ef74e4d8105b1d02d58ea4734cf616) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101226.003\NAVENG.SYS
2010/12/26 22:37:05.0921 NAVEX15 (94b3164055d821a62944d9fe84036470) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101226.003\NAVEX15.SYS
2010/12/26 22:37:06.0078 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/12/26 22:37:06.0125 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/12/26 22:37:06.0156 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/12/26 22:37:06.0250 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/12/26 22:37:06.0281 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/12/26 22:37:06.0312 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/12/26 22:37:06.0343 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/12/26 22:37:06.0375 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/12/26 22:37:06.0421 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/12/26 22:37:06.0453 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/12/26 22:37:06.0468 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
2010/12/26 22:37:06.0500 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/12/26 22:37:06.0562 NuidFltr (b42370e5d7ca473c8ba8429a4ef0d666) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
2010/12/26 22:37:06.0578 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/12/26 22:37:06.0734 nv (7d504e6fd9a69efd4bc8f8f4db66a01b) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/12/26 22:37:06.0921 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/12/26 22:37:06.0953 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/12/26 22:37:07.0000 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/12/26 22:37:07.0031 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2010/12/26 22:37:07.0046 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/12/26 22:37:07.0078 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/12/26 22:37:07.0140 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/12/26 22:37:07.0218 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/12/26 22:37:07.0234 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2010/12/26 22:37:07.0421 Point32 (cf7c1868b90c90a265fc3f60ce46265b) C:\WINDOWS\system32\DRIVERS\point32.sys
2010/12/26 22:37:07.0453 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/12/26 22:37:07.0500 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/12/26 22:37:07.0531 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/12/26 22:37:07.0578 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/12/26 22:37:07.0718 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/12/26 22:37:07.0765 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2010/12/26 22:37:07.0796 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/12/26 22:37:07.0828 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/12/26 22:37:07.0843 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/12/26 22:37:07.0875 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/12/26 22:37:07.0906 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/12/26 22:37:07.0968 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/12/26 22:37:08.0015 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/12/26 22:37:08.0093 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2010/12/26 22:37:08.0156 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/12/26 22:37:08.0234 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/12/26 22:37:08.0265 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/12/26 22:37:08.0312 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/12/26 22:37:08.0375 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/12/26 22:37:08.0437 snapman (e78c98378a071ce4d48a7c514fa98fa1) C:\WINDOWS\system32\DRIVERS\snapman.sys
2010/12/26 22:37:08.0531 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/12/26 22:37:08.0578 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/12/26 22:37:08.0671 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\WINDOWS\System32\Drivers\NIS\1008000.029\SRTSP.SYS
2010/12/26 22:37:08.0750 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\WINDOWS\system32\drivers\NIS\1008000.029\SRTSPX.SYS
2010/12/26 22:37:08.0828 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/12/26 22:37:08.0890 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/12/26 22:37:08.0937 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/12/26 22:37:08.0968 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/12/26 22:37:09.0125 SymEFA (d0885f6e24259a6c65e68d6ad749910a) C:\WINDOWS\system32\drivers\NIS\1008000.029\SYMEFA.SYS
2010/12/26 22:37:09.0156 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
2010/12/26 22:37:09.0250 SYMFW (1e825026436c4eac3e1a11d1e9c33f2c) C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMFW.SYS
2010/12/26 22:37:09.0265 SYMIDS (7a20b7d774ef0f16cf81b898bfeca772) C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMIDS.SYS
2010/12/26 22:37:09.0328 SymIM (c6db9f873b09c63f5cb1de10c08bf6f9) C:\WINDOWS\system32\DRIVERS\SymIM.sys
2010/12/26 22:37:09.0328 SymIMMP (c6db9f873b09c63f5cb1de10c08bf6f9) C:\WINDOWS\system32\DRIVERS\SymIM.sys
2010/12/26 22:37:09.0390 SYMNDIS (5ab7d00ea6b7a6fcd5067c632ec6f039) C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMNDIS.SYS
2010/12/26 22:37:09.0468 SYMTDI (e4fa8bbb96e314e9508865de1a767538) C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
2010/12/26 22:37:09.0593 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/12/26 22:37:09.0656 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/12/26 22:37:09.0718 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/12/26 22:37:09.0765 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/12/26 22:37:09.0828 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/12/26 22:37:09.0890 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\WINDOWS\system32\drivers\tifm21.sys
2010/12/26 22:37:09.0984 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/12/26 22:37:10.0093 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/12/26 22:37:10.0156 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/12/26 22:37:10.0250 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/12/26 22:37:10.0328 USBCM (d21cde1c635bcc5053463579eee453cf) C:\WINDOWS\system32\DRIVERS\Sacm2A.sys
2010/12/26 22:37:10.0390 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/12/26 22:37:10.0437 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/12/26 22:37:10.0500 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/12/26 22:37:10.0546 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/12/26 22:37:10.0625 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/12/26 22:37:10.0687 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/12/26 22:37:10.0734 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/12/26 22:37:10.0796 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/12/26 22:37:10.0937 w29n51 (a22abd73e0d6ba666cba4e86eeb001b3) C:\WINDOWS\system32\DRIVERS\w29n51.sys
2010/12/26 22:37:11.0062 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/12/26 22:37:11.0140 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2010/12/26 22:37:11.0265 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/12/26 22:37:11.0437 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2010/12/26 22:37:11.0546 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/12/26 22:37:11.0609 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/12/26 22:37:11.0703 yukonwxp (ba6d2b32372a879aa817829c7cd2cb15) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
2010/12/26 22:37:11.0937 ================================================================================
2010/12/26 22:37:11.0937 Scan finished
2010/12/26 22:37:11.0937 ================================================================================
2010/12/26 22:37:20.0281 Deinitialize success



ComboFix 10-12-26.01 - Don 12/26/2010 22:48:19.10.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1539 [GMT -5:00]
Running from: c:\documents and settings\Don\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((( Files Created from 2010-11-27 to 2010-12-27 )))))))))))))))))))))))))))))))
.

2010-12-19 21:32 . 2008-06-09 20:12 1421384 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2010-12-19 21:32 . 2008-06-09 20:12 18504 ----a-w- c:\windows\system32\drivers\nuidfltr.sys
2010-12-19 21:24 . 2008-06-10 20:04 31048 ----a-w- c:\windows\system32\drivers\point32.sys
2010-12-19 21:23 . 2010-12-19 21:24 -------- d-----w- c:\program files\Microsoft IntelliPoint
2010-12-16 14:26 . 2010-12-16 14:28 -------- dc-h--w- c:\windows\ie8
2010-12-15 23:58 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-11 01:24 . 2010-12-11 01:24 -------- d-----w- c:\windows\Sun
2010-12-09 04:32 . 2010-12-09 04:32 -------- d-----w- c:\program files\Common Files\Java
2010-12-09 04:32 . 2010-12-09 04:31 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-12-09 04:32 . 2010-12-09 04:31 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-09 04:31 . 2010-12-09 04:31 -------- d-----w- c:\program files\Java
2010-12-08 15:45 . 2010-12-08 15:45 -------- d-----w- C:\found.001

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2008-05-24 00:25 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-04 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2004-08-04 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((( SnapShot_2010-10-23_15.58.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-12-26 12:42 . 2010-12-26 12:42 16384 c:\windows\Temp\Perflib_Perfdata_e0.dat
+ 2010-12-26 12:42 . 2010-12-26 12:42 16384 c:\windows\Temp\Perflib_Perfdata_7d4.dat
- 2008-04-14 00:12 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 00:12 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
- 2008-05-24 00:39 . 2009-01-07 22:21 26144 c:\windows\system32\spupdsvc.exe
+ 2008-05-24 00:39 . 2009-01-07 23:21 26144 c:\windows\system32\spupdsvc.exe
- 2008-05-24 02:08 . 2009-01-07 22:20 16928 c:\windows\system32\spmsg.dll
+ 2008-05-24 02:08 . 2009-01-07 23:20 16928 c:\windows\system32\spmsg.dll
+ 2010-10-05 00:14 . 2010-12-21 23:38 55696 c:\windows\system32\Restore\rstrlog.dat
+ 2010-12-19 21:30 . 2008-04-13 18:39 23040 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\mouclass.sys
+ 2010-12-19 21:30 . 2008-04-13 19:18 52480 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\i8042prt.sys
+ 2010-12-19 21:24 . 2004-08-04 12:00 12160 c:\windows\system32\ReinstallBackups\0021\DriverFiles\i386\mouhid.sys
+ 2010-12-19 21:24 . 2008-04-13 18:39 23040 c:\windows\system32\ReinstallBackups\0021\DriverFiles\i386\mouclass.sys
+ 2010-12-14 02:34 . 2006-08-24 14:12 32768 c:\windows\system32\ReinstallBackups\0020\DriverFiles\Mag_gla2.exe
+ 2010-12-14 02:34 . 2006-08-24 14:12 49152 c:\windows\system32\ReinstallBackups\0020\DriverFiles\KtpXPDll.dll
+ 2010-12-14 02:34 . 2006-08-24 14:12 57344 c:\windows\system32\ReinstallBackups\0020\DriverFiles\KtpDll.dll
+ 2010-12-14 02:34 . 2006-08-24 14:12 25984 c:\windows\system32\ReinstallBackups\0020\DriverFiles\Ktp.sys
+ 2010-12-14 02:34 . 2006-08-24 14:12 28672 c:\windows\system32\ReinstallBackups\0020\DriverFiles\ENU\KTUninst.dll
+ 2010-12-14 02:34 . 2006-08-24 14:12 53248 c:\windows\system32\ReinstallBackups\0020\DriverFiles\ElanDll.dll
- 2004-08-04 12:00 . 2009-03-08 08:31 46592 c:\windows\system32\pngfilt.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 46592 c:\windows\system32\pngfilt.dll
+ 2004-08-04 12:00 . 2010-11-07 10:09 71522 c:\windows\system32\perfc009.dat
+ 2006-06-29 12:05 . 2009-01-07 23:20 23552 c:\windows\system32\normaliz.dll
- 2006-06-29 12:05 . 2009-01-07 22:20 23552 c:\windows\system32\normaliz.dll
+ 2006-06-28 21:59 . 2009-01-07 23:20 24576 c:\windows\system32\nlsdl.dll
- 2006-06-28 21:59 . 2009-01-07 22:20 24576 c:\windows\system32\nlsdl.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 48128 c:\windows\system32\mshtmler.dll
- 2004-08-04 12:00 . 2009-03-08 08:31 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 66560 c:\windows\system32\mshtmled.dll
- 2004-08-04 12:00 . 2010-09-10 05:58 66560 c:\windows\system32\mshtmled.dll
- 2004-08-04 12:00 . 2009-03-08 08:31 45568 c:\windows\system32\mshta.exe
+ 2004-08-04 12:00 . 2009-03-08 09:31 45568 c:\windows\system32\mshta.exe
+ 2007-08-13 22:36 . 2009-03-08 09:31 13312 c:\windows\system32\msfeedssync.exe
- 2007-08-13 22:36 . 2009-03-08 08:31 13312 c:\windows\system32\msfeedssync.exe
- 2007-08-13 22:54 . 2010-09-10 05:58 55296 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 22:54 . 2010-11-06 00:26 55296 c:\windows\system32\msfeedsbs.dll
- 2004-08-04 12:00 . 2010-09-10 05:58 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 25600 c:\windows\system32\jsproxy.dll
- 2004-08-04 12:00 . 2009-03-08 08:32 94720 c:\windows\system32\inseng.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 94720 c:\windows\system32\inseng.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 34816 c:\windows\system32\imgutil.dll
- 2004-08-04 12:00 . 2009-03-08 08:31 34816 c:\windows\system32\imgutil.dll
+ 2007-08-13 22:39 . 2009-03-08 09:32 36864 c:\windows\system32\ieudinit.exe
- 2007-08-13 22:39 . 2009-03-08 08:32 36864 c:\windows\system32\ieudinit.exe
- 2004-08-04 12:00 . 2009-03-08 08:32 71680 c:\windows\system32\iesetup.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 71680 c:\windows\system32\iesetup.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 55808 c:\windows\system32\iernonce.dll
- 2004-08-04 12:00 . 2009-03-08 08:32 55808 c:\windows\system32\iernonce.dll
+ 2006-06-29 12:05 . 2009-01-07 23:20 26112 c:\windows\system32\idndl.dll
- 2006-06-29 12:05 . 2009-01-07 22:20 26112 c:\windows\system32\idndl.dll
- 2007-08-13 22:36 . 2009-03-08 08:31 59904 c:\windows\system32\icardie.dll
+ 2007-08-13 22:36 . 2009-03-08 09:31 59904 c:\windows\system32\icardie.dll
+ 2010-12-19 21:24 . 2008-06-10 20:04 31048 c:\windows\system32\DRVSTORE\pnt32uw_667890F3485BB5D1C47F7877D51185D7490A7A6A\point32.sys
+ 2010-12-19 21:31 . 2008-06-10 20:04 33352 c:\windows\system32\DRVSTORE\pnt32uk_8477F1120BF994C8009DDB48E4DD8FA85A9039FC\point32k.sys
+ 2010-12-19 21:30 . 2008-06-10 20:04 31048 c:\windows\system32\DRVSTORE\pnt32pw_81F87EB3DFFD672CD4DE30C5341B8C7F08DA9486\point32.sys
+ 2010-12-19 21:31 . 2008-06-10 20:04 33352 c:\windows\system32\DRVSTORE\pnt32pk_10A740FB87D0ACA33593A12D9BBD5CBB5DED03D4\point32k.sys
+ 2010-12-19 21:32 . 2008-06-09 20:12 18504 c:\windows\system32\DRVSTORE\nuidfltr_E8F8C714821A786671DE95508EA821EFC993B9E1\NuidFltr.sys
+ 2006-11-02 12:22 . 2006-11-02 12:22 32224 c:\windows\system32\drivers\wdfldr.sys
+ 2010-06-03 23:54 . 2008-04-14 00:11 21504 c:\windows\system32\drivers\hidserv.dll
+ 2009-10-14 01:59 . 2010-11-06 00:26 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-10-14 01:59 . 2010-09-10 05:58 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2008-05-24 00:25 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
+ 2007-08-13 22:36 . 2009-03-08 09:31 46592 c:\windows\system32\dllcache\pngfilt.dll
- 2007-08-13 22:36 . 2009-03-08 08:31 46592 c:\windows\system32\dllcache\pngfilt.dll
- 2007-08-13 22:01 . 2009-03-08 08:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2007-08-13 22:01 . 2009-03-08 09:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2007-08-13 22:54 . 2010-11-06 00:26 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2007-08-13 22:54 . 2010-09-10 05:58 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-08-13 22:32 . 2009-03-08 09:31 45568 c:\windows\system32\dllcache\mshta.exe
- 2007-08-13 22:32 . 2009-03-08 08:31 45568 c:\windows\system32\dllcache\mshta.exe
- 2008-05-24 01:28 . 2010-09-10 05:58 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-05-24 01:28 . 2010-11-06 00:26 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2001-08-17 13:48 . 2004-08-04 12:00 12160 c:\windows\system32\dllcache\mouhid.sys
+ 2004-08-03 22:58 . 2008-04-13 18:39 23040 c:\windows\system32\dllcache\mouclass.sys
+ 2007-08-13 22:44 . 2010-11-06 00:26 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2007-08-13 22:44 . 2010-09-10 05:58 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2007-08-13 22:54 . 2010-09-10 05:58 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-13 22:54 . 2010-11-06 00:26 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
+ 2007-08-13 22:39 . 2009-03-08 09:32 94720 c:\windows\system32\dllcache\inseng.dll
- 2007-08-13 22:39 . 2009-03-08 08:32 94720 c:\windows\system32\dllcache\inseng.dll
- 2007-08-13 22:36 . 2009-03-08 08:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2007-08-13 22:36 . 2009-03-08 09:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2008-05-24 01:28 . 2010-09-08 15:57 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2008-05-24 01:28 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2007-08-13 22:39 . 2009-03-08 08:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2007-08-13 22:39 . 2009-03-08 09:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2007-08-13 22:39 . 2009-03-08 09:32 55808 c:\windows\system32\dllcache\iernonce.dll
- 2007-08-13 22:39 . 2009-03-08 08:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2008-05-24 01:28 . 2009-03-08 09:31 59904 c:\windows\system32\dllcache\icardie.dll
- 2008-05-24 01:28 . 2009-03-08 08:31 59904 c:\windows\system32\dllcache\icardie.dll
+ 2004-08-04 12:00 . 2008-04-13 19:18 52480 c:\windows\system32\dllcache\i8042prt.sys
- 2007-08-13 22:18 . 2009-03-08 08:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2007-08-13 22:18 . 2009-03-08 09:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2007-08-13 22:42 . 2009-03-08 09:33 18944 c:\windows\system32\dllcache\corpol.dll
- 2007-08-13 22:42 . 2009-03-08 08:33 18944 c:\windows\system32\dllcache\corpol.dll
- 2007-08-13 22:39 . 2009-03-08 08:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2007-08-13 22:39 . 2009-03-08 09:32 72704 c:\windows\system32\dllcache\admparse.dll
- 2004-08-04 12:00 . 2009-03-08 08:33 18944 c:\windows\system32\corpol.dll
+ 2004-08-04 12:00 . 2009-03-08 09:33 18944 c:\windows\system32\corpol.dll
- 2004-08-04 12:00 . 2009-03-08 08:32 72704 c:\windows\system32\admparse.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 72704 c:\windows\system32\admparse.dll
- 2010-10-14 10:19 . 2009-05-26 09:01 26488 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\update\spcustom.dll
- 2010-10-14 10:19 . 2009-05-26 09:01 17272 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\spmsg.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 12800 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\xpshims.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 66560 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\mshtmled.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 55296 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\msfeedsbs.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 43520 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\licmgr10.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 25600 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\jsproxy.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 12800 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\xpshims.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 66560 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\mshtmled.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 55296 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\msfeedsbs.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 43520 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\licmgr10.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 25600 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\jsproxy.dll
+ 2010-11-13 01:53 . 2010-11-13 01:53 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
- 2010-06-11 01:02 . 2010-06-11 01:02 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
+ 2010-12-19 21:24 . 2010-12-19 21:24 65536 c:\windows\Installer\{66A9D30D-1464-4C7F-B2F3-507DADAF2595}\NewShortcut4_66A9D30D14644C7FB2F3507DADAF2595.exe
+ 2010-12-19 21:24 . 2010-12-19 21:24 65536 c:\windows\Installer\{66A9D30D-1464-4C7F-B2F3-507DADAF2595}\NewShortcut3_4748AC220AD3439FA5EECE4BB6C12AAC.exe
+ 2010-12-19 21:24 . 2010-12-19 21:24 29926 c:\windows\Installer\{66A9D30D-1464-4C7F-B2F3-507DADAF2595}\NewShortcut2_6463554370E7436D8D6D4A721595029E.exe
+ 2010-12-19 21:24 . 2010-12-19 21:24 29926 c:\windows\Installer\{66A9D30D-1464-4C7F-B2F3-507DADAF2595}\NewShortcut1_6463554370E7436D8D6D4A721595029E.exe
+ 2010-12-19 21:24 . 2010-12-19 21:24 25214 c:\windows\Installer\{66A9D30D-1464-4C7F-B2F3-507DADAF2595}\HCG_SC.exe
+ 2010-12-19 21:24 . 2010-12-19 21:24 25214 c:\windows\Installer\{66A9D30D-1464-4C7F-B2F3-507DADAF2595}\CPL_SC.exe
+ 2010-12-19 21:24 . 2010-12-19 21:24 25214 c:\windows\Installer\{66A9D30D-1464-4C7F-B2F3-507DADAF2595}\CPL_DTSC.exe
+ 2010-12-19 21:24 . 2010-12-19 21:24 25214 c:\windows\Installer\{66A9D30D-1464-4C7F-B2F3-507DADAF2595}\ARPPRODUCTICON.exe
+ 2010-12-16 14:29 . 2009-03-08 09:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
- 2010-06-24 16:18 . 2009-03-08 08:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-12-16 14:29 . 2008-07-08 13:02 17272 c:\windows\ie8updates\KB982381-IE8\spmsg.dll
- 2010-06-24 16:18 . 2008-07-08 13:02 17272 c:\windows\ie8updates\KB982381-IE8\spmsg.dll
+ 2010-12-16 14:29 . 2008-07-08 13:02 26488 c:\windows\ie8updates\KB982381-IE8\spcustom.dll
- 2010-06-24 16:18 . 2008-07-08 13:02 26488 c:\windows\ie8updates\KB982381-IE8\spcustom.dll
+ 2010-12-16 14:29 . 2009-03-08 09:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
- 2010-06-24 16:18 . 2009-03-08 08:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
- 2010-06-24 16:18 . 2009-03-08 08:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-12-16 14:29 . 2009-03-08 09:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-12-17 04:13 . 2009-05-26 11:40 17272 c:\windows\ie8updates\KB981332-IE8\spmsg.dll
- 2010-06-25 01:55 . 2009-05-26 11:40 17272 c:\windows\ie8updates\KB981332-IE8\spmsg.dll
+ 2010-12-17 04:13 . 2009-05-26 11:40 26488 c:\windows\ie8updates\KB981332-IE8\spcustom.dll
- 2010-06-25 01:55 . 2009-05-26 11:40 26488 c:\windows\ie8updates\KB981332-IE8\spcustom.dll
- 2010-06-25 01:56 . 2008-07-08 13:02 17272 c:\windows\ie8updates\KB976662-IE8\spmsg.dll
+ 2010-12-17 04:13 . 2008-07-08 13:02 17272 c:\windows\ie8updates\KB976662-IE8\spmsg.dll
- 2010-06-25 01:56 . 2008-07-08 13:02 26488 c:\windows\ie8updates\KB976662-IE8\spcustom.dll
+ 2010-12-17 04:13 . 2008-07-08 13:02 26488 c:\windows\ie8updates\KB976662-IE8\spcustom.dll
- 2010-06-25 01:55 . 2008-07-08 13:02 17272 c:\windows\ie8updates\KB971961-IE8\spmsg.dll
+ 2010-12-17 04:12 . 2008-07-08 13:02 17272 c:\windows\ie8updates\KB971961-IE8\spmsg.dll
- 2010-06-25 01:55 . 2008-07-08 13:02 26488 c:\windows\ie8updates\KB971961-IE8\spcustom.dll
+ 2010-12-17 04:12 . 2008-07-08 13:02 26488 c:\windows\ie8updates\KB971961-IE8\spcustom.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 12800 c:\windows\ie8updates\KB2416400-IE8\xpshims.dll
+ 2010-12-16 14:30 . 2010-02-22 14:23 17272 c:\windows\ie8updates\KB2416400-IE8\spmsg.dll
+ 2010-12-16 14:30 . 2010-02-22 14:23 26488 c:\windows\ie8updates\KB2416400-IE8\spcustom.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 66560 c:\windows\ie8updates\KB2416400-IE8\mshtmled.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 55296 c:\windows\ie8updates\KB2416400-IE8\msfeedsbs.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 43520 c:\windows\ie8updates\KB2416400-IE8\licmgr10.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 25600 c:\windows\ie8updates\KB2416400-IE8\jsproxy.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll
- 2010-10-14 13:37 . 2010-06-24 12:22 12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll
+ 2010-12-16 14:30 . 2009-05-26 09:01 17272 c:\windows\ie8updates\KB2360131-IE8\spmsg.dll
+ 2010-12-16 14:30 . 2009-05-26 09:01 26488 c:\windows\ie8updates\KB2360131-IE8\spcustom.dll
- 2010-10-14 13:37 . 2009-03-08 08:31 66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll
+ 2010-12-16 14:30 . 2009-03-08 09:31 66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll
- 2010-10-14 13:37 . 2010-06-24 12:21 55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll
- 2010-10-14 13:37 . 2009-03-08 08:34 43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll
+ 2010-12-16 14:30 . 2009-03-08 09:34 43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll
- 2010-10-14 13:37 . 2010-06-24 12:21 25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll
- 2010-06-24 16:16 . 2009-03-08 18:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2010-12-16 14:27 . 2009-03-08 19:23 58464 c:\windows\ie8\spuninst\iecustom.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 44544 c:\windows\ie8\pngfilt.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 44544 c:\windows\ie8\pngfilt.dll
- 2010-06-24 16:15 . 2007-08-13 22:01 48128 c:\windows\ie8\mshtmler.dll
+ 2010-12-16 14:26 . 2007-08-13 22:01 48128 c:\windows\ie8\mshtmler.dll
+ 2010-12-16 14:26 . 2007-08-13 22:32 45568 c:\windows\ie8\mshta.exe
- 2010-06-24 16:15 . 2007-08-13 22:32 45568 c:\windows\ie8\mshta.exe
+ 2010-12-16 14:26 . 2007-08-13 22:36 12288 c:\windows\ie8\msfeedssync.exe
- 2010-06-24 16:15 . 2007-08-13 22:36 12288 c:\windows\ie8\msfeedssync.exe
- 2010-06-24 16:15 . 2009-06-29 16:12 52224 c:\windows\ie8\msfeedsbs.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 52224 c:\windows\ie8\msfeedsbs.dll
+ 2010-12-16 14:26 . 2007-08-13 22:44 40960 c:\windows\ie8\licmgr10.dll
- 2010-06-24 16:15 . 2007-08-13 22:44 40960 c:\windows\ie8\licmgr10.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 27648 c:\windows\ie8\jsproxy.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 27648 c:\windows\ie8\jsproxy.dll
+ 2010-12-16 14:26 . 2007-08-13 22:39 92672 c:\windows\ie8\inseng.dll
- 2010-06-24 16:15 . 2007-08-13 22:39 92672 c:\windows\ie8\inseng.dll
+ 2010-12-16 14:26 . 2007-08-13 22:36 36352 c:\windows\ie8\imgutil.dll
- 2010-06-24 16:15 . 2007-08-13 22:36 36352 c:\windows\ie8\imgutil.dll
- 2010-06-24 16:15 . 2007-08-13 22:39 55296 c:\windows\ie8\iesetup.dll
+ 2010-12-16 14:26 . 2007-08-13 22:39 55296 c:\windows\ie8\iesetup.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 44544 c:\windows\ie8\iernonce.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 44544 c:\windows\ie8\iernonce.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 78336 c:\windows\ie8\ieencode.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 78336 c:\windows\ie8\ieencode.dll
+ 2010-12-16 14:26 . 2010-09-08 15:57 70656 c:\windows\ie8\ie4uinit.exe
- 2010-06-24 16:15 . 2009-06-29 11:07 70656 c:\windows\ie8\ie4uinit.exe
+ 2010-12-16 14:26 . 2010-09-09 13:38 63488 c:\windows\ie8\icardie.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 63488 c:\windows\ie8\icardie.dll
- 2010-06-24 16:15 . 2007-08-13 22:18 60416 c:\windows\ie8\hmmapi.dll
+ 2010-12-16 14:26 . 2007-08-13 22:18 60416 c:\windows\ie8\hmmapi.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 17408 c:\windows\ie8\corpol.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 17408 c:\windows\ie8\corpol.dll
- 2010-06-24 16:15 . 2007-08-13 22:39 71680 c:\windows\ie8\admparse.dll
+ 2010-12-16 14:26 . 2007-08-13 22:39 71680 c:\windows\ie8\admparse.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB2360131-IE7\pngfilt.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 52224 c:\windows\ie7updates\KB2360131-IE7\msfeedsbs.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 27648 c:\windows\ie7updates\KB2360131-IE7\jsproxy.dll
+ 2010-11-26 01:49 . 2009-06-29 11:07 13824 c:\windows\ie7updates\KB2360131-IE7\ieudinit.exe
+ 2010-11-26 01:49 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB2360131-IE7\iernonce.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 78336 c:\windows\ie7updates\KB2360131-IE7\ieencode.dll
+ 2010-11-26 01:49 . 2009-06-29 11:07 70656 c:\windows\ie7updates\KB2360131-IE7\ie4uinit.exe
+ 2010-11-26 01:49 . 2009-06-29 16:12 63488 c:\windows\ie7updates\KB2360131-IE7\icardie.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 17408 c:\windows\ie7updates\KB2360131-IE7\corpol.dll
+ 2010-11-26 01:48 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981349\update\spcustom.dll
+ 2010-11-26 01:48 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981349\spmsg.dll
+ 2010-11-26 01:49 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2360131-IE7\update\spcustom.dll
+ 2010-11-26 01:49 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2360131-IE7\spmsg.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 44544 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\pngfilt.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 52224 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\msfeedsbs.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 27648 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\jsproxy.dll
+ 2010-09-08 15:47 . 2010-09-08 15:47 13824 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieudinit.exe
+ 2010-09-09 13:36 . 2010-09-09 13:36 44544 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iernonce.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 78336 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieencode.dll
+ 2010-09-08 15:47 . 2010-09-08 15:47 70656 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ie4uinit.exe
+ 2010-09-09 13:36 . 2010-09-09 13:36 63488 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\icardie.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 17408 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\corpol.dll
+ 2009-10-14 01:59 . 2010-10-18 11:10 7680 c:\windows\system32\dllcache\iecompat.dll
+ 2010-12-19 21:24 . 2010-12-19 21:24 4846 c:\windows\Installer\{66A9D30D-1464-4C7F-B2F3-507DADAF2595}\MouseUG.exe
+ 2010-12-16 14:30 . 2009-03-08 09:35 2048 c:\windows\ie8updates\KB2447568-IE8\iecompat.dll
+ 2008-04-14 00:12 . 2009-01-07 23:21 121856 c:\windows\system32\xmllite.dll
- 2008-04-14 00:12 . 2009-01-07 22:21 121856 c:\windows\system32\xmllite.dll
+ 2007-08-13 22:45 . 2009-03-08 09:34 208384 c:\windows\system32\WinFXDocObj.exe
- 2007-08-13 22:45 . 2009-03-08 08:34 208384 c:\windows\system32\WinFXDocObj.exe
- 2004-08-04 12:00 . 2009-03-08 08:34 236544 c:\windows\system32\webcheck.dll
+ 2004-08-04 12:00 . 2009-03-08 09:34 236544 c:\windows\system32\webcheck.dll
- 2004-08-04 12:00 . 2009-03-08 08:34 105984 c:\windows\system32\url.dll
+ 2004-08-04 12:00 . 2009-03-08 09:34 105984 c:\windows\system32\url.dll
+ 2010-12-14 02:34 . 2006-08-24 14:12 245760 c:\windows\system32\ReinstallBackups\0020\DriverFiles\Ktp.exe
+ 2010-12-14 02:34 . 2006-08-24 14:12 548864 c:\windows\system32\ReinstallBackups\0020\DriverFiles\ENU\KtpCtrl.dll
+ 2004-08-04 12:00 . 2010-11-07 10:09 441752 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2010-09-10 05:58 206848 c:\windows\system32\occache.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2010-09-10 05:58 611840 c:\windows\system32\mstime.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 611840 c:\windows\system32\mstime.dll
- 2004-08-04 12:00 . 2009-03-08 08:34 193536 c:\windows\system32\msrating.dll
+ 2004-08-04 12:00 . 2009-03-08 09:34 193536 c:\windows\system32\msrating.dll
+ 2004-08-04 12:00 . 2009-03-08 09:22 156160 c:\windows\system32\msls31.dll
- 2004-08-04 12:00 . 2009-03-08 08:22 156160 c:\windows\system32\msls31.dll
+ 2007-08-13 22:54 . 2010-11-06 00:26 602112 c:\windows\system32\msfeeds.dll
- 2007-08-13 22:54 . 2010-09-10 05:58 602112 c:\windows\system32\msfeeds.dll
+ 2009-01-07 22:20 . 2009-01-07 23:20 265720 c:\windows\system32\msdbg2.dll
- 2009-01-07 22:20 . 2009-01-07 22:20 265720 c:\windows\system32\msdbg2.dll
+ 2010-12-09 04:32 . 2010-12-09 04:31 153376 c:\windows\system32\javaws.exe
+ 2010-12-09 04:32 . 2010-12-09 04:31 145184 c:\windows\system32\javaw.exe
+ 2010-12-09 04:32 . 2010-12-09 04:31 145184 c:\windows\system32\java.exe
+ 2007-08-13 22:54 . 2009-03-08 09:22 164352 c:\windows\system32\ieui.dll
- 2007-08-13 22:54 . 2009-03-08 08:22 164352 c:\windows\system32\ieui.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2010-09-10 05:58 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2010-09-10 05:58 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 387584 c:\windows\system32\iedkcs32.dll
- 2007-07-11 16:27 . 2009-03-08 08:11 445952 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 16:27 . 2009-03-08 09:11 445952 c:\windows\system32\ieapfltr.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 163840 c:\windows\system32\ieakui.dll
- 2004-08-04 12:00 . 2009-03-08 08:32 163840 c:\windows\system32\ieakui.dll
+ 2004-08-04 12:00 . 2009-03-08 09:33 229376 c:\windows\system32\ieaksie.dll
- 2004-08-04 12:00 . 2009-03-08 08:33 229376 c:\windows\system32\ieaksie.dll
- 2004-08-04 12:00 . 2009-03-08 08:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-04 12:00 . 2009-03-08 09:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-04 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\ie4uinit.exe
+ 2008-05-23 20:12 . 2010-12-19 21:33 115768 c:\windows\system32\FNTCACHE.DAT
- 2004-08-04 12:00 . 2009-06-29 16:12 133120 c:\windows\system32\extmgr.dll
+ 2004-08-04 12:00 . 2010-09-09 13:38 133120 c:\windows\system32\extmgr.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 216064 c:\windows\system32\dxtrans.dll
- 2004-08-04 12:00 . 2009-03-08 08:31 216064 c:\windows\system32\dxtrans.dll
- 2004-08-04 12:00 . 2009-03-08 08:31 348160 c:\windows\system32\dxtmsft.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 348160 c:\windows\system32\dxtmsft.dll
+ 2006-11-02 12:22 . 2006-11-02 12:22 492000 c:\windows\system32\drivers\wdf01000.sys
- 2007-08-13 22:54 . 2010-09-10 05:58 916480 c:\windows\system32\dllcache\wininet.dll
+ 2007-08-13 22:54 . 2010-11-06 00:26 916480 c:\windows\system32\dllcache\wininet.dll
+ 2007-08-13 22:54 . 2009-03-08 09:34 236544 c:\windows\system32\dllcache\webcheck.dll
- 2007-08-13 22:54 . 2009-03-08 08:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-13 22:54 . 2009-03-08 09:33 759296 c:\windows\system32\dllcache\VGX.dll
- 2007-08-13 22:54 . 2009-03-08 08:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2007-08-13 22:44 . 2009-03-08 09:34 105984 c:\windows\system32\dllcache\url.dll
- 2007-08-13 22:44 . 2009-03-08 08:34 105984 c:\windows\system32\dllcache\url.dll
- 2009-01-07 22:20 . 2009-01-07 22:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2009-01-07 23:20 . 2009-01-07 23:20 134144 c:\windows\system32\dllcache\sqmapi.dll
- 2007-08-13 22:44 . 2010-09-10 05:58 206848 c:\windows\system32\dllcache\occache.dll
+ 2007-08-13 22:44 . 2010-11-06 00:26 206848 c:\windows\system32\dllcache\occache.dll
- 2007-08-13 22:54 . 2010-09-10 05:58 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-08-13 22:54 . 2010-11-06 00:26 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-08-13 22:44 . 2009-03-08 09:34 193536 c:\windows\system32\dllcache\msrating.dll
- 2007-08-13 22:44 . 2009-03-08 08:34 193536 c:\windows\system32\dllcache\msrating.dll
- 2004-08-04 12:00 . 2009-03-08 08:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2004-08-04 12:00 . 2009-03-08 09:22 156160 c:\windows\system32\dllcache\msls31.dll
- 2008-05-24 01:28 . 2010-09-10 05:58 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-05-24 01:28 . 2010-11-06 00:26 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2007-08-13 22:43 . 2009-03-08 18:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2007-08-13 22:43 . 2009-03-08 19:09 638816 c:\windows\system32\dllcache\iexplore.exe
- 2009-10-14 01:59 . 2010-09-10 05:58 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-10-14 01:59 . 2010-11-06 00:26 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2007-08-13 22:54 . 2010-11-06 00:26 184320 c:\windows\system32\dllcache\iepeers.dll
- 2007-08-13 22:54 . 2010-09-10 05:58 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-09 21:45 . 2010-11-06 00:26 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-06-09 21:45 . 2010-09-10 05:58 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2007-08-13 22:39 . 2010-11-06 00:26 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-08-13 22:39 . 2010-09-10 05:58 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-05-24 01:28 . 2009-03-08 09:11 445952 c:\windows\system32\dllcache\ieapfltr.dll
- 2008-05-24 01:28 . 2009-03-08 08:11 445952 c:\windows\system32\dllcache\ieapfltr.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 163840 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-04 12:00 . 2009-03-08 08:32 163840 c:\windows\system32\dllcache\ieakui.dll
- 2007-08-13 22:39 . 2009-03-08 08:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2007-08-13 22:39 . 2009-03-08 09:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2007-08-13 22:39 . 2009-03-08 09:33 125952 c:\windows\system32\dllcache\ieakeng.dll
- 2007-08-13 22:39 . 2009-03-08 08:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2007-08-13 22:39 . 2010-11-03 12:26 173568 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-13 22:54 . 2009-06-29 16:12 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-13 22:54 . 2010-09-09 13:38 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-13 22:35 . 2009-03-08 09:31 216064 c:\windows\system32\dllcache\dxtrans.dll
- 2007-08-13 22:35 . 2009-03-08 08:31 216064 c:\windows\system32\dllcache\dxtrans.dll
- 2007-08-13 22:35 . 2009-03-08 08:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2007-08-13 22:35 . 2009-03-08 09:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 640000 c:\windows\system32\dllcache\dbghelp.dll
+ 2010-04-20 05:30 . 2010-10-28 13:13 290048 c:\windows\system32\dllcache\atmfd.dll
- 2007-08-13 22:39 . 2009-03-08 08:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2007-08-13 22:39 . 2009-03-08 09:32 128512 c:\windows\system32\dllcache\advpack.dll
- 2004-08-04 12:00 . 2009-03-08 08:32 128512 c:\windows\system32\advpack.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 128512 c:\windows\system32\advpack.dll
- 2010-10-14 10:19 . 2010-07-05 13:16 382840 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\update\updspapi.dll
- 2010-10-14 10:19 . 2009-05-26 09:01 755576 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\update\update.exe
- 2010-10-14 10:19 . 2009-05-26 09:01 231288 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\spuninst.exe
- 2010-10-14 10:19 . 2010-09-10 05:57 919552 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\wininet.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 206848 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\occache.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 611840 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\mstime.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 602112 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\msfeeds.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 247808 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\ieproxy.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 184320 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\iepeers.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 743424 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\iedvtool.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 387584 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\iedkcs32.dll
- 2010-10-14 10:19 . 2010-09-08 15:48 173056 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\ie4uinit.exe
- 2010-10-14 10:19 . 2010-09-10 05:58 916480 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\wininet.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 206848 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\occache.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 611840 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\mstime.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 602112 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\msfeeds.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 247808 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\ieproxy.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 184320 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\iepeers.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 743424 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\iedvtool.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 387584 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\iedkcs32.dll
- 2010-10-14 10:19 . 2010-08-26 12:22 173056 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\ie4uinit.exe
+ 2010-12-09 04:32 . 2010-12-09 04:32 180224 c:\windows\Installer\daeedb.msi
+ 2010-12-09 04:31 . 2010-12-09 04:31 676352 c:\windows\Installer\daeed4.msi
+ 2010-12-19 21:22 . 2010-12-19 21:22 301056 c:\windows\Installer\23c14ab.msi
- 2010-06-24 16:18 . 2009-03-08 08:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-12-16 14:29 . 2009-03-08 09:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-12-16 14:29 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\updspapi.dll
- 2010-06-24 16:18 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\updspapi.dll
- 2010-06-24 16:18 . 2008-07-08 13:02 755576 c:\windows\ie8updates\KB982381-IE8\update.exe
+ 2010-12-16 14:29 . 2008-07-08 13:02 755576 c:\windows\ie8updates\KB982381-IE8\update.exe
+ 2010-12-16 14:29 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
- 2010-06-24 16:18 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
- 2010-06-24 16:18 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-12-16 14:29 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-12-16 14:29 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst.exe
- 2010-06-24 16:18 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst.exe
- 2010-06-24 16:18 . 2009-03-08 08:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-12-16 14:29 . 2009-03-08 09:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-12-16 14:29 . 2009-03-08 09:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
- 2010-06-24 16:18 . 2009-03-08 08:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
- 2010-06-24 16:18 . 2009-03-08 08:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-12-16 14:29 . 2009-03-08 09:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
- 2010-06-24 16:18 . 2009-03-08 08:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-12-16 14:29 . 2009-03-08 09:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-12-16 14:29 . 2009-03-08 09:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
- 2010-06-24 16:18 . 2009-03-08 08:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
- 2010-06-24 16:18 . 2009-03-08 08:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-12-16 14:29 . 2009-03-08 09:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
- 2010-06-24 16:18 . 2009-03-08 18:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-12-16 14:29 . 2009-03-08 19:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
- 2010-06-24 16:18 . 2009-03-08 08:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-12-16 14:29 . 2009-03-08 09:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
- 2010-06-25 01:55 . 2009-03-08 08:33 420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2010-12-17 04:13 . 2009-03-08 09:33 420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2010-12-17 04:13 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB981332-IE8\updspapi.dll
- 2010-06-25 01:55 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB981332-IE8\updspapi.dll
+ 2010-12-17 04:13 . 2009-05-26 11:40 755576 c:\windows\ie8updates\KB981332-IE8\update.exe
- 2010-06-25 01:55 . 2009-05-26 11:40 755576 c:\windows\ie8updates\KB981332-IE8\update.exe
+ 2010-12-17 04:13 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
- 2010-06-25 01:55 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2010-12-17 04:13 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
- 2010-06-25 01:55 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2010-12-17 04:13 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB981332-IE8\spuninst.exe
- 2010-06-25 01:55 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB981332-IE8\spuninst.exe
+ 2010-12-17 04:13 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\updspapi.dll
- 2010-06-25 01:56 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\updspapi.dll
- 2010-06-25 01:56 . 2008-07-08 13:02 755576 c:\windows\ie8updates\KB976662-IE8\update.exe
+ 2010-12-17 04:13 . 2008-07-08 13:02 755576 c:\windows\ie8updates\KB976662-IE8\update.exe
- 2010-06-25 01:56 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-12-17 04:13 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
- 2010-06-25 01:56 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-12-17 04:13 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
- 2010-06-25 01:56 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976662-IE8\spuninst.exe
+ 2010-12-17 04:13 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976662-IE8\spuninst.exe
- 2010-06-25 01:56 . 2009-06-22 06:44 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2010-12-17 04:13 . 2009-06-22 06:44 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2010-12-17 04:12 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\updspapi.dll
- 2010-06-25 01:55 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\updspapi.dll
- 2010-06-25 01:55 . 2008-07-08 13:02 755576 c:\windows\ie8updates\KB971961-IE8\update.exe
+ 2010-12-17 04:12 . 2008-07-08 13:02 755576 c:\windows\ie8updates\KB971961-IE8\update.exe
+ 2010-12-17 04:12 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
- 2010-06-25 01:55 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2010-12-17 04:12 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
- 2010-06-25 01:55 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
- 2010-06-25 01:55 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst.exe
+ 2010-12-17 04:12 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst.exe
+ 2010-12-17 04:12 . 2009-03-08 09:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
- 2010-06-25 01:55 . 2009-03-08 08:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2010-12-16 14:30 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB2447568-IE8\spuninst\updspapi.dll
+ 2010-12-16 14:30 . 2010-02-22 14:23 231288 c:\windows\ie8updates\KB2447568-IE8\spuninst\spuninst.exe
+ 2010-12-16 14:30 . 2010-09-10 05:58 916480 c:\windows\ie8updates\KB2416400-IE8\wininet.dll
+ 2010-12-16 14:30 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2416400-IE8\updspapi.dll
+ 2010-12-16 14:30 . 2010-02-22 14:23 755576 c:\windows\ie8updates\KB2416400-IE8\update.exe
+ 2010-12-16 14:31 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2416400-IE8\spuninst\updspapi.dll
+ 2010-12-16 14:31 . 2010-02-22 14:23 231288 c:\windows\ie8updates\KB2416400-IE8\spuninst\spuninst.exe
+ 2010-12-16 14:30 . 2010-02-22 14:23 231288 c:\windows\ie8updates\KB2416400-IE8\spuninst.exe
+ 2010-12-16 14:30 . 2010-09-10 05:58 206848 c:\windows\ie8updates\KB2416400-IE8\occache.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 611840 c:\windows\ie8updates\KB2416400-IE8\mstime.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 602112 c:\windows\ie8updates\KB2416400-IE8\msfeeds.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 247808 c:\windows\ie8updates\KB2416400-IE8\ieproxy.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 184320 c:\windows\ie8updates\KB2416400-IE8\iepeers.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 743424 c:\windows\ie8updates\KB2416400-IE8\iedvtool.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 387584 c:\windows\ie8updates\KB2416400-IE8\iedkcs32.dll
+ 2010-12-16 14:30 . 2010-08-26 12:22 173056 c:\windows\ie8updates\KB2416400-IE8\ie4uinit.exe
- 2010-10-14 13:37 . 2010-06-24 12:22 916480 c:\windows\ie8updates\KB2360131-IE8\wininet.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 916480 c:\windows\ie8updates\KB2360131-IE8\wininet.dll
+ 2010-12-16 14:30 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2360131-IE8\updspapi.dll
+ 2010-12-16 14:30 . 2009-05-26 09:01 755576 c:\windows\ie8updates\KB2360131-IE8\update.exe
- 2010-10-14 13:37 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll
+ 2010-12-16 14:30 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll
+ 2010-12-16 14:30 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe
- 2010-10-14 13:37 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe
+ 2010-12-16 14:30 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2360131-IE8\spuninst.exe
- 2010-10-14 13:37 . 2010-06-24 12:22 206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll
- 2010-10-14 13:37 . 2010-06-24 12:22 611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll
- 2010-10-14 13:37 . 2010-06-24 12:21 599040 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 599040 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll
- 2010-10-14 13:37 . 2010-06-24 12:21 247808 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 247808 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll
- 2010-10-14 13:37 . 2010-06-24 12:21 184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll
- 2010-10-14 13:37 . 2010-06-24 12:21 743424 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 743424 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll
- 2010-10-14 13:37 . 2010-06-24 12:21 387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll
- 2010-10-14 13:37 . 2010-06-23 12:08 173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe
+ 2010-12-16 14:30 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe
+ 2010-12-16 14:26 . 2010-09-09 13:38 832512 c:\windows\ie8\wininet.dll
+ 2010-12-16 14:26 . 2007-08-13 22:45 206336 c:\windows\ie8\winfxdocobj.exe
- 2010-06-24 16:15 . 2007-08-13 22:45 206336 c:\windows\ie8\winfxdocobj.exe
+ 2010-12-16 14:26 . 2010-09-09 13:38 233472 c:\windows\ie8\webcheck.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 233472 c:\windows\ie8\webcheck.dll
+ 2010-12-16 14:26 . 2008-05-27 17:23 765952 c:\windows\ie8\vgx.dll
- 2010-06-24 16:15 . 2008-05-27 17:23 765952 c:\windows\ie8\vgx.dll
+ 2010-12-16 14:26 . 2010-03-09 11:09 430080 c:\windows\ie8\vbscript.dll
- 2010-06-24 16:15 . 2008-05-09 10:53 430080 c:\windows\ie8\vbscript.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 105984 c:\windows\ie8\url.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 105984 c:\windows\ie8\url.dll
- 2010-06-24 16:16 . 2009-01-07 22:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2010-12-16 14:27 . 2009-01-07 23:21 382496 c:\windows\ie8\spuninst\updspapi.dll
- 2010-06-24 16:16 . 2009-01-07 22:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2010-12-16 14:27 . 2009-01-07 23:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2010-12-16 14:26 . 2006-09-06 21:43 213216 c:\windows\ie8\spuninst.exe
- 2010-06-24 16:15 . 2006-09-06 21:43 213216 c:\windows\ie8\spuninst.exe
+ 2010-12-16 14:26 . 2010-09-09 13:38 102912 c:\windows\ie8\occache.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 102912 c:\windows\ie8\occache.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 671232 c:\windows\ie8\mstime.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 671232 c:\windows\ie8\mstime.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 193024 c:\windows\ie8\msrating.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 193024 c:\windows\ie8\msrating.dll
- 2010-06-24 16:15 . 2007-08-13 22:54 156160 c:\windows\ie8\msls31.dll
+ 2010-12-16 14:26 . 2007-08-13 22:54 156160 c:\windows\ie8\msls31.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 478208 c:\windows\ie8\mshtmled.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 468480 c:\windows\ie8\msfeeds.dll
+ 2010-12-16 14:26 . 2009-08-13 15:16 512000 c:\windows\ie8\jscript.dll
- 2010-06-24 16:15 . 2009-08-13 15:16 512000 c:\windows\ie8\jscript.dll
+ 2010-12-16 14:26 . 2010-08-25 11:30 634648 c:\windows\ie8\iexplore.exe
+ 2010-12-16 14:26 . 2007-08-13 22:54 180736 c:\windows\ie8\ieui.dll
- 2010-06-24 16:15 . 2007-08-13 22:54 180736 c:\windows\ie8\ieui.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 268288 c:\windows\ie8\iertutil.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 268288 c:\windows\ie8\iertutil.dll
- 2010-06-24 16:15 . 2007-08-13 22:54 287744 c:\windows\ie8\ieproxy.dll
+ 2010-12-16 14:26 . 2007-08-13 22:54 287744 c:\windows\ie8\ieproxy.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 192512 c:\windows\ie8\iepeers.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 384512 c:\windows\ie8\iedkcs32.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 380928 c:\windows\ie8\ieapfltr.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 380928 c:\windows\ie8\ieapfltr.dll
+ 2010-12-16 14:26 . 2010-08-25 11:29 161792 c:\windows\ie8\ieakui.dll
- 2010-06-24 16:15 . 2009-06-29 08:33 161792 c:\windows\ie8\ieakui.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 230400 c:\windows\ie8\ieaksie.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 230400 c:\windows\ie8\ieaksie.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 153088 c:\windows\ie8\ieakeng.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 153088 c:\windows\ie8\ieakeng.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 214528 c:\windows\ie8\dxtrans.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 214528 c:\windows\ie8\dxtrans.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 347136 c:\windows\ie8\dxtmsft.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 347136 c:\windows\ie8\dxtmsft.dll
- 2010-06-24 16:15 . 2009-06-29 16:12 124928 c:\windows\ie8\advpack.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 124928 c:\windows\ie8\advpack.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 827392 c:\windows\ie7updates\KB2360131-IE7\wininet.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 233472 c:\windows\ie7updates\KB2360131-IE7\webcheck.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 105984 c:\windows\ie7updates\KB2360131-IE7\url.dll
+ 2010-11-26 01:49 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB2360131-IE7\spuninst\updspapi.dll
+ 2010-11-26 01:49 . 2010-02-22 14:23 231288 c:\windows\ie7updates\KB2360131-IE7\spuninst\spuninst.exe
+ 2010-11-26 01:49 . 2009-06-29 16:12 102912 c:\windows\ie7updates\KB2360131-IE7\occache.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 671232 c:\windows\ie7updates\KB2360131-IE7\mstime.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 193024 c:\windows\ie7updates\KB2360131-IE7\msrating.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 477696 c:\windows\ie7updates\KB2360131-IE7\mshtmled.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 459264 c:\windows\ie7updates\KB2360131-IE7\msfeeds.dll
+ 2010-11-26 01:49 . 2009-06-29 08:35 634632 c:\windows\ie7updates\KB2360131-IE7\iexplore.exe
+ 2010-11-26 01:49 . 2009-06-29 16:12 268288 c:\windows\ie7updates\KB2360131-IE7\iertutil.dll
+ 2010-11-26 01:49 . 2007-08-13 22:54 191488 c:\windows\ie7updates\KB2360131-IE7\iepeers.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 385024 c:\windows\ie7updates\KB2360131-IE7\iedkcs32.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 380928 c:\windows\ie7updates\KB2360131-IE7\ieapfltr.dll
+ 2010-11-26 01:49 . 2009-06-29 08:33 161792 c:\windows\ie7updates\KB2360131-IE7\ieakui.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 230400 c:\windows\ie7updates\KB2360131-IE7\ieaksie.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 153088 c:\windows\ie7updates\KB2360131-IE7\ieakeng.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 133120 c:\windows\ie7updates\KB2360131-IE7\extmgr.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 214528 c:\windows\ie7updates\KB2360131-IE7\dxtrans.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 347136 c:\windows\ie7updates\KB2360131-IE7\dxtmsft.dll
+ 2010-11-26 01:49 . 2009-06-29 16:12 124928 c:\windows\ie7updates\KB2360131-IE7\advpack.dll
+ 2010-11-26 01:48 . 2008-05-09 10:53 430080 c:\windows\$NtUninstallKB981349$\vbscript.dll
+ 2010-11-26 01:48 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB981349$\spuninst\updspapi.dll
+ 2010-11-26 01:48 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB981349$\spuninst\spuninst.exe
+ 2010-11-26 01:48 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981349\update\updspapi.dll
+ 2010-11-26 01:48 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981349\update\update.exe
+ 2010-11-26 01:48 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981349\spuninst.exe
+ 2010-03-09 11:06 . 2010-03-09 11:06 430080 c:\windows\$hf_mig$\KB981349\SP3QFE\vbscript.dll
+ 2010-11-26 01:49 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2360131-IE7\update\updspapi.dll
+ 2010-11-26 01:49 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2360131-IE7\update\update.exe
+ 2010-11-26 01:49 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2360131-IE7\spuninst.exe
+ 2010-09-09 13:36 . 2010-09-09 13:36 841216 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\wininet.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 233472 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\webcheck.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 105984 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\url.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 102912 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\occache.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 671232 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\mstime.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 193024 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\msrating.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 478208 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\mshtmled.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 468480 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\msfeeds.dll
+ 2010-08-25 11:07 . 2010-08-25 11:07 634648 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
+ 2010-09-09 13:36 . 2010-09-09 13:36 268288 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iertutil.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 193024 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iepeers.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 388608 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iedkcs32.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 380928 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieapfltr.dll
+ 2010-08-25 11:06 . 2010-08-25 11:06 161792 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieakui.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 230400 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieaksie.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 153088 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieakeng.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 132608 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\extmgr.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 214528 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\dxtrans.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 347136 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\dxtmsft.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 124928 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\advpack.dll
- 2004-08-04 12:00 . 2010-09-10 05:58 1210880 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 1210880 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 5959168 c:\windows\system32\mshtml.dll
+ 2007-08-13 22:34 . 2010-11-06 00:26 1991680 c:\windows\system32\iertutil.dll
- 2007-02-12 20:10 . 2009-02-07 01:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2007-02-12 20:10 . 2009-02-07 02:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2010-12-19 21:32 . 2008-06-09 20:12 1421384 c:\windows\system32\DRVSTORE\nuidfltr_E8F8C714821A786671DE95508EA821EFC993B9E1\wdfcoinstaller01005.dll
+ 2008-10-15 17:50 . 2010-10-26 13:25 1853312 c:\windows\system32\dllcache\win32k.sys
- 2007-08-13 22:54 . 2010-09-10 05:58 1210880 c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-13 22:54 . 2010-11-06 00:26 1210880 c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-13 22:54 . 2010-11-06 00:26 5959168 c:\windows\system32\dllcache\mshtml.dll
+ 2008-05-24 01:28 . 2010-11-06 00:26 1991680 c:\windows\system32\dllcache\iertutil.dll
- 2008-05-24 01:28 . 2009-02-07 01:07 3698584 c:\windows\system32\dllcache\ieapfltr.dat
+ 2008-05-24 01:28 . 2009-02-07 02:07 3698584 c:\windows\system32\dllcache\ieapfltr.dat
- 2010-10-14 10:19 . 2010-09-10 05:57 1211904 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\urlmon.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 5958656 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\mshtml.dll
- 2010-10-14 10:19 . 2010-09-10 05:57 1987072 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\iertutil.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 1210880 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\urlmon.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 5957120 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\mshtml.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 1986560 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\iertutil.dll
+ 2010-09-17 11:04 . 2010-09-17 11:04 9401856 c:\windows\Installer\31f98d9.msp
+ 2010-10-07 23:43 . 2010-10-07 23:43 1980416 c:\windows\Installer\31f98cf.msp
+ 2010-12-19 21:24 . 2010-12-19 21:24 3841536 c:\windows\Installer\23c14b3.msi
+ 2010-12-16 14:29 . 2009-03-08 09:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
- 2010-06-24 16:18 . 2009-03-08 08:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
- 2010-06-24 16:18 . 2009-03-08 08:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2010-12-16 14:29 . 2009-03-08 09:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
- 2010-06-24 16:18 . 2009-03-08 08:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2010-12-16 14:29 . 2009-03-08 09:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 1210880 c:\windows\ie8updates\KB2416400-IE8\urlmon.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 5957120 c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 1986560 c:\windows\ie8updates\KB2416400-IE8\iertutil.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 1209344 c:\windows\ie8updates\KB2360131-IE8\urlmon.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 5950976 c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 1985536 c:\windows\ie8updates\KB2360131-IE8\iertutil.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 1168384 c:\windows\ie8\urlmon.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 3601920 c:\windows\ie8\mshtml.dll
+ 2010-12-16 14:26 . 2010-09-09 13:38 6075904 c:\windows\ie8\ieframe.dll
- 2010-06-24 16:15 . 2009-06-29 08:33 2452872 c:\windows\ie8\ieapfltr.dat
+ 2010-12-16 14:26 . 2009-06-29 08:33 2452872 c:\windows\ie8\ieapfltr.dat
+ 2010-11-26 01:49 . 2009-06-29 16:12 1159680 c:\windows\ie7updates\KB2360131-IE7\urlmon.dll
+ 2010-11-26 01:49 . 2009-07-19 13:33 3597824 c:\windows\ie7updates\KB2360131-IE7\mshtml.dll
+ 2010-11-26 01:49 . 2009-07-19 13:32 6067200 c:\windows\ie7updates\KB2360131-IE7\ieframe.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 1171968 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\urlmon.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 3605504 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\mshtml.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 6080000 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieframe.dll
+ 2010-11-25 11:05 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieapfltr.dat
+ 2008-05-24 01:26 . 2010-12-16 05:11 37366216 c:\windows\system32\MRT.exe
+ 2007-08-13 22:54 . 2010-11-06 00:26 11080704 c:\windows\system32\ieframe.dll
+ 2008-05-24 01:28 . 2010-11-06 00:26 11080704 c:\windows\system32\dllcache\ieframe.dll
- 2010-09-10 15:27 . 2010-09-10 15:27 11082240 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3QFE\ieframe.dll
- 2010-10-14 10:19 . 2010-09-10 05:58 11080192 c:\windows\SoftwareDistribution\Download\58656e1248b8e15fcaf07c88694a8cda\SP3GDR\ieframe.dll
- 2010-06-24 16:18 . 2009-03-08 08:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2010-12-16 14:29 . 2009-03-08 09:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2010-12-16 14:30 . 2010-09-10 05:58 11080192 c:\windows\ie8updates\KB2416400-IE8\ieframe.dll
+ 2010-12-16 14:30 . 2010-05-06 10:41 11076096 c:\windows\ie8updates\KB2360131-IE8\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cdloader"="c:\documents and settings\Don\Application Data\mjusbsp\cdloader2.exe" [2008-12-17 50520]
"Google Update"="c:\documents and settings\Don\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-03-18 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"OSSelectorReinstall"="c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2007-02-22 2209224]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-05-07 591696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-18 7340032]
"PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2010-09-02 108496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2008-06-10 1406024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKLM\~\startupfolder\C:^Documents and Settings^Don^Start Menu^Programs^Startup^Epson all-in-one Registration.lnk]
path=c:\documents and settings\Don\Start Menu\Programs\Startup\Epson all-in-one Registration.lnk
backup=c:\windows\pss\Epson all-in-one Registration.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 15:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2001-12-26 05:12 472576 ----a-w- c:\windows\mHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-18 12:32 136176 ----atw- c:\documents and settings\Don\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-18 22:30 7340032 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Don\\Application Data\\mjusbsp\\magicJack.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1008000.029\SymEFA.sys [1/28/2010 5:19 AM 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1008000.029\BHDrvx86.sys [1/28/2010 5:19 AM 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1008000.029\cchpx86.sys [1/28/2010 5:18 AM 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101224.001\IDSXpx86.sys [12/25/2010 7:01 PM 341944]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [9/14/2010 9:10 PM 235472]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [1/28/2010 5:19 AM 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12/8/2010 11:07 PM 102448]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/4/2010 9:22 AM 135664]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - KLMD25
*Deregistered* - klmd25
.
Contents of the 'Scheduled Tasks' folder

2010-12-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 14:22]

2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 14:22]

2010-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1177238915-682003330-1004Core.job
- c:\documents and settings\Don\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-19 12:32]

2010-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1177238915-682003330-1004UA.job
- c:\documents and settings\Don\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-19 12:32]

2010-12-17 c:\windows\Tasks\Norton Security Scan for Don.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 08:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-26 22:51
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.8.0.41\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1624)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-12-26 22:53:02
ComboFix-quarantined-files.txt 2010-12-27 03:53
ComboFix2.txt 2010-10-23 16:00
ComboFix3.txt 2010-09-27 03:39
ComboFix4.txt 2010-09-24 14:28
ComboFix5.txt 2010-12-27 03:47

Pre-Run: 15,236,685,824 bytes free
Post-Run: 15,996,137,472 bytes free

- - End Of File - - 026F9C85313C9DBE5E0DAED94A686A78

#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:07 AM

Posted 27 December 2010 - 11:54 AM

Hello,

As we clean each machine please don't connect the clean machines to the internet until all machines are clean. Please don't run tools multiple times. I see that you ran Combofix 5 times.Also please don't use the steps I give for one Machine for another as symptoms or infection could be different and cause disastrous results and could leave your machines unbootable. with that being said lets finish up this one. Please disconnect the other infected computers from the internet to prevent reinfecting this one.


1.
We need to run a CFScript.

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

DDS::
uInternet Settings,ProxyOverride = 127.0.0.1;*.local

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=-

Reglockdel::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

2.
Do you connect to the internet with these computers through a router?
If so please follow the these directions for resetting your router.

3.
  • Go to Start -> Control Panel -> Network and Internet Connection ->Network Connections.
  • Right-click your default connection, usually Local Area Connection or Dial-up Connection (if you are using dial-up), and left-click on the Properties option.
  • Double-click on the Internet Protocol (TCP/IP) item and select the radio button that says "Obtain DNS servers automatically".
  • Click OK twice.
    spacer.gif
  • Go to Start -> Run...
  • In the Open: field type cmd and click OK or hit Enter.
    This will open a Command Prompt.
  • At the DOS prompt screen, type in ipconfig /flushdns and then press Enter (notice the space between "ipconfig" and "/flushdns").
  • Exit the Command Prompt.
  • Reboot your PC and try to open any website.

4.
Please download Malwarebytes' Anti-Malware (v1.50) and save it to your desktop.
Download Link 1
Download Link 2Malwarebytes' may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes' when done.
Note: If Malwarebytes' encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes' from removing all the malware.

5.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image
Note for Vista Users: Eset is compatible but Internet Explorer must be run as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator" from the context menu.)
Posted Image
You can refer to this short video by: neomage
**Note**
To optimize scanning time and produce a more sensible report for review:
  • Close any open programs
  • Turn off the real time scanner of any existing antivirus program while performing the online scan.

6.
Please download MBRCheck to your desktop.

1. Double click MBRCheck.exe to run it (Right click and run as Administrator for Vista).
2. It will open a black window, please do not fix anything (if it gives you an option).
3. Exit that window and it will produce a log (MBRCheck_date_time).
4. Please post that log when you reply.

Things to include in your next reply::
Combofix.txt
MBAM log
Eset log
MbrCheck log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 dubbleii

dubbleii
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:07 AM

Posted 27 December 2010 - 04:57 PM

ComboFix 10-12-26.01 - Don 12/27/2010 16:00:28.11.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1557 [GMT -5:00]
Running from: c:\documents and settings\Don\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Don\Desktop\CFScript.txt.txt
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((( Files Created from 2010-11-27 to 2010-12-27 )))))))))))))))))))))))))))))))
.

2010-12-19 21:32 . 2008-06-09 20:12 1421384 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2010-12-19 21:32 . 2008-06-09 20:12 18504 ----a-w- c:\windows\system32\drivers\nuidfltr.sys
2010-12-19 21:24 . 2008-06-10 20:04 31048 ----a-w- c:\windows\system32\drivers\point32.sys
2010-12-19 21:23 . 2010-12-19 21:24 -------- d-----w- c:\program files\Microsoft IntelliPoint
2010-12-16 14:26 . 2010-12-16 14:28 -------- dc-h--w- c:\windows\ie8
2010-12-15 23:58 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-11 01:24 . 2010-12-11 01:24 -------- d-----w- c:\windows\Sun
2010-12-09 04:32 . 2010-12-09 04:32 -------- d-----w- c:\program files\Common Files\Java
2010-12-09 04:32 . 2010-12-09 04:31 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-12-09 04:32 . 2010-12-09 04:31 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-09 04:31 . 2010-12-09 04:31 -------- d-----w- c:\program files\Java
2010-12-08 15:45 . 2010-12-08 15:45 -------- d-----w- C:\found.001

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2008-05-24 00:25 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-04 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2004-08-04 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((( SnapShot_2010-12-27_03.51.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-12-27 10:48 . 2010-12-27 10:48 16384 c:\windows\Temp\Perflib_Perfdata_628.dat
+ 2010-12-27 10:48 . 2010-12-27 10:48 16384 c:\windows\Temp\Perflib_Perfdata_140.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cdloader"="c:\documents and settings\Don\Application Data\mjusbsp\cdloader2.exe" [2008-12-17 50520]
"Google Update"="c:\documents and settings\Don\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-03-18 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"OSSelectorReinstall"="c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2007-02-22 2209224]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-05-07 591696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-18 7340032]
"PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2010-09-02 108496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2008-06-10 1406024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKLM\~\startupfolder\C:^Documents and Settings^Don^Start Menu^Programs^Startup^Epson all-in-one Registration.lnk]
path=c:\documents and settings\Don\Start Menu\Programs\Startup\Epson all-in-one Registration.lnk
backup=c:\windows\pss\Epson all-in-one Registration.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 15:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2001-12-26 05:12 472576 ----a-w- c:\windows\mHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-18 12:32 136176 ----atw- c:\documents and settings\Don\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-18 22:30 7340032 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Don\\Application Data\\mjusbsp\\magicJack.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1008000.029\SymEFA.sys [1/28/2010 5:19 AM 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1008000.029\BHDrvx86.sys [1/28/2010 5:19 AM 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1008000.029\cchpx86.sys [1/28/2010 5:18 AM 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101224.001\IDSXpx86.sys [12/25/2010 7:01 PM 341944]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [9/14/2010 9:10 PM 235472]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [1/28/2010 5:19 AM 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12/8/2010 11:07 PM 102448]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/4/2010 9:22 AM 135664]
.
Contents of the 'Scheduled Tasks' folder

2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 14:22]

2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 14:22]

2010-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1177238915-682003330-1004Core.job
- c:\documents and settings\Don\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-19 12:32]

2010-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1177238915-682003330-1004UA.job
- c:\documents and settings\Don\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-19 12:32]

2010-12-17 c:\windows\Tasks\Norton Security Scan for Don.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 08:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-27 16:04
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.8.0.41\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2956)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-12-27 16:06:18
ComboFix-quarantined-files.txt 2010-12-27 21:06
ComboFix2.txt 2010-12-27 03:53
ComboFix3.txt 2010-10-23 16:00
ComboFix4.txt 2010-09-27 03:39
ComboFix5.txt 2010-12-27 20:59

Pre-Run: 16,108,773,376 bytes free
Post-Run: 16,097,411,072 bytes free

- - End Of File - - 8F80E48FB275436CFC5831D9E3467B79



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5405

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/27/2010 4:55:06 PM
mbam-log-2010-12-27 (16-55-06).txt

Scan type: Quick scan
Objects scanned: 129256
Time elapsed: 3 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


ESET, file infections found:

C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application



MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 146):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D0000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F79000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F68000 pci.sys
0xBA0A8000 isapnp.sys
0xBA0B8000 ohci1394.sys
0xBA0C8000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xBA4BC000 compbatt.sys
0xBA4C0000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA5AC000 intelide.sys
0xB9F4A000 pcmcia.sys
0xBA0D8000 MountMgr.sys
0xB9F2B000 ftdisk.sys
0xBA4C4000 ACPIEC.sys
0xBA671000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xBA330000 PartMgr.sys
0xBA0E8000 VolSnap.sys
0xB9F13000 atapi.sys
0xBA0F8000 disk.sys
0xBA108000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9EF3000 fltmgr.sys
0xB9EE1000 sr.sys
0xB9E92000 SYMEFA.SYS
0xBA118000 PxHelp20.sys
0xB9E7B000 KSecDD.sys
0xB9DEE000 Ntfs.sys
0xB9DC1000 NDIS.sys
0xB9DA6000 snapman.sys
0xB9D8C000 Mup.sys
0xBA268000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB9D4F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xB9578000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB9564000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB953C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB9502000 \SystemRoot\system32\DRIVERS\yk51x86.sys
0xBA440000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB94DE000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA448000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB92C2000 \SystemRoot\system32\DRIVERS\w29n51.sys
0xBA278000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xB9294000 \SystemRoot\system32\drivers\tifm21.sys
0xB9280000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xBA288000 \SystemRoot\system32\DRIVERS\serial.sys
0xB9D3B000 \SystemRoot\system32\DRIVERS\serenum.sys
0xBA450000 \SystemRoot\system32\DRIVERS\nscirda.sys
0xB9D37000 \SystemRoot\system32\DRIVERS\irenum.sys
0xBA298000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xBA458000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA460000 \SystemRoot\system32\DRIVERS\point32.sys
0xBA468000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA2A8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA2B8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA2C8000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB925D000 \SystemRoot\system32\DRIVERS\ks.sys
0xBA76D000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA470000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xBA478000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xBA2D8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB9D23000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB9229000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA2E8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA2F8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB9218000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA308000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA480000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA488000 \SystemRoot\system32\DRIVERS\raspti.sys
0xBA138000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA490000 \SystemRoot\system32\DRIVERS\SymIM.sys
0xBA5E6000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB8432000 \SystemRoot\system32\DRIVERS\update.sys
0xB9D17000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA148000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB63E1000 \SystemRoot\system32\drivers\HdAudio.sys
0xB63BD000 \SystemRoot\system32\drivers\portcls.sys
0xBA158000 \SystemRoot\system32\drivers\drmk.sys
0xBA1B8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xBA5F4000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xBA61C000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA674000 \SystemRoot\System32\Drivers\Null.SYS
0xBA61E000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA3D0000 \SystemRoot\System32\drivers\vga.sys
0xBA620000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA622000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA3D8000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA3E0000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB91F8000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB638A000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB6331000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB62FD000 \SystemRoot\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
0xB62D8000 \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
0xBA3E8000 \SystemRoot\System32\Drivers\NIS\1008000.029\SYMNDIS.SYS
0xB62C3000 \SystemRoot\System32\Drivers\NIS\1008000.029\SYMFW.SYS
0xBA3F0000 \SystemRoot\System32\Drivers\NIS\1008000.029\SYMIDS.SYS
0xB626B000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101224.001\IDSxpx86.sys
0xB6243000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB6221000 \SystemRoot\System32\drivers\afd.sys
0xBA228000 \SystemRoot\system32\DRIVERS\netbios.sys
0xBA238000 \SystemRoot\system32\drivers\NIS\1008000.029\SRTSPX.SYS
0xB61F6000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB6186000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xBA248000 \SystemRoot\System32\Drivers\Fips.SYS
0xB606F000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB6011000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0xB5FF4000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0xB5E7C000 \SystemRoot\System32\Drivers\NIS\1008000.029\ccHPx86.sys
0xBA258000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB5E3A000 \SystemRoot\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
0xB8510000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xBA430000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xBA584000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB8500000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xBA438000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB84D0000 \SystemRoot\system32\drivers\usbaudio.sys
0xB84C0000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xBA358000 \SystemRoot\system32\DRIVERS\NuidFltr.sys
0xB84B0000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xB5D97000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xB9214000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB5D7F000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA656000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB60DA000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA388000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA778000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xAAA7D000 \SystemRoot\system32\DRIVERS\irda.sys
0xAAB2C000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA9F98000 \SystemRoot\system32\drivers\wdmaud.sys
0xAA15D000 \SystemRoot\system32\drivers\sysaudio.sys
0xA9C6D000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xAA05D000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xA9A85000 \SystemRoot\system32\DRIVERS\srv.sys
0xA96FC000 \SystemRoot\System32\Drivers\HTTP.sys
0xA94A1000 \SystemRoot\System32\Drivers\NIS\1008000.029\SRTSP.SYS
0xBA5FA000 \??\C:\WINDOWS\system32\Drivers\PROCEXP113.SYS
0xA7E1E000 \??\C:\DOCUME~1\Don\LOCALS~1\Temp\catchme.sys
0xA67DC000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101227.002\NAVEX15.SYS
0xA67C8000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101227.002\NAVENG.SYS
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 33):
0 System Idle Process
4 System
1124 C:\WINDOWS\system32\smss.exe
1316 csrss.exe
1344 C:\WINDOWS\system32\winlogon.exe
1388 C:\WINDOWS\system32\services.exe
1400 C:\WINDOWS\system32\lsass.exe
1560 C:\WINDOWS\system32\svchost.exe
1636 svchost.exe
1832 C:\WINDOWS\system32\svchost.exe
1972 svchost.exe
392 svchost.exe
960 C:\WINDOWS\system32\spoolsv.exe
1800 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
1824 C:\Program Files\Common Files\Java\Java Update\jusched.exe
616 svchost.exe
660 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
680 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
744 C:\Program Files\Bonjour\mDNSResponder.exe
804 C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
1284 C:\Program Files\Executive Software\Diskeeper\DkService.exe
1576 C:\Program Files\Java\jre6\bin\jqs.exe
320 C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
812 C:\WINDOWS\system32\nvsvc32.exe
888 C:\WINDOWS\system32\svchost.exe
2736 alg.exe
3572 C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
2956 C:\WINDOWS\explorer.exe
3864 C:\Documents and Settings\Don\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
3120 C:\Documents and Settings\Don\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
2572 C:\WINDOWS\system32\rundll32.exe
624 C:\Documents and Settings\Don\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
1968 C:\Documents and Settings\Don\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000b`65140800 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000013`99dcf400 (NTFS)

PhysicalDrive0 Model Number: ST910021AS, Rev: 3.06

Size Device Name MBR Status
--------------------------------------------
93 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

Edited by dubbleii, 27 December 2010 - 06:04 PM.


#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:07 AM

Posted 27 December 2010 - 05:33 PM

Hello,

I only see on log in your reply. Please post the other logs with your reply along with how your machine is running.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:07 AM

Posted 27 December 2010 - 10:12 PM

How is this machine running now? Any popups, redirects etc?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#10 dubbleii

dubbleii
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:07 AM

Posted 28 December 2010 - 05:29 PM

It actually isn't doing anything of the sort of redirecting or pop-ups right now. Virtually miraculous.

Thank you very much.

:thumbsup:

#11 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:07 AM

Posted 28 December 2010 - 06:10 PM

Any of the other machines having any Problems with popups or redirects?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#12 dubbleii

dubbleii
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:07 AM

Posted 28 December 2010 - 08:04 PM

Yes there is the other pc.

I assume I can fix this other computer when this computer is turned off? (That this "fixed" one can be used tomorrow morning while the other is off)
The other computer will remain off and will only be used for now to fix the rerouting problem.

#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:07 AM

Posted 28 December 2010 - 10:25 PM

I don't understand? Are the other computers infected? still getting redirects?? If your still having redirects on the other machines then pleae follow the direction below.


Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.

* When done, DDS will open two (2) logs:

1. DDS.txt
2. Attach.txt

Save both reports to your desktop post the contents of the DDS.txt log. Save the other report incase I need to look at it later.


2.
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 dubbleii

dubbleii
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:07 AM

Posted 28 December 2010 - 11:39 PM

I haven't used the other computer since we started working on this one. I have yet to see if there is any redirecting on it. If not, thanks again for your help.

Otherwise if that other computer is still having redirects, I will follow your instructions in your last post above.

#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:07 AM

Posted 29 December 2010 - 03:06 PM

Congratulations! You now appear clean! :cool:

Are things running okay? Do you have any more questions?



Uninstall Combofix
  • Make sure that Combofix.exe that you downloaded is on your Desktop but Do not run it!
    o *If it is not on your Desktop, the below will not work.
  • Click on Posted Image then Run....
  • Now copy & paste the green bolded text in the run-box and click OK.

    ComboFix /Uninstall

    Posted Image

    <Notice the space between the "x" and "/".> <--- It needs to be there
    Windows Vista users: Press the Windows Key + R to bring the Run... Command and then from there you can add in the Combofix /Uninstall

  • Please advise if this step is missed for any reason as it performs some important actions:
    "This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.
    It also makes a clean Restore Point and flashes all the old restore points in order to prevent possible reinfection from an old one through system restore".






System Still Slow?
You may wish to try StartupLite. Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance.
If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware.

We Need to Clean Up Our Mess
  • Download OTC by OldTimer and save it to your desktop.
  • Double click Posted Image icon to start the program. If you are using Vista, please right-click and choose run as administrator
  • Then Click the big Posted Image button.
  • You will get a prompt saying "Being Cleanup Process". Please select Yes.
  • Restart your computer when prompted.



Recommendations
Below are some recommendations to lower your chances of (re)infection.
  • Install and maintain an outbound firewall
  • Install Spyware Blaster and update it regularly
    If you wish, the commercial version provides automatic updating.
  • Install the MVPs hosts file, and update it regularly
    You can use the HostMan host file manager to do this automaticly if you wish.
    For more information on the hosts file, and what it can do for you, you can view the Tutorial on the Hosts file
  • Install an Anti-Spyware program, and update it regularly
    Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
    SUPERAntiSpyware is another good scanner with high detection and removal rates.
    Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
  • Keep Windows (and your other Microsoft software) up to date!
    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.

    If you are using Windows XP or earlier
    Visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!

    If you are using Windows Vista
    • Click the "Start Menu" (or Windows Orb)
    • Click "All Programs"
    • Click "Windows Update"
    • On the left, choose "Change Settings"
    • Ensure that the checkbox "Use Microsoft Update" at the bottom of the window is checked.
    • Press OK and accept the UAC prompt.
      Note: You shouldn't need to check this checkbox every single time you update, only the first time.
    • Click "Check for Updates" in the upper left corner.
    • Follow the instructions to install the latest updates.
    • Reboot and repeat the "Check for Updates" until there are no more critical updates to install
  • Keep your other software up to date as well
    Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on your machine.
  • Stay up to date!
    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing :(.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users